Home > Net >  we created okta_users, and okta_groups using terraform. but i am unable to get the specific user id,
we created okta_users, and okta_groups using terraform. but i am unable to get the specific user id,

Time:06-06

We created okta users, and okta groups using terraform

This is variables.tf used variable list object for users and groups

variable "users" {
  type = list(object
    ({
      first_name   = string
      last_name    = string
      email        = string
      organization = string
      role         = string
      okta_admin   = bool
  }))
}

variable "groups" {
  type = list(object
    ({
      name        = string
      description = string
  }))
}

This is terraform.tfvars

groups = [
  { name = "dev", description = "This group for Devlopers" },
  { name = "qa", description = "This group for QA" },
  { name = "per", description = "This group for Per" }
]

users = [
  { first_name = "a", last_name = "a", email = "[email protected]", role = "Engineer", organization = "organization", okta_admin = true },
  { first_name = "b", last_name = "b", email = "[email protected]", role = "Lead", organization = "organization", okta_admin = true },
  { first_name = "c", last_name = "c", email = "[email protected]", role = "Devloper", organization = "organization", okta_admin = false },
]

this is main.tf

to get the values used for_each

resource "okta_group" "groups" {
  for_each    = { for group in var.groups : join("-", [group.name, group.description]) => group }
  name        = each.value.name
  description = each.value.description
}



resource "okta_user" "okta_user_add" {
  for_each = { for user in var.users : join("-", [user.first_name, user.last_name]) => user }

  title        = each.value.role
  email        = each.value.email
  first_name   = each.value.first_name
  last_name    = each.value.last_name
  login        = each.value.email
  organization = each.value.organization
}

when we are trying to get id we tried multiple things but it didn't work for us. unable to get the group id and user id's

resource "okta_group_memberships" "okta_member_group" {

  for_each = okta_group.groups
  group_id = each.value.id # I want only select one group
  
  users = users = values(okta_user.okta_user_add)[*].id
}

my question is

okta_group_memberships.okta_member_group we have multiple groups but we need only one group to add in okta_group_memberships. and we also to add specific user. I mention in tfvars file. there users object we have okta_admin = true. we need only those users we need in the okta_member_group

CodePudding user response:

For retrieving all the group id, you could iterate over the okta_user resources:

resource "okta_group_memberships" "okta_member_group" {
  group_id = each.value.id
  
  # Add all users to each group
  users = values(okta_user.okta_user_add)[*].id
}

The problem with your question is that you don't specify anywhere which user belongs to which group, so I've used a splat expression to get all the ids of all the users.

You should create a separate input variable in order to map each user to certain group.

Edit:

locals {
   # get DEV group
   dev_group = [for group in var.groups: group if group.name == "dev"][0]
   # filter okta admins
   okta_admins = [for user in var.users: join("-", [user.first_name, user.last_name]) if user.okta_admin]
}


resource "okta_group_memberships" "okta_member_group" {

  # select only the DEV group
  group_id = okta_group.groups[join("-", [local.dev_group.name, local.dev_group.description])].id
  
  # get IDs of okta_admins only
  users = [for okta_admin in local.okta_admins: okta_user.okta_user_add[okta_admin].id]
}

Page link:https//www.codepudding.com/net/431905.html

Prev:A for loop should return a list of 10 values. It returns a list with a random number of items
Next:Creating a new slice from an array of objects golang and group
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding