stackitcloud · DiogoFerrao · Mar 7, 2024 · Mar 6, 2024 · Mar 6, 2024 · Mar 6, 2024
@@ -29,5 +29,8 @@ stackit secrets-manager user [flags]
 
 * [stackit secrets-manager](./stackit_secrets-manager.md)	 - Provides functionality for Secrets Manager
 * [stackit secrets-manager user create](./stackit_secrets-manager_user_create.md)	 - Creates a Secrets Manager user
+* [stackit secrets-manager user delete](./stackit_secrets-manager_user_delete.md)	 - Deletes a Secrets Manager user
+* [stackit secrets-manager user describe](./stackit_secrets-manager_user_describe.md)	 - Shows details of a Secrets Manager user
 * [stackit secrets-manager user list](./stackit_secrets-manager_user_list.md)	 - Lists all Secrets Manager users
+* [stackit secrets-manager user update](./stackit_secrets-manager_user_update.md)	 - Updates the write privileges Secrets Manager user
 
@@ -4,7 +4,9 @@ Creates a Secrets Manager user
 
 ### Synopsis
 
-Creates a user for a Secrets Manager instance with generated username and password
+Creates a Secrets Manager user.
+The username and password are auto-generated and provided upon creation.
+A description can be provided to identify a user.
 
 ```
 stackit secrets-manager user create [flags]
@@ -13,17 +15,14 @@ stackit secrets-manager user create [flags]
 ### Examples
 
 ```
-  Create a Secrets Manager user for instance with ID "xxx"
-  $ stackit mongodbflex user create --instance-id xxx
-
   Create a Secrets Manager user for instance with ID "xxx" and description "yyy"
-  $ stackit mongodbflex user create --instance-id xxx --description yyy
+  $ stackit secrets-manager user create --instance-id xxx --description yyy
 
-  Create a Secrets Manager user for instance with ID "xxx" and doesn't display the password
-  $ stackit mongodbflex user create --instance-id xxx --hide-password
+  Create a Secrets Manager user for instance with ID "xxx" and hides the generated password
+  $ stackit secrets-manager user create --instance-id xxx --hide-password
 
   Create a Secrets Manager user for instance with ID "xxx" with write access to the secrets engine
-  $ stackit mongodbflex user create --instance-id xxx --write
+  $ stackit secrets-manager user create --instance-id xxx --write
 ```
 
 ### Options

@@ -0,0 +1,40 @@
+## stackit secrets-manager user delete
+
+Deletes a Secrets Manager user
+
+### Synopsis
+
+Deletes a Secrets Manager user by ID. You can get the IDs of users for an instance by running:
+  $ stackit secrets-manager user list --instance-id <INSTANCE_ID>
+
+```
+stackit secrets-manager user delete USER_ID [flags]
+```
+
+### Examples
+
+```
+  Delete a Secrets Manager user with ID "xxx" for instance with ID "yyy"
+  $ stackit secrets-manager user delete xxx --instance-id yyy
+```
+
+### Options
+
+```
+  -h, --help                 Help for "stackit secrets-manager user delete"
+      --instance-id string   Instance ID
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty"]
+  -p, --project-id string      Project ID
+```
+
+### SEE ALSO
+
+* [stackit secrets-manager user](./stackit_secrets-manager_user.md)	 - Provides functionality for Secrets Manager users
+
@@ -0,0 +1,42 @@
+## stackit secrets-manager user describe
+
+Shows details of a Secrets Manager user
+
+### Synopsis
+
+Shows details of a Secrets Manager user.
+
+```
+stackit secrets-manager user describe USER_ID [flags]
+```
+
+### Examples
+
+```
+  Get details of a Secrets Manager user with ID "xxx" of instance with ID "yyy"
+  $ stackit secrets-manager user list xxx --instance-id yyy
+
+  Get details of a Secrets Manager user with ID "xxx" of instance with ID "yyy" in table format
+  $ stackit secrets-manager user list xxx --instance-id yyy --output-format pretty
+```
+
+### Options
+
+```
+  -h, --help                 Help for "stackit secrets-manager user describe"
+      --instance-id string   ID of the instance
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty"]
+  -p, --project-id string      Project ID
+```
+
+### SEE ALSO
+
+* [stackit secrets-manager user](./stackit_secrets-manager_user.md)	 - Provides functionality for Secrets Manager users
+
@@ -0,0 +1,44 @@
+## stackit secrets-manager user update
+
+Updates the write privileges Secrets Manager user
+
+### Synopsis
+
+Updates the write privileges Secrets Manager user.
+
+```
+stackit secrets-manager user update USER_ID [flags]
+```
+
+### Examples
+
+```
+  Enable write access of a Secrets Manager user with ID "xxx" of instance with ID "yyy"
+  $ stackit secrets-manager user update xxx --instance-id yyy --enable-write
+
+  Disable write access of a Secrets Manager user with ID "xxx" of instance with ID "yyy"
+  $ stackit secrets-manager user update xxx --instance-id yyy --disable-write
+```
+
+### Options
+
+```
+      --disable-write        Set the user to have read-only access.
+      --enable-write         Set the user to have write access.
+  -h, --help                 Help for "stackit secrets-manager user update"
+      --instance-id string   ID of the instance
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty"]
+  -p, --project-id string      Project ID
+```
+
+### SEE ALSO
+
+* [stackit secrets-manager user](./stackit_secrets-manager_user.md)	 - Provides functionality for Secrets Manager users
+
@@ -0,0 +1,119 @@
+package delete
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/stackitcloud/stackit-cli/internal/pkg/args"
+	"github.com/stackitcloud/stackit-cli/internal/pkg/confirm"
+	"github.com/stackitcloud/stackit-cli/internal/pkg/errors"
+	"github.com/stackitcloud/stackit-cli/internal/pkg/examples"
+	"github.com/stackitcloud/stackit-cli/internal/pkg/flags"
+	"github.com/stackitcloud/stackit-cli/internal/pkg/globalflags"
+	"github.com/stackitcloud/stackit-cli/internal/pkg/services/secrets-manager/client"
+	secretsManagerUtils "github.com/stackitcloud/stackit-cli/internal/pkg/services/secrets-manager/utils"
+	"github.com/stackitcloud/stackit-cli/internal/pkg/utils"
+
+	"github.com/spf13/cobra"
+	"github.com/stackitcloud/stackit-sdk-go/services/secretsmanager"
+)
+
+const (
+	userIdArg = "USER_ID"
+
+	instanceIdFlag = "instance-id"
+)
+
+type inputModel struct {
+	*globalflags.GlobalFlagModel
+
+	InstanceId string
+	UserId     string
+}
+
+func NewCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   fmt.Sprintf("delete %s", userIdArg),
+		Short: "Deletes a Secrets Manager user",
+		Long: fmt.Sprintf("%s\n%s",
+			"Deletes a Secrets Manager user by ID. You can get the IDs of users for an instance by running:",
+			"  $ stackit secrets-manager user list --instance-id <INSTANCE_ID>",
+		),
+		Example: examples.Build(
+			examples.NewExample(
+				`Delete a Secrets Manager user with ID "xxx" for instance with ID "yyy"`,
+				"$ stackit secrets-manager user delete xxx --instance-id yyy"),
+		),
+		Args: args.SingleArg(userIdArg, utils.ValidateUUID),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			ctx := context.Background()
+			model, err := parseInput(cmd, args)
+			if err != nil {
+				return err
+			}
+
+			// Configure API client
+			apiClient, err := client.ConfigureClient(cmd)
+			if err != nil {
+				return err
+			}
+
+			instanceLabel, err := secretsManagerUtils.GetInstanceName(ctx, apiClient, model.ProjectId, model.InstanceId)
+			if err != nil {
+				instanceLabel = model.InstanceId
+			}
+
+			userLabel, userDescription, err := secretsManagerUtils.GetUserDetails(ctx, apiClient, model.ProjectId, model.InstanceId, model.UserId)
+			if err != nil {
+				userLabel = model.UserId
+			}
+
+			if !model.AssumeYes {
+				prompt := fmt.Sprintf("Are you sure you want to delete user %q (%q) of instance %q? (This cannot be undone)", userLabel, userDescription, instanceLabel)
+				err = confirm.PromptForConfirmation(cmd, prompt)
+				if err != nil {
+					return err
+				}
+			}
+
+			// Call API
+			req := buildRequest(ctx, model, apiClient)
+			err = req.Execute()
+			if err != nil {
+				return fmt.Errorf("delete Secrets Manager user: %w", err)
+			}
+
+			cmd.Printf("Deleted user %q of instance %q\n", userLabel, instanceLabel)
+			return nil
+		},
+	}
+	configureFlags(cmd)
+	return cmd
+}
+
+func configureFlags(cmd *cobra.Command) {
+	cmd.Flags().Var(flags.UUIDFlag(), instanceIdFlag, "Instance ID")
+
+	err := flags.MarkFlagsRequired(cmd, instanceIdFlag)
+	cobra.CheckErr(err)
+}
+
+func parseInput(cmd *cobra.Command, inputArgs []string) (*inputModel, error) {
+	userId := inputArgs[0]
+
+	globalFlags := globalflags.Parse(cmd)
+	if globalFlags.ProjectId == "" {
+		return nil, &errors.ProjectIdError{}
+	}
+
+	return &inputModel{
+		GlobalFlagModel: globalFlags,
+		InstanceId:      flags.FlagToStringValue(cmd, instanceIdFlag),
+		UserId:          userId,
+	}, nil
+}
+
+func buildRequest(ctx context.Context, model *inputModel, apiClient *secretsmanager.APIClient) secretsmanager.ApiDeleteUserRequest {
+	req := apiClient.DeleteUser(ctx, model.ProjectId, model.InstanceId, model.UserId)
+	return req
+}