Comments (5)
If users cannot/not be managed by Terraform, we cannot use auth0_user
resources.
However, if attachment resources exist, we can attach roles to existing users without creating or managing users with Terraform resources.
This may be achieved by calling Assign users to a role API.
So I have the intention to implement this.
from terraform-provider-auth0.
Hey Auth0 Team! Do we have an ETA on this feature? I'm currently blocked on my TF implementation as I need auth0_role_permission_attachment
from terraform-provider-auth0.
Hey @josecsotomorales 👋🏻
While the DX right now might not be the best depending on your use case as we don't have a direct 1:1 resource with a relationship between roles and permissions and as well one between this and users, you should not be blocked in managing such associations with the current version of the provider.
You can achieve this by using the auth0_role
and auth0_user
resources, e.g.
resource "auth0_resource_server" "my_resource_server" {
name = "My Resource Server (Managed by Terraform)"
identifier = "my-resource-server-identifier"
signing_alg = "RS256"
token_lifetime = 86400
skip_consent_for_verifiable_first_party_clients = true
enforce_policies = true
scopes {
value = "read:something"
description = "read something"
}
}
resource "auth0_user" "my_user" {
connection_name = "Username-Password-Authentication"
user_id = "auth0|1234567890"
email = "[email protected]"
password = "passpass$12$12"
nickname = "testnick"
username = "testnick"
roles = [auth0_role.my_role.id]
}
resource "auth0_role" "my_role" {
name = "My Role - (Managed by Terraform)"
description = "Role Description..."
permissions {
resource_server_identifier = auth0_resource_server.my_resource_server.identifier
name = "read:something"
}
}
It would help to get clarification from your side as to what exactly is blocking you.
from terraform-provider-auth0.
Hey @sergiught! Thanks for the quick response, for my use case I have 3 roles predefined (Viewer, Editor, Admin), I'm creating multiple resource servers and what I need is to assign permissions to those existing roles, what the provider currently does is that creates a role and assign permissions to it, so for each resource server I will need to create a role, similar to that code snippet you posted, I was looking for auth0_role_permission_attachment
to just assign the permissions to the existing roles, hope this explains what I'm trying to achieve.
from terraform-provider-auth0.
Hey folks this is now available in the latest release https://github.com/auth0/terraform-provider-auth0/releases/tag/v0.47.0.
Documentation:
- https://registry.terraform.io/providers/auth0/auth0/latest/docs/resources/role_permission
- https://registry.terraform.io/providers/auth0/auth0/latest/docs/resources/role_permissions
- https://registry.terraform.io/providers/auth0/auth0/latest/docs/resources/user_role
- https://registry.terraform.io/providers/auth0/auth0/latest/docs/resources/user_roles
- https://registry.terraform.io/providers/auth0/auth0/latest/docs/resources/user_permission
- https://registry.terraform.io/providers/auth0/auth0/latest/docs/resources/user_permissions
Migration guide:
Let us know if you encounter any issues with the new attachment resources!
Appreciate everyones patience while we worked on adding the new features.
from terraform-provider-auth0.
Related Issues (20)
- totp is always applied HOT 5
- `tf generate` does not create a auth0_generated.tf file. `terraform plan` fails HOT 3
- Add toggle for "Customize MFA Factors using Actions" HOT 2
- Dependency error between auth0_role_permissions and auth0_resource_server_scopes HOT 6
- (auth0_resource_server_scopes) Unable to upgrade from 0.x to 1.x. Additional prop: scopes HOT 2
- log_stream.splunk_port returning a number instead of a string HOT 9
- Add captcha_widget_theme to auth0_branding_theme HOT 1
- auth0 cli not importing email templates, hooks and rules HOT 1
- Client creation suddenly no longer working with oauth2: "server_error" "callback is not a function" HOT 2
- auth0_role_permissions not allowing multiple times the permssions appending HOT 2
- Service not enabled within domain: https://sample.api.com HOT 1
- Add proper support for all oidc_logout parameters
- Add data source for auth0_action resource HOT 1
- Auth0 Terraform Provider not handling the state for `auth0_role_permissions` resources HOT 2
- Add terraform resources for new feature "Forms"
- Incorrect token_endpoint_auth_method for SPA in Auth0 via Terraform HOT 6
- importing client_credentials require env variables instead of provider config HOT 3
- Add support for auth0_tenant.error_page HOT 1
- OIDC Connection Requires Over-Specification (Again?) HOT 4
- IdP-initiated SSO Behavior rejects request after creation via terraform
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-auth0.