diff --git a/examples/oidc-cognito-stack.tf b/examples/oidc-cognito-stack.tf index e57906e4a..a96be2c0d 100644 --- a/examples/oidc-cognito-stack.tf +++ b/examples/oidc-cognito-stack.tf @@ -13,8 +13,8 @@ provider "okta" { } data "okta_group" "peeps" { - Name = "Peeps" - Description = "For my peeps" + name = "Peeps" + description = "For my peeps" } data "okta_user" "garth" { diff --git a/examples/okta_group/datasource_not_found.tf b/examples/okta_group/datasource_not_found.tf new file mode 100644 index 000000000..8eb546948 --- /dev/null +++ b/examples/okta_group/datasource_not_found.tf @@ -0,0 +1,19 @@ +resource okta_group test { + name = "testAcc_replace_with_uuid" + description = "testing, testing" + users = [okta_user.test.id] +} + +resource okta_user test { + first_name = "TestAcc" + last_name = "Jones" + login = "john_replace_with_uuid@ledzeppelin.com" + email = "john_replace_with_uuid@ledzeppelin.com" +} + +# Should fail to find the group since the type is the wrong type +data okta_group test_type { + include_users = true + name = okta_group.test.name + type = "APP_GROUP" +} diff --git a/okta/data_source_okta_group.go b/okta/data_source_okta_group.go index fd131de2f..435fa2844 100644 --- a/okta/data_source_okta_group.go +++ b/okta/data_source_okta_group.go @@ -4,9 +4,9 @@ import ( "context" "fmt" - "github.com/okta/okta-sdk-golang/v2/okta/query" - "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/okta/okta-sdk-golang/v2/okta/query" ) func dataSourceGroup() *schema.Resource { @@ -18,6 +18,12 @@ func dataSourceGroup() *schema.Resource { Type: schema.TypeString, Required: true, }, + "type": { + Type: schema.TypeString, + Optional: true, + Description: "Type of the group. When specified in the terraform resource, will act as a filter when searching for the group", + ValidateFunc: validation.StringInSlice([]string{"OKTA_GROUP", "APP_GROUP", "BUILT_IN"}, false), + }, "description": { Type: schema.TypeString, Computed: true, @@ -44,15 +50,26 @@ func dataSourceGroupRead(d *schema.ResourceData, m interface{}) error { func findGroup(name string, d *schema.ResourceData, m interface{}) error { client := getOktaClientFromMetadata(m) - groups, _, err := client.Group.ListGroups(context.Background(), &query.Params{Q: name}) + searchParams := &query.Params{Q: name} + if d.Get("type") != nil && d.Get("type").(string) != "" { + searchParams.Filter = fmt.Sprintf("type eq \"%s\"", d.Get("type").(string)) + } + + groups, _, err := client.Group.ListGroups(context.Background(), searchParams) if err != nil { return fmt.Errorf("failed to query for groups: %v", err) - } else if len(groups) < 1 { - return fmt.Errorf("group \"%s\" not found", name) + } + + if len(groups) < 1 { + if d.Get("type") != nil { + return fmt.Errorf("group \"%s\" was not found with type \"%s\"", name, d.Get("type").(string)) + } + return fmt.Errorf("group \"%s\" was not found", name) } d.SetId(groups[0].Id) _ = d.Set("description", groups[0].Profile.Description) + _ = d.Set("type", groups[0].Type) if d.Get("include_users").(bool) { userIDList, err := listGroupUserIDs(m, d.Id()) diff --git a/okta/data_source_okta_group_test.go b/okta/data_source_okta_group_test.go index 21646c7af..f9ffc3f5b 100644 --- a/okta/data_source_okta_group_test.go +++ b/okta/data_source_okta_group_test.go @@ -1,6 +1,7 @@ package okta import ( + "regexp" "testing" "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" @@ -11,6 +12,7 @@ func TestAccOktaDataSourceGroup_read(t *testing.T) { ri := acctest.RandInt() mgr := newFixtureManager(oktaGroup) config := mgr.GetFixtures("datasource.tf", ri, t) + configInvalid := mgr.GetFixtures("datasource_not_found.tf", ri, t) resource.Test(t, resource.TestCase{ PreCheck: func() { @@ -22,10 +24,15 @@ func TestAccOktaDataSourceGroup_read(t *testing.T) { Config: config, Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.okta_group.test", "id"), + resource.TestCheckResourceAttrSet("data.okta_group.test", "type"), resource.TestCheckResourceAttrSet("okta_group.test", "id"), resource.TestCheckResourceAttr("okta_group.test", "users.#", "1"), ), }, + { + Config: configInvalid, + ExpectError: regexp.MustCompile(`\bwas not found with type\b`), + }, }, }) } diff --git a/website/docs/d/group.html.markdown b/website/docs/d/group.html.markdown index e4b1eff3e..d7dc48761 100644 --- a/website/docs/d/group.html.markdown +++ b/website/docs/d/group.html.markdown @@ -22,6 +22,8 @@ data "okta_group" "example" { * `name` - (Required) name of group to retrieve. +* `type` - (Optional) type of the group to retrieve. + * `include_users` - (Optional) whether or not to retrieve all member ids. ## Attributes Reference @@ -30,6 +32,8 @@ data "okta_group" "example" { * `name` - name of group. +* `type` - type of group. + * `description` - description of group. * `users` - user ids that are members of this group, only included if `include_users` is set to `true`.