Support Terraform data sources

[sergiught]

From terraform-provider-auth0 created by lebaptiste: alexkappa/terraform-provider-auth0#279

Description

Aside Terraform resources, there is also another data source type which is roughly the readonly version of a resource.

That would be a great enhancement to this provider to include data source support. Since I have already worked on a terraform provider I am happy to submit a PR for it.

New or Affected Resource(s)

Ideally all the existing resources would have their data source counterpart.

Related Issues

• https://github.com/auth0/terraform-provider-auth0/issues/60

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[paullalonde]

Here's some rationale behind supporting data sources: they are very important when you have Auth0 resources provisioned across multiple Terraform configurations. For example, one Auth0 tenant could have a Resource Server provisioned in one Terraform configuration, and multiple Auth0 Clients (together with their grants) provisioned each with their own Terraform configuration. The data source in this case can be used to supply information to the TF code that creates the Auth0 Client.

Personally, it would help me a lot if there were data sources for Connection and Resource Server. I'm willing to contribute them.

[Nmishin]

It will be really useful if we can grab this ip addresses via data source. Because for now we updated our firewall by hands, from time to time ...

[arogic]

Hi, is there any progress on the User data source request? Regards

[sergiught]

Hey folks 👋🏻

Thanks a lot for all the feedback and interest in adding widespread support for terraform data sources within the Auth0 provider. ❤️

We've been focusing a lot on improving the reliability of this provider in the last weeks/months (https://github.com/auth0/terraform-provider-auth0/releases) and we hope everyone was able to benefit from the changes so far.

We plan to focus fully on adding a data source equivalent for most resources in Q1 next year. Following that we will most likely proceed towards a v1 release of the provider, finally marking it as stable. So stay tuned a lot more to come!

Thanks for everyone's understanding and patience so far!

[sergiught]

Hey folks 👋🏻

A quick update from our side, we have this scheduled to work on in the next month and it should be delivered by the end of Q1 if not earlier, if changes arise we'll updated this issue.

It is very unlikely we'll be able to add a data source equivalent for ALL resources. At the moment the following are considered:

• user
• tenant
• resource_server
• connection
• organization

Would you see the need for any other data source that would make your lives easier? 🙏🏻 Feedback is encouraged and appreciated!

--

@Nmishin your suggestion is definitely valuable, but unfortunately we don't have any endpoint available that keeps track of an up to date list of those ips. This was raised internally but I don't have any updates on it at the moment.

[sergiught]

Hey folks, we're slowly adding all the requested data sources. If anyone wants to test some of them before we cut a new release you can do so by running make install VERSION=0.43.1 after cloning this repo. You only need Go (1.18+) and Terraform (1.0+) installed to do so.

Then reference in your terraform main file the following:

terraform {
  required_providers {
    auth0 = {
      source  = "auth0/auth0"
      version = "0.43.1" # The same version we installed locally
    }
  }
}

provider "auth0" {
  debug = true
}

Rough ETA for a release ~ end of February / early March.

[sergiught]

Hey folks, we're gonna cut the release with support for data sources towards the end of this week.

Data sources added:

• connection
• organization
• resource server
• tenant
• user
• role
• attack protection
• branding
• branding theme

[sergiught]

Hey folks, a bit ahead of schedule we just released v0.44.0 with support for the above mentioned data sources. Feedback is encouraged and appreciated! If you encounter any issues with them please let us know.

[marcportabellaclotet-mt]

Thanks for adding this. I just wondering if it were possible to list users which are part of role:

data "auth0_role" "this" {
  role_id = "rol_xxxx"
}

and desired output:

 + auth0      = {
      + description = "my role"
      + id          = "rol_xxx"
      + name        = "my role"
      + permissions = []
      + role_id     = "rol_xxx"
      + users =  [
         + "google-oauth2|yyyy"
         + "google-oauth2|zzzz"
      ]

I have seen that right now is possible to get the roles when using data "auth0_user" , but it would be great that the same thing was possible from the roles side.

Thanks

[sergiught]

Hey @marcportabellaclotet-mt 👋🏻

Adding a users attribute on the auth0_role data source is not currently on our roadmap, would you mind opening a separate GitHub issue for this? 🙏🏻 So we can at least have it on our radar for the future.

Realistically I can't give you an ETA for when we'll be able to achieve this as we need to be really mindful of performance issues considering an Auth0 Tenant could have hundreds and hundreds of thousands of users.

At the moment we're working on pushing this provider to a stable v1 that should roll out in ~1-2 months.