New Resource: `okta_app_scim_push_group_rule`

[exitcode0]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

This one needs the no-api label 🙂 Similar to https://github.com/okta/terraform-provider-okta/issues/1409 the Okta API should provide a public endpoint to configure push group rules

New or Affected Resource(s)

• okta_app_push_group_rule
• okta_app_scim_push_group_rule

Potential Terraform Configuration

resource "okta_app_saml" "aws_sso" {
  status                = "ACTIVE"
  label                 = "AWS SSO"
  preconfigured_app     = "amazon_aws_sso"
}

resource "okta_group" "app_aws_123456789012_financeReadOnly" {
    name = "app_aws_123456789012_financeReadOnly"
    description = "provides finance readOnly in the \"123456789012\" AWS account"
    skip_users = true
}

resource "okta_app_scim_push_group_rule" "example_1" {
  app_id = okta_app_saml.aws_sso.id
  name = "example group push rule"
  status = "ACTIVE"

  searchExpressionType = "STARTS_WITH"
  searchExpression = "app_aws_"

  descriptionSearchExpressionType = "STARTS_WITH"
  descriptionSearchExpression = "[AWS]"
}

resource "okta_app_scim_push_group_rule" "example_2" {
  app_id = okta_app_saml.aws_sso.id
  name = "example group push rule"
  status = "ACTIVE"

  search {
    name       = "profile.name"
    comparison = "sw"
    value      = "app_aws_"
  }
  search {
    name       = "profile.description"
    comparison = "sw"
    value      = "[AWS]"
  }
}

References

• 1409

[monde]

@exitcode0 , I spoke with @jefftaylor-okta and he says the endpoint for this is on the roadmap for this year and will be surfaced in our "OAS3" openapi spec for the Okta management API that is public but is not fully GA yet. fwiw okta-sdk-golang does have a version that is generated with this new spec and we are going include that in our upcoming release of the Okta Terraform Provider v4.0.0

[monde]

Okta internal reference: https://oktainc.atlassian.net/browse/OKTA-602000

[github-actions[bot]]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days

[exitcode0]

No StaleBot 🙂

[alejandrosan-tw]

Any update on this? 😮

[EvertonSA]

any updates on this? 😮

[posquit0]

Any updates on this? 😮

[GraemeMeyerGT]

@jefftaylor-okta / @monde did this make it into the 4.0 provider? I had a look at the https://github.com/okta/okta-management-openapi-spec but couldn't see anything in the spec that could plausibly be the endpoint in question.