terraform-provider-okta
terraform-provider-okta copied to clipboard
okta
Support multiple identity providers on the `okta_policy_rule_idp_discovery` resource
Hi.
I noticed a shortcoming between the management ui and the okta_policy_rule_idp_disvovery. While it is possible to configure multiple identity providers for a given rule through the ui this is not possible through terraform yet.
UI
Terraform
resource "okta_policy_rule_idp_discovery" "my_rule" {
name = "My Rule"
policy_id = "some-policy-id"
idp_id = "some-idp-id"
idp_type = "idp-type"
}
Changes
I suggest to add the possibility to configure multiple idps per discovery rule and use it in terraform like this:
resource "okta_policy_rule_idp_discovery" "my_rule" {
name = "My Rule"
policy_id = "some-policy-id"
idp {
id = okta_idp_social.google.id
type = "GOOGLE"
}
idp {
id = okta_idp_social.facebook.id
type = "FACEBOOK"
}
}
I implemented this change in a backwards compatible way. If the legacy attributes idp_id and idp_type are set they will be used as before. However if the newly added idp {} list is used the list will take advantage over the legacy attributes.
Let me know what you think!
Cheers, Felix
The resource test is failing on the first step. I need to spend some time looking into this. I'm going to triage into our internal work backlog.
TF_ACC=1 go test -tags unit -mod=readonly -test.v -run ^TestAccOktaPolicyRuleIdpDiscovery_crud$ ./okta 2>&1
=== RUN TestAccOktaPolicyRuleIdpDiscovery_crud
resource_okta_policy_rule_idp_discovery_test.go:28: Step 1/6 error: Error running apply: exit status 1
Error: failed to set authentication policy for an SAML application: failed delete authentication policy: the API returned an error: The request was not valid: Invalid policy type specified.
with okta_app_saml.test,
on terraform_plugin_test.tf line 40, in resource "okta_app_saml" "test":
40: resource "okta_app_saml" "test" {
--- FAIL: TestAccOktaPolicyRuleIdpDiscovery_crud (4.38s)
FAIL
FAIL github.com/okta/terraform-provider-okta/okta 4.641s
FAIL
