Open bhanchand opened 4 years ago
Pointing out that UDP will now have to support external rest API? Not sure if want to responsible for other UDP services.
Could be better as instructions, author the HCL script, and have it committed out, IMO.
This the following HCL script that @bhanchand is having issues with.
variable "org_name" {}
variable "api_token" {}
variable "base_url" {}
variable "demo_app_name" {}
variable "udp_subdomain" {}
locals {
app_domain = "${var.udp_subdomain}.${var.demo_app_name}.unidemo.info"
nodash_subdomain = replace(var.udp_subdomain, "-", "_")
}
provider "okta" {
org_name = var.org_name
api_token = var.api_token
base_url = var.base_url
# Update default backoff
# min_wait_seconds = 60
# max_wait_seconds = 600
# max_retries = 10
version = "~> 3.0"
}
resource "okta_inline_hook" "healthcare" {
name = "${var.udp_subdomain}${var.demo_app_name}_inline_webhook"
version = "1.0.1"
type = "com.okta.oauth2.tokens.transform"
status = "ACTIVE"
channel = {
type = "HTTP"
version = "1.0.0"
uri = "https://scim.glitch.me/eventhook"
method = "POST"
}
auth = {
key = "x-api-key"
type = "HEADER"
value = "abcDEF"
}
}
resource "okta_auth_server" "healthcare" {
name = "${var.udp_subdomain} ${var.demo_app_name}"
description = "Generated by UDP"
audiences = ["api://${local.app_domain}"]
}
resource "okta_auth_server_policy" "healthcare" {
auth_server_id = okta_auth_server.healthcare.id
status = "ACTIVE"
name = "standard"
description = "Generated by UDP"
priority = 1
client_whitelist = ["${okta_app_oauth.healthcare.id}"]
}
resource "okta_auth_server_policy_rule" "healthcare" {
auth_server_id = okta_auth_server.healthcare.id
policy_id = okta_auth_server_policy.healthcare.id
status = "ACTIVE"
name = "one_hour"
priority = 1
group_whitelist = ["${data.okta_group.all.id}"]
grant_type_whitelist = ["authorization_code"]
scope_whitelist = ["*"]
}
resource "okta_auth_server_policy_rule" "healthcare" {
auth_server_id = "${okta_auth_server.healthcare.id}"
policy_id = "${okta_auth_server_policy.healthcare.id}"
status = "ACTIVE"
name = "one_hour"
priority = 1
group_whitelist = ["${data.okta_group.all.id}"]
grant_type_whitelist = ["authorization_code"]
scope_whitelist = ["*"]
inline_hook_id = "${okta_inline_hook.healthcare.id}"
}
Describe the bug Terraform scripts missing provisioning for inline hooks Currently this is being deployed manually