Giters

DeviaVir / terraform-provider-gsuite

A @HashiCorp Terraform provider for managing G Suite resources.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Data source gsuite_user_attributes produces extraneous diffs on update

izeau opened this issue · comments

commented

Hi! Thanks for your provider, it’s a piece of art!

I’ve tried playing with custom attributes but had to walk away from the gsuite_user_attributes data source because the generated JSON was causing diffs even though the schema didn’t change. I think that’s because the Directory API supports different input formats but has only one output.

In order to use multiValued attributes (such as the multiValued strings below) I had to set children as objects with type and value attributes instead of just a simple value. This is explained in the docs. Otherwise it works on creation but tries to remove the type on update. It would be nice if we could specify the type.

Note that I also had to force SessionDuration – an INT64 attribute – to a string.

# Works only on creation, causes a diff everytime afterwards
data "gsuite_user_attributes" "aws_administrator" {
  integer {
    name = "SessionDuration"
    value = aws_iam_role.administrator.max_session_duration
  }

  strings {
    name = "Role"
    value = ["${aws_iam_role.administrator.arn},${var.saml_provider_arn}"]
  }
}

# Works everytime
locals {
  aws_administrator = jsonencode({
    SessionDuration = tostring(aws_iam_role.administrator.max_session_duration)

    Role = [{
      type  = "other"
      value = "${aws_iam_role.administrator.arn},${var.saml_provider_arn}"
    }]
  })
}