Open chrisw-ibm opened 7 months ago
I too would be interested in something like this - but not sure if this is supported in IBM Cloud. Right now, we assign service id to a trusted profile in another account, then use that to access resources. It works well but its a lot of extra steps
Community Note
Terraform CLI and Terraform IBM Provider Version
Affected Resource(s)
resource ibm_iam_access_group_members
Terraform Configuration Files
Note that the service id is a hardcoded string to a serviceId that is not within the same account.
Debug Output
Panic Output
N/A
Expected Behavior
I should be able to add access to a service id that exists in another account. It is currently possible to do so via the API directly, but terraform blocks this by first trying to read the serviceId.
Example API request to create policy
Actual Behavior
I received an error : "Getting Service Ids You are not authorized to use this API"
Steps to Reproduce
Get an API_KEY with the right permisssions
terraform apply -var "ibmcloud_api_key={IBM_CLOUD_API_KEY}"
Important Factoids
No
This may be considered a bug or a feature request. Perhaps the we keep the existing behaviour but we provide the option in the terraform to disable the check to validate the service id
References
0000