We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1.5.7
4.2.0
1.16.1
A identity_oidc_role would be created
Terraform fails to create a role with an e-mail as a name.
│ Error: error writing IdentityOidcRole identity/oidc/role/group@example.com: Error making API request. │ │ URL: PUT http://localhost:8200/v1/identity/oidc/role/group@example.com │ Code: 404. Errors: │ │ * 1 error occurred: │ * unsupported path
### Terraform Configuration Files ```hcl resource "vault_identity_oidc_key" "this" { name = "xxx-oidc-key" algorithm = "RS256" } resource "vault_identity_oidc_role" "this" { name = "group@example.com" key = vault_identity_oidc_key.this.name }
No response
My groups get fetched by GCP + Google Workspace, which has the email as an identifier.
It seems like the role name is directly mapped 1:1, which causes this: https://github.com/hashicorp/terraform-provider-vault/blob/main/vault/resource_identity_oidc_role.go#L81
However it works with the CLI:
vault write identity/group name="group@example.com" type="external" \ policies="role-admin" \ metadata=responsibility="Admin Group"
This would be represented as:
$ vault write -output-curl-string identity/group name="group@example.com" type="external" \ policies="role-admin" \ metadata=responsibility="Admin Group" # Respective CURL $ curl -X PUT -H "X-Vault-Request: true" \ -H "X-Vault-Token: $(vault print token)" \ -d '{"metadata":"responsibility=Admin Group","name":"group@example.com","policies":"role- admin","type":"external"}' \ http://localhost:8200/v1/identity/group
No
The text was updated successfully, but these errors were encountered:
@Moep90 Hello, the Vault CLI command you are using is creating an identity group which would map to the Providers vault_identity_group resource
Sorry, something went wrong.
No branches or pull requests
Terraform Core Version
1.5.7
Terraform Vault Provider Version
4.2.0
Vault Server Version
1.16.1
Affected Resource(s)
Expected Behavior
A identity_oidc_role would be created
Actual Behavior
Terraform fails to create a role with an e-mail as a name.
Relevant Error/Panic Output Snippet
Steps to Reproduce
Debug Output
No response
Panic Output
No response
Important Factoids
My groups get fetched by GCP + Google Workspace, which has the email as an identifier.
It seems like the role name is directly mapped 1:1, which causes this:
https://github.com/hashicorp/terraform-provider-vault/blob/main/vault/resource_identity_oidc_role.go#L81
However it works with the CLI:
This would be represented as:
References
No response
Would you like to implement a fix?
No
The text was updated successfully, but these errors were encountered: