Closed brunoagueda closed 2 months ago
Hi @brunoagueda the support didn't answer you why this optional parameters even sets now? Last changes in this module was 6 months ago, and we not pass them in request body:
createOpts := users.CreateOpts{
Name: d.Get("name").(string),
Description: d.Get("description").(string),
Email: d.Get("email").(string),
Phone: d.Get("phone").(string),
AreaCode: d.Get("country_code").(string),
AccessMode: d.Get("access_type").(string),
Enabled: &enabled,
PasswordReset: &reset,
DomainID: domainId,
}
P.S.: opentelekomcloud_identity_user_v3 utilizes api: /v3.0/OS-USER/users
setting this parameters as empty is a workaround, i think need to fix api instead of this
@brunoagueda i checked tests, all passed in eu-de, but i see this error in eu-ch2 region, seems something wrong with api in this region, please ask again support for details. Interesting details, user created in eu-ch2 has external identity id parameter and it's empty:
after I click delete button for this parameter, user became deletable, this is a api bug for real.
Hi @anton-sidelnikov I'm still asking them for a solution for this bug. My request here would be for making the xuser_type and xuser_id parameters available on the module so I can set them with empty values, like this
resource "opentelekomcloud_identity_user_v3" "users" {
name = "test_tf_user"
description = "Testing user creation on TF"
enabled = true
xuser_type = ""
xuser_id = ""
}
I get that this is a workaround and the api should be fixed, but is it possible to implement it so we can fix the issue while the api is not fixed?
@brunoagueda I will check, if it fix the issue then i will add in tf.
Hello @brunoagueda please check latest release
Hi. I tested the latest release and even if I set the xuser_type and xuser_id parameters as null, the problem persists and I'm not able to delete the created user My code looks like this:
resource "opentelekomcloud_identity_user_v3" "users" { name = "test_tf_user" description = "Testing user creation on TF" enabled = true xuser_type = null xuser_id = null }
Sorry, you can disregard my last comment. The user deletion option is grayed out on the console, but deleting with terraform destroy works. This is good enough for us right now, while we wait a definitive fix on the API for the Swiss region Thanks a lot!
Terraform provider version
Terraform v1.8.3 on linux_amd64
Affected Resource(s)
opentelekomcloud_identity_user_v3
Terraform Configuration Files
Steps to Reproduce
terraform apply
Expected Behavior
The user created should be able to be deleted
Actual Behavior
It is not possible to delete the user
Important Factoids
We opened a support ticket on OTC Support for this issue, and they answered saying that the problem is due to the "xuser_type" that should be empty, but it is not. As a workaround, they recommended to add the xuser_type and xuser_id with empty value in the request. Is it possible to add this parameters on the Terraform module?
Support answer: "Alternatively however I would like to recommend integrating the recommended API to create users, which is "POST /v3.0/OS-USER/users".
Documentation: ;https://docs.sc.otc.t-systems.com/identity-access-management/api-ref/apis/user_management/creating_an_iam_user_recommended.html, ;which gives us chance to have control over the problematic user attribute's unexpected ;value assignment.
For the user creation, the payload's mandatory attributes are "name" and "domain_id". I recommend sending the attribute "xuser_type" with and empty string ( ex.: "xuser_type": "" ) as value to get rid of this issue once and for all when new users are created at client side.
Fixing existing users is also possible on client side by invoking the recommended API to modify user information, which is "PUT /v3.0/OS-USER/users/{user_id}/info".
Documentation: ;https://docs.sc.otc.t-systems.com/identity-access-management/api-ref/apis/user_management/modifying_user_information_including_email_address_and_mobile_number_as_an_iam_user.html ;
Using the same logic as before, the "xuser_type" attribute of affected users has to be updated with an empty string to regain the ability to delete them using common users."