Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

okta_policy_rule_signon in 4.8.1 requires both risk_level and risc_level to be specified #1977

Open
MichalMMac opened this issue Apr 22, 2024 · 1 comment
Open

okta_policy_rule_signon in 4.8.1 requires both risk_level and risc_level to be specified #1977

MichalMMac opened this issue Apr 22, 2024 · 1 comment
Labels
bug triaged Triaged into internal Jira

Comments

@MichalMMac
Copy link

MichalMMac commented Apr 22, 2024
edited
Loading

I am sorry for not following your issue template but to do so I would need to spend an extra hour or two on this bug report so this is as good as it gets.

This huge da00dbc commit (Merged in #1954) which is part of 4.8.1 release introduced attribute specification change to okta_policy_rule_signon in okta/resource_okta_policy_rule_sign_on.go file.

I think the intention is for risk_level attribute to replace risc_level. However I have not seen this in release notes so I wonder if this is an intended change.

Side effect of this change is that both risk_level and risc_level need to be specified for non-default value to apply. When only one of the attributes is specified, provider wants to change the desired value to the default one - "ANY"

Here are the examples ->

4.8.1 only risc_level specified

Resource definition:

resource "okta_policy_rule_signon" "users_high-risk" {
  ...
  risc_level         = "HIGH"
  ...
}

terraform plan output:

  ~ resource "okta_policy_rule_signon" "users_high-risk" {
      ~ risk_level          = "HIGH" -> "ANY"
    }
    
Warning: Argument is deprecated

  with okta_policy_rule_signon.users_high-risk,
  on policy_global_session.tf line 301, in resource "okta_policy_rule_signon" "users_high-risk":
 301:   risc_level         = "HIGH"

Attribute typo, switch to risk_level instead. Default: `ANY`

Result: I get deprecation warning + undesired attribute value change

4.8.1 only risk_level specified

Resource definition:

resource "okta_policy_rule_signon" "users_high-risk" {
  ...
  risk_level         = "HIGH"
  ...
}

terraform plan output:

  ~ resource "okta_policy_rule_signon" "users_high-risk" {
  ...
       ~ risc_level          = "HIGH" -> "ANY"
  ...
    }

Result: Undesired attribute value change

4.8.1 both risk_level and risc_level specified

Resource definition:

resource "okta_policy_rule_signon" "users_high-risk" {
  ...
  risk_level         = "HIGH"
  risc_level         = "HIGH"
  ...
}

terraform plan output:

Warning: Argument is deprecated

  with okta_policy_rule_signon.users_high-risk,
  on policy_global_session.tf line 302, in resource "okta_policy_rule_signon" "users_high-risk":
 302:   risc_level         = "HIGH"

Attribute typo, switch to risk_level instead. Default: `ANY`

Result: I get deprecation warning

Terraform Version

Provider version 4.8.1

Affected Resource(s)

  • okta_policy_rule_signon
@MichalMMac MichalMMac changed the title okta_policy_rule_signon in 4.8.1 requires both risk_level and risc_level to be specified okta_policy_rule_signon in 4.8.1 requires both risk_level and risc_level to be specified Apr 22, 2024
@duytiennguyen-okta duytiennguyen-okta added bug triaged Triaged into internal Jira labels Apr 23, 2024
@duytiennguyen-okta
Copy link
Contributor

OKTA internal reference https://oktainc.atlassian.net/browse/OKTA-722279

@monde monde mentioned this issue Apr 23, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug triaged Triaged into internal Jira
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MichalMMac @duytiennguyen-okta