Closed notdodo closed 1 month ago
Voting for Prioritization
Volunteering to Work on This Issue
@jacobbednarz sorry to bump this but is this bug valid? are you tackling this internally?
This functionality has been released in v4.40.0 of the Terraform Cloudflare Provider.
Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.
For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!
Confirmation
Terraform and Cloudflare provider version
Terraform v1.9.0 on darwin_arm64
Affected resource(s)
cloudflare_access_policy
Terraform configuration files
Link to debug output
https://gist.github.com/notdodo/c3524ed143e5574632a4ce63a337e158
Panic output
No response
Expected output
No changes during the plan.
Actual output
Terraform plan shows chagens to apply even though there aren't, apparently.
It seems that multiple requires are not correctly parsed during the refresh so wrong changes are always shown
Steps to reproduce
I manually created a policy that accept 2 possible Okta IdPs with different groups on Cloudflare Access for an application.
I imported the application resource with
terraform import cloudflare_access_application.poc1 <account_id>/<application_id>
Creating the same policy on terraform with 2 Okta IdPs and
require
the plan shows that the refresh/get of the remote resource has a bug:The
okta.identity_provider_id
is set to the last value present during the apply and theokta.name
contains a list of both groups.The same is also valid when using new reusable access policies
Additional factoids
I think that the bug is generated here: the
OktaID
is a single value and notappend
like the groups. Here is the generated output that is not expected.References
No response