terraform-provider-grafana icon indicating copy to clipboard operation
terraform-provider-grafana copied to clipboard
verified publisher icon grafana

grafana_folder_permission do not respect state

Open freeseacher opened this issue 5 years ago • 1 comments

Terraform Version

Terraform v0.13.5
+ provider registry.terraform.io/grafana/grafana v1.7.0

Affected Resource(s)

  • grafana_folder_permission

Terraform Configuration Files

variable "teams" {
  type = map(object({
    name : string
    email : string
    is_staff : bool
    members : list(string)
  }))
  default = {
    "sre" = {
      name : "sre",
      email : "sre-team@localhost"
      is_staff : true,
      members : [
        "admin@localhost",
      ]
    },
    "admin" = {
      name : "admin",
      email : "admins-team@localhost"
      is_staff : false,
      members : [
        "admin@localhost",
      ]
    }
    "green" = {
      name : "green",
      email : "green-team@localhost"
      is_staff : false,
      members : [
        "admin@localhost",
      ]
    }
    "white" = {
      name : "white",
      email : "white-team@localhost"
      is_staff : false,
      members : [
        "admin@localhost",
      ]
    }
  }
}

variable "products" {
  type = map(object({
    name : string
    owner_team : list(string)
  }))
  default = {
    "test" = {
      name: "test"
      owner_team: ["sre"]
    }
  }
}

resource "grafana_team" "team" {
  for_each = var.teams
  name     = each.value.name
  email    = each.value.email
  members  = each.value.members
}

resource "grafana_folder" "folders" {
  for_each = var.products
  title    = each.value.name
}

resource "grafana_folder_permission" "folder-permissions" {
  for_each = grafana_folder.folders
  folder_uid = each.value.uid

  dynamic "permissions" {
    for_each = { for team in var.teams : team.name => grafana_team.team[team.name] if team.is_staff==true }
    content {
      team_id    = permissions.value.id
      permission = "Admin"
    }
  }
}

Expected Behavior

  1. After apply remove one of two teams in web iface from folder test. rerun apply. terraform
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

But we have two teams in tf state and only one team in web iface.

  1. delete second permission and rerun apply terraform will fail with Error: insufficient items for attribute "permissions"; must have at least 1

freeseacher avatar Nov 14 '20 22:11 freeseacher

  1. Error: insufficient items for attribute "permissions"; must have at least 1

Removing the folder_permission from terraform state fixes this error for me.

Of course this should be fixed in the provider instead.

pascal-hofmann avatar Jan 04 '21 12:01 pascal-hofmann

any update on missing terraform import on grafana_folder_permission ?

baoj-dfo avatar Sep 07 '23 16:09 baoj-dfo