Unofficial Terraform Provider for Zscaler Private Access

Overview

Build Status

Terraform Provider for ☁️ Zscaler Private Access ☁️

⚠️ Attention: This provider is not affiliated with, nor supported by Zscaler in any way.

Requirements

  • Install Terraform 0.12.x/0.13.x/0.14.x/0.15.x (0.11.x or lower is incompatible)
  • Install Go 1.16+ (This will be used to build the provider plugin.)
  • Create a directory, go, follow this doc to edit ~/.bash_profile to setup the GOPATH environment variable)

Building The Provider (Terraform v0.12+)

Clone repository to: $GOPATH/src/github.com/willguibr/terraform-provider-zpa

$ mkdir -p $GOPATH/src/github.com/terraform-providers
$ cd $GOPATH/src/github.com/terraform-providers
$ git clone https://github.com/willguibr/terraform-provider-zpa.git

To clone on windows

mkdir %GOPATH%\src\github.com\terraform-providers
cd %GOPATH%\src\github.com\terraform-providers
git clone https://github.com/willguibr/terraform-provider-zpa.git

Enter the provider directory and build the provider

$ cd $GOPATH/src/github.com/terraform-providers/terraform-provider-zpa
$ make fmt
$ make build

To build on Windows

cd %GOPATH%\src\github.com\terraform-providers\terraform-provider-zpa
go fmt
go install

Building The Provider (Terraform v0.13+)

MacOS / Linux

Run the following command:

$ make build13

Windows

Run the following commands for cmd:

cd %GOPATH%\src\github.com\terraform-providers\terraform-provider-zpa
go fmt
go install
xcopy "%GOPATH%\bin\terraform-provider-zpa.exe" "%APPDATA%\terraform.d\plugins\zscaler.com\zpa\zpa\1.0.0\windows_amd64\" /Y

Run the following commands if using powershell:

cd "$env:GOPATH\src\github.com\willguibr\terraform-provider-zpa"
go fmt
go install
xcopy "$env:GOPATH\bin\terraform-provider-zpa.exe" "$env:APPDATA\terraform.d\plugins\zscaler.com\zpa\zpa\1.0.0\windows_amd64\" /Y

Note: For contributions created from forks, the repository should still be cloned under the $GOPATH/src/github.com/terraform-providers/terraform-provider-zpa directory to allow the provided make commands to properly run, build, and test this project.

Using Zscaler Private Access Provider (Terraform v0.12+)

Activate the provider by adding the following to ~/.terraformrc on Linux/Unix.

providers {
  "zpa" = "$GOPATH/bin/terraform-provider-zpa"
}

For Windows, the file should be at '%APPDATA%\terraform.rc'. Do not change $GOPATH to %GOPATH%.

In Windows, for terraform 0.11.8 and lower use the above text.

In Windows, for terraform 0.11.9 and higher use the following at '%APPDATA%\terraform.rc'

providers {
  "zpa" = "$GOPATH/bin/terraform-provider-zpa.exe"
}

If the rc file is not present, it should be created

Using Zscaler Private Access Provider (Terraform v0.13+)

For Terraform v0.13+, to use a locally built version of a provider you must add the following snippet to every module that you want to use the provider in.

terraform {
  required_providers {
    zpa = {
      source  = "zscaler.com/zpa/zpa"
      version = "1.0.0"
    }
  }
}

Examples

Visit here for the complete documentation for all resources on github.

Issues

Please feel free to open an issue using Github Issues if you run into any problems using this ZPA Terraform provider.

Developing the Provider

If you wish to work on the provider, you'll first need Go installed on your machine (version 1.16+ is required). You'll also need to correctly setup a GOPATH, as well as adding $GOPATH/bin to your $PATH.

To compile the provider, run make build. This will build the provider and put the provider binary in the $GOPATH/bin directory.

$ make build
...
$ $GOPATH/bin/terraform-provider-zpa
...

In order to test the provider, you can simply run make test.

$ make test

In order to run the full suite of Acceptance tests, run make testacc.

Note: Acceptance tests create real resources, and often cost money to run.

$ make testacc

License

MIT License

Copyright (c) 2021 William Guilherme

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Comments
  • Publish to Terraform Registry

    Publish to Terraform Registry

    Community Note

    • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
    • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
    • If you are interested in working on this issue or have submitted a pull request, please leave a comment

    Description

    Please consider publishing this provider to the official Terraform Registry. While I understand that this provider is unofficial in nature, it's a perfect example of a community provider and it would make consumption of the provider in Terraform Cloud and Enterprise much more feasable.

    type/enhancement stale area/backend 
    opened by trjstewart 15
  • Access Policy Rule order issue

    Access Policy Rule order issue

    ################################################################################# resource "zpa_policy_access_rule" "TEST_access_policy" { name = "TEST CR" description = "" rule_order = "1" priority = "17" policy_type = "1" action = "ALLOW" operator = "AND" policy_set_id = data.zpa_policy_type.access_policy.id app_connector_groups { id = [zpa_app_connector_group.aws_use1.id ] } app_server_groups { id = [zpa_server_group.common_server_group.id] } conditions { negated = false operator = "OR" operands { object_type = "APP" lhs = "id" rhs = zpa_application_segment.Test_CR.id name = "Test for CR" } operands { object_type = "APP_GROUP" lhs = "id" rhs = zpa_segment_group.CR_segment_grp.id name = "CR segment grp" } } depends_on = [ zpa_application_segment.Test_CR, zpa_segment_group.CR_segment_grp, data.zpa_policy_type.access_policy ] }

    ################################################################################# resource "zpa_policy_access_rule" "CM_App_Segment_access_policy" { name = "CM Access" description = "CM access policy" rule_order = "3" priority = "32" policy_type = "1" action = "ALLOW" operator = "AND" policy_set_id = data.zpa_policy_type.access_policy.id

    conditions { negated = false operator = "OR" operands { object_type = "APP" lhs = "id" rhs = zpa_application_segment.CM_App_Segment.id name = "CM App Segment" } operands { object_type = "APP_GROUP" lhs = "id" rhs = zpa_segment_group.cm_segment_grp.id name = "CM Segment Grp" } } depends_on = [ zpa_application_segment.CM_App_Segment, zpa_segment_group.cm_segment_grp, data.zpa_policy_type.access_policy ] }

    ################################################################################# resource "zpa_policy_access_rule" "Gg-Access-Policy" { name = "Gg-Access-Policy" description = "" rule_order = "4" priority = "43" policy_type = "1" action = "ALLOW" operator = "AND" policy_set_id = data.zpa_policy_type.access_policy.id

    conditions { negated = false operator = "OR" operands { object_type = "APP" lhs = "id" rhs = zpa_application_segment.Gg_Auth_App_Seg.id name = "Gg_App_Seg" } operands { object_type = "APP_GROUP" lhs = "id" rhs = zpa_segment_group.gg_seg_grp.id name = "Gg Seg Grp" } } depends_on = [ zpa_application_segment.Gg_Auth_App_Seg, zpa_segment_group.gg_seg_grp, data.zpa_policy_type.access_policy ] }

    type/bug 
    opened by ashim-shrestha2020 12
  • Error building provider

    Error building provider

    Hi Will,

    Thank you for creating the terraform for ZPA. Unfortunately I am getting below error on Windows and Mac

    Windows

    C:\go\src\github.com\terraform-providers\terraform-provider-zpa>go install
    vendor\github.com\hashicorp\terraform-plugin-sdk\v2\plugin\serve.go:11:2: cannot find package "." in:
            C:\go\src\github.com\terraform-providers\terraform-provider-zpa\vendor\github.com\hashicorp\terraform-plugin-go\tfprotov5\tf5server
    vendor\github.com\hashicorp\terraform-plugin-sdk\v2\plugin\serve.go:13:2: cannot find package "." in:
            C:\go\src\github.com\terraform-providers\terraform-provider-zpa\vendor\github.com\hashicorp\terraform-plugin-go\tfprotov6\tf6server
    

    Mac

    make build13
    ==> Checking that code complies with gofmt requirements...
    ==> Installing plugin to /Users/username/.terraform.d/plugins/zscaler.com/zpa/zpa/1.0.0/darwin_amd64
    go build -o /Users/username/.terraform.d/plugins/zscaler.com/zpa/zpa/1.0.0/darwin_amd64/terraform-provider-zpa_v1.0.0
    vendor/github.com/hashicorp/terraform-plugin-sdk/v2/plugin/serve.go:11:2: cannot find package "." in:
            /Users/username/Desktop/security/go/src/github.com/terraform-providers/terraform-provider-zpa/vendor/github.com/hashicorp/terraform-plugin-go/tfpro
    tov5/tf5server
    vendor/github.com/hashicorp/terraform-plugin-sdk/v2/plugin/serve.go:13:2: cannot find package "." in:
            /Users/username/Desktop/security/go/src/github.com/terraform-providers/terraform-provider-zpa/vendor/github.com/hashicorp/terraform-plugin-go/tfpro
    tov6/tf6server
    make: *** [build13] Error 1
    
    go version
    go version go1.17.2 darwin/amd64
    
    terraform version
    Terraform v0.14.5
    

    Can you please suggest what might be wrong here?

    type/bug help wanted 
    opened by tiwari3010 10
  • zpa_provisioning_key datasource acting like a resource

    zpa_provisioning_key datasource acting like a resource

    Community Note

    • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
    • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
    • If you are interested in working on this issue or have submitted a pull request, please leave a comment

    Terraform Version

    Terraform v0.13.5

    • provider zscaler.com/zpa/zpa v2.0.2

    Affected Resource(s)

    • zpa_provisioning_key

    Terraform Configuration Files

    data "zpa_provisioning_key" "demo" {
      name = "redacted"
    }
    
    output "zpa_provisioning_key" {
      value = data.zpa_provisioning_key.demo
    }
    
    

    Expected Behavior

    Dumping the data on the existing key called redacted.

    Actual Behavior

    terraform apply                                                                                      
    
    Error: Missing required argument
    
      on test.tf line 1, in data "zpa_provisioning_key" "demo":
       1: data "zpa_provisioning_key" "demo" {
    
    The argument "association_type" is required, but no definition was found.
    
    

    Steps to Reproduce

    1. terraform apply

    Important Factoids

    Note that the docs for the datasource do list a bunch of arguments, all of which are marked required, which doesn't make sense since if I knew all that already I wouldn't technically need to know the data source. That reads much more like the inputs to a resource wanting to be created.

    The terraform form is copied almost literally from the example.

    documentation 
    opened by ronjarrell 7
  • Fix app_connector_groups id ordering

    Fix app_connector_groups id ordering

    Description

    Update app_connector_groups to expect unordered set of IDs from Zscaler API.

    Motivation and Context

    • When multiple IDs are specified for an app_connector_groups block, the API doesn't maintain the order, resulting in false Updates on subsequent plans when the order returned by the API doesn't match that specified in the Terraform module.

    How Has This Been Tested?

    Tested using local terraform module which previously reported change on every plan.

    Types of changes

    • Bug fix (non-breaking change which fixes an issue)

    Checklist

    • [X] I have updated the documentation accordingly.
    • [X] I have read the CONTRIBUTING document.
    • [X] I have added tests to cover my changes if appropriate.
    • [X] All new and existing tests passed.
    type/bug 
    opened by isometry 6
  • Adding multiple app segment or segment group or user groups in access policy

    Adding multiple app segment or segment group or user groups in access policy

    Hi, I am running into an issue where I am adding 2 or more app segments or segment groups or user groups in access policy and its throwing error:

    module.prod_zscaler_access_policy.zpa_policy_access_rule.zpa_policy_access_rule: Modifying... [id=216196279879860685]
    
    Error: couldn't validate the zpa policy rule (us_cai_example_access_policy) operands, please make sure you are using valid inputs for APP type, LHS & RHS
    
      on ../module/access_policy.tf line 1, in resource "zpa_policy_access_rule" "zpa_policy_access_rule":
       1: resource "zpa_policy_access_rule" "zpa_policy_access_rule" {
    

    below the terrafrom snippet for adding the access policy:

    conditions {
      negated  = false
      operator = "OR"
      operands {
        object_type = "APP"
        lhs         = "id"
        # rhs         = element(tolist(data.zpa_application_segment.zpa_application_segment[*].id), 0)
        rhs = join(", ",data.zpa_application_segment.zpa_application_segment[*].id)
      }
      operands {
        object_type = "APP_GROUP"
        lhs         = "id"
        # rhs         = element(tolist(data.zpa_segment_group.zpa_segment_group[*].id), 0)
        rhs = join(", ",data.zpa_segment_group.zpa_segment_group[*].id)
        # rhs         = "216196279879860375, 216196279879860393"
      }
    }
    
    conditions {
      negated  = false
      operator = "OR"
      operands {
        object_type = "SCIM_GROUP"
        lhs         = element(tolist(data.zpa_idp_controller.idp_name[*].id), 0)
      #   rhs         = element(tolist(data.zpa_scim_groups.zpa_scim_groups[*].id), 0)
     #  rhs = join(", ",data.zpa_scim_groups.zpa_scim_groups[*].id)
        rhs         = "188394, 188393"
      }
    }
    

    Below is the terraform log:

    -----------------------------------------------------: timestamp=2022-01-18T10:00:54.261-0500
    2022-01-18T10:00:54.261-0500 [WARN]  plugin.terraform-provider-zpa_v1.0.0: when operand object type is APP RHS must be "application segment ID", value is "216196279879860377, 216196279879860487", FAILED: GET, https://config.private.zscaler.com/mgmtconfig/v1/admin/customers/216196279879860224/application/216196279879860377,%20216196279879860487, 404, 404 Not Found, {
      "exception" : "404 NOT_FOUND",
      "id" : "NOT_FOUND"
    }: timestamp=2022-01-18T10:00:54.261-0500
    2022-01-18T10:00:54.261-0500 [TRACE] plugin.terraform-provider-zpa_v1.0.0: Called downstream: @caller=/Users/vikas.tiwari/Desktop/zpaterraform/go/src/github.com/terraform-providers/terraform-provider-zpa/vendor/github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server/server.go:608 @module=sdk.proto tf_req_id=51853d1c-0205-a27b-a023-da8ffcaf16c9 tf_resource_type=zpa_policy_access_rule tf_rpc=ApplyResourceChange tf_proto_version=5 tf_provider_addr=provider timestamp=2022-01-18T10:00:54.261-0500
    

    Adding the items individually works which indicates that the components ID passed are correct.

    Terraform and provider version:

    terraform -v
    Terraform v0.14.5
    + provider zscaler.com/zpa/zpa v1.0.0
    
    type/enhancement 
    opened by tiwari3010 5
  • terraform-provider plugin crashed!

    terraform-provider plugin crashed!

    HI @willguibr

    recently im getting the below error at least one time in a day

    Error: The terraform-provider-zpa_v2.0.3 plugin crashed!

    Can you please assist?

    question 
    opened by bathenb 5
  • ZPA Posture Check Plan Error

    ZPA Posture Check Plan Error

    https://github.com/zscaler/terraform-provider-zpa/blob/3003d535f246fbbb87427287471b2de20134279f/examples/zpa_policy_access_rule/zpa_policy_access_rule_CrowdStrike.tf#L12-L16

    Does this still work? When I try and create an access rule with a posture check, I get a syntax error.

    Here is the an example of the code:

    #Create Policy Access Rule
    resource "zpa_policy_access_rule" "this" {
      name          = "My Access Rule"
      description   = ""
      action        = "ALLOW"
      operator      = "AND"
      policy_set_id = data.zpa_policy_type.access_policy.id
    
      conditions {
        negated  = false
        operator = "OR"
        operands {
          object_type = "APP"
          lhs         = "id"
          rhs         = zpa_application_segment.this.id
        }
      }
      conditions {
        negated  = false
        operator = "OR"
        operands {
          object_type = "POSTURE"
          lhs         = data.zpa_posture_profile.domain_joined.posture_udid
          rhs         = false
        }
      }
    }
    
    # Get Global Access Policy ID
    data "zpa_policy_type" "access_policy" {
      policy_type = "ACCESS_POLICY"
    }
    
    data "zpa_posture_profile" "domain_joined" {
      name = "Domain Joined - myDomain"
    }
    

    When I go to run a terraform plan, it complains:

    │ Error: FAILED: GET, https://config.private.zscaler.com/mgmtconfig/v2/admin/customers/#######/posture?pagesize=500&search=Domain+Joined+-+myDomain, 400, 400 Bad Request, { │ "params" : [ "Joined" ], │ "id" : "filtering.input.invalid.operand", │ "reason" : "Invalid operand:Joined in Filtering criteria." │ } │ │ with data.zpa_posture_profile.domain_joined, │ on access.tf line 54, in data "zpa_posture_profile" "domain_joined": │ 54: data "zpa_posture_profile" "domain_joined" {

    Also, I feel like the examples and descriptions on the terraform provider are pretty generic. When I look at the access rule, I see that POSTURE is an object_type, but then there is no additional information on what the lhs and rhs values should be. There are a few examples of the different criteria you can choose. It would be cool if there was a posture check example listed here too.

    https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_policy_access_rule

    opened by watnenatePFG 4
  • zpa provider-->zpa_posture_profile conditions issue in zpa_policy_access_rule

    zpa provider-->zpa_posture_profile conditions issue in zpa_policy_access_rule

    Terraform Version ╭─ ~ ▓▒░ ░▒▓ ✔ ─╮ ╰─ terraform -v ─╯ Terraform v1.1.3 on ubuntu

    Affected Resource(s) zpa_policy_access_rule Terraform Configuration Files

    terraform { required_providers { zpa = { source = "zscaler/zpa" version = "2.3.0" } } }

    Hello, I am using below condition expression in zpa_policy_access_rule

    conditions { negated = false operator = "OR" operands { object_type = "POSTURE" lhs = data.zpa_posture_profile.posture_profile1.name #(I tried id and udid as well instead of name) rhs = "VERIFIED" } }

    AND data component as below. data "zpa_posture_profile" "posture_profile1" { name = var.posture_profile1 }

    But seems operands are not correct and I am getting below error on apply.Please note that plan is working fine. Error: couldn't validate the zpa policy rule (rule-test) operands, please make sure you are using valid inputs for APP type, LHS & RHS.

    So do anybody knows what are the operand values we have to use for POSTURE object_type as no document is given for this. image

    help wanted 
    opened by abhi-upwork 4
  • Code is Crashing on version 2.3.1

    Code is Crashing on version 2.3.1

    Hi William,

    Hope you are doing well!

    We tried to use the 2.3.1 version of terraform and now it is crashing. Please find the error below. Kindly advise

    Stack trace from the terraform-provider-zpa_v2.3.1 plugin:

    panic: interface conversion: error is *errors.errorString, not *zpa.ErrorResponse

    goroutine 54 [running]: github.com/zscaler/terraform-provider-zpa/zpa.resourceAppConnectorGroupRead(0xc000290480, {0xb6b5e0?, 0xc000406b60}) github.com/zscaler/terraform-provider-zpa/zpa/resource_zpa_app_connector_group.go:167 +0x589 github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).read(0xdce5d8?, {0xdce5d8?, 0xc00028e8d0?}, 0xd?, {0xb6b5e0?, 0xc000406b60?}) github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:712 +0x178 github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).RefreshWithoutUpgrade(0xc00021c700, {0xdce5d8, 0xc00028e8d0}, 0xc000404dd0, {0xb6b5e0, 0xc000406b60}) github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:1015 +0x585 github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadResource(0xc0002098d8, {0xdce5d8?, 0xc00028e7b0?}, 0xc000211680) github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:613 +0x497 github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0xc00026cfa0, {0xdce5d8?, 0xc00028e1e0?}, 0xc0002005a0) github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:748 +0x49e github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0xc6dcc0?, 0xc00026cfa0}, {0xdce5d8, 0xc00028e1e0}, 0xc0002348c0, 0x0) github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:349 +0x170 google.golang.org/grpc.(*Server).processUnaryRPC(0xc00036a000, {0xdd1048, 0xc00040d1e0}, 0xc00024b200, 0xc000391a40, 0x126d4b0, 0x0) google.golang.org/[email protected]/server.go:1295 +0xb0b google.golang.org/grpc.(*Server).handleStream(0xc00036a000, {0xdd1048, 0xc00040d1e0}, 0xc00024b200, 0x0) google.golang.org/[email protected]/server.go:1636 +0xa1b google.golang.org/grpc.(*Server).serveStreams.func1.2() google.golang.org/[email protected]/server.go:932 +0x98 created by google.golang.org/grpc.(*Server).serveStreams.func1 google.golang.org/[email protected]/server.go:930 +0x28a

    Error: The terraform-provider-zpa_v2.3.1 plugin crashed!

    This is always indicative of a bug within the plugin. It would be immensely helpful if you could report the crash with the plugin's maintainers so that it can be fixed. The output above should help diagnose the issue.

    ====================================================

    Error: Request cancelled with zpa_segment_group.file_share_seg_grp on segment_group.tf line 107, in resource "zpa_segment_group" "file_share_seg_grp": resource "zpa_segment_group" "file_share_seg_grp" { The plugin.(*GRPCProvider).UpgradeResourceState request was cancelled.

    ======================================================

    Thank you.

    crash 
    opened by Mayur-Movaliya 4
  • Fails authentication

    Fails authentication

    Community Note

    • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
    • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
    • If you are interested in working on this issue or have submitted a pull request, please leave a comment

    Terraform Version

    Terraform v0.13.5 provider zscaler.com/zpa/zpa v2.0.2

    Affected Resource(s)

    • zpa_app_connector_group
    • zpa_enrollment_cert

    Terraform Configuration Files

    resource "zpa_app_connector_group" "test-connector-group" {
      name                     = "test-connector-group"
      description              = "testing api"
      enabled                  = true
      city_country             = "Singapore"
      latitude                 = "1.352083"
      longitude                = "103.819836"
      country_code             = "SG"
      location                 = "Singapore"
      upgrade_day              = "SUNDAY"
      upgrade_time_in_secs     = "66600"
      override_version_profile = false
      dns_query_type           = "IPV4"
    }
    

    Also separately did a run with just this (right out of the examples)

    data "zpa_enrollment_cert" "connector" {
     name = "Connector"
    }
    

    Debug Output

    Link to gist

    Can provide the rest of the log, but really, only the http transaction to zscaler seems relevant, since it doesn't refer to anything else in the tf file.

    Expected Behavior

    Either created something, or loaded up the data source into state

    Actual Behavior

    Tells me I failed to login. Verified the client credentials work on the zscaler api portal.

    Steps to Reproduce

    1. terraform apply
    type/bug 
    opened by ronjarrell 4
  • some scim groups can't be found

    some scim groups can't be found

    First thanks for the development of this provider! It will improve the management of our resources a lot :)

    Community Note

    • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
    • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
    • If you are interested in working on this issue or have submitted a pull request, please leave a comment

    Terraform Version

    Terraform v1.3.5
    on windows_386
    + provider registry.terraform.io/zscaler/zpa v2.5.0
    

    Affected Resource(s)

    • data "zpa_scim_groups"

    Terraform Configuration Files

    main.tf

    terraform {
        required_providers {
            zpa = {
                source = "zscaler/zpa"
                version = "2.5.0"
            }
        }
    }
    
    provider "zpa" {
        zpa_client_id = "xxxxxxxxxxxx"
        zpa_client_secret = "xxxxxxxxxxxxxxx"
        zpa_customer_id = "xxxxxxxxxx"
    }
    
    data "zpa_idp_controller" "idp_name" {
        name = "Azure Active Directory for Users"
    }
    
    data "zpa_scim_groups" "aad_group" {
        name = "AAD Zscaler External elastic.xxxx.com TCP 5005"
        idp_name = data.zpa_idp_controller.idp_name.name
    }
    

    Debug Output

    2022-12-01T09:48:40.028+0100 [INFO]  Terraform version: 1.3.5
    2022-12-01T09:48:40.029+0100 [DEBUG] using github.com/hashicorp/go-tfe v1.9.0
    2022-12-01T09:48:40.029+0100 [DEBUG] using github.com/hashicorp/hcl/v2 v2.15.0
    2022-12-01T09:48:40.030+0100 [DEBUG] using github.com/hashicorp/terraform-config-inspect v0.0.0-20210209133302-4fd17a0faac2
    2022-12-01T09:48:40.030+0100 [DEBUG] using github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734
    2022-12-01T09:48:40.030+0100 [DEBUG] using github.com/zclconf/go-cty v1.12.1
    2022-12-01T09:48:40.030+0100 [INFO]  Go runtime version: go1.19.3
    2022-12-01T09:48:40.030+0100 [INFO]  CLI args: []string{"C:\\Users\\xxxxxxxxxxx\\Dokumente\\0_test\\terraform_1.1.6_windows_amd64\\terraform.exe", "plan"}
    2022-12-01T09:48:40.036+0100 [DEBUG] Attempting to open CLI config file: C:\Users\xxxxxxx\AppData\Roaming\terraform.rc
    2022-12-01T09:48:40.037+0100 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
    2022-12-01T09:48:40.037+0100 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
    2022-12-01T09:48:40.038+0100 [DEBUG] ignoring non-existing provider search directory C:\Users\xxxxx\AppData\Roaming\terraform.d\plugins
    2022-12-01T09:48:40.040+0100 [DEBUG] ignoring non-existing provider search directory C:\Users\xxxxxx\AppData\Roaming\HashiCorp\Terraform\plugins
    2022-12-01T09:48:40.041+0100 [INFO]  CLI command args: []string{"plan"}
    2022-12-01T09:48:40.042+0100 [DEBUG] New state was assigned lineage "f4976fea-f521-127b-221a-2859c7be5261"
    2022-12-01T09:48:40.123+0100 [DEBUG] checking for provisioner in "."
    2022-12-01T09:48:40.123+0100 [DEBUG] checking for provisioner in "C:\\Users\\xxxxxxxxxx\\OneDrive - xxxxxxxxxx\\Dokumente\\0_test\\terraform_1.1.6_windows_amd64"
    2022-12-01T09:48:40.125+0100 [INFO]  backend/local: starting Plan operation
    2022-12-01T09:48:40.154+0100 [DEBUG] created provider logger: level=debug
    2022-12-01T09:48:40.155+0100 [INFO]  provider: configuring client automatic mTLS
    2022-12-01T09:48:40.274+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe args=[.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe]
    2022-12-01T09:48:40.614+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe pid=9776
    2022-12-01T09:48:40.614+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe
    2022-12-01T09:48:40.642+0100 [INFO]  provider.terraform-provider-zpa_v2.5.0.exe: configuring server automatic mTLS: timestamp=2022-12-01T09:48:40.640+0100
    2022-12-01T09:48:40.765+0100 [DEBUG] provider: using plugin: version=5
    2022-12-01T09:48:40.766+0100 [DEBUG] provider.terraform-provider-zpa_v2.5.0.exe: plugin address: address=127.0.0.1:10000 network=tcp timestamp=2022-12-01T09:48:40.765+0100
    2022-12-01T09:48:40.858+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
    2022-12-01T09:48:40.874+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe pid=9776
    2022-12-01T09:48:40.874+0100 [DEBUG] provider: plugin exited
    2022-12-01T09:48:40.875+0100 [DEBUG] Building and walking validate graph
    2022-12-01T09:48:40.875+0100 [DEBUG] ProviderTransformer: "data.zpa_idp_controller.idp_name" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/zscaler/zpa"]
    2022-12-01T09:48:40.876+0100 [DEBUG] ProviderTransformer: "data.zpa_scim_groups.aad_group" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/zscaler/zpa"]
    2022-12-01T09:48:40.876+0100 [DEBUG] ReferenceTransformer: "data.zpa_idp_controller.idp_name" references: []
    2022-12-01T09:48:40.877+0100 [DEBUG] ReferenceTransformer: "data.zpa_scim_groups.aad_group" references: [data.zpa_idp_controller.idp_name]
    2022-12-01T09:48:40.877+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/zscaler/zpa\"]" references: []
    2022-12-01T09:48:40.877+0100 [DEBUG] Starting graph walk: walkValidate
    2022-12-01T09:48:40.878+0100 [DEBUG] created provider logger: level=debug
    2022-12-01T09:48:40.878+0100 [INFO]  provider: configuring client automatic mTLS
    2022-12-01T09:48:40.924+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe args=[.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe]
    2022-12-01T09:48:40.931+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe pid=2120
    2022-12-01T09:48:40.931+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe
    2022-12-01T09:48:40.963+0100 [INFO]  provider.terraform-provider-zpa_v2.5.0.exe: configuring server automatic mTLS: timestamp=2022-12-01T09:48:40.962+0100
    2022-12-01T09:48:41.089+0100 [DEBUG] provider: using plugin: version=5
    2022-12-01T09:48:41.089+0100 [DEBUG] provider.terraform-provider-zpa_v2.5.0.exe: plugin address: address=127.0.0.1:10000 network=tcp timestamp=2022-12-01T09:48:41.089+0100
    2022-12-01T09:48:41.179+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
    2022-12-01T09:48:41.198+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe pid=2120
    2022-12-01T09:48:41.198+0100 [DEBUG] provider: plugin exited
    2022-12-01T09:48:41.199+0100 [INFO]  backend/local: plan calling Plan
    2022-12-01T09:48:41.199+0100 [DEBUG] Building and walking plan graph for NormalMode
    2022-12-01T09:48:41.199+0100 [DEBUG] ProviderTransformer: "data.zpa_scim_groups.aad_group (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/zscaler/zpa"]
    2022-12-01T09:48:41.199+0100 [DEBUG] ProviderTransformer: "data.zpa_idp_controller.idp_name (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/zscaler/zpa"]
    2022-12-01T09:48:41.199+0100 [DEBUG] ReferenceTransformer: "data.zpa_scim_groups.aad_group (expand)" references: [data.zpa_idp_controller.idp_name (expand)]
    2022-12-01T09:48:41.200+0100 [DEBUG] ReferenceTransformer: "data.zpa_idp_controller.idp_name (expand)" references: []
    2022-12-01T09:48:41.200+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/zscaler/zpa\"]" references: []
    2022-12-01T09:48:41.200+0100 [DEBUG] Starting graph walk: walkPlan
    2022-12-01T09:48:41.201+0100 [DEBUG] created provider logger: level=debug
    2022-12-01T09:48:41.201+0100 [INFO]  provider: configuring client automatic mTLS
    2022-12-01T09:48:41.248+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe args=[.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe]
    2022-12-01T09:48:41.259+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe pid=10644
    2022-12-01T09:48:41.259+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe
    2022-12-01T09:48:41.286+0100 [INFO]  provider.terraform-provider-zpa_v2.5.0.exe: configuring server automatic mTLS: timestamp=2022-12-01T09:48:41.285+0100
    2022-12-01T09:48:41.410+0100 [DEBUG] provider: using plugin: version=5
    2022-12-01T09:48:41.411+0100 [DEBUG] provider.terraform-provider-zpa_v2.5.0.exe: plugin address: address=127.0.0.1:10000 network=tcp timestamp=2022-12-01T09:48:41.410+0100
    2022-12-01T09:48:41.494+0100 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/zscaler/zpa\"]" changed the config value, but that value is unused
    2022-12-01T09:48:41.495+0100 [INFO]  provider.terraform-provider-zpa_v2.5.0.exe: Initializing ZPA client: timestamp=2022-12-01T09:48:41.495+0100
    2022-12-01T09:48:41.495+0100 [INFO]  provider.terraform-provider-zpa_v2.5.0.exe: initialized ZPA client: timestamp=2022-12-01T09:48:41.495+0100
    2022-12-01T09:48:41.495+0100 [DEBUG] Resource instance state not found for node "data.zpa_idp_controller.idp_name", instance data.zpa_idp_controller.idp_name
    2022-12-01T09:48:41.496+0100 [DEBUG] ReferenceTransformer: "data.zpa_idp_controller.idp_name" references: []
    data.zpa_idp_controller.idp_name: Reading...
    2022-12-01T09:48:41.498+0100 [INFO]  provider.terraform-provider-zpa_v2.5.0.exe: Getting data for idp controller name Azure Active Directory for Users: timestamp=2022-12-01T09:48:41.498+0100
    data.zpa_idp_controller.idp_name: Read complete after 2s [id=xxxxx]
    2022-12-01T09:48:42.886+0100 [DEBUG] Resource instance state not found for node "data.zpa_scim_groups.aad_group", instance data.zpa_scim_groups.aad_group
    2022-12-01T09:48:42.886+0100 [DEBUG] ReferenceTransformer: "data.zpa_scim_groups.aad_group" references: []
    data.zpa_scim_groups.aad_group: Reading...
    2022-12-01T09:48:43.891+0100 [ERROR] provider.terraform-provider-zpa_v2.5.0.exe: Response contains error diagnostic: diagnostic_detail= diagnostic_summary="no scim named 'AAD Zscaler External elastic.xxxxx.com TCP 5005' was found" tf_provider_addr=provider @caller=github.com/hashicorp/[email protected]/tfprotov5/internal/diag/diagnostics.go:55 @module=sdk.proto diagnostic_severity=ERROR tf_data_source_type=zpa_scim_groups tf_proto_version=5.3 tf_req_id=xxxxx tf_rpc=ReadDataSource timestamp=2022-12-01T09:48:43.891+0100
    2022-12-01T09:48:43.891+0100 [ERROR] vertex "data.zpa_scim_groups.aad_group" error: no scim named 'AAD Zscaler External elastic.xxxxx.com TCP 5005' was found
    2022-12-01T09:48:43.892+0100 [ERROR] vertex "data.zpa_scim_groups.aad_group (expand)" error: no scim named 'AAD Zscaler External elastic.xxxxx.com TCP 5005' was found
    2022-12-01T09:48:43.892+0100 [INFO]  backend/local: plan operation completed
    ╷
    │ Error: no scim named 'AAD Zscaler External elastic.xxxxx.com TCP 5005' was found
    │
    │   with data.zpa_scim_groups.aad_group,
    │   on main.tf line 20, in data "zpa_scim_groups" "aad_group":
    │   20: data "zpa_scim_groups" "aad_group" {
    │
    ╵
    2022-12-01T09:48:43.900+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
    2022-12-01T09:48:43.925+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/zscaler/zpa/2.5.0/windows_386/terraform-provider-zpa_v2.5.0.exe pid=10644
    2022-12-01T09:48:43.925+0100 [DEBUG] provider: plugin exited
    

    Expected Behavior

    The group in question can be found through the admin portal, so it has been pushed through SCIM and is present on the Zscaler side. It should be found by Terraform.

    Actual Behavior

    Some groups can't be found with Terraform, e.g.: "Error: no scim named 'AAD Zscaler External elastic.xxxxx.com TCP 5005' was found"

    Steps to Reproduce

    It seems to be pretty random which groups can't be found. Most can be found, some not. The groups which can't be found don't seem to change.

    1. terraform plan triggers the error depending on the group in question

    Important Factoids

    A lot of SCIM groups in our Zscaler tenant. (>1000)

    References

    I also used the ZPA API in combination with SCIM Groups and my own scripts and during my tests I noticed some missing groups. It seems like the paging of the API in the background is missing groups depending on the page size. Back then I wrote a python script to debug the paging and missing groups:

    import requests
    import json
    from time import sleep
    from urllib.parse import urljoin
    
    global baseurl
    global headers
    
    baseurl = "https://config.private.zscaler.com/mgmtconfig/v1/admin/customers/xxxxx/"
    
    # url = "https://config.private.zscaler.com/mgmtconfig/v1/admin/customers/xxxxx/application?page=1&pagesize=20&search="
    
    payload={}
    headers = {
            'Authorization': 'Bearer xxx',
            'content-type': 'application/json'
        }
    
    
    def get_all_scim_groups_json(pagesize = 500): 
        global headers
        all_groups_with_ids = dict()
        baseurl = "https://config.private.zscaler.com/userconfig/v1/customers/xxxxx/"
        response = requests.request("GET", urljoin(baseurl, "scimgroup/idpId/xxxxx?pagesize="+str(pagesize)), headers=headers)
        temp_json = json.loads(response.content.decode('utf-8'))
        total_pages = int(temp_json['totalPages'])
        page = 1
        pages = list()
        while page <= total_pages:
            response = requests.request("GET", urljoin(baseurl, "scimgroup/idpId/xxxxx?pagesize="+str(pagesize)+"&page="+str(page)+"&sortOrder=DESC"), headers=headers)
            temp_json = json.loads(response.content.decode('utf-8'))
            #print(temp_json)
            #print(len(temp_json["list"]))
            pages.append(temp_json["list"])
            page += 1
        #print(len(pages))
    
        for page in pages:
            #print("got: " + str(len(page)))
            for scim_group in page:
                if scim_group['name'] in  all_groups_with_ids:
                    #print(scim_group['name'])  # output duplicates
                all_groups_with_ids[scim_group['name']] = scim_group['id']
            #print("put: "+str(len(all_groups_with_ids.keys())))
            
        return all_groups_with_ids
    
    
    paging_20 = get_all_scim_groups_json(pagesize=20)
    print("20: "+str(len(paging_20)))
    paging_500 = get_all_scim_groups_json(pagesize=500)
    print("500: "+str(len(paging_500)))
    print("total in portal: 1135")
    

    It seems like depending on the pagesize more or less groups are missing. Here is the output for out tenant:

    20: 1105
    500: 1132
    total in portal: 1135
    

    Also some groups are occurring twice, if the pages are combined.

    For my own scripts I fixed it by using the search the web admin portal is also using:

    https://config.private.zscaler.com/userconfig/v1/customers/xxx/scimgroup/idpId/xxxx?pagesize=500&search="+<group to find>
    

    This works as long as the search string is only one word (no whitespace). Best way is to filter the results again for the exact groups searched.

    This has also been reported to Zscaler but it has been some time and it also got lost on my side due to the workaround with the search call. I will also ask them again if this is a known bug and if it is planned to fix this.

    I'm not sure if it's possible to include the workaround in the Terraform provider or if we need to wait for a real fix in the ZPA API?

    active 
    opened by nomisssB 4
  • Provider produced inconsistent final plan

    Provider produced inconsistent final plan

    Community Note

    • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
    • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
    • If you are interested in working on this issue or have submitted a pull request, please leave a comment

    Terraform Version

    Terraform v1.3.1
    on darwin_amd64
    + provider registry.terraform.io/hashicorp/time v0.9.1
    + provider registry.terraform.io/okta/okta v3.38.0
    + provider registry.terraform.io/zscaler/zpa v2.4.1
    

    Affected Resource(s)

    • zpa_policy_access_rule

    Terraform Configuration Files

    # Copy-paste your Terraform configurations here - for large Terraform configs,
    # please use a service like Dropbox and share a link to the ZIP file. For
    # security, you can also encrypt the files using our GPG public key: https://keybase.io/hashicorp
    
    # make an okta group
    resource "okta_group" "simple" {
      name = "Okta Group"
    }
    
    # Get Global Access Policy ID
    data "zpa_policy_type" "access_policy" {
      policy_type = "ACCESS_POLICY"
    }
    
    # Get IdP ID
    data "zpa_idp_controller" "lookup" {
      name = "Okta"
    }
    
    # sets a wait to give some time for scim to propagate from Okta to ZScaler
    resource "time_sleep" "scim_group_propagation" {
      create_duration = "60s"
      triggers = {
        okta_group_id = okta_group.simple.id
      }
    }
    
    # Get SCIM Group attribute ID
    data "zpa_scim_groups" "app" {
      name     = "Okta Group"
      idp_name = data.zpa_idp_controller.lookup.name
      depends_on = [
        resource.time_sleep.scim_group_propagation,
      ]
    }
    
    #Create Policy Access Rule
    resource "zpa_policy_access_rule" "app" {
      name          = "Access policy rule"
      action        = "ALLOW"
      operator      = "AND"
      policy_set_id = data.zpa_policy_type.access_policy.id
    
      conditions {
        negated  = false
        operator = "OR"
        operands {
          object_type = "SCIM_GROUP"
          lhs         = data.zpa_idp_controller.lookup.id
          rhs         = data.zpa_scim_groups.app.id
        }
      }
    }
    

    Debug Output

    Panic Output

    Expected Behavior

    Access policy rule to get created.

    Actual Behavior

    │ Error: Provider produced inconsistent final plan
    │ 
    │ When expanding the plan for zpa_policy_access_rule.app to include new values learned so far during apply, provider "registry.terraform.io/zscaler/zpa" produced an invalid new value for .conditions[1].operands[0].rhs: was
    │ null, but now cty.StringVal("1400448").
    │ 
    │ This is a bug in the provider, which should be reported in the provider's own issue tracker.
    

    Steps to Reproduce

    1. terraform apply

    Important Factoids

    The Okta group doesn't exist before the initial terraform apply. The job creates the Okta group, waits a bit to give the group time to propagate to ZScaler, then lookup the SCIM group ID for the access policy rule. Works fine if the group already exists.

    References

    opened by dli-spoton 0
Releases(v2.5.2)
Owner
William Guilherme
William Guilherme
The Cloud Posse Terraform Provider for various utilities (E.g. deep merging)

terraform-provider-utils Terraform provider to add additional missing functionality to Terraform This project is part of our comprehensive "SweetOps"

Cloud Posse 68 Dec 1, 2022
Terraform Provider for Confluent Cloud

Terraform Provider for Confluent Cloud The Terraform Confluent Cloud provider is a plugin for Terraform that allows for the lifecycle management of Co

Confluent Inc. 51 Jul 19, 2022
This example shows how to serve private contents on AWS S3 through CloudFront signed URL.

AWS CloudFront with Signed URL This is the repository of my blog post. This example shows how to serve private contents on AWS S3 through CloudFront s

Hao-Ming, Hsu 7 Oct 19, 2022
Cloud cost estimates for Terraform in your CLI and pull requests 💰📉

Infracost shows cloud cost estimates for Terraform projects. It helps developers, devops and others to quickly see the cost breakdown and compare different options upfront.

Infracost 8.3k Nov 29, 2022
Terraform-provider-e2e-network - Terraform Provider Scaffolding (Terraform Plugin SDK)

This template repository is built on the Terraform Plugin SDK. The template repository built on the Terraform Plugin Framework can be found at terraform-provider-scaffolding-framework.

eSadhana 0 Jan 19, 2022
Terraform-equinix-migration-tool - Tool to migrate code from Equinix Metal terraform provider to Equinix terraform provider

Equinix Terraform Provider Migration Tool This tool targets a terraform working

Equinix 1 Feb 15, 2022
An experimental crossplane provider for @zscaler zpa

provider-zpa Crossplane provider for [Zscaler ZPA] The provider built from this repository can be installed into a Crossplane control plane or run sep

null 0 Dec 7, 2021
Terraform provider to help with various AWS automation tasks (mostly all that stuff we cannot accomplish with the official AWS terraform provider)

terraform-provider-awsutils Terraform provider for performing various tasks that cannot be performed with the official AWS Terraform Provider from Has

Cloud Posse 24 Oct 1, 2022
Terraform Provider for Azure (Resource Manager)Terraform Provider for Azure (Resource Manager)

Terraform Provider for Azure (Resource Manager) Version 2.x of the AzureRM Provider requires Terraform 0.12.x and later, but 1.0 is recommended. Terra

null 0 Oct 16, 2021
Terraform-provider-mailcow - Terraform provider for Mailcow

Terraform Provider Scaffolding (Terraform Plugin SDK) This template repository i

Owen Valentine 0 Dec 31, 2021
Terraform-provider-buddy - Terraform Buddy provider For golang

Terraform Provider for Buddy Documentation Requirements Terraform >= 1.0.11 Go >

Buddy 1 Jan 5, 2022
Terraform-provider-vercel - Terraform Vercel Provider With Golang

Vercel Terraform Provider Website: https://www.terraform.io Documentation: https

Vercel 76 Nov 30, 2022
Terraform-provider-age - Age Terraform Provider with golang

Age Terraform Provider This provider lets you generate an Age key pair. Using th

ConsenSys Software 0 Feb 15, 2022
rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

rpCheckup - Catch AWS resource policy backdoors like Endgame rpCheckup is an AWS resource policy security checkup tool that identifies public, externa

Gold Fig Labs Inc. 146 Nov 4, 2022
Private Terraform Provider Registry For Golang

private-reggie Private Terraform Provider Registry Test With curl $ curl http://localhost:8080/terraform/providers/v1/hashicorp/hashicups/versions ht

Adam as a Service 0 Dec 13, 2021
Unofficial Terraform provider for planetscale

Unofficial Terraform Provider for Planetscale ?? Website: https://planetscale.com Documentation: https://registry.terraform.io/providers/s1ntaxe770r/p

null 21 Oct 17, 2022
Terraform provider to access CEPH S3 API

terraform-provider-ceph (S3) A very simple Terraform provider to create/delete buckets via CEPH S3 API. Build and install go build -o terraform-provid

Modular Finance 0 Nov 26, 2021
null 96 Nov 28, 2022
kube-champ 43 Oct 19, 2022
Terraform-in-Terraform: Execute Modules directly from the Terraform Registry

Terraform-In-Terraform Provider This provider allows running Terraform in Terraform. This might seem insane but there are some edge cases where it com

WeakPixel 39 Aug 31, 2022