terraform-provider-consul icon indicating copy to clipboard operation
terraform-provider-consul copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Support admin partitions for consul_acl_token_secret_id

Open jrx opened this issue 2 years ago • 2 comments

Terraform Version

Terraform v1.1.8

Affected Resource(s)

  • consul_acl_token_secret_id

Terraform Configuration Files

resource "consul_admin_partition" "nomad" {
  name        = "nomad"
  description = "Partition for Nomad"
}

resource "consul_acl_policy" "nomad_server" {
  name      = "nomad-server"
  partition = consul_admin_partition.nomad.name

  rules = <<-RULE
    agent_prefix "" {
        policy = "read"
    }
    node_prefix "" {
        policy = "read"
    }
    service_prefix "" {
        policy = "write"
    }
    acl = "write"
    RULE
}

resource "consul_acl_token" "nomad_server" {
  description = "Nomad Server Policy"
  policies    = ["${consul_acl_policy.nomad_server.name}"]
  local       = true
  partition   = consul_admin_partition.nomad.name
}

data "consul_acl_token_secret_id" "nomad_server" {
  accessor_id = consul_acl_token.nomad_server.id
}

Debug Output

│ Error: Unexpected response code: 403 (ACL not found)
│
│   with data.consul_acl_token_secret_id.nomad_server,
│   on policies.tf line 106, in data "consul_acl_token_secret_id" "nomad_server":
│  106: data "consul_acl_token_secret_id" "nomad_server" {
│
╵
Operation failed: failed running terraform plan (exit 1)

Expected Behavior

The resource consul_acl_token_secret_id should provide an argument to configure the admin partition. e.g.:

data "consul_acl_token_secret_id" "nomad_server" {
  accessor_id = consul_acl_token.nomad_server.id
  partition  = consul_admin_partition.nomad.name
}

Actual Behavior

The resource consul_acl_token_secret_id has only support for the namespace argument as of today: https://registry.terraform.io/providers/hashicorp/consul/latest/docs/data-sources/acl_token_secret_id#argument-reference

Steps to Reproduce

terraform apply

jrx avatar Apr 25 '22 14:04 jrx

Hi @jrx! Thanks, for some reason this datasource was forgotten when adding the support for admin partitions. I will work on it shortly.

remilapeyre avatar Apr 27 '22 20:04 remilapeyre

This was fixed in #315.

mkeeler avatar Aug 18 '22 13:08 mkeeler

Thanks @mkeeler !

remilapeyre avatar Aug 28 '22 17:08 remilapeyre