New resource: okta_admin_role_targets (#325)

okta · Feb 12, 2021 · fdd6f50 · fdd6f50
1 parent 8f29278
commit fdd6f50
Show file tree

Hide file tree

Showing 10 changed files with 605 additions and 2 deletions.
diff --git a/examples/okta_admin_role_targets/README.md b/examples/okta_admin_role_targets/README.md
@@ -0,0 +1,5 @@
+# okta_admin_role_targets
+
+Resource for managing targets for administrator roles. [See Okta documentation for more details](https://developer.okta.com/docs/reference/api/roles/#role-target-operations).
+
+- Simple example [can be found here](./basic.tf).
diff --git a/examples/okta_admin_role_targets/basic.tf b/examples/okta_admin_role_targets/basic.tf
@@ -0,0 +1,32 @@
+resource "okta_user" "test" {
+  admin_roles = ["APP_ADMIN", "GROUP_MEMBERSHIP_ADMIN", "HELP_DESK_ADMIN"]
+  first_name  = "TestAcc"
+  last_name   = "blah"
+  login       = "[email protected]"
+  email       = "[email protected]"
+}
+
+resource "okta_app_swa" "test" {
+  label          = "testAcc_replace_with_uuid"
+  button_field   = "btn-login"
+  password_field = "txtbox-password"
+  username_field = "txtbox-username"
+  url            = "https://example.com/login.html"
+}
+
+resource "okta_group" "test" {
+  name        = "testAcc_replace_with_uuid"
+  description = "testing"
+}
+
+resource "okta_admin_role_targets" "test_app" {
+  user_id   = okta_user.test.id
+  role_type = tolist(okta_user.test.admin_roles)[0]
+  apps      = [format("%s.%s", okta_app_swa.test.name, okta_app_swa.test.id)]
+}
+
+resource "okta_admin_role_targets" "test_group" {
+  user_id   = okta_user.test.id
+  role_type = tolist(okta_user.test.admin_roles)[1]
+  groups    = [okta_group.test.id]
+}
diff --git a/examples/okta_admin_role_targets/updated.tf b/examples/okta_admin_role_targets/updated.tf
@@ -0,0 +1,37 @@
+resource "okta_user" "test" {
+  admin_roles = ["APP_ADMIN", "GROUP_MEMBERSHIP_ADMIN", "HELP_DESK_ADMIN"]
+  first_name  = "TestAcc"
+  last_name   = "blah"
+  login       = "[email protected]"
+  email       = "[email protected]"
+}
+
+resource "okta_app_swa" "test" {
+  label          = "testAcc_replace_with_uuid"
+  button_field   = "btn-login"
+  password_field = "txtbox-password"
+  username_field = "txtbox-username"
+  url            = "https://example.com/login.html"
+}
+
+resource "okta_group" "test" {
+  name        = "testAcc_replace_with_uuid"
+  description = "testing"
+}
+
+resource "okta_group" "test_2" {
+  name        = "testAcc_2_replace_with_uuid"
+  description = "testing, testing"
+}
+
+resource "okta_admin_role_targets" "test_app" {
+  user_id   = okta_user.test.id
+  role_type = tolist(okta_user.test.admin_roles)[0]
+  apps      = ["oidc_client", "facebook"]
+}
+
+resource "okta_admin_role_targets" "test_group" {
+  user_id   = okta_user.test.id
+  role_type = tolist(okta_user.test.admin_roles)[1]
+  groups    = [okta_group.test.id, okta_group.test_2.id]
+}
diff --git a/okta/provider.go b/okta/provider.go
@@ -15,6 +15,7 @@ import (
 
 // Resource names, defined in place, used throughout the provider and tests
 const (
+	adminRoleTargets       = "okta_admin_role_targets"
 	appAutoLogin           = "okta_app_auto_login"
 	appBookmark            = "okta_app_bookmark"
 	appBasicAuth           = "okta_app_basic_auth"
@@ -158,6 +159,7 @@ func Provider() *schema.Provider {
 			},
 		},
 		ResourcesMap: map[string]*schema.Resource{
+			adminRoleTargets:       resourceAdminRoleTargets(),
 			appAutoLogin:           resourceAppAutoLogin(),
 			appBookmark:            resourceAppBookmark(),
 			appBasicAuth:           resourceAppBasicAuth(),