search

hashicorp / terraform-provider-consul

Terraform Consul provider
https://www.terraform.io/docs/providers/consul/
Mozilla Public License 2.0
125 stars 113 forks source link

[Feature] new binding rule type "node" #217

Closed wolfmd closed 4 years ago

wolfmd commented 4 years ago

Terraform Version

Terraform v0.13.0, provider.consul v2.9.0

Affected Resource(s)

consul_acl_binding_rule

Enhancement Support for NodeIdentities GH-7970 was added in consul 1.8.1.

As a part of applying NodeIdentities to a login token, a binding rule needs to have the type of "node" in order to match the node against a NodeIdentity. In the CLI this can be achieved through the following command

consul acl binding-rule create -method=some-jwt -bind-type=node -bind-name='agent-${value.nodename}'

Currently in terraform the following error is received on trying to create a binding rule with the node bind type

Error: expected bind_type to be one of [service role], got node

  on main.tf line 80, in resource "consul_acl_binding_rule" "agent_binding":
  80: resource "consul_acl_binding_rule" "agent_binding" {

It'd be great if we could support this as a valid value to be passed into terraform.

remilapeyre commented 4 years ago

Hi @wolfmd, thanks for reporting this. It was a mistake to validate the type in the provider, https://github.com/terraform-providers/terraform-provider-consul/pull/218 remove this and let Consul return an error if the type is not correct.

wolfmd commented 4 years ago

Great! Thank you for the super quick response

wolfmd commented 4 years ago

Any idea when this might be merged?