我们有很多关于 OneLogin 的 Terraform 集成的问题,当前的阻止程序正在创建一个角色。我们正在使用 OneLogin Terraform 集成: https ://registry.terraform.io/providers/onelogin/onelogin/latest/docs https://github.com/onelogin/terraform-provider-onelogin
Onelogin gives us the following role through API:
{
"id": 202898,
"name": "AD-Harness-ReadOnly",
"match": "all",
"enabled": true,
"position": 110,
"conditions": [
{
"source": "has_role",
"operator": "ri",
"value": "336607"
}
],
"actions": [
{
"action": "set_groups",
"value": [
"member_of"
],
"expression": "ReadOnly"
}
]
}
When we try to implement this role on the server we get the below.
Terraform will perform the following actions:
# onelogin_app_rules.ad-launchdarkly-readonly-rule will be created
+ resource "onelogin_app_rules" "ad-launchdarkly-readonly-rule" {
+ app_id = "1453108"
+ enabled = true
+ id = (known after apply)
+ match = "all"
+ name = "AD-LaunchDarkly-ReadOnly-Rule"
+ position = (known after apply)
+ actions {
+ action = "set_groups"
+ expression = "ReadOnly"
+ value = [
+ "member_of",
]
}
+ conditions {
+ operator = "ri"
+ source = "has_role"
+ value = "525899"
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
onelogin_app_rules.ad-launchdarkly-readonly-rule: Creating...
Error: error: context: [ol http service], error_message: [{"code":422,"message":"Validation Failed","errors":[{"field":"actions","message":["Invalid action source: set_groups"]}]}]
on ad-launchdarkly-onelogin.tf line 46, in resource "onelogin_app_rules" "ad-launchdarkly-readonly-rule":
46: resource onelogin_app_rules ad-launchdarkly-readonly-rule {
能否请我们从 OneLogin 获得开发人员支持或解决上述问题的建议?
除了上述之外,我们如何调试以下内容:
Plan: 3 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
onelogin_roles.ad-launchdarkly-readonly-role: Creating...
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [10s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [20s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [30s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [40s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [50s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [1m0s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [1m10s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [1m20s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [1m30s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [1m40s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [1m50s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [2m0s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [2m10s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [2m20s elapsed]
onelogin_roles.ad-launchdarkly-readonly-role: Still creating... [2m30s elapsed]
Error: request error: context: ol http service, error_message: Post "https://api.us.onelogin.com/api/2/roles": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
on ad-launchdarkly-onelogin.tf line 6, in resource "onelogin_roles" "ad-launchdarkly-readonly-role":
6: resource onelogin_roles "ad-launchdarkly-readonly-role" {