search

onelogin / terraform-provider-onelogin

GNU General Public License v3.0
27 stars 19 forks source link

Which connectors are supported? #9

Closed mikkoc closed 4 years ago

mikkoc commented 4 years ago

Is there a list of supported connector_ids?

I tried to create a new Splunk connector (connector_id=229), SAML 2.0 based. But got the following error:

Error: error: context: [ol http service], error_message: [{"message":"Unknown parameter on configuration section: provider_arn","name":"BadRequestError","statusCode":400}]
resource onelogin_saml_apps saml {
  connector_id = 229
  name         = "Terraform Test SAML App"
  description  = "SAML"

  configuration {
    signature_algorithm = "SHA-1"
  }
}

I understand this might be nowhere near to be ready, so I understand if you prefer people not to open issues yet.

We're quite keen to follow the development of this provider and can do beta testing if you need. We have a lot of manual OL apps we're keen to import in TF.

Thanks

dcaponi commented 4 years ago

Hey @mikkoc thanks for using the provider! For a list of valid connectors check out the documentation https://developers.onelogin.com/api-docs/2/connectors/list-connectors

It looks like the /connectors endpoint doesn't support pagination yet and only returns 1000 responses. The connector id for splunk is actually 55785. You can actually search by name too. Here is the endpoint

https://api.us.onelogin.com/api/2/connectors?name=splunk

It seems you're experiencing a bit of a mis-coordination between the provider and our backend. Some SAML apps require this provider_arn and other don't and due to the nature of how Terraform sends all the SAML fields (in your case provider_arn is being set to "" and API seems to prefer the provider_arn field not exist at all for the Splunk apps, and throws that 400)

Rest assured we are working on that as quickly as possible :)

You mentioned

We have a lot of manual OL apps we're keen to import in TF.

Thats awesome! Have you seen our CLI? It will import your OL apps from your account into TF for you.

cli: https://github.com/onelogin/onelogin

dcaponi commented 4 years ago

I made a small release you can try (also in master if you're cloning and sideloading) that removes the field provider_arn. Note, you won't be able to set this on the AWS app that uses it via Terraform (you'll still be able to use the UI) but that should get you over the hump. I tried it with this config and it worked for me

provider onelogin {
    alias = "onelogin"
}
resource onelogin_saml_apps saml {
  connector_id = 55785
  name         = "Terraform Test SAML App"
  description  = "SAML"

  configuration {
    signature_algorithm = "SHA-1"
  }
}

Please, if this unblocks you close the issue. If I don't hear back in about 3 business days I'll close it.

mikkoc commented 4 years ago

Thanks @dcaponi I'll try that early next week!

mikkoc commented 4 years ago

That worked, thanks, closing this.