Open dbryar opened 1 year ago
FWIW I am using the connectorId
(as opposed to the id
) as an enum in generating the HCL so it would stand to reason that since the DaVinci provider does not have an import function, it could use the connectorId
as a filter when performing a GET on /v1/connections
to determine if the target already exists?
Terraform will perform the following actions:
# davinci_connection.cookie will be created
+ resource "davinci_connection" "cookie" {
+ connector_id = "cookieConnector"
// See https://registry.terraform.io/providers/pingidentity/davinci/latest/docs/resources/connection
export enum DavinciConnectorId {
Annotation = "annotationConnector",
Challenge = "challengeConnector",
Cookie = "cookieConnector",
Flow = "flowConnector",
Error = "errorConnector",
Fingerprint = "fingerprintjsConnector",
Functions = "functionsConnector",
Http = "httpConnector",
Policy = "userPolicyConnector",
Teleport = "nodeConnector",
Token = "skOpenIdConnector",
Variables = "variablesConnector",
PingOneAuth = "pingOneAuthenticationConnector",
PingOneSSO = "pingOneSSOConnector",
PingOneMFA = "pingOneMfaConnector",
PingOneNotifications = "notificationsConnector",
}
Update:
Deleting the existing cookie connection works as long as the only update is the cookie.
If there is a flow that uses the cookie in the plan
the default cookie connector may be created before the managed connector
I agree this is a scenario where being able to take over the default connection would be helpful. We had been holding off on that until the "empty environment" feature is released.
Is there a reason you wouldn't want to create the cookie connector as a separate managed resource? I suppose that may affect the enum function. It would also lead to two connections (one managed, one unmanaged), but it would avoid this conflict.
I'll check on the status of the empty environment and bring in #66 if it's still a ways out.
"Empty" or "clean" DaVinci environments can now be created, so overwriting existing resources is no longer required/recommended
The follow API example shows how an environment can be created without bootstrapped/demo configuration, notice the billOfMaterials.products.tags
array attribute:
curl --location 'https://api.pingone.eu/v1/environments' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <<token>>' \
--data '{
"name": "New-Env_1698254427",
"description": "New environment description",
"type": "SANDBOX",
"region": "EU",
"billOfMaterials": {
"products": [
{
"type": "PING_ONE_BASE",
"description": "New environment product description",
"console": {
"href": "https://example.com"
}
},
{
"type": "PING_ONE_DAVINCI",
"description": "New environment product description",
"tags": ["DAVINCI_MINIMAL"]
}
]
},
"license": {
"id": "********-****-****-****-*************"
}
}'
This functionality will be delivered in v0.23.0
of the provider on completion of https://github.com/pingidentity/terraform-provider-pingone/issues/611
Now v0.23.0
of the PingOne provider has been released, this needs a re-triage to determine if it's an issue that still needs work
Community Note
Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.
DaVinci Terraform provider Version
0.1.9
Terraform Version
1.4.2
Affected Resource(s)
davinci_connection
Terraform Configuration Files
Debug Output
Expected Behavior
I actually expected this to fail...
Actual Behavior
It did fail
Steps to Reproduce
terraform apply
Important Factoids
Normally I would just delete the connection in Ping DaVinci and allow the terraform
plan
to apply, however this is not working for the cookie connector for some reasonReferences
66