You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Given an SSO layer at management/global/sso.
Adding a new group in locals.tf file.
Running leverage tf plan.
It gives this error:
│ Error: no Identity Store Group found matching criteria
│ [{0xc002bb37d0 0xc002bb37e0 {}}]; try different search
│
│ with module.account_assignments.data.aws_identitystore_group.this["SentinelFieldEngineer"],
│ on .terraform/modules/account_assignments/modules/account-assignments/main.tf line 1, in data "aws_identitystore_group""this":
│ 1: data "aws_identitystore_group""this" {
Expected Behavior
The group is created and then the account assignment takes place.
Steps to Reproduce
CD into management/global/sso layer
Add a new group in locals.tf file.
Run leverage tf plan
See error:
│ Error: no Identity Store Group found matching criteria
│ [{0xc002bb37d0 0xc002bb37e0 {}}]; try different search
│
│ with module.account_assignments.data.aws_identitystore_group.this["SentinelFieldEngineer"],
│ on .terraform/modules/account_assignments/modules/account-assignments/main.tf line 1, in data "aws_identitystore_group""this":
│ 1: data "aws_identitystore_group""this" {
Screenshots
N/A
Environment (please complete the following information):
Anything that will help us triage the bug will help. Here are some ideas:
❯ uname -r
5.15.146-1-MANJARO
❯ leverage --version
leverage, version 1.11.2
Additional Context
This seems to be a dependencies issue.
The new group is created in the user_groups file.
Since the module account_assignment has no dependency to resources in that file, when it looks for the group it does not exist.
Proposed solution.
Adding a dependency sentence in the account_assignment module should fix it:
Describe the Bug
Given an SSO layer at
management/global/sso.Adding a new group in
locals.tffile.Running
leverage tf plan.It gives this error:
│ Error: no Identity Store Group found matching criteria │ [{0xc002bb37d0 0xc002bb37e0 {}}]; try different search │ │ with module.account_assignments.data.aws_identitystore_group.this["SentinelFieldEngineer"], │ on .terraform/modules/account_assignments/modules/account-assignments/main.tf line 1, in data "aws_identitystore_group" "this": │ 1: data "aws_identitystore_group" "this" {Expected Behavior
The group is created and then the account assignment takes place.
Steps to Reproduce
management/global/ssolayerlocals.tffile.leverage tf plan│ Error: no Identity Store Group found matching criteria │ [{0xc002bb37d0 0xc002bb37e0 {}}]; try different search │ │ with module.account_assignments.data.aws_identitystore_group.this["SentinelFieldEngineer"], │ on .terraform/modules/account_assignments/modules/account-assignments/main.tf line 1, in data "aws_identitystore_group" "this": │ 1: data "aws_identitystore_group" "this" {Screenshots
N/A
Environment (please complete the following information):
Anything that will help us triage the bug will help. Here are some ideas:
Additional Context
This seems to be a dependencies issue.
The new group is created in the user_groups file.
Since the module
account_assignmenthas no dependency to resources in that file, when it looks for the group it does not exist.Proposed solution.
Adding a dependency sentence in the
account_assignmentmodule should fix it:depends_on = [resource.aws_identitystore_group.default]The text was updated successfully, but these errors were encountered: