Open powellquiring opened 3 months ago
hi @powellquiring Fix was added in release v1.61.0 https://github.com/IBM-Cloud/terraform-provider-ibm/pull/5000/files#diff-ce0d6d161b16d61703ebee92b2f35379d225abedba0fb7c2c4d09b2ccb1bb427R86
Closing based on @astha-jain comments.
@powellquiring Please confirm if the issue can be closed ?
Community Note
Description
There isn’t currently a way in terraform to create a delegated system consisting of a hub and spoke VPC in 1 pass that includes an IAM authorization that specifies by the hub and spoke:
Here is the iam authorization policy, notice it has the hub and spoke ids to narrowed as much as possible.
The last step of setting the spoke to delegated currently requires that one goes back to the spoke vpc and make an editing change.
A solution would be to add the type to the binding resource as shown below:
As a work around it is possible to patch the spoke VPC DNS using curl. But this is problematic since the bearer token is persisted in the terraform state file and could (will likely) expire before the destroy operation is executed.
New or Affected Resource(s)
Potential Terraform Configuration