Closed tkallenberg-tw closed 3 years ago
If I have this in my main.tf
resource onelogin_saml_apps saml{
connector_id = 50534
name = "SAML App"
description = "SAML"
configuration = {
signature_algorithm = "SHA-1"
}
}
resource onelogin_app_rules test{
app_id = onelogin_saml_apps.saml.id
enabled = true
match = "all"
name = "first rule"
position = 1
actions {
action = "set_groups"
expression = "(.+)"
value = ["roles"]
}
}
It is sending this payload to the create app rules endpoint
{
"app_id":1234,
"name":"first rule",
"match":"all",
"enabled":true,
"position":1,
"conditions":null,
"actions":[
{
"action":"set_groups",
"value":["roles"],
"expression":"(.+)"
}
]
}
conditions is being set to null
and not []
and its causing the API to panic. I can fix this on my side. Thanks for bringing this up
https://github.com/onelogin/terraform-provider-onelogin/releases/tag/v0.1.2
This should resolve your issue. Please try it and close this out when you confirm it works.
Thanks for the fast reaction and the fix. This seems to work now.
Hi
In Onelogin using the REST API and the UI we see that rules conditions can be empty which is the case for us.
However the conditions in the terraform provider is required as documented here: https://registry.terraform.io/providers/onelogin/onelogin/latest/docs/resources/onelogin_app_rule#conditions
If we run terraform without the conditions we get the following error while applying:
Error: error: context: [ol http service], error_message: [{"code":422,"message":"Validation Failed","errors":[{"field":"conditions","message":["is reserved"]}]}]
Should this be really required? We at least would expect that this can be empty.