From d8feac8dfb63b2306919da62c518bbfb5a8d4a78 Mon Sep 17 00:00:00 2001
From: grokify <johncwang@gmail.com>
Date: Mon, 19 Sep 2022 08:52:14 +0000
Subject: [PATCH 1/7] add Cloud WAF Certificate support

---
 go.mod                                        |   4 +-
 go.sum                                        |   4 +-
 provider/lib.go                               |   7 +
 provider/provider.go                          |  15 +-
 .../resource_corp_cloudwaf_certificate.go     | 207 +++++++++++++++
 ...resource_corp_cloudwaf_certificate_test.go | 237 ++++++++++++++++++
 6 files changed, 463 insertions(+), 11 deletions(-)
 create mode 100644 provider/resource_corp_cloudwaf_certificate.go
 create mode 100644 provider/resource_corp_cloudwaf_certificate_test.go

diff --git a/go.mod b/go.mod
index b9a901b..cb52ebb 100644
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.17
 require (
 	github.com/davecgh/go-spew v1.1.1
 	github.com/hashicorp/terraform-plugin-sdk v1.14.0
-	github.com/signalsciences/go-sigsci v0.1.5
+	github.com/signalsciences/go-sigsci v0.1.6
 )
 
 require (
@@ -70,4 +70,4 @@ require (
 	google.golang.org/grpc v1.27.1 // indirect
 )
 
-//replace github.com/signalsciences/go-sigsci v0.1.5 => ../go-sigsci
+//replace github.com/signalsciences/go-sigsci v0.1.6 => ../go-sigsci
diff --git a/go.sum b/go.sum
index 48cd743..d97aee0 100644
--- a/go.sum
+++ b/go.sum
@@ -168,8 +168,8 @@ github.com/posener/complete v1.2.1/go.mod h1:6gapUrK/U1TAN7ciCoNRIdVC5sbdBTUh1DK
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
-github.com/signalsciences/go-sigsci v0.1.5 h1:sKAFGo70Bv/F1QYL5W9mmo4BAWX0B9xmVk0rWQwmKRA=
-github.com/signalsciences/go-sigsci v0.1.5/go.mod h1:9eUL/FIXlslxnqtsf0yk67CSBiYdL4ToYjYybzWQ77A=
+github.com/signalsciences/go-sigsci v0.1.6 h1:O3v1kQOA00d+HO4pD8ykymouojBe02bYy0gj15ow8jA=
+github.com/signalsciences/go-sigsci v0.1.6/go.mod h1:9eUL/FIXlslxnqtsf0yk67CSBiYdL4ToYjYybzWQ77A=
 github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
 github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
diff --git a/provider/lib.go b/provider/lib.go
index 62a6ff5..0238520 100644
--- a/provider/lib.go
+++ b/provider/lib.go
@@ -12,6 +12,13 @@ import (
 	"github.com/signalsciences/go-sigsci"
 )
 
+func suppressEquivalentTrimSpaceDiffs(k, old, new string, d *schema.ResourceData) bool {
+	if strings.TrimSpace(old) == strings.TrimSpace(new) {
+		return true
+	}
+	return false
+}
+
 type providerMetadata struct {
 	Corp   string
 	Client sigsci.Client
diff --git a/provider/provider.go b/provider/provider.go
index fc30958..cfc08fb 100644
--- a/provider/provider.go
+++ b/provider/provider.go
@@ -50,13 +50,14 @@ func Provider() terraform.ResourceProvider {
 			"sigsci_site_blocklist":      resourceSiteBlocklist(),
 			"sigsci_site_allowlist":      resourceSiteAllowlist(),
 			//"sigsci_site_monitor":        resourceSiteMonitor(),
-			"sigsci_site_header_link":       resourceSiteHeaderLink(),
-			"sigsci_site_integration":       resourceSiteIntegration(),
-			"sigsci_corp_list":              resourceCorpList(),
-			"sigsci_corp_rule":              resourceCorpRule(),
-			"sigsci_corp_signal_tag":        resourceCorpSignalTag(),
-			"sigsci_corp_integration":       resourceCorpIntegration(),
-			"sigsci_corp_cloudwaf_instance": resourceCorpCloudWAFInstance(),
+			"sigsci_site_header_link":          resourceSiteHeaderLink(),
+			"sigsci_site_integration":          resourceSiteIntegration(),
+			"sigsci_corp_list":                 resourceCorpList(),
+			"sigsci_corp_rule":                 resourceCorpRule(),
+			"sigsci_corp_signal_tag":           resourceCorpSignalTag(),
+			"sigsci_corp_integration":          resourceCorpIntegration(),
+			"sigsci_corp_cloudwaf_instance":    resourceCorpCloudWAFInstance(),
+			"sigsci_corp_cloudwaf_certificate": resourceCorpCloudWAFCertificate(),
 		},
 	}
 	provider.ConfigureFunc = providerConfigure()
diff --git a/provider/resource_corp_cloudwaf_certificate.go b/provider/resource_corp_cloudwaf_certificate.go
new file mode 100644
index 0000000..20444ab
--- /dev/null
+++ b/provider/resource_corp_cloudwaf_certificate.go
@@ -0,0 +1,207 @@
+package provider
+
+import (
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/signalsciences/go-sigsci"
+)
+
+func resourceCorpCloudWAFCertificate() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceCorpCloudWAFCertificateCreate,
+		Read:   resourceCorpCloudWAFCertificateRead,
+		Update: resourceCorpCloudWAFCertificateUpdate,
+		Delete: resourceCorpCloudWAFCertificateDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:        schema.TypeString,
+				Description: "Friendly name to identify a CloudWAF certificate",
+				Required:    true,
+			},
+			"certificate_body": {
+				Type:             schema.TypeString,
+				Description:      "Body of the certificate in PEM format",
+				Required:         true,
+				DiffSuppressFunc: suppressEquivalentTrimSpaceDiffs,
+			},
+			"certificate_chain": {
+				Type:             schema.TypeString,
+				Description:      "Certificate chain in PEM format",
+				Optional:         true,
+				DiffSuppressFunc: suppressEquivalentTrimSpaceDiffs,
+			},
+			"private_key": {
+				Type:        schema.TypeString,
+				Description: "Private key of the certificate in PEM format - must be unencrypted",
+				Required:    true,
+				Sensitive:   true,
+			},
+			"common_name": {
+				Type:        schema.TypeString,
+				Description: "Common name of the uploaded certificate",
+				Computed:    true,
+			},
+			"expires_at": {
+				Type:        schema.TypeString,
+				Description: "TimeStamp for when certificate expires in RFC3339 date time format",
+				Computed:    true,
+			},
+			"fingerprint": {
+				Type:        schema.TypeString,
+				Description: "SHA1 fingerprint of the certififcate",
+				Computed:    true,
+			},
+			"status": {
+				Type:        schema.TypeString,
+				Description: `Current status of the certificate - could be one of "unknown", "active", "pendingverification", "expired", "error"`,
+				Computed:    true,
+			},
+			"subject_alternative_names": {
+				Type:        schema.TypeSet,
+				Description: "Subject alternative names from the uploaded certificate",
+				Computed:    true,
+				Elem:        &schema.Schema{Type: schema.TypeString},
+			},
+			"created_by": {
+				Type:        schema.TypeString,
+				Description: "Email address of the user that created the certfificate",
+				Computed:    true,
+			},
+			"created": {
+				Type:        schema.TypeString,
+				Description: "Created RFC3339 date time",
+				Computed:    true,
+			},
+			"updated_by": {
+				Type:        schema.TypeString,
+				Description: "Email address of the user that updated the certificate",
+				Computed:    true,
+			},
+			"updated_at": {
+				Type:        schema.TypeString,
+				Description: "Updated RFC3339 date time",
+				Computed:    true,
+			},
+		},
+	}
+}
+
+func resourceCorpCloudWAFCertificateCreate(d *schema.ResourceData, m interface{}) error {
+	pm := m.(providerMetadata)
+	sc := pm.Client
+
+	resp, err := sc.UploadCloudWAFCertificate(pm.Corp, sigsci.UploadCloudWAFCertificateBody{
+		CloudWAFCertificateBase: sigsci.CloudWAFCertificateBase{
+			Name:             d.Get("name").(string),
+			CertificateBody:  strings.TrimSpace(d.Get("certificate_body").(string)),
+			CertificateChain: strings.TrimSpace(d.Get("certificate_chain").(string)),
+		},
+		PrivateKey: strings.TrimSpace(d.Get("private_key").(string)),
+	})
+	if err != nil {
+		return err
+	}
+
+	d.SetId(resp.ID)
+
+	return resourceCorpCloudWAFCertificateRead(d, m)
+}
+
+func resourceCorpCloudWAFCertificateRead(d *schema.ResourceData, m interface{}) error {
+	pm := m.(providerMetadata)
+	sc := pm.Client
+
+	cwaf, err := sc.GetCloudWAFCertificate(pm.Corp, d.Id())
+	if err != nil {
+		d.SetId("")
+		return nil
+	}
+
+	d.SetId(d.Id())
+	err = d.Set("name", cwaf.Name)
+	if err != nil {
+		return err
+	}
+	err = d.Set("certificate_body", strings.TrimSpace(cwaf.CertificateBody))
+	if err != nil {
+		return err
+	}
+	err = d.Set("certificate_chain", strings.TrimSpace(cwaf.CertificateChain))
+	if err != nil {
+		return err
+	}
+	err = d.Set("common_name", cwaf.CommonName)
+	if err != nil {
+		return err
+	}
+	err = d.Set("expires_at", cwaf.ExpiresAt)
+	if err != nil {
+		return err
+	}
+	err = d.Set("fingerprint", cwaf.Fingerprint)
+	if err != nil {
+		return err
+	}
+	err = d.Set("status", cwaf.Status)
+	if err != nil {
+		return err
+	}
+	err = d.Set("subject_alternative_names", flattenStringArray(cwaf.SubjectAlternativeNames))
+	if err != nil {
+		return err
+	}
+	err = d.Set("created_by", cwaf.CreatedBy)
+	if err != nil {
+		return err
+	}
+	err = d.Set("created", cwaf.Created)
+	if err != nil {
+		return err
+	}
+	err = d.Set("updated_by", cwaf.UpdatedBy)
+	if err != nil {
+		return err
+	}
+	err = d.Set("updated_at", cwaf.UpdatedAt)
+	if err != nil {
+		return err
+	}
+
+	// set zero value for diff - https://github.com/hashicorp/terraform/issues/20985
+	err = d.Set("private_key", "")
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func resourceCorpCloudWAFCertificateUpdate(d *schema.ResourceData, m interface{}) error {
+	pm := m.(providerMetadata)
+	sc := pm.Client
+
+	_, err := sc.UpdateCloudWAFCertificate(pm.Corp, d.Id(), sigsci.UpdateCloudWAFCertificateBody{
+		Name: d.Get("name").(string),
+	})
+	if err != nil {
+		return nil
+	}
+
+	return resourceCorpCloudWAFCertificateRead(d, m)
+}
+
+func resourceCorpCloudWAFCertificateDelete(d *schema.ResourceData, m interface{}) error {
+	pm := m.(providerMetadata)
+	sc := pm.Client
+
+	err := sc.DeleteCloudWAFCertificate(pm.Corp, d.Id())
+	if err != nil {
+		return err
+	}
+	d.SetId("")
+	return nil
+}
diff --git a/provider/resource_corp_cloudwaf_certificate_test.go b/provider/resource_corp_cloudwaf_certificate_test.go
new file mode 100644
index 0000000..4bf945b
--- /dev/null
+++ b/provider/resource_corp_cloudwaf_certificate_test.go
@@ -0,0 +1,237 @@
+package provider
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+)
+
+func TestAccResourceCorpCloudWAFCertificateCRUD_basic(t *testing.T) {
+	t.Parallel()
+
+	resourceName := "sigsci_corp_cloudwaf_certificate.test_cloudwaf_certificate"
+	certificateName := "Cloud WAF Certificate by SigSci Terraform provider test"
+	certificateBody := `-----BEGIN CERTIFICATE-----
+MIICzDCCAbQCCQDV2NzCr6aPbDANBgkqhkiG9w0BAQsFADAoMQwwCgYDVQQLDAN3
+ZWIxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTAeFw0yMjA5MDMxNzE5MTVaFw0z
+MjA4MzExNzE5MTVaMCgxDDAKBgNVBAsMA3dlYjEYMBYGA1UEAwwPd3d3LmV4YW1w
+bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xLllGg3Kl0S
+W16pOwH4VXyGTyByWk3gShoSnEXqWYwoGDF18YhGFFMYLUBNfbDG/jy8MLiKY20R
+BhV5hpObd4ZQq4PIlTl4ZNKy07CUPX/AufdbQzrFCQy96lXBVjo6gR10TD+F/CjC
+tOkM83dxtZoSPzH86eHteos41+apjgpfvVai3vkBNuZeeoxuERkxuGsfpcK2qWTg
+ZFuncrWt6Plvlu70qGEIPtiFiPfQ8Rs2mdzKJEBC8nb4nqSWxIbY9Z87yS3X3C/A
+0xr0W4YxOLyCN94qr+Cc3Zl6DvjOv3LWAfv4qFXApWD9f8ynAzjojqfnXtavV6+D
+1SOdvMcTVQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQDG9lhmTU9EzE/B7hAhNPj2
+LHlRPj8ASnSpxBzWn6Acyu9hHJbGhkR8BnRPPjihH8kv+zRaRVYxhG2sb99qg168
+rPKWMbZI6ZvCQGKNjLpwUARwPOKeZ8zF+qyzxdpM9mMyzx9SI1QXDirA0BsUbAjm
+RfioqCdT54F8gFrH1+AnUX4Kf2euTS65bHRgegDiIsrAmwcRrzC8ev1SDiPMUkyC
+goD1A0LHXLN1LMTs6qBXIkbCjYNRkPZBRagEu68CkwjT5H4vBIl39+Lcvo2WCBSG
+j4LzHGcDief95tMLhz0f5g0geV3ytrld5NSw0g1sEYJlDe8NA/aDi4gVviOt3Z5A
+-----END CERTIFICATE-----`
+	privateKey := `-----BEGIN PRIVATE KEY-----
+MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDfEuWUaDcqXRJb
+Xqk7AfhVfIZPIHJaTeBKGhKcRepZjCgYMXXxiEYUUxgtQE19sMb+PLwwuIpjbREG
+FXmGk5t3hlCrg8iVOXhk0rLTsJQ9f8C591tDOsUJDL3qVcFWOjqBHXRMP4X8KMK0
+6Qzzd3G1mhI/Mfzp4e16izjX5qmOCl+9VqLe+QE25l56jG4RGTG4ax+lwrapZOBk
+W6dyta3o+W+W7vSoYQg+2IWI99DxGzaZ3MokQELydviepJbEhtj1nzvJLdfcL8DT
+GvRbhjE4vII33iqv4JzdmXoO+M6/ctYB+/ioVcClYP1/zKcDOOiOp+de1q9Xr4PV
+I528xxNVAgMBAAECggEBAKPsP/aJipg/4oBwFE2/SdyP8CZvQnjnpzzs4eYiXm7F
+VqVIm1INAOpokWiXSxpk8CXdPbFTuqYLfKoK182z5Fe1xMv0wE4f+D+msTBsHtL+
+cQJ3KYJCyo225kwwDi2uBlXg7hglyfCdh07nvtOeX1nCyUvVEPRRSHB3pCLLZqdv
+ysCCL4Sowuebcpec3w3nCuMTg+L1nxdk25C53EjsYGqMQgq0YX/CTo+M2X2Infac
+3Ig5bkQohaOz724L7mc63UaT9m36vgEUZfwndxxVUBHzxQ/tqr/O4XEKmSdFrExh
+yw+YFyP43WcE0m1lc2hYHKEwTM1QF1nVY60fyPJ0zCECgYEA9ljzLd8OjXKbhK7S
+HZWZyR1+Lo4HnrBsLgCJVIuGuWi6gDi8hsarYpTe8RVhgqBaudMpK+Eup76WuMBt
+F9RVpzkNBE7T+p1jkmCWOIkCpvf2/IoqlZ1ao5qu1fhK5HpnsYCTmUHhJmid3da9
+eT34oR2WnvJ9s6fvqC1C6URtsE0CgYEA59B+pvJxvV8klPDfIgN31bcR90srHJTJ
+ST3lnVMJNND6PJ3D96YJSHV0EIotqyXlv/droqerhNJ+gNOHvrXMKTJ7udCDQKfW
+6IFiWaRW1SkqUEXlv59JI6Ip3B9Rfi3w3rPhNLAi/7GjSm33C+OgsMVq9ZBTMjR6
+qnS872CwsykCgYEAq22+3D8K+3ezraOSaDAA8qlpc7A2sUGIJoMNDh6CRGgS0MOq
+vgdmoJWEhzQfxS0dtY6yaeyr8ON6M1sFD74dVN8opcTNUutPrT81imYdyF9qKtdj
+RvZXat5rqE6+nzxnCGi3TcFAkt/ea8/RzptHd6cFd9q7itfkuJ22oGmUA0kCgYEA
+zmvUO+kr6wtr0czjhLA952rLbr/ateqviq65ZmxoiEWGbq+1rzKElacxIQFKRVrL
+yTMS/5X6n52o1CKIgAP2tsCjeAT6u3o5XnTIFTbHs6yiZzS2rvmx8S8Xw1GICanz
+EPxwj7BAmhueYkqlcErT7lT9N4m667vbdynYi/g3oHECgYEA5dCjPFl94ZGStHF2
+4+cI1NCbVTnQApFI1+Vmd4lED619KSnpk/77TaYTh2I8gsK3OZP4crvee5aL41TJ
+Y20XmAq/Dvv3g7QR97ND/AghEU8nnpZo1fgHzCcyZSkaBzMFeYdsfaGDncM56I0B
+65yblwYq9Vyzy3hBFY6XGaFdnZ0=
+-----END PRIVATE KEY-----`
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckCorpCloudWAFCertificateDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: fmt.Sprintf(`resource "sigsci_corp_cloudwaf_certificate" "test_cloudwaf_certificate"{
+					name = "%s"
+					certificate_body = <<CERT
+%s
+CERT
+					private_key = <<PRIVATEKEY
+%s
+PRIVATEKEY
+					lifecycle {
+						ignore_changes = [
+							private_key
+						]
+					}
+				}`, certificateName, certificateBody, privateKey),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "name", certificateName),
+					resource.TestCheckResourceAttr(resourceName, "certificate_body", certificateBody),
+					resource.TestCheckResourceAttr(resourceName, "certificate_chain", ""),
+					resource.TestCheckResourceAttr(resourceName, "common_name", "www.example.com"),
+					resource.TestCheckResourceAttr(resourceName, "expires_at", "2032-08-31T17:19:15Z"),
+					resource.TestCheckResourceAttr(resourceName, "fingerprint", "d3d246a79291ce3448f13b99d34d09066861c71a"),
+					resource.TestCheckResourceAttr(resourceName, "status", "active"),
+					resource.TestCheckResourceAttrSet(resourceName, "created_by"),
+					resource.TestCheckResourceAttrSet(resourceName, "created"),
+					resource.TestCheckResourceAttrSet(resourceName, "updated_by"),
+					resource.TestCheckResourceAttrSet(resourceName, "updated_at"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateCheck:  testAccImportStateCheckFunction(1),
+			},
+		},
+	})
+}
+
+func TestAccResourceCorpCloudWAFCertificateCRUD_SAN(t *testing.T) {
+	t.Parallel()
+
+	resourceNameSAN := "sigsci_corp_cloudwaf_certificate.test_cloudwaf_certificate_san"
+	certificateNameSAN := "Cloud WAF Certificate by SigSci Terraform provider test with SANs"
+	certificateBodySAN := `-----BEGIN CERTIFICATE-----
+MIIEozCCA4ugAwIBAgIJAIy4L1oqVlDVMA0GCSqGSIb3DQEBCwUAMIG5MQswCQYD
+VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j
+aXNjbzEdMBsGA1UECgwURXhhbXBsZSBPcmdhbml6YXRpb24xJDAiBgNVBAsMG0V4
+YW1wbGUgT3JnYW5pemF0aW9uYWwgVW5pdDEUMBIGA1UEAwwLZXhhbXBsZS5jb20x
+IjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20wHhcNMjIwOTE4MjI0
+OTEwWhcNMzIwOTE1MjI0OTEwWjCBuTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNh
+bGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xHTAbBgNVBAoMFEV4YW1w
+bGUgT3JnYW5pemF0aW9uMSQwIgYDVQQLDBtFeGFtcGxlIE9yZ2FuaXphdGlvbmFs
+IFVuaXQxFDASBgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt
+cGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+xJXwW8I9MRC35ONpki/yNK1lPsPS36btinsQ6qt6cFq5+9Hy61a+pUwUESwPVXxe
+PinMEq10J/Wm2AP3zOUQY5bHBwv3oGOCQTeZTIl9UimEOu96/6Q5belnQBTg0iSd
+WMbz/xO8asd0lsL1wdNVQ3nDkN6HQvypuE2t88O0Sz9k9+M4nKYgGyJqdOW457Ko
+HRbZxicRRF+9k8yGxD1Yv5i3AozHqxLdZ8/NOScVCW2pewwxq/iPU8YguD8gxiDk
+memD7hKY7HuK+YiG4ar8jchupTt6TYJoq6msumxfcCepe/bHRMONzcwDfP8U/Dn8
+C2gzk86YuV3esc8FVadqKwIDAQABo4GrMIGoMHkGA1UdEQRyMHCCD3d3dy5leGFt
+cGxlLmNvbYIPZnRwLmV4YW1wbGUuY29tghBtYWlsLmV4YW1wbGUuY29tggtleGFt
+cGxlLm5ldIIPd3d3LmV4YW1wbGUubmV0ggtleGFtcGxlLm9yZ4IPd3d3LmV4YW1w
+bGUub3JnMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUF
+BwMBMA0GCSqGSIb3DQEBCwUAA4IBAQBucpfz4j1hCKxaNzlIWr8/gn5r11tdKcg4
+lXk8PXD+JOoxWTeSArVLIblaE5v3KFWN7fpGECviN0e6cbb6qrAtpekkGl7bdFEg
+fwl+Qruiqw99WdIru0lu6ZDvRNw8OZHUAHSK1mFC1bNPQeLHWpVvLyfgukxmjO2E
+VseStN/Ld1ZO/P9CQpeMw8/GagUeVhP7oq9t0N3r9f8iPvqPU+hgFnH5FcEjIosf
+Mo4XLx5DAViHYDs+k0Zv/bnwIb6b10DvjzHo0RXYX2p74pz+MDbyVfPkiyv+rIXY
+67YJjaYyteLj+UP1wVKa8qmZBg8zSbZqpcU2d8CDs6aoiVKpHqg/
+-----END CERTIFICATE-----`
+	privateKeySAN := `-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDElfBbwj0xELfk
+42mSL/I0rWU+w9Lfpu2KexDqq3pwWrn70fLrVr6lTBQRLA9VfF4+KcwSrXQn9abY
+A/fM5RBjlscHC/egY4JBN5lMiX1SKYQ673r/pDlt6WdAFODSJJ1YxvP/E7xqx3SW
+wvXB01VDecOQ3odC/Km4Ta3zw7RLP2T34zicpiAbImp05bjnsqgdFtnGJxFEX72T
+zIbEPVi/mLcCjMerEt1nz805JxUJbal7DDGr+I9TxiC4PyDGIOSZ6YPuEpjse4r5
+iIbhqvyNyG6lO3pNgmirqay6bF9wJ6l79sdEw43NzAN8/xT8OfwLaDOTzpi5Xd6x
+zwVVp2orAgMBAAECggEAKiN5wjGArGPJB2c32f4tDN2eNjYDna1KfcSje6oGNM89
+zpzSVV/ivcvxAT1QjCJ8kRakh9xmaapeeS9gjqsLOE25m+kUy2yJHzGrypwuIM6F
+aZyr4OBy7vx5BWN0TZdLoxwCcUrpuHnIpAhmZYXHYQ9YvFT26YT/XGJKR1ZL71Tm
+2fR7HiO3wHCqdkNr2p/PjORsLJzeuBwX5BHCA27jJrxclsb/fvsCy4zNRjU/VapN
+rvrSs+EbrB9U5xNj+NqhIJpw8bCVZHfeAK4vxNLyXU+VgboxKM+VzPx4RCcJVPGW
+rcE+KhIA1HQvWvIfIjgu0igdTnuUWamWGeQVFUgwAQKBgQD2CimkNLEw68Ik7FwD
+ewEALrDmioPWzOUUFxjuhZMqR4VQIefriEBTASYyV0LRgZlQZ9N2P9Y3tz0TA7gk
+8cmQ/cXHuklgiqv65bxYWbF7Z4VT5Ofnj5NgB6y6Qyo8724R7tZP52FWum+oqLK0
+9lyzlk9pjTwBB/avJG9GZ1rEQQKBgQDMi0I8AxgbbZ54I/v3WvyyMkMWfojHycwC
+tIHqqj0DgWo6ywCXN1Uh5hYzUc8rbD8Aj0ayaEY2tt4sfroZWL18hE+7+zF5T33g
+r9ugexiSWPXJYPzsfcY9L5wMsislfebdilu6zaK+1JTZrcixStVkQodN/Mnwht8G
+qzhm/0KjawKBgFsWohoH4/3Pmr3ev6YOOO2fW6DOcUbp7nmEn5dW3ogNmH51Pw6F
+EANq7oA+rB8yUtdgyPoDYkSYU0Uh4F/VICHMwhdSkW3riQZHXXZ8JmggiEzp9y1U
+i2RHExyWVyHeJqr++Fr2t6PLPCF960Nx3hoisN3MCwX6s8pdu9Cd3Q3BAoGBAKWa
+SfHUf3wVcCvM1n8Zx2VulCpuH8fBdc7q3hRj6CoiaSNYoA3N2rsrUeYS4ixB43BM
+j+x5x/8cZxyXLYy/8AoUBYoogZG57iwvtR1lDCvQoo58W8oMuqdnGGyfA5fDK1tK
+XaIMQytFaY4jyUzhTYty4aEefVCjoYYAshWRrR4pAoGBAOCJRQV5jT/6Zk+vjdtu
+kxvINjcwcyux6QVomkSP60o4BQI6+KNVa8aguQUYdVsP7WzJjj9ivJWOUAL2S4Q9
+zNwDGTj0Iz8JYyqptGl9laPt7DXZkfmROl0OEP4SS5CYTf0r2ZCwcQ30lVEJteRQ
+RUh/KHYQRK0Cvo1agUHXkXvo
+-----END PRIVATE KEY-----`
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckCorpCloudWAFCertificateDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: fmt.Sprintf(`resource "sigsci_corp_cloudwaf_certificate" "test_cloudwaf_certificate_san"{
+					name = "%s"
+					certificate_body = <<CERT
+%s
+CERT
+					certificate_chain = <<CHAIN
+%s
+CHAIN
+					private_key = <<PRIVATEKEY
+%s
+PRIVATEKEY
+					lifecycle {
+						ignore_changes = [
+							private_key
+						]
+					}
+				}`, certificateNameSAN, certificateBodySAN, certificateBodySAN, privateKeySAN),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceNameSAN, "name", certificateNameSAN),
+					resource.TestCheckResourceAttr(resourceNameSAN, "certificate_body", certificateBodySAN),
+					resource.TestCheckResourceAttr(resourceNameSAN, "certificate_chain", certificateBodySAN),
+					resource.TestCheckResourceAttr(resourceNameSAN, "common_name", "example.com"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "expires_at", "2032-09-15T22:49:10Z"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "fingerprint", "78035e30621e0bbe92b9fce269a88a753ffe1154"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "status", "active"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.#", "7"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.1066711791", "www.example.com"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.1320559578", "mail.example.com"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.1533628156", "www.example.net"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.1975881950", "example.org"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.2605964798", "www.example.org"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.3053388764", "example.net"),
+					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.57398617", "ftp.example.com"),
+					resource.TestCheckResourceAttrSet(resourceNameSAN, "created_by"),
+					resource.TestCheckResourceAttrSet(resourceNameSAN, "created"),
+					resource.TestCheckResourceAttrSet(resourceNameSAN, "updated_by"),
+					resource.TestCheckResourceAttrSet(resourceNameSAN, "updated_at"),
+				),
+			},
+			{
+				ResourceName:      resourceNameSAN,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateCheck:  testAccImportStateCheckFunction(1),
+			},
+		},
+	})
+}
+
+func testAccCheckCorpCloudWAFCertificateDestroy(s *terraform.State) error {
+	pm := testAccProvider.Meta().(providerMetadata)
+	sc := pm.Client
+
+	resourceType := "sigsci_corp_cloudwaf_certificate"
+	for _, resource := range s.RootModule().Resources {
+		if resource.Type != resourceType {
+			continue
+		}
+		readResp, err := sc.GetCloudWAFCertificate(pm.Corp, resource.Primary.Attributes["id"])
+		if err == nil {
+			return fmt.Errorf("%s %#v still exists", resourceType, readResp)
+		}
+	}
+	return nil
+}

From 9acf991862ebdb26c35744dae98b6979e0369574 Mon Sep 17 00:00:00 2001
From: grokify <johncwang@gmail.com>
Date: Mon, 19 Sep 2022 10:09:59 +0000
Subject: [PATCH 2/7] add Cloud WAF Certificate docs

---
 docs/resources/corp_cloudwaf_certificate.md | 56 +++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 docs/resources/corp_cloudwaf_certificate.md

diff --git a/docs/resources/corp_cloudwaf_certificate.md b/docs/resources/corp_cloudwaf_certificate.md
new file mode 100644
index 0000000..a7db841
--- /dev/null
+++ b/docs/resources/corp_cloudwaf_certificate.md
@@ -0,0 +1,56 @@
+### Example Usage
+
+```hcl-terraform
+resource "sigsci_corp_cloudwaf_certificate" "test_corp_cloudwaf_certificate" {
+    name = "Test Cloud WAF Certificate"
+    certificate_body = <<CERT
+-----BEGIN CERTIFICATE-----
+[encoded certificate]
+-----END CERTIFICATE-----
+CERT
+    certificate_chain = <<CHAIN
+-----BEGIN CERTIFICATE-----
+[encoded certificate chain]
+-----END CERTIFICATE-----
+CHAIN
+    private_key = <<PRIVATEKEY
+-----BEGIN PRIVATE KEY-----
+[encoded privatekey]]
+----END PRIVATE KEY-----
+PRIVATEKEY
+    lifecycle {
+        ignore_changes = [
+            private_key
+        ]
+    }
+}
+```
+|Warning: Changes for `private_key` must be ignored in your HCL as it is required for creation but not provided in a read response due to the sensitive nature of the private key.|
+|---|
+
+### Argument Reference
+- `name` - (Required) Friendly name to identify a CloudWAF certificate.
+- `certificate_body` - (Required) Body of the certificate in PEM format.
+- `certificate_chain` - (Optional) Certificate chain in PEM format.
+- `private_key` - (Required) Private key of the certificate in PEM format - must be unencrypted.
+
+### Attributes Reference
+In addition to all arguments, the following fields are also available
+- `id` - CloudWAF certificate unique identifier.
+- `common_name` - Common name of the uploaded certificate.
+- `expires_at` - TimeStamp for when certificate expires in RFC3339 date time format.
+- `fingerprint` - SHA1 fingerprint of the certififcate.
+- `status` - Current status of the certificate - could be one of "unknown", "active", "pendingverification", "expired", "error".
+- `subject_alternative_names` - Subject alternative names from the uploaded certificate.
+- `created_by` - Email address of the user that created the certfificate.
+- `created` - Created RFC3339 date time.
+- `updated_by` - Email address of the user that updated the certificate.
+- `updated_at` - Updated RFC3339 date time.
+
+### Import
+You can import corp lists with the generic site import formula
+
+Example:
+```shell script
+$ terraform import sigsci_corp_cloudwaf_certificate.test id
+```

From 099f2400d3845b2364004ffd531c460c4eaf751c Mon Sep 17 00:00:00 2001
From: grokify <johncwang@gmail.com>
Date: Fri, 23 Sep 2022 08:53:09 +0000
Subject: [PATCH 3/7] update Terraform Cloud WAF Certificate

---
 docs/resources/corp_cloudwaf_certificate.md   | 11 ----
 main.tf                                       | 59 ++++++++++++++++++-
 .../resource_corp_cloudwaf_certificate.go     | 43 +-------------
 ...resource_corp_cloudwaf_certificate_test.go | 36 ++++-------
 4 files changed, 67 insertions(+), 82 deletions(-)

diff --git a/docs/resources/corp_cloudwaf_certificate.md b/docs/resources/corp_cloudwaf_certificate.md
index a7db841..e339d80 100644
--- a/docs/resources/corp_cloudwaf_certificate.md
+++ b/docs/resources/corp_cloudwaf_certificate.md
@@ -18,15 +18,8 @@ CHAIN
 [encoded privatekey]]
 ----END PRIVATE KEY-----
 PRIVATEKEY
-    lifecycle {
-        ignore_changes = [
-            private_key
-        ]
-    }
 }
 ```
-|Warning: Changes for `private_key` must be ignored in your HCL as it is required for creation but not provided in a read response due to the sensitive nature of the private key.|
-|---|
 
 ### Argument Reference
 - `name` - (Required) Friendly name to identify a CloudWAF certificate.
@@ -42,10 +35,6 @@ In addition to all arguments, the following fields are also available
 - `fingerprint` - SHA1 fingerprint of the certififcate.
 - `status` - Current status of the certificate - could be one of "unknown", "active", "pendingverification", "expired", "error".
 - `subject_alternative_names` - Subject alternative names from the uploaded certificate.
-- `created_by` - Email address of the user that created the certfificate.
-- `created` - Created RFC3339 date time.
-- `updated_by` - Email address of the user that updated the certificate.
-- `updated_at` - Updated RFC3339 date time.
 
 ### Import
 You can import corp lists with the generic site import formula
diff --git a/main.tf b/main.tf
index 10db71a..6f42b9d 100644
--- a/main.tf
+++ b/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     sigsci = {
       source  = "signalsciences/sigsci"
-      version = "0.4.2"
+      version = "1.0.1"
     }
   }
 }
@@ -13,7 +13,7 @@ terraform {
 //  required_providers {
 //    sigsci = {
 //      source  = "signalsciences/local/sigsci"
-//      version = "0.4.2"
+//      version = "1.0.1"
 //    }
 //  }
 //}
@@ -334,4 +334,57 @@ resource "sigsci_site_integration" "test_integration" {
   type            = "slack"
   url             = "https://wat.slack.com"
   events          = ["listCreated"]
-}
\ No newline at end of file
+}
+
+resource "sigsci_corp_cloudwaf_certificate" "test_cloudwaf_certificate"{
+  name = "Certificate Name"
+  certificate_body = <<CERT
+-----BEGIN CERTIFICATE-----
+MIICzDCCAbQCCQDV2NzCr6aPbDANBgkqhkiG9w0BAQsFADAoMQwwCgYDVQQLDAN3
+ZWIxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTAeFw0yMjA5MDMxNzE5MTVaFw0z
+MjA4MzExNzE5MTVaMCgxDDAKBgNVBAsMA3dlYjEYMBYGA1UEAwwPd3d3LmV4YW1w
+bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xLllGg3Kl0S
+W16pOwH4VXyGTyByWk3gShoSnEXqWYwoGDF18YhGFFMYLUBNfbDG/jy8MLiKY20R
+BhV5hpObd4ZQq4PIlTl4ZNKy07CUPX/AufdbQzrFCQy96lXBVjo6gR10TD+F/CjC
+tOkM83dxtZoSPzH86eHteos41+apjgpfvVai3vkBNuZeeoxuERkxuGsfpcK2qWTg
+ZFuncrWt6Plvlu70qGEIPtiFiPfQ8Rs2mdzKJEBC8nb4nqSWxIbY9Z87yS3X3C/A
+0xr0W4YxOLyCN94qr+Cc3Zl6DvjOv3LWAfv4qFXApWD9f8ynAzjojqfnXtavV6+D
+1SOdvMcTVQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQDG9lhmTU9EzE/B7hAhNPj2
+LHlRPj8ASnSpxBzWn6Acyu9hHJbGhkR8BnRPPjihH8kv+zRaRVYxhG2sb99qg168
+rPKWMbZI6ZvCQGKNjLpwUARwPOKeZ8zF+qyzxdpM9mMyzx9SI1QXDirA0BsUbAjm
+RfioqCdT54F8gFrH1+AnUX4Kf2euTS65bHRgegDiIsrAmwcRrzC8ev1SDiPMUkyC
+goD1A0LHXLN1LMTs6qBXIkbCjYNRkPZBRagEu68CkwjT5H4vBIl39+Lcvo2WCBSG
+j4LzHGcDief95tMLhz0f5g0geV3ytrld5NSw0g1sEYJlDe8NA/aDi4gVviOt3Z5A
+-----END CERTIFICATE-----
+CERT
+  private_key = <<PRIVATEKEY
+-----BEGIN PRIVATE KEY-----
+MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDfEuWUaDcqXRJb
+Xqk7AfhVfIZPIHJaTeBKGhKcRepZjCgYMXXxiEYUUxgtQE19sMb+PLwwuIpjbREG
+FXmGk5t3hlCrg8iVOXhk0rLTsJQ9f8C591tDOsUJDL3qVcFWOjqBHXRMP4X8KMK0
+6Qzzd3G1mhI/Mfzp4e16izjX5qmOCl+9VqLe+QE25l56jG4RGTG4ax+lwrapZOBk
+W6dyta3o+W+W7vSoYQg+2IWI99DxGzaZ3MokQELydviepJbEhtj1nzvJLdfcL8DT
+GvRbhjE4vII33iqv4JzdmXoO+M6/ctYB+/ioVcClYP1/zKcDOOiOp+de1q9Xr4PV
+I528xxNVAgMBAAECggEBAKPsP/aJipg/4oBwFE2/SdyP8CZvQnjnpzzs4eYiXm7F
+VqVIm1INAOpokWiXSxpk8CXdPbFTuqYLfKoK182z5Fe1xMv0wE4f+D+msTBsHtL+
+cQJ3KYJCyo225kwwDi2uBlXg7hglyfCdh07nvtOeX1nCyUvVEPRRSHB3pCLLZqdv
+ysCCL4Sowuebcpec3w3nCuMTg+L1nxdk25C53EjsYGqMQgq0YX/CTo+M2X2Infac
+3Ig5bkQohaOz724L7mc63UaT9m36vgEUZfwndxxVUBHzxQ/tqr/O4XEKmSdFrExh
+yw+YFyP43WcE0m1lc2hYHKEwTM1QF1nVY60fyPJ0zCECgYEA9ljzLd8OjXKbhK7S
+HZWZyR1+Lo4HnrBsLgCJVIuGuWi6gDi8hsarYpTe8RVhgqBaudMpK+Eup76WuMBt
+F9RVpzkNBE7T+p1jkmCWOIkCpvf2/IoqlZ1ao5qu1fhK5HpnsYCTmUHhJmid3da9
+eT34oR2WnvJ9s6fvqC1C6URtsE0CgYEA59B+pvJxvV8klPDfIgN31bcR90srHJTJ
+ST3lnVMJNND6PJ3D96YJSHV0EIotqyXlv/droqerhNJ+gNOHvrXMKTJ7udCDQKfW
+6IFiWaRW1SkqUEXlv59JI6Ip3B9Rfi3w3rPhNLAi/7GjSm33C+OgsMVq9ZBTMjR6
+qnS872CwsykCgYEAq22+3D8K+3ezraOSaDAA8qlpc7A2sUGIJoMNDh6CRGgS0MOq
+vgdmoJWEhzQfxS0dtY6yaeyr8ON6M1sFD74dVN8opcTNUutPrT81imYdyF9qKtdj
+RvZXat5rqE6+nzxnCGi3TcFAkt/ea8/RzptHd6cFd9q7itfkuJ22oGmUA0kCgYEA
+zmvUO+kr6wtr0czjhLA952rLbr/ateqviq65ZmxoiEWGbq+1rzKElacxIQFKRVrL
+yTMS/5X6n52o1CKIgAP2tsCjeAT6u3o5XnTIFTbHs6yiZzS2rvmx8S8Xw1GICanz
+EPxwj7BAmhueYkqlcErT7lT9N4m667vbdynYi/g3oHECgYEA5dCjPFl94ZGStHF2
+4+cI1NCbVTnQApFI1+Vmd4lED619KSnpk/77TaYTh2I8gsK3OZP4crvee5aL41TJ
+Y20XmAq/Dvv3g7QR97ND/AghEU8nnpZo1fgHzCcyZSkaBzMFeYdsfaGDncM56I0B
+65yblwYq9Vyzy3hBFY6XGaFdnZ0=
+-----END PRIVATE KEY-----
+PRIVATEKEY
+}
diff --git a/provider/resource_corp_cloudwaf_certificate.go b/provider/resource_corp_cloudwaf_certificate.go
index 20444ab..442be0d 100644
--- a/provider/resource_corp_cloudwaf_certificate.go
+++ b/provider/resource_corp_cloudwaf_certificate.go
@@ -26,6 +26,7 @@ func resourceCorpCloudWAFCertificate() *schema.Resource {
 				Type:             schema.TypeString,
 				Description:      "Body of the certificate in PEM format",
 				Required:         true,
+				ForceNew:         true,
 				DiffSuppressFunc: suppressEquivalentTrimSpaceDiffs,
 			},
 			"certificate_chain": {
@@ -66,26 +67,6 @@ func resourceCorpCloudWAFCertificate() *schema.Resource {
 				Computed:    true,
 				Elem:        &schema.Schema{Type: schema.TypeString},
 			},
-			"created_by": {
-				Type:        schema.TypeString,
-				Description: "Email address of the user that created the certfificate",
-				Computed:    true,
-			},
-			"created": {
-				Type:        schema.TypeString,
-				Description: "Created RFC3339 date time",
-				Computed:    true,
-			},
-			"updated_by": {
-				Type:        schema.TypeString,
-				Description: "Email address of the user that updated the certificate",
-				Computed:    true,
-			},
-			"updated_at": {
-				Type:        schema.TypeString,
-				Description: "Updated RFC3339 date time",
-				Computed:    true,
-			},
 		},
 	}
 }
@@ -154,28 +135,6 @@ func resourceCorpCloudWAFCertificateRead(d *schema.ResourceData, m interface{})
 	if err != nil {
 		return err
 	}
-	err = d.Set("created_by", cwaf.CreatedBy)
-	if err != nil {
-		return err
-	}
-	err = d.Set("created", cwaf.Created)
-	if err != nil {
-		return err
-	}
-	err = d.Set("updated_by", cwaf.UpdatedBy)
-	if err != nil {
-		return err
-	}
-	err = d.Set("updated_at", cwaf.UpdatedAt)
-	if err != nil {
-		return err
-	}
-
-	// set zero value for diff - https://github.com/hashicorp/terraform/issues/20985
-	err = d.Set("private_key", "")
-	if err != nil {
-		return err
-	}
 
 	return nil
 }
diff --git a/provider/resource_corp_cloudwaf_certificate_test.go b/provider/resource_corp_cloudwaf_certificate_test.go
index 4bf945b..39f0257 100644
--- a/provider/resource_corp_cloudwaf_certificate_test.go
+++ b/provider/resource_corp_cloudwaf_certificate_test.go
@@ -73,11 +73,6 @@ CERT
 					private_key = <<PRIVATEKEY
 %s
 PRIVATEKEY
-					lifecycle {
-						ignore_changes = [
-							private_key
-						]
-					}
 				}`, certificateName, certificateBody, privateKey),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					resource.TestCheckResourceAttr(resourceName, "name", certificateName),
@@ -87,17 +82,14 @@ PRIVATEKEY
 					resource.TestCheckResourceAttr(resourceName, "expires_at", "2032-08-31T17:19:15Z"),
 					resource.TestCheckResourceAttr(resourceName, "fingerprint", "d3d246a79291ce3448f13b99d34d09066861c71a"),
 					resource.TestCheckResourceAttr(resourceName, "status", "active"),
-					resource.TestCheckResourceAttrSet(resourceName, "created_by"),
-					resource.TestCheckResourceAttrSet(resourceName, "created"),
-					resource.TestCheckResourceAttrSet(resourceName, "updated_by"),
-					resource.TestCheckResourceAttrSet(resourceName, "updated_at"),
 				),
 			},
 			{
-				ResourceName:      resourceName,
-				ImportState:       true,
-				ImportStateVerify: true,
-				ImportStateCheck:  testAccImportStateCheckFunction(1),
+				ResourceName:            resourceName,
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"private_key"},
+				ImportStateCheck:        testAccImportStateCheckFunction(1),
 			},
 		},
 	})
@@ -181,11 +173,6 @@ CHAIN
 					private_key = <<PRIVATEKEY
 %s
 PRIVATEKEY
-					lifecycle {
-						ignore_changes = [
-							private_key
-						]
-					}
 				}`, certificateNameSAN, certificateBodySAN, certificateBodySAN, privateKeySAN),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					resource.TestCheckResourceAttr(resourceNameSAN, "name", certificateNameSAN),
@@ -203,17 +190,14 @@ PRIVATEKEY
 					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.2605964798", "www.example.org"),
 					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.3053388764", "example.net"),
 					resource.TestCheckResourceAttr(resourceNameSAN, "subject_alternative_names.57398617", "ftp.example.com"),
-					resource.TestCheckResourceAttrSet(resourceNameSAN, "created_by"),
-					resource.TestCheckResourceAttrSet(resourceNameSAN, "created"),
-					resource.TestCheckResourceAttrSet(resourceNameSAN, "updated_by"),
-					resource.TestCheckResourceAttrSet(resourceNameSAN, "updated_at"),
 				),
 			},
 			{
-				ResourceName:      resourceNameSAN,
-				ImportState:       true,
-				ImportStateVerify: true,
-				ImportStateCheck:  testAccImportStateCheckFunction(1),
+				ResourceName:            resourceNameSAN,
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"private_key"},
+				ImportStateCheck:        testAccImportStateCheckFunction(1),
 			},
 		},
 	})

From cefc198833fed2c296026d45e57d876ace633d92 Mon Sep 17 00:00:00 2001
From: grokify <johncwang@gmail.com>
Date: Sat, 24 Sep 2022 00:07:38 +0000
Subject: [PATCH 4/7] update Cloud WAF Certificate schema and test

---
 .../resource_corp_cloudwaf_certificate.go     |  1 +
 ...resource_corp_cloudwaf_certificate_test.go | 93 ++++++++++---------
 2 files changed, 50 insertions(+), 44 deletions(-)

diff --git a/provider/resource_corp_cloudwaf_certificate.go b/provider/resource_corp_cloudwaf_certificate.go
index 442be0d..054543a 100644
--- a/provider/resource_corp_cloudwaf_certificate.go
+++ b/provider/resource_corp_cloudwaf_certificate.go
@@ -39,6 +39,7 @@ func resourceCorpCloudWAFCertificate() *schema.Resource {
 				Type:        schema.TypeString,
 				Description: "Private key of the certificate in PEM format - must be unencrypted",
 				Required:    true,
+				ForceNew:    true,
 				Sensitive:   true,
 			},
 			"common_name": {
diff --git a/provider/resource_corp_cloudwaf_certificate_test.go b/provider/resource_corp_cloudwaf_certificate_test.go
index 39f0257..75eee58 100644
--- a/provider/resource_corp_cloudwaf_certificate_test.go
+++ b/provider/resource_corp_cloudwaf_certificate_test.go
@@ -14,49 +14,54 @@ func TestAccResourceCorpCloudWAFCertificateCRUD_basic(t *testing.T) {
 	resourceName := "sigsci_corp_cloudwaf_certificate.test_cloudwaf_certificate"
 	certificateName := "Cloud WAF Certificate by SigSci Terraform provider test"
 	certificateBody := `-----BEGIN CERTIFICATE-----
-MIICzDCCAbQCCQDV2NzCr6aPbDANBgkqhkiG9w0BAQsFADAoMQwwCgYDVQQLDAN3
-ZWIxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTAeFw0yMjA5MDMxNzE5MTVaFw0z
-MjA4MzExNzE5MTVaMCgxDDAKBgNVBAsMA3dlYjEYMBYGA1UEAwwPd3d3LmV4YW1w
-bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xLllGg3Kl0S
-W16pOwH4VXyGTyByWk3gShoSnEXqWYwoGDF18YhGFFMYLUBNfbDG/jy8MLiKY20R
-BhV5hpObd4ZQq4PIlTl4ZNKy07CUPX/AufdbQzrFCQy96lXBVjo6gR10TD+F/CjC
-tOkM83dxtZoSPzH86eHteos41+apjgpfvVai3vkBNuZeeoxuERkxuGsfpcK2qWTg
-ZFuncrWt6Plvlu70qGEIPtiFiPfQ8Rs2mdzKJEBC8nb4nqSWxIbY9Z87yS3X3C/A
-0xr0W4YxOLyCN94qr+Cc3Zl6DvjOv3LWAfv4qFXApWD9f8ynAzjojqfnXtavV6+D
-1SOdvMcTVQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQDG9lhmTU9EzE/B7hAhNPj2
-LHlRPj8ASnSpxBzWn6Acyu9hHJbGhkR8BnRPPjihH8kv+zRaRVYxhG2sb99qg168
-rPKWMbZI6ZvCQGKNjLpwUARwPOKeZ8zF+qyzxdpM9mMyzx9SI1QXDirA0BsUbAjm
-RfioqCdT54F8gFrH1+AnUX4Kf2euTS65bHRgegDiIsrAmwcRrzC8ev1SDiPMUkyC
-goD1A0LHXLN1LMTs6qBXIkbCjYNRkPZBRagEu68CkwjT5H4vBIl39+Lcvo2WCBSG
-j4LzHGcDief95tMLhz0f5g0geV3ytrld5NSw0g1sEYJlDe8NA/aDi4gVviOt3Z5A
+MIIDvDCCAqQCCQDj4MMBbF4gWTANBgkqhkiG9w0BAQsFADCBnzELMAkGA1UEBhMC
+VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x
+FDASBgNVBAoMC0V4YW1wbGUgT3JnMRMwEQYDVQQLDApFeGFtcGxlIE9VMRQwEgYD
+VQQDDAtleGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxl
+LmNvbTAeFw0yMjA5MjQwMDAxMzlaFw0yMjEwMjQwMDAxMzlaMIGfMQswCQYDVQQG
+EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj
+bzEUMBIGA1UECgwLRXhhbXBsZSBPcmcxEzARBgNVBAsMCkV4YW1wbGUgT1UxFDAS
+BgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1w
+bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuLmCj29AAyW
+fwkErscoHZ4V20DUF3DfsOPUKd5MtXSEQqFnI1fIDkDJC4KL2poTFQoZ4TBuGjcw
+lmgAbQggUF4V/UobvEQaqiWeTMUh4YW0szNVvZEVzpwcE2M71KNPx72AuoHs+sgv
+FszwAGIpZw1teAhwDqMPscHm/KsK4dxnOkAD+FdMVM5oYCQmf9sPS45FdYEZHueA
+554QYObrh43G5tJcte9S9fESgjWfg951ESVcFCHWEG6XQwT9hux9KplgsZJfmgaf
+LUaFlnuM8dldi6H9TPL+o4PRRdz8dO/NGD3IkmxncxPt6ATpPRUfgxUi8zr1wEvc
+8/oo4C1VVwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQArwwMv9SYSQne12zNEEm7k
+77toN9Ya+36mQOFFvNA6Vajd2b4EvlKzbnJox5OkZE6xcE1an4yhKyYYOpqApGr5
+mLbdzrUHTqY9IeGrpOuBd2LXrpKtgBR27+lxXzHXd/CWIFn9YVr5IcNaYwCsYgMr
+sskUi+lDJWXmkiYoRYKxvR5Ug0NYzEyxj8ZmrGYHk502BxjeW2bFHdXqAZGqoC0O
+XjJ53nNvxZHhaIGK9WDDuzem+6b5r4mQVK76BLfwJ/JB2oO3BWYL5cxb6MX/1DXK
+ctwO5KlIK0rx/s8nSQBB+QosaXMDP0DQGqEHWT7CQTuT1gNW8ktvzGPQrpjK7JXJ
 -----END CERTIFICATE-----`
 	privateKey := `-----BEGIN PRIVATE KEY-----
-MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDfEuWUaDcqXRJb
-Xqk7AfhVfIZPIHJaTeBKGhKcRepZjCgYMXXxiEYUUxgtQE19sMb+PLwwuIpjbREG
-FXmGk5t3hlCrg8iVOXhk0rLTsJQ9f8C591tDOsUJDL3qVcFWOjqBHXRMP4X8KMK0
-6Qzzd3G1mhI/Mfzp4e16izjX5qmOCl+9VqLe+QE25l56jG4RGTG4ax+lwrapZOBk
-W6dyta3o+W+W7vSoYQg+2IWI99DxGzaZ3MokQELydviepJbEhtj1nzvJLdfcL8DT
-GvRbhjE4vII33iqv4JzdmXoO+M6/ctYB+/ioVcClYP1/zKcDOOiOp+de1q9Xr4PV
-I528xxNVAgMBAAECggEBAKPsP/aJipg/4oBwFE2/SdyP8CZvQnjnpzzs4eYiXm7F
-VqVIm1INAOpokWiXSxpk8CXdPbFTuqYLfKoK182z5Fe1xMv0wE4f+D+msTBsHtL+
-cQJ3KYJCyo225kwwDi2uBlXg7hglyfCdh07nvtOeX1nCyUvVEPRRSHB3pCLLZqdv
-ysCCL4Sowuebcpec3w3nCuMTg+L1nxdk25C53EjsYGqMQgq0YX/CTo+M2X2Infac
-3Ig5bkQohaOz724L7mc63UaT9m36vgEUZfwndxxVUBHzxQ/tqr/O4XEKmSdFrExh
-yw+YFyP43WcE0m1lc2hYHKEwTM1QF1nVY60fyPJ0zCECgYEA9ljzLd8OjXKbhK7S
-HZWZyR1+Lo4HnrBsLgCJVIuGuWi6gDi8hsarYpTe8RVhgqBaudMpK+Eup76WuMBt
-F9RVpzkNBE7T+p1jkmCWOIkCpvf2/IoqlZ1ao5qu1fhK5HpnsYCTmUHhJmid3da9
-eT34oR2WnvJ9s6fvqC1C6URtsE0CgYEA59B+pvJxvV8klPDfIgN31bcR90srHJTJ
-ST3lnVMJNND6PJ3D96YJSHV0EIotqyXlv/droqerhNJ+gNOHvrXMKTJ7udCDQKfW
-6IFiWaRW1SkqUEXlv59JI6Ip3B9Rfi3w3rPhNLAi/7GjSm33C+OgsMVq9ZBTMjR6
-qnS872CwsykCgYEAq22+3D8K+3ezraOSaDAA8qlpc7A2sUGIJoMNDh6CRGgS0MOq
-vgdmoJWEhzQfxS0dtY6yaeyr8ON6M1sFD74dVN8opcTNUutPrT81imYdyF9qKtdj
-RvZXat5rqE6+nzxnCGi3TcFAkt/ea8/RzptHd6cFd9q7itfkuJ22oGmUA0kCgYEA
-zmvUO+kr6wtr0czjhLA952rLbr/ateqviq65ZmxoiEWGbq+1rzKElacxIQFKRVrL
-yTMS/5X6n52o1CKIgAP2tsCjeAT6u3o5XnTIFTbHs6yiZzS2rvmx8S8Xw1GICanz
-EPxwj7BAmhueYkqlcErT7lT9N4m667vbdynYi/g3oHECgYEA5dCjPFl94ZGStHF2
-4+cI1NCbVTnQApFI1+Vmd4lED619KSnpk/77TaYTh2I8gsK3OZP4crvee5aL41TJ
-Y20XmAq/Dvv3g7QR97ND/AghEU8nnpZo1fgHzCcyZSkaBzMFeYdsfaGDncM56I0B
-65yblwYq9Vyzy3hBFY6XGaFdnZ0=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCe4uYKPb0ADJZ/
+CQSuxygdnhXbQNQXcN+w49Qp3ky1dIRCoWcjV8gOQMkLgovamhMVChnhMG4aNzCW
+aABtCCBQXhX9Shu8RBqqJZ5MxSHhhbSzM1W9kRXOnBwTYzvUo0/HvYC6gez6yC8W
+zPAAYilnDW14CHAOow+xweb8qwrh3Gc6QAP4V0xUzmhgJCZ/2w9LjkV1gRke54Dn
+nhBg5uuHjcbm0ly171L18RKCNZ+D3nURJVwUIdYQbpdDBP2G7H0qmWCxkl+aBp8t
+RoWWe4zx2V2Lof1M8v6jg9FF3Px0780YPciSbGdzE+3oBOk9FR+DFSLzOvXAS9zz
++ijgLVVXAgMBAAECggEBAImggSLd15jzTmk7ppK+cEE3bjc9MHodi6XtsxmRNWD4
+TJhqtqwmnWO7Omp96iawz1aqKUCmcrjClZOzAqtvHo5+8Q015FBvrak0bKqTF4YC
+C0Quc1aBFiKhlrA0hN7rl2+s9pSXdm7EeAWH/1xVqwdY2jnfFTGYjT+sdijm/8Yj
+hpvlcyqUC3jGrc9hQHDhqwzlVrP/dhYpQIdGwTRHpUXDqwNuXJQIzLhcE0ex+5MM
+gWrgAi0M/Qwbn7CyEwdcapDjX6Bt8dVloroeODEYrsDClAXB+45BnRj5HsgYSvQJ
+Sn3Xqa5sGxpwOPESOuzhX/Y4f/v2iqbVGw+D0AOcvgECgYEA0dNk+MqpylUrG4dY
+uKCV+QADMIllQesw7e8hqKBAubmkfynbml8FMTr9e6GFXIS2Ujwsdg5QQM3b0JqS
+qDYSk5EXnWy5zy61Zz9LlGoqmLwEI9NEPtUpSctN1VglhRmW2L9XKnEJ7dgbHl+e
+AcMPBI2ownETAClHg8qKm5hMsZsCgYEAwdnQTAtM3gInT6ItxmUIWjKmDQP2tVY0
+mIYpiPcoPnFe0IJCzwcWuBezdvgK3x0i2UY/HfRu+d93vMoiXt6ij+zab9ewXVHQ
+PmytXelIJuQ4tA38L9HZGJW6yIzIaJT6laZiQStjTEN4lDeKNIpY4SEuqGzXaAl0
+CHk+DovJ1PUCgYB82Q6kZloe1QxgRelJeeuijBpZv/brARlNCdN6NVgt6kLxkyNi
+uBUr1NDMxi/G/ARL7Bf8asnftV2MwtxukDX/bf6iIfZxS3aOp3++IGmWFZFVC7j4
+tfbqPLjkL52rk61I7Jjd3QKubb69FOG8ZKbD69I1V/iZSPaPeW195WIE7wKBgFN0
+6deDWfGOrcv7/4cVgjYK7jBWT4WceoJb6E/eUIYpmu9b1VV6MM7K7Wm/ujZ6PcGb
+G5tS2+BZ1BwETi3X3dbm2tgh3P0gNu5ZLX5r67NKuBrUlokj6DpMZCDpc3KLCSMa
+gdyayGJR/fyZuLeMBF3QQl0ils5km372a8ApcJhtAoGAfDup6P3pDp2Rjq3IRJod
+NFJAJERVDnSYml2D9q/uitU51nqL1JcvAoWQJByMFOXuy8F97Olflw4MW/cjWnXJ
+1IBEgPEGv5zlronLACOIynBo6/Iu8ULIZhx0BYDc4DXD++PxG2Dd0mbYD8vrlrUK
+wOmYr1etSwJs1p3ESLrOscM=
 -----END PRIVATE KEY-----`
 
 	resource.Test(t, resource.TestCase{
@@ -78,9 +83,9 @@ PRIVATEKEY
 					resource.TestCheckResourceAttr(resourceName, "name", certificateName),
 					resource.TestCheckResourceAttr(resourceName, "certificate_body", certificateBody),
 					resource.TestCheckResourceAttr(resourceName, "certificate_chain", ""),
-					resource.TestCheckResourceAttr(resourceName, "common_name", "www.example.com"),
-					resource.TestCheckResourceAttr(resourceName, "expires_at", "2032-08-31T17:19:15Z"),
-					resource.TestCheckResourceAttr(resourceName, "fingerprint", "d3d246a79291ce3448f13b99d34d09066861c71a"),
+					resource.TestCheckResourceAttr(resourceName, "common_name", "example.com"),
+					resource.TestCheckResourceAttr(resourceName, "expires_at", "2022-10-24T00:01:39Z"),
+					resource.TestCheckResourceAttr(resourceName, "fingerprint", "56d4f213a9061be925445280a64865927df7f88f"),
 					resource.TestCheckResourceAttr(resourceName, "status", "active"),
 				),
 			},

From b625b9f0869378eda2cc7f1fee690042619f65c7 Mon Sep 17 00:00:00 2001
From: grokify <johncwang@gmail.com>
Date: Sat, 24 Sep 2022 00:12:48 +0000
Subject: [PATCH 5/7] update Cloud WAF Certificate main.tf example

---
 main.tf | 87 ++++++++++++++++++++++++++++++---------------------------
 1 file changed, 46 insertions(+), 41 deletions(-)

diff --git a/main.tf b/main.tf
index 6f42b9d..578720a 100644
--- a/main.tf
+++ b/main.tf
@@ -340,51 +340,56 @@ resource "sigsci_corp_cloudwaf_certificate" "test_cloudwaf_certificate"{
   name = "Certificate Name"
   certificate_body = <<CERT
 -----BEGIN CERTIFICATE-----
-MIICzDCCAbQCCQDV2NzCr6aPbDANBgkqhkiG9w0BAQsFADAoMQwwCgYDVQQLDAN3
-ZWIxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTAeFw0yMjA5MDMxNzE5MTVaFw0z
-MjA4MzExNzE5MTVaMCgxDDAKBgNVBAsMA3dlYjEYMBYGA1UEAwwPd3d3LmV4YW1w
-bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xLllGg3Kl0S
-W16pOwH4VXyGTyByWk3gShoSnEXqWYwoGDF18YhGFFMYLUBNfbDG/jy8MLiKY20R
-BhV5hpObd4ZQq4PIlTl4ZNKy07CUPX/AufdbQzrFCQy96lXBVjo6gR10TD+F/CjC
-tOkM83dxtZoSPzH86eHteos41+apjgpfvVai3vkBNuZeeoxuERkxuGsfpcK2qWTg
-ZFuncrWt6Plvlu70qGEIPtiFiPfQ8Rs2mdzKJEBC8nb4nqSWxIbY9Z87yS3X3C/A
-0xr0W4YxOLyCN94qr+Cc3Zl6DvjOv3LWAfv4qFXApWD9f8ynAzjojqfnXtavV6+D
-1SOdvMcTVQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQDG9lhmTU9EzE/B7hAhNPj2
-LHlRPj8ASnSpxBzWn6Acyu9hHJbGhkR8BnRPPjihH8kv+zRaRVYxhG2sb99qg168
-rPKWMbZI6ZvCQGKNjLpwUARwPOKeZ8zF+qyzxdpM9mMyzx9SI1QXDirA0BsUbAjm
-RfioqCdT54F8gFrH1+AnUX4Kf2euTS65bHRgegDiIsrAmwcRrzC8ev1SDiPMUkyC
-goD1A0LHXLN1LMTs6qBXIkbCjYNRkPZBRagEu68CkwjT5H4vBIl39+Lcvo2WCBSG
-j4LzHGcDief95tMLhz0f5g0geV3ytrld5NSw0g1sEYJlDe8NA/aDi4gVviOt3Z5A
+MIIDvDCCAqQCCQDj4MMBbF4gWTANBgkqhkiG9w0BAQsFADCBnzELMAkGA1UEBhMC
+VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x
+FDASBgNVBAoMC0V4YW1wbGUgT3JnMRMwEQYDVQQLDApFeGFtcGxlIE9VMRQwEgYD
+VQQDDAtleGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxl
+LmNvbTAeFw0yMjA5MjQwMDAxMzlaFw0yMjEwMjQwMDAxMzlaMIGfMQswCQYDVQQG
+EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj
+bzEUMBIGA1UECgwLRXhhbXBsZSBPcmcxEzARBgNVBAsMCkV4YW1wbGUgT1UxFDAS
+BgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1w
+bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuLmCj29AAyW
+fwkErscoHZ4V20DUF3DfsOPUKd5MtXSEQqFnI1fIDkDJC4KL2poTFQoZ4TBuGjcw
+lmgAbQggUF4V/UobvEQaqiWeTMUh4YW0szNVvZEVzpwcE2M71KNPx72AuoHs+sgv
+FszwAGIpZw1teAhwDqMPscHm/KsK4dxnOkAD+FdMVM5oYCQmf9sPS45FdYEZHueA
+554QYObrh43G5tJcte9S9fESgjWfg951ESVcFCHWEG6XQwT9hux9KplgsZJfmgaf
+LUaFlnuM8dldi6H9TPL+o4PRRdz8dO/NGD3IkmxncxPt6ATpPRUfgxUi8zr1wEvc
+8/oo4C1VVwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQArwwMv9SYSQne12zNEEm7k
+77toN9Ya+36mQOFFvNA6Vajd2b4EvlKzbnJox5OkZE6xcE1an4yhKyYYOpqApGr5
+mLbdzrUHTqY9IeGrpOuBd2LXrpKtgBR27+lxXzHXd/CWIFn9YVr5IcNaYwCsYgMr
+sskUi+lDJWXmkiYoRYKxvR5Ug0NYzEyxj8ZmrGYHk502BxjeW2bFHdXqAZGqoC0O
+XjJ53nNvxZHhaIGK9WDDuzem+6b5r4mQVK76BLfwJ/JB2oO3BWYL5cxb6MX/1DXK
+ctwO5KlIK0rx/s8nSQBB+QosaXMDP0DQGqEHWT7CQTuT1gNW8ktvzGPQrpjK7JXJ
 -----END CERTIFICATE-----
 CERT
   private_key = <<PRIVATEKEY
 -----BEGIN PRIVATE KEY-----
-MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDfEuWUaDcqXRJb
-Xqk7AfhVfIZPIHJaTeBKGhKcRepZjCgYMXXxiEYUUxgtQE19sMb+PLwwuIpjbREG
-FXmGk5t3hlCrg8iVOXhk0rLTsJQ9f8C591tDOsUJDL3qVcFWOjqBHXRMP4X8KMK0
-6Qzzd3G1mhI/Mfzp4e16izjX5qmOCl+9VqLe+QE25l56jG4RGTG4ax+lwrapZOBk
-W6dyta3o+W+W7vSoYQg+2IWI99DxGzaZ3MokQELydviepJbEhtj1nzvJLdfcL8DT
-GvRbhjE4vII33iqv4JzdmXoO+M6/ctYB+/ioVcClYP1/zKcDOOiOp+de1q9Xr4PV
-I528xxNVAgMBAAECggEBAKPsP/aJipg/4oBwFE2/SdyP8CZvQnjnpzzs4eYiXm7F
-VqVIm1INAOpokWiXSxpk8CXdPbFTuqYLfKoK182z5Fe1xMv0wE4f+D+msTBsHtL+
-cQJ3KYJCyo225kwwDi2uBlXg7hglyfCdh07nvtOeX1nCyUvVEPRRSHB3pCLLZqdv
-ysCCL4Sowuebcpec3w3nCuMTg+L1nxdk25C53EjsYGqMQgq0YX/CTo+M2X2Infac
-3Ig5bkQohaOz724L7mc63UaT9m36vgEUZfwndxxVUBHzxQ/tqr/O4XEKmSdFrExh
-yw+YFyP43WcE0m1lc2hYHKEwTM1QF1nVY60fyPJ0zCECgYEA9ljzLd8OjXKbhK7S
-HZWZyR1+Lo4HnrBsLgCJVIuGuWi6gDi8hsarYpTe8RVhgqBaudMpK+Eup76WuMBt
-F9RVpzkNBE7T+p1jkmCWOIkCpvf2/IoqlZ1ao5qu1fhK5HpnsYCTmUHhJmid3da9
-eT34oR2WnvJ9s6fvqC1C6URtsE0CgYEA59B+pvJxvV8klPDfIgN31bcR90srHJTJ
-ST3lnVMJNND6PJ3D96YJSHV0EIotqyXlv/droqerhNJ+gNOHvrXMKTJ7udCDQKfW
-6IFiWaRW1SkqUEXlv59JI6Ip3B9Rfi3w3rPhNLAi/7GjSm33C+OgsMVq9ZBTMjR6
-qnS872CwsykCgYEAq22+3D8K+3ezraOSaDAA8qlpc7A2sUGIJoMNDh6CRGgS0MOq
-vgdmoJWEhzQfxS0dtY6yaeyr8ON6M1sFD74dVN8opcTNUutPrT81imYdyF9qKtdj
-RvZXat5rqE6+nzxnCGi3TcFAkt/ea8/RzptHd6cFd9q7itfkuJ22oGmUA0kCgYEA
-zmvUO+kr6wtr0czjhLA952rLbr/ateqviq65ZmxoiEWGbq+1rzKElacxIQFKRVrL
-yTMS/5X6n52o1CKIgAP2tsCjeAT6u3o5XnTIFTbHs6yiZzS2rvmx8S8Xw1GICanz
-EPxwj7BAmhueYkqlcErT7lT9N4m667vbdynYi/g3oHECgYEA5dCjPFl94ZGStHF2
-4+cI1NCbVTnQApFI1+Vmd4lED619KSnpk/77TaYTh2I8gsK3OZP4crvee5aL41TJ
-Y20XmAq/Dvv3g7QR97ND/AghEU8nnpZo1fgHzCcyZSkaBzMFeYdsfaGDncM56I0B
-65yblwYq9Vyzy3hBFY6XGaFdnZ0=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCe4uYKPb0ADJZ/
+CQSuxygdnhXbQNQXcN+w49Qp3ky1dIRCoWcjV8gOQMkLgovamhMVChnhMG4aNzCW
+aABtCCBQXhX9Shu8RBqqJZ5MxSHhhbSzM1W9kRXOnBwTYzvUo0/HvYC6gez6yC8W
+zPAAYilnDW14CHAOow+xweb8qwrh3Gc6QAP4V0xUzmhgJCZ/2w9LjkV1gRke54Dn
+nhBg5uuHjcbm0ly171L18RKCNZ+D3nURJVwUIdYQbpdDBP2G7H0qmWCxkl+aBp8t
+RoWWe4zx2V2Lof1M8v6jg9FF3Px0780YPciSbGdzE+3oBOk9FR+DFSLzOvXAS9zz
++ijgLVVXAgMBAAECggEBAImggSLd15jzTmk7ppK+cEE3bjc9MHodi6XtsxmRNWD4
+TJhqtqwmnWO7Omp96iawz1aqKUCmcrjClZOzAqtvHo5+8Q015FBvrak0bKqTF4YC
+C0Quc1aBFiKhlrA0hN7rl2+s9pSXdm7EeAWH/1xVqwdY2jnfFTGYjT+sdijm/8Yj
+hpvlcyqUC3jGrc9hQHDhqwzlVrP/dhYpQIdGwTRHpUXDqwNuXJQIzLhcE0ex+5MM
+gWrgAi0M/Qwbn7CyEwdcapDjX6Bt8dVloroeODEYrsDClAXB+45BnRj5HsgYSvQJ
+Sn3Xqa5sGxpwOPESOuzhX/Y4f/v2iqbVGw+D0AOcvgECgYEA0dNk+MqpylUrG4dY
+uKCV+QADMIllQesw7e8hqKBAubmkfynbml8FMTr9e6GFXIS2Ujwsdg5QQM3b0JqS
+qDYSk5EXnWy5zy61Zz9LlGoqmLwEI9NEPtUpSctN1VglhRmW2L9XKnEJ7dgbHl+e
+AcMPBI2ownETAClHg8qKm5hMsZsCgYEAwdnQTAtM3gInT6ItxmUIWjKmDQP2tVY0
+mIYpiPcoPnFe0IJCzwcWuBezdvgK3x0i2UY/HfRu+d93vMoiXt6ij+zab9ewXVHQ
+PmytXelIJuQ4tA38L9HZGJW6yIzIaJT6laZiQStjTEN4lDeKNIpY4SEuqGzXaAl0
+CHk+DovJ1PUCgYB82Q6kZloe1QxgRelJeeuijBpZv/brARlNCdN6NVgt6kLxkyNi
+uBUr1NDMxi/G/ARL7Bf8asnftV2MwtxukDX/bf6iIfZxS3aOp3++IGmWFZFVC7j4
+tfbqPLjkL52rk61I7Jjd3QKubb69FOG8ZKbD69I1V/iZSPaPeW195WIE7wKBgFN0
+6deDWfGOrcv7/4cVgjYK7jBWT4WceoJb6E/eUIYpmu9b1VV6MM7K7Wm/ujZ6PcGb
+G5tS2+BZ1BwETi3X3dbm2tgh3P0gNu5ZLX5r67NKuBrUlokj6DpMZCDpc3KLCSMa
+gdyayGJR/fyZuLeMBF3QQl0ils5km372a8ApcJhtAoGAfDup6P3pDp2Rjq3IRJod
+NFJAJERVDnSYml2D9q/uitU51nqL1JcvAoWQJByMFOXuy8F97Olflw4MW/cjWnXJ
+1IBEgPEGv5zlronLACOIynBo6/Iu8ULIZhx0BYDc4DXD++PxG2Dd0mbYD8vrlrUK
+wOmYr1etSwJs1p3ESLrOscM=
 -----END PRIVATE KEY-----
 PRIVATEKEY
 }

From 68a1d7e1169280a7068b3b94c1324657a826f5b5 Mon Sep 17 00:00:00 2001
From: grokify <johncwang@gmail.com>
Date: Sat, 24 Sep 2022 00:33:34 +0000
Subject: [PATCH 6/7] update Cloud WAF Certificate update test cert

---
 main.tf                                       | 97 ++++++++++---------
 ...resource_corp_cloudwaf_certificate_test.go | 95 +++++++++---------
 2 files changed, 97 insertions(+), 95 deletions(-)

diff --git a/main.tf b/main.tf
index 578720a..97a307f 100644
--- a/main.tf
+++ b/main.tf
@@ -2,18 +2,18 @@ terraform {
   required_providers {
     sigsci = {
       source  = "signalsciences/sigsci"
-      version = "1.0.1"
+      version = "1.1.0"
     }
   }
 }
 
 // To build locally:
-// make && cp terraform-provider-sigsci ~/.terraform.d/plugins/signalsciences/local/sigsci/0.4.2/darwin_amd64/terraform-provider-sigsci && rm .terraform.lock.hcl && tf init
+// make && cp terraform-provider-sigsci ~/.terraform.d/plugins/signalsciences/local/sigsci/1.1.0/darwin_amd64/terraform-provider-sigsci && rm .terraform.lock.hcl && tf init
 //terraform {
 //  required_providers {
 //    sigsci = {
 //      source  = "signalsciences/local/sigsci"
-//      version = "1.0.1"
+//      version = "1.1.0"
 //    }
 //  }
 //}
@@ -340,56 +340,57 @@ resource "sigsci_corp_cloudwaf_certificate" "test_cloudwaf_certificate"{
   name = "Certificate Name"
   certificate_body = <<CERT
 -----BEGIN CERTIFICATE-----
-MIIDvDCCAqQCCQDj4MMBbF4gWTANBgkqhkiG9w0BAQsFADCBnzELMAkGA1UEBhMC
+MIIDzjCCArYCCQD6uBPuCbaDuDANBgkqhkiG9w0BAQsFADCBqDELMAkGA1UEBhMC
 VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x
-FDASBgNVBAoMC0V4YW1wbGUgT3JnMRMwEQYDVQQLDApFeGFtcGxlIE9VMRQwEgYD
-VQQDDAtleGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxl
-LmNvbTAeFw0yMjA5MjQwMDAxMzlaFw0yMjEwMjQwMDAxMzlaMIGfMQswCQYDVQQG
-EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj
-bzEUMBIGA1UECgwLRXhhbXBsZSBPcmcxEzARBgNVBAsMCkV4YW1wbGUgT1UxFDAS
-BgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1w
-bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuLmCj29AAyW
-fwkErscoHZ4V20DUF3DfsOPUKd5MtXSEQqFnI1fIDkDJC4KL2poTFQoZ4TBuGjcw
-lmgAbQggUF4V/UobvEQaqiWeTMUh4YW0szNVvZEVzpwcE2M71KNPx72AuoHs+sgv
-FszwAGIpZw1teAhwDqMPscHm/KsK4dxnOkAD+FdMVM5oYCQmf9sPS45FdYEZHueA
-554QYObrh43G5tJcte9S9fESgjWfg951ESVcFCHWEG6XQwT9hux9KplgsZJfmgaf
-LUaFlnuM8dldi6H9TPL+o4PRRdz8dO/NGD3IkmxncxPt6ATpPRUfgxUi8zr1wEvc
-8/oo4C1VVwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQArwwMv9SYSQne12zNEEm7k
-77toN9Ya+36mQOFFvNA6Vajd2b4EvlKzbnJox5OkZE6xcE1an4yhKyYYOpqApGr5
-mLbdzrUHTqY9IeGrpOuBd2LXrpKtgBR27+lxXzHXd/CWIFn9YVr5IcNaYwCsYgMr
-sskUi+lDJWXmkiYoRYKxvR5Ug0NYzEyxj8ZmrGYHk502BxjeW2bFHdXqAZGqoC0O
-XjJ53nNvxZHhaIGK9WDDuzem+6b5r4mQVK76BLfwJ/JB2oO3BWYL5cxb6MX/1DXK
-ctwO5KlIK0rx/s8nSQBB+QosaXMDP0DQGqEHWT7CQTuT1gNW8ktvzGPQrpjK7JXJ
+HTAbBgNVBAoMFEV4YW1wbGUgT3JnYW5pemF0aW9uMRMwEQYDVQQLDApFeGFtcGxl
+IE9VMRQwEgYDVQQDDAtleGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZXhhbXBs
+ZUBleGFtcGxlLmNvbTAeFw0yMjA5MjQwMDE4MjRaFw0zMjA5MjEwMDE4MjRaMIGo
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2Fu
+IEZyYW5jaXNjbzEdMBsGA1UECgwURXhhbXBsZSBPcmdhbml6YXRpb24xEzARBgNV
+BAsMCkV4YW1wbGUgT1UxFDASBgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcN
+AQkBFhNleGFtcGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAscvDb2j2s9bdiAIHbqRoM2qZBxdM4atSwAJQrXVe3pbne2KLZw53
+kHpVtjaugfMKBnXueR1iilYu5eXtgNfrNHgq0X0+NToL/xtSgYthp89lxBYArUVy
+kiM5gy8BqpApfAwQ5MMDgGflIV/mTCcCyNK3DwuOgO7oVp0V2zdtJhgvZ8e3qkuT
+3dOxC27aUFYf/P88UILoc9YWRCkw2Gww/Zr908a/mgVBJ9v+/sKP3/yk8jzrRhL5
+JsGWC5Gbv1gpkyzSjKyboYePvJJo5D6Fue9XZmzry3wepG1oUcLO6QpH+lTBfTjd
+xHKA4sIza1J/RDBLgUBney1nMxLN8RzU5QIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
+AQAPRvwDkKTKCDQj5F4ZUTE9AIEs0w99KuXiWBGz3RmYl5zwZCrVWeOI+lPfCG0v
+prMgh5ydUgUOqrs8S7MAkt8GaU5lb0MSKmz1jPgEEbLBp6VYv2UbrWlBz9JIxTLw
+riPHNUzKb6SXk5wuoO8w7+GsBNI8fWPDSQqSWLlNsi0r4ReLxlM5WBNC10d3q2ia
+jV6r8iMpiArwbJn4WSTlFuJ6crrjgbBVCFxxwoF1sHhwGg+5idxm2AHSzvENyFW4
+UVhVTn9w3UPLMkEl7nAVzydpdMb/M/GLCV787BrQL35EtiCr9MSL9Gc8vR/9PzPP
+QodC+xWXbig7xKLqZgQ/PbPt
 -----END CERTIFICATE-----
 CERT
   private_key = <<PRIVATEKEY
 -----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCe4uYKPb0ADJZ/
-CQSuxygdnhXbQNQXcN+w49Qp3ky1dIRCoWcjV8gOQMkLgovamhMVChnhMG4aNzCW
-aABtCCBQXhX9Shu8RBqqJZ5MxSHhhbSzM1W9kRXOnBwTYzvUo0/HvYC6gez6yC8W
-zPAAYilnDW14CHAOow+xweb8qwrh3Gc6QAP4V0xUzmhgJCZ/2w9LjkV1gRke54Dn
-nhBg5uuHjcbm0ly171L18RKCNZ+D3nURJVwUIdYQbpdDBP2G7H0qmWCxkl+aBp8t
-RoWWe4zx2V2Lof1M8v6jg9FF3Px0780YPciSbGdzE+3oBOk9FR+DFSLzOvXAS9zz
-+ijgLVVXAgMBAAECggEBAImggSLd15jzTmk7ppK+cEE3bjc9MHodi6XtsxmRNWD4
-TJhqtqwmnWO7Omp96iawz1aqKUCmcrjClZOzAqtvHo5+8Q015FBvrak0bKqTF4YC
-C0Quc1aBFiKhlrA0hN7rl2+s9pSXdm7EeAWH/1xVqwdY2jnfFTGYjT+sdijm/8Yj
-hpvlcyqUC3jGrc9hQHDhqwzlVrP/dhYpQIdGwTRHpUXDqwNuXJQIzLhcE0ex+5MM
-gWrgAi0M/Qwbn7CyEwdcapDjX6Bt8dVloroeODEYrsDClAXB+45BnRj5HsgYSvQJ
-Sn3Xqa5sGxpwOPESOuzhX/Y4f/v2iqbVGw+D0AOcvgECgYEA0dNk+MqpylUrG4dY
-uKCV+QADMIllQesw7e8hqKBAubmkfynbml8FMTr9e6GFXIS2Ujwsdg5QQM3b0JqS
-qDYSk5EXnWy5zy61Zz9LlGoqmLwEI9NEPtUpSctN1VglhRmW2L9XKnEJ7dgbHl+e
-AcMPBI2ownETAClHg8qKm5hMsZsCgYEAwdnQTAtM3gInT6ItxmUIWjKmDQP2tVY0
-mIYpiPcoPnFe0IJCzwcWuBezdvgK3x0i2UY/HfRu+d93vMoiXt6ij+zab9ewXVHQ
-PmytXelIJuQ4tA38L9HZGJW6yIzIaJT6laZiQStjTEN4lDeKNIpY4SEuqGzXaAl0
-CHk+DovJ1PUCgYB82Q6kZloe1QxgRelJeeuijBpZv/brARlNCdN6NVgt6kLxkyNi
-uBUr1NDMxi/G/ARL7Bf8asnftV2MwtxukDX/bf6iIfZxS3aOp3++IGmWFZFVC7j4
-tfbqPLjkL52rk61I7Jjd3QKubb69FOG8ZKbD69I1V/iZSPaPeW195WIE7wKBgFN0
-6deDWfGOrcv7/4cVgjYK7jBWT4WceoJb6E/eUIYpmu9b1VV6MM7K7Wm/ujZ6PcGb
-G5tS2+BZ1BwETi3X3dbm2tgh3P0gNu5ZLX5r67NKuBrUlokj6DpMZCDpc3KLCSMa
-gdyayGJR/fyZuLeMBF3QQl0ils5km372a8ApcJhtAoGAfDup6P3pDp2Rjq3IRJod
-NFJAJERVDnSYml2D9q/uitU51nqL1JcvAoWQJByMFOXuy8F97Olflw4MW/cjWnXJ
-1IBEgPEGv5zlronLACOIynBo6/Iu8ULIZhx0BYDc4DXD++PxG2Dd0mbYD8vrlrUK
-wOmYr1etSwJs1p3ESLrOscM=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCxy8NvaPaz1t2I
+AgdupGgzapkHF0zhq1LAAlCtdV7elud7YotnDneQelW2Nq6B8woGde55HWKKVi7l
+5e2A1+s0eCrRfT41Ogv/G1KBi2Gnz2XEFgCtRXKSIzmDLwGqkCl8DBDkwwOAZ+Uh
+X+ZMJwLI0rcPC46A7uhWnRXbN20mGC9nx7eqS5Pd07ELbtpQVh/8/zxQguhz1hZE
+KTDYbDD9mv3Txr+aBUEn2/7+wo/f/KTyPOtGEvkmwZYLkZu/WCmTLNKMrJuhh4+8
+kmjkPoW571dmbOvLfB6kbWhRws7pCkf6VMF9ON3EcoDiwjNrUn9EMEuBQGd7LWcz
+Es3xHNTlAgMBAAECggEAV0K/f52Pf0JUZd1BEo+ESL/nrTBFXni8W1qHiCqTzkFY
+CRmbe5ABJJq2GIEL8uF6qSMWUMEYTPbxe4n2oAbY/F6B/WEvt+XuX11kiAoFetvy
+gWOfH2t3SLwbDQR0F+c7RROS8wO3Yz0amt+7YuK+nhu1FqBAZ41Z4LCmOnogitIA
+cCErKpHqCJbYT99eaXTt2QpXJNI8fItXaO4p8zfKxzBKybhsyu3tEerKWnhqz+25
+Xr7OieYkZM3ryrIsVWZ299wH2D+gA9O+PbY2RJ0Vf3YVf8VdyYRJ5oCAaioNUfZw
+HeGGlfClZzrpX1MjiNNfli05cLqX0iE2bIO+jvZkIQKBgQDadIMHfGQs8CPxbPqi
+fZRuHdPedogM80f4E5RyKhTzEqTG6x0pfjkDr57rdqJEWhM3TjsMIiJRnEIomWar
+2tyckmvkxuSioiWb/+HXJN5u6AtsMgQ4WLMm9HOO0ir5uSKQd0iQrCMAaGDNdV52
+6eipkWLdhYAhW31bycv9cX04+QKBgQDQWlkTovazzNElJU4h1YQCq99VS1gmYb9U
+HAzg3Jmu7WF4Oln+HxZMWqwR38vCuMHiwtCmsqGAEKK2ev6W6iq7iVJLKzTXV++a
+612Mr+JohbHNL0bKlgTMt/i2TnmBWOlhL7xuIwduru1pQ4mM7Vh7Hv+CrVTGm4VZ
+Khzq+vbCTQKBgEnprgO0ZLiHr8GZ29tqnfP8B5l3hWTMU4duKIXQEzKDFllvZ3iI
+ioXiv+RvSUvTJjlKMNRUIER4mDHgZUq0THx1Vigb23PjZNI5a5I9mTzxKhw7eA4Q
+hN0jTI4AMiY4K6exlE3O0DDtIAOkOIgHcH8e/9JvvwCKUgniZzCjW3kRAoGAeEId
+tgLSyFbIxNrybP7zciNIBdA2MfkrWN3T5RoPLnNfVejANrg0w592P97fmiXP6xWt
+Hvpt0yBG+nKlbe/8+D+7mx12I3FjIBUH6wM9+Dxqsta90oKihJMPYBKNeUYbdnf6
+F8vqJ02aRK6xvwDjmDT9H6zyCKyNXDi9djeio+UCgYEAm1g/2O42eVBzYG/WTJ2H
+7jplYemfbIFVpl3Uo18UJKZl/AIzm9tw/+c884naSubwQ8TukI3bDjwWu99R26bo
+HQRmLMnP+t7xp84Rn4jXReWlr9sexXHPg/Lj25MdR1t3Ow53qSh4nw/cUPr42N9o
+cX4iWLb38v7KEornZfofXEw=
 -----END PRIVATE KEY-----
 PRIVATEKEY
 }
diff --git a/provider/resource_corp_cloudwaf_certificate_test.go b/provider/resource_corp_cloudwaf_certificate_test.go
index 75eee58..0bb81e4 100644
--- a/provider/resource_corp_cloudwaf_certificate_test.go
+++ b/provider/resource_corp_cloudwaf_certificate_test.go
@@ -14,54 +14,55 @@ func TestAccResourceCorpCloudWAFCertificateCRUD_basic(t *testing.T) {
 	resourceName := "sigsci_corp_cloudwaf_certificate.test_cloudwaf_certificate"
 	certificateName := "Cloud WAF Certificate by SigSci Terraform provider test"
 	certificateBody := `-----BEGIN CERTIFICATE-----
-MIIDvDCCAqQCCQDj4MMBbF4gWTANBgkqhkiG9w0BAQsFADCBnzELMAkGA1UEBhMC
+MIIDzjCCArYCCQD6uBPuCbaDuDANBgkqhkiG9w0BAQsFADCBqDELMAkGA1UEBhMC
 VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x
-FDASBgNVBAoMC0V4YW1wbGUgT3JnMRMwEQYDVQQLDApFeGFtcGxlIE9VMRQwEgYD
-VQQDDAtleGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZXhhbXBsZUBleGFtcGxl
-LmNvbTAeFw0yMjA5MjQwMDAxMzlaFw0yMjEwMjQwMDAxMzlaMIGfMQswCQYDVQQG
-EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNj
-bzEUMBIGA1UECgwLRXhhbXBsZSBPcmcxEzARBgNVBAsMCkV4YW1wbGUgT1UxFDAS
-BgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1w
-bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuLmCj29AAyW
-fwkErscoHZ4V20DUF3DfsOPUKd5MtXSEQqFnI1fIDkDJC4KL2poTFQoZ4TBuGjcw
-lmgAbQggUF4V/UobvEQaqiWeTMUh4YW0szNVvZEVzpwcE2M71KNPx72AuoHs+sgv
-FszwAGIpZw1teAhwDqMPscHm/KsK4dxnOkAD+FdMVM5oYCQmf9sPS45FdYEZHueA
-554QYObrh43G5tJcte9S9fESgjWfg951ESVcFCHWEG6XQwT9hux9KplgsZJfmgaf
-LUaFlnuM8dldi6H9TPL+o4PRRdz8dO/NGD3IkmxncxPt6ATpPRUfgxUi8zr1wEvc
-8/oo4C1VVwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQArwwMv9SYSQne12zNEEm7k
-77toN9Ya+36mQOFFvNA6Vajd2b4EvlKzbnJox5OkZE6xcE1an4yhKyYYOpqApGr5
-mLbdzrUHTqY9IeGrpOuBd2LXrpKtgBR27+lxXzHXd/CWIFn9YVr5IcNaYwCsYgMr
-sskUi+lDJWXmkiYoRYKxvR5Ug0NYzEyxj8ZmrGYHk502BxjeW2bFHdXqAZGqoC0O
-XjJ53nNvxZHhaIGK9WDDuzem+6b5r4mQVK76BLfwJ/JB2oO3BWYL5cxb6MX/1DXK
-ctwO5KlIK0rx/s8nSQBB+QosaXMDP0DQGqEHWT7CQTuT1gNW8ktvzGPQrpjK7JXJ
+HTAbBgNVBAoMFEV4YW1wbGUgT3JnYW5pemF0aW9uMRMwEQYDVQQLDApFeGFtcGxl
+IE9VMRQwEgYDVQQDDAtleGFtcGxlLmNvbTEiMCAGCSqGSIb3DQEJARYTZXhhbXBs
+ZUBleGFtcGxlLmNvbTAeFw0yMjA5MjQwMDE4MjRaFw0zMjA5MjEwMDE4MjRaMIGo
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2Fu
+IEZyYW5jaXNjbzEdMBsGA1UECgwURXhhbXBsZSBPcmdhbml6YXRpb24xEzARBgNV
+BAsMCkV4YW1wbGUgT1UxFDASBgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcN
+AQkBFhNleGFtcGxlQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAscvDb2j2s9bdiAIHbqRoM2qZBxdM4atSwAJQrXVe3pbne2KLZw53
+kHpVtjaugfMKBnXueR1iilYu5eXtgNfrNHgq0X0+NToL/xtSgYthp89lxBYArUVy
+kiM5gy8BqpApfAwQ5MMDgGflIV/mTCcCyNK3DwuOgO7oVp0V2zdtJhgvZ8e3qkuT
+3dOxC27aUFYf/P88UILoc9YWRCkw2Gww/Zr908a/mgVBJ9v+/sKP3/yk8jzrRhL5
+JsGWC5Gbv1gpkyzSjKyboYePvJJo5D6Fue9XZmzry3wepG1oUcLO6QpH+lTBfTjd
+xHKA4sIza1J/RDBLgUBney1nMxLN8RzU5QIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
+AQAPRvwDkKTKCDQj5F4ZUTE9AIEs0w99KuXiWBGz3RmYl5zwZCrVWeOI+lPfCG0v
+prMgh5ydUgUOqrs8S7MAkt8GaU5lb0MSKmz1jPgEEbLBp6VYv2UbrWlBz9JIxTLw
+riPHNUzKb6SXk5wuoO8w7+GsBNI8fWPDSQqSWLlNsi0r4ReLxlM5WBNC10d3q2ia
+jV6r8iMpiArwbJn4WSTlFuJ6crrjgbBVCFxxwoF1sHhwGg+5idxm2AHSzvENyFW4
+UVhVTn9w3UPLMkEl7nAVzydpdMb/M/GLCV787BrQL35EtiCr9MSL9Gc8vR/9PzPP
+QodC+xWXbig7xKLqZgQ/PbPt
 -----END CERTIFICATE-----`
 	privateKey := `-----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCe4uYKPb0ADJZ/
-CQSuxygdnhXbQNQXcN+w49Qp3ky1dIRCoWcjV8gOQMkLgovamhMVChnhMG4aNzCW
-aABtCCBQXhX9Shu8RBqqJZ5MxSHhhbSzM1W9kRXOnBwTYzvUo0/HvYC6gez6yC8W
-zPAAYilnDW14CHAOow+xweb8qwrh3Gc6QAP4V0xUzmhgJCZ/2w9LjkV1gRke54Dn
-nhBg5uuHjcbm0ly171L18RKCNZ+D3nURJVwUIdYQbpdDBP2G7H0qmWCxkl+aBp8t
-RoWWe4zx2V2Lof1M8v6jg9FF3Px0780YPciSbGdzE+3oBOk9FR+DFSLzOvXAS9zz
-+ijgLVVXAgMBAAECggEBAImggSLd15jzTmk7ppK+cEE3bjc9MHodi6XtsxmRNWD4
-TJhqtqwmnWO7Omp96iawz1aqKUCmcrjClZOzAqtvHo5+8Q015FBvrak0bKqTF4YC
-C0Quc1aBFiKhlrA0hN7rl2+s9pSXdm7EeAWH/1xVqwdY2jnfFTGYjT+sdijm/8Yj
-hpvlcyqUC3jGrc9hQHDhqwzlVrP/dhYpQIdGwTRHpUXDqwNuXJQIzLhcE0ex+5MM
-gWrgAi0M/Qwbn7CyEwdcapDjX6Bt8dVloroeODEYrsDClAXB+45BnRj5HsgYSvQJ
-Sn3Xqa5sGxpwOPESOuzhX/Y4f/v2iqbVGw+D0AOcvgECgYEA0dNk+MqpylUrG4dY
-uKCV+QADMIllQesw7e8hqKBAubmkfynbml8FMTr9e6GFXIS2Ujwsdg5QQM3b0JqS
-qDYSk5EXnWy5zy61Zz9LlGoqmLwEI9NEPtUpSctN1VglhRmW2L9XKnEJ7dgbHl+e
-AcMPBI2ownETAClHg8qKm5hMsZsCgYEAwdnQTAtM3gInT6ItxmUIWjKmDQP2tVY0
-mIYpiPcoPnFe0IJCzwcWuBezdvgK3x0i2UY/HfRu+d93vMoiXt6ij+zab9ewXVHQ
-PmytXelIJuQ4tA38L9HZGJW6yIzIaJT6laZiQStjTEN4lDeKNIpY4SEuqGzXaAl0
-CHk+DovJ1PUCgYB82Q6kZloe1QxgRelJeeuijBpZv/brARlNCdN6NVgt6kLxkyNi
-uBUr1NDMxi/G/ARL7Bf8asnftV2MwtxukDX/bf6iIfZxS3aOp3++IGmWFZFVC7j4
-tfbqPLjkL52rk61I7Jjd3QKubb69FOG8ZKbD69I1V/iZSPaPeW195WIE7wKBgFN0
-6deDWfGOrcv7/4cVgjYK7jBWT4WceoJb6E/eUIYpmu9b1VV6MM7K7Wm/ujZ6PcGb
-G5tS2+BZ1BwETi3X3dbm2tgh3P0gNu5ZLX5r67NKuBrUlokj6DpMZCDpc3KLCSMa
-gdyayGJR/fyZuLeMBF3QQl0ils5km372a8ApcJhtAoGAfDup6P3pDp2Rjq3IRJod
-NFJAJERVDnSYml2D9q/uitU51nqL1JcvAoWQJByMFOXuy8F97Olflw4MW/cjWnXJ
-1IBEgPEGv5zlronLACOIynBo6/Iu8ULIZhx0BYDc4DXD++PxG2Dd0mbYD8vrlrUK
-wOmYr1etSwJs1p3ESLrOscM=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCxy8NvaPaz1t2I
+AgdupGgzapkHF0zhq1LAAlCtdV7elud7YotnDneQelW2Nq6B8woGde55HWKKVi7l
+5e2A1+s0eCrRfT41Ogv/G1KBi2Gnz2XEFgCtRXKSIzmDLwGqkCl8DBDkwwOAZ+Uh
+X+ZMJwLI0rcPC46A7uhWnRXbN20mGC9nx7eqS5Pd07ELbtpQVh/8/zxQguhz1hZE
+KTDYbDD9mv3Txr+aBUEn2/7+wo/f/KTyPOtGEvkmwZYLkZu/WCmTLNKMrJuhh4+8
+kmjkPoW571dmbOvLfB6kbWhRws7pCkf6VMF9ON3EcoDiwjNrUn9EMEuBQGd7LWcz
+Es3xHNTlAgMBAAECggEAV0K/f52Pf0JUZd1BEo+ESL/nrTBFXni8W1qHiCqTzkFY
+CRmbe5ABJJq2GIEL8uF6qSMWUMEYTPbxe4n2oAbY/F6B/WEvt+XuX11kiAoFetvy
+gWOfH2t3SLwbDQR0F+c7RROS8wO3Yz0amt+7YuK+nhu1FqBAZ41Z4LCmOnogitIA
+cCErKpHqCJbYT99eaXTt2QpXJNI8fItXaO4p8zfKxzBKybhsyu3tEerKWnhqz+25
+Xr7OieYkZM3ryrIsVWZ299wH2D+gA9O+PbY2RJ0Vf3YVf8VdyYRJ5oCAaioNUfZw
+HeGGlfClZzrpX1MjiNNfli05cLqX0iE2bIO+jvZkIQKBgQDadIMHfGQs8CPxbPqi
+fZRuHdPedogM80f4E5RyKhTzEqTG6x0pfjkDr57rdqJEWhM3TjsMIiJRnEIomWar
+2tyckmvkxuSioiWb/+HXJN5u6AtsMgQ4WLMm9HOO0ir5uSKQd0iQrCMAaGDNdV52
+6eipkWLdhYAhW31bycv9cX04+QKBgQDQWlkTovazzNElJU4h1YQCq99VS1gmYb9U
+HAzg3Jmu7WF4Oln+HxZMWqwR38vCuMHiwtCmsqGAEKK2ev6W6iq7iVJLKzTXV++a
+612Mr+JohbHNL0bKlgTMt/i2TnmBWOlhL7xuIwduru1pQ4mM7Vh7Hv+CrVTGm4VZ
+Khzq+vbCTQKBgEnprgO0ZLiHr8GZ29tqnfP8B5l3hWTMU4duKIXQEzKDFllvZ3iI
+ioXiv+RvSUvTJjlKMNRUIER4mDHgZUq0THx1Vigb23PjZNI5a5I9mTzxKhw7eA4Q
+hN0jTI4AMiY4K6exlE3O0DDtIAOkOIgHcH8e/9JvvwCKUgniZzCjW3kRAoGAeEId
+tgLSyFbIxNrybP7zciNIBdA2MfkrWN3T5RoPLnNfVejANrg0w592P97fmiXP6xWt
+Hvpt0yBG+nKlbe/8+D+7mx12I3FjIBUH6wM9+Dxqsta90oKihJMPYBKNeUYbdnf6
+F8vqJ02aRK6xvwDjmDT9H6zyCKyNXDi9djeio+UCgYEAm1g/2O42eVBzYG/WTJ2H
+7jplYemfbIFVpl3Uo18UJKZl/AIzm9tw/+c884naSubwQ8TukI3bDjwWu99R26bo
+HQRmLMnP+t7xp84Rn4jXReWlr9sexXHPg/Lj25MdR1t3Ow53qSh4nw/cUPr42N9o
+cX4iWLb38v7KEornZfofXEw=
 -----END PRIVATE KEY-----`
 
 	resource.Test(t, resource.TestCase{
@@ -84,8 +85,8 @@ PRIVATEKEY
 					resource.TestCheckResourceAttr(resourceName, "certificate_body", certificateBody),
 					resource.TestCheckResourceAttr(resourceName, "certificate_chain", ""),
 					resource.TestCheckResourceAttr(resourceName, "common_name", "example.com"),
-					resource.TestCheckResourceAttr(resourceName, "expires_at", "2022-10-24T00:01:39Z"),
-					resource.TestCheckResourceAttr(resourceName, "fingerprint", "56d4f213a9061be925445280a64865927df7f88f"),
+					resource.TestCheckResourceAttr(resourceName, "expires_at", "2032-09-21T00:18:24Z"),
+					resource.TestCheckResourceAttr(resourceName, "fingerprint", "7aa7421b97c7e8d9d49a473d63af5b89a6e034f9"),
 					resource.TestCheckResourceAttr(resourceName, "status", "active"),
 				),
 			},

From 142dc4b238f4094b42e0d3e98ec861e81a0dd833 Mon Sep 17 00:00:00 2001
From: grokify <johncwang@gmail.com>
Date: Sat, 24 Sep 2022 00:40:34 +0000
Subject: [PATCH 7/7] update README.md add Cloud WAF Certificate

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 7b61245..a3007fe 100644
--- a/README.md
+++ b/README.md
@@ -59,6 +59,8 @@ provider "sigsci" {
 
 [Cloud WAF Instance](https://github.com/signalsciences/terraform-provider-sigsci/blob/main/docs/resources/corp_cloudwaf_instance.md)
 
+[Cloud WAF Certificate](https://github.com/signalsciences/terraform-provider-sigsci/blob/main/docs/resources/corp_cloudwaf_certificate.md)
+
 ## Site resources
 
 [Lists](https://github.com/signalsciences/terraform-provider-sigsci/blob/main/docs/resources/site_list.md)