okta_app_bookmark import missing authentication_policy

jeremysells-canv commented 7 months ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

% terraform -v
Terraform v1.7.5
on darwin_arm64

Affected Resource(s)

okta_app_bookmark

Terraform Configuration Files

terraform {
  backend "local" {
    path = "terraform.tfstate"
  }
  required_providers {
    okta = {
      source = "okta/okta"
      version = "4.8.0"
    }
  }
}

provider "okta" {}

resource "okta_app_bookmark" "example" {
  label  = "Terraform Test"
  url    = "https://example.com"
  authentication_policy = "12345"
}

Debug Output

terraform init
terraform plan
# Shows it is going to add the app which is correct (as it has not been imported yet)
terraform import okta_app_bookmark.example abcde
terraform plan
# Now shows it is going to set the authentication policy which should have been imported

Plan Output

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
  ~ update in-place

Terraform will perform the following actions:

  # okta_app_bookmark.example will be updated in-place
  ~ resource "okta_app_bookmark" "example" {
      + authentication_policy      = "12345"
        id                         = "abcde"
        name                       = "bookmark"
        # (11 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Panic Output

n.a.

Expected Behavior

Terraform app was imported so it should not be making any changes to the authentication policy. In the Okta Admin the authentication_policy is set to the same value as in the Terraform configuration so no changes should be on the Terraform plan output (after import).

Can this be done in the Admin UI?

n.a.

Can this be done in the actual API call?

n.a.

Actual Behavior

(see above)

Steps to Reproduce

(see above)

Important Factoids

n.a.

References

I have tried to raise this with Okta Support Case: 02017270

Notes

I suspect this is the same for other applications (but I have not checked)

duytiennguyen-okta commented 7 months ago

OKTA internal reference https://oktainc.atlassian.net/browse/OKTA-712699

exitcode0 commented 5 months ago

this appears to occur on okta_app_saml as well its possible that these occur on all okta_app_* resources

I'm curious if the maintainers think that authentication_policy assignment should be split out into its own resource away from the okta_app resources themselves, something for V5 perhaps ¯\(ツ)/¯

duytiennguyen-okta commented 5 months ago

@exitcode0 It will stay with okta_app for now. I am fixing this issue

okta / terraform-provider-okta