Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

okta_policy_rule_signon SPECIFIC_IDP Quit Working With Provider Version 3.25.1 #1126

Closed
kellycampbe opened this issue May 20, 2022 · 3 comments · Fixed by #1133
Closed

okta_policy_rule_signon SPECIFIC_IDP Quit Working With Provider Version 3.25.1 #1126

kellycampbe opened this issue May 20, 2022 · 3 comments · Fixed by #1133
Assignees
@monde
Labels
bug regression

Comments

@kellycampbe
Copy link

Starting with provider version 3.25.1 when creating okta_policy_rule_signon with identity_provider = "SPECIFIC_IDP" it is no longer selecting the IdP.

Below is example Terraform.

resource "okta_policy_signon" "example" {
  name                  = "Test Policy"
  status                = "ACTIVE"
  description           = "This is a test."
  priority              = 1
  groups_included       = [okta_group_Group1.id]
}

data "okta_group" "Group1" {
  name = "Group1"
}


resource "okta_policy_rule_signon" "IdP" {
  name                  = "External IdP"
  policy_id             = okta_policy_signon.example.id
  priority              = 1 
  network_connection    = "ANYWHERE"
  identity_provider     = "SPECIFIC_IDP"
  identity_provider_ids = data.okta_idp_saml.IdP.id
  authtype              = "ANY"
  behaviors             = []
  risc_level            = "ANY"
  access                = "ALLOW"
  session_lifetime      = 0
  session_idle          = 60 
}

data "okta_idp_saml" "Idp" {
    name = "External IdP"
}

On provider version 3.25.0 when running the Terraform it creates this rule:
image

On version 3.25.1 and later it creates this rule, which has Identity provider set to ANY instead of the IdP provided in the Terraform.
image
@monde monde self-assigned this May 20, 2022
@monde
Copy link
Collaborator

monde commented May 20, 2022

Thanks @kellycampbe I'll look into this.

@monde
Copy link
Collaborator

monde commented May 23, 2022

The regression seems to be in 0ebeae7 that fixed #1079

MikeMondragon-okta pushed a commit that referenced this issue May 23, 2022
@monde
Reverting 0ebeae7 which incorrectly
57d52bb 
setup around SPECIFIC_IDP. Passing ACC tests:
- TestAccOktaPolicyRuleSignon_crud
- TestAccOktaPolicySignOn_defaultError
- TestAccOktaPolicySignOn_crud
Closes #1126
Reopens #1079
@monde monde mentioned this issue May 23, 2022
Merged
@monde
Copy link
Collaborator

monde commented May 24, 2022

Released as v3.28.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@monde monde

Labels
bug regression
Projects
None yet
Milestone
No milestone
2 participants
@monde @kellycampbe