A Terraform provider to manage Okta resources, enabling infrastructure-as-code provisioning and management of users, groups, applications, and other Okta objects.
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
When creating a okta_app_signon_policy, it automatically create a default rule named "Catch-all Rule" which can only be managed via Terraform after an import. This import requires to retrieve the id of the rule and this cannot be done automatically via Terraform, we need manual action to manage it
we can retrieve the rule ID
going through the API
going in the developer tool of our beloved web browser and check the request parameter when doing an update via the UI
The goal here is to reduce the manual work and automatize the process.
New or Affected Resource(s)
The goal here is to create the data source named okta_app_signon_policy_rule.
With this data source, we could have the following automatic workflow
We now just need to filter and select only the rule with the name "Catch-all Rule" and update it
locals {
catch_all_rule = lookup(data.okta_app_signon_policy_rule.my_policy_rules.rules, "Catch-all Rule", null)
}
resource "okta_app_signon_policy_rule" "catch_all_rule" {
count = local.catch_all_rule != null ? 1 : 0
policy_id = local.catch_all_rule.rule_id
name = "Catch-all Rule"
# Define all the other attributes of the rule
# ...
# We need to be careful with the order of the resources to avoid a cyclic dependency
depends_on = [data.okta_app_signon_policy_rule.my_policy_rules]
}
References
I've looked at the following PR having the same issue (I'm also currently facing this issue right now), and this could help more developers to use the Okta provider
Community Note
Description
When creating a
okta_app_signon_policy
, it automatically create a default rule named "Catch-all Rule" which can only be managed via Terraform after an import. This import requires to retrieve the id of the rule and this cannot be done automatically via Terraform, we need manual action to manage itThe goal here is to reduce the manual work and automatize the process.
New or Affected Resource(s)
The goal here is to create the data source named
okta_app_signon_policy_rule
. With this data source, we could have the following automatic workflowPotential Terraform Configuration
First we would create the policy :
Then declare this data source to retrieve the rules of the policy:
The output of this data source could be a list of policy rules with the following structure:
We now just need to filter and select only the rule with the name "Catch-all Rule" and update it
References
I've looked at the following PR having the same issue (I'm also currently facing this issue right now), and this could help more developers to use the Okta provider
The API to retrieve the rules of a policy already exists here
Thanks for reading.