search

goauthentik / terraform-provider-authentik

Manage https://goauthentik.io with terraform.
https://registry.terraform.io/providers/goauthentik/authentik/latest/docs
GNU General Public License v3.0
58 stars 16 forks source link

Attach an application to de default outpost #341

Open lyz-code opened 1 year ago

lyz-code commented 1 year ago

Hello! First I want to congratulate for the amazing authentik!! It's fabulous!

I need some help...I can create an application and proxy provider, and I want to attach the application to default outpost "authentik Embedded Outpost". I'm aware that this issue is similar to https://github.com/goauthentik/terraform-provider-authentik/issues/310 but the user there solved it creating a new outpost for k8s, I tried creating a new outpost for the docker connection but it didn't work for me. Only attaching to the default outpost did.

Could you evaluate to create a data source for authentik_outpost?

blazp7 commented 4 months ago

I tried creating a new outpost for the docker connection but it didn't work for me. Only attaching to the default outpost did.

Same for me, ive tried thoroughly to spawn a functional additional outpost however only the default one works as expected, and that one cannot be referenced with authentik terraform provider. This is the only point of my authentik setup that cannot be configured with terraform.

It would be absolutely amazing if we could get a data source like this:

data."authentik_outpost"."outpost_default" = {
  name = "authentik Embedded Outpost";
};
Gunsmithy commented 3 months ago

I would like to see the same as well. I am deploying via the Kubernetes Helm chart and while I could add a new outpost, I would very much like to use the embedded one if possible since it's there anyways. Either a data source or I think better yet, the ability to import the embedded outpost as a resource that could then be modified too would be ideal.

Gunsmithy commented 3 months ago

I was actually able to do this just fine after a little digging. The trick is just having to find the UUID first of the embedded outpost in your installation.

  1. Define an outpost resource in your Terraform like so: 
    resource "authentik_outpost" "embedded_outpost" {
name = "authentik Embedded Outpost"
protocol_providers = []
}
  2. Find the UUID of the embedded outpost in your installation. I found the easiest way to do so was to click on the API drawer button in the top right while logged in to the admin console of Authentik after having clicked the Outposts tab. image
  3. If you have clicked the Outposts tab, you should see an API request in the list that looks like the following and click on that request:
    .../api/v3/outposts/instances/?ordering=name&page=1&page_size=20&search=
  4. Look in the list of results for the UUID for your embedded outpost. If you only have the embedded outpost, it should be the only UUID in the response. You can find it in a property called "pk". In my case for example:
    "pk":"628249a8-b69f-4c6a-a15c-048ac37a0375"
  5. Run terraform import authentik_outpost.embedded_outpost YOUR_UUID. The import should succeed.
  6. Modify your outpost resource however you see fit, and you should be able to terraform plan/apply to attach whatever providers you like as I could! If your embedded outpost was fresh and you defined it like above in Terraform, running terraform plan should detect no drift. I was even able to remove a provider in the web console then run plan again and it detected drift as expected, so everything seems to be working as expected.
emouawad commented 1 month ago

+1 to using the "authentik Embedded Outpost" - either data source or import by name - since uuid changes