diff --git a/terraform/gen/referencedocs.go.tpl b/terraform/gen/referencedocs.go.tpl
index 3fa0cc601..4af0f49c9 100644
--- a/terraform/gen/referencedocs.go.tpl
+++ b/terraform/gen/referencedocs.go.tpl
@@ -67,6 +67,45 @@ provider "teleport" {
root_ca_path = "tf.ca"
}
```
+
+## Provider resource versioning
+
+Since Teleport 15, you MUST set the version on each resource, and version cannot
+be changed in-place. Terraform will delete the resource and create a new one if
+a version change is required.
+
+This is not enforced on previous Teleport provider versions, but we recommend doing
+so. When the version is not specified, Terraform will pick the latest one by default.
+However, version upgrades don't re-apply the resource defaults. This could lead
+to different results if you create a new resource or upgrade an existing one.
+To mitigate this, you should explicitly set the resource version.
+
+
+ Upgrading the Terraform Provider to a new version with `teleport_role`
+ resources without a specified version can change the role behavior and access
+ rules. You must set the role version before upgrading to ensure the role
+ access rules don't change.
+
+ The default role version is the highest supported:
+
+ * v12 default role version is `v5`
+ * v13 default role version is `v6`
+ * v14 default role version is `v7`
+
+ For example, before upgrading from v12 to v13, edit every unversionned role
+ to pin the `v5` version:
+
+ ```terraform
+ resource "teleport_role" "test" {
+ version = "v5"
+ metadata = {
+ name = "my-role"
+ }
+ // ...
+ }
+ ```
+
+
{{range $_, $resource := .resourcesDoc}}
## {{$resource.Name}}
diff --git a/terraform/protoc-gen-terraform-accesslist.yaml b/terraform/protoc-gen-terraform-accesslist.yaml
index 62ae907ee..691f5136f 100644
--- a/terraform/protoc-gen-terraform-accesslist.yaml
+++ b/terraform/protoc-gen-terraform-accesslist.yaml
@@ -46,14 +46,27 @@ computed_fields:
# These fields will be marked as Required: true
required_fields:
- "Metadata.name"
+ - "AccessList.header.version"
- "AccessList.spec.owners"
- "AccessList.spec.grants"
+ - "AccessList.spec.audit"
+ - "AccessList.spec.audit.recurrence"
+ - "AccessList.spec.audit.recurrence.frequency"
plan_modifiers:
# Force to recreate resource if it's name changes
Metadata.name:
- "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ # Version MUST NOT change. Due to the way Terraform imports back the resource
+ # in its state (the provider relies on `USeStateForUnknown`) and the fact
+ # Teleport mixes the injected defaults with the original resource, defaults
+ # are set only on resource creation. Upgrading an existing resource will
+ # create a hybrid: a resource with the new version but old defaults.
+ AccessList.header.version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+
# This must be defined for the generator to be happy, but in reality all time
# fields are overridden (because the protobuf timestamps contain locks and the
# linter gets mad if we use raw structs instead of pointers).
diff --git a/terraform/protoc-gen-terraform-devicetrust.yaml b/terraform/protoc-gen-terraform-devicetrust.yaml
index 7261af5cd..ad5620dd1 100644
--- a/terraform/protoc-gen-terraform-devicetrust.yaml
+++ b/terraform/protoc-gen-terraform-devicetrust.yaml
@@ -32,7 +32,6 @@ computed_fields:
# Metadata
- "DeviceV1.Metadata"
- "DeviceV1.Kind"
- - "DeviceV1.Version"
# DeviceV1
- "DeviceV1.spec.enroll_status"
@@ -41,6 +40,7 @@ computed_fields:
required_fields:
- "DeviceV1.spec.asset_tag"
- "DeviceV1.spec.os_type"
+ - "DeviceV1.Version"
exclude_fields:
@@ -54,12 +54,20 @@ exclude_fields:
- "DeviceV1.spec.update_time"
- "DeviceV1.spec.credential"
- "DeviceV1.spec.collected_data"
-
+ - "DeviceV1.spec.profile"
plan_modifiers:
# Force to recreate resource if asset tag changes
"DeviceV1.spec.asset_tag":
- "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ # Version MUST NOT change. Due to the way Terraform imports back the resource
+ # in its state (the provider relies on `USeStateForUnknown`) and the fact
+ # Teleport mixes the injected defaults with the original resource, defaults
+ # are set only on resource creation. Upgrading an existing resource will
+ # create a hybrid: a resource with the new version but old defaults.
+ DeviceV1.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
time_type:
@@ -68,4 +76,3 @@ time_type:
cast_to_type: "time.Time"
cast_from_type: "time.Time"
type_constructor: "github.com/gravitational/teleport-plugins/terraform/tfschema.UseRFC3339Time()"
-
diff --git a/terraform/protoc-gen-terraform-loginrule.yaml b/terraform/protoc-gen-terraform-loginrule.yaml
index ec03610c7..c22548695 100644
--- a/terraform/protoc-gen-terraform-loginrule.yaml
+++ b/terraform/protoc-gen-terraform-loginrule.yaml
@@ -38,14 +38,22 @@ computed_fields:
# These fields will be marked as Required: true
required_fields:
# LoginRule
- - "LoginRule.Metadata.Name"
- - "LoginRule.Version"
- - "LoginRule.Priority"
+ - "Metadata.Name"
+ - "LoginRule.version"
+ - "LoginRule.priority"
plan_modifiers:
# Force to recreate resource if it's name changes
Metadata.Name:
- "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ # Version MUST NOT change. Due to the way Terraform imports back the resource
+ # in its state (the provider relies on `USeStateForUnknown`) and the fact
+ # Teleport mixes the injected defaults with the original resource, defaults
+ # are set only on resource creation. Upgrading an existing resource will
+ # create a hybrid: a resource with the new version but old defaults.
+ LoginRule.version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
validators:
Metadata.Expires:
diff --git a/terraform/protoc-gen-terraform-teleport.yaml b/terraform/protoc-gen-terraform-teleport.yaml
index 4937cf1d3..1bd336309 100644
--- a/terraform/protoc-gen-terraform-teleport.yaml
+++ b/terraform/protoc-gen-terraform-teleport.yaml
@@ -163,7 +163,6 @@ computed_fields:
# App
- "AppV3.Metadata.Labels"
- "AppV3.Kind"
- - "AppV3.Version"
# Auth preference
- "AuthPreferenceV2.Spec.SecondFactor"
@@ -172,11 +171,9 @@ computed_fields:
- "AuthPreferenceV2.Metadata.Namespace"
- "AuthPreferenceV2.Metadata.Labels"
- "AuthPreferenceV2.Kind"
- - "AuthPreferenceV2.Version"
# ClusterMaintenanceConfig
- "ClusterMaintenanceConfigV1.Kind"
- - "ClusterMaintenanceConfigV1.Version"
# Cluster networking
- "ClusterNetworkingConfigV2.Spec.KeepAliveCountMax"
@@ -186,25 +183,20 @@ computed_fields:
# Database
- "DatabaseV3.Kind"
- - "DatabaseV3.Version"
# Github connector
- "GithubConnectorV3.Kind"
- - "GithubConnectorV3.Version"
# Provision token
- "ProvisionTokenV2.Spec.AWSIIDTTL"
- "ProvisionTokenV2.Kind"
- "ProvisionTokenV2.Metadata.Name"
- - "ProvisionTokenV2.Version"
# OIDC connector
- "OIDCConnectorV3.Kind"
- - "OIDCConnectorV3.Version"
# Okta import rule
- "OktaImportRuleV1.Kind"
- - "OktaImportRuleV1.Version"
# Role
- "RoleV6.Spec.Options.MaxSessionTTL"
@@ -235,7 +227,6 @@ computed_fields:
- "RoleV6.Spec.Allow.KubernetesResources.Verbs"
- "RoleV6.Spec.Options.BPF"
- "RoleV6.Kind"
- - "RoleV6.Version"
# SAML connector
- "SAMLConnectorV2.Spec.Audience"
@@ -249,25 +240,22 @@ computed_fields:
- "SAMLConnectorV2.Spec.EncryptionKeyPair.PrivateKey"
- "SAMLConnectorV2.Spec.EncryptionKeyPair.Cert"
- "SAMLConnectorV2.Kind"
- - "SAMLConnectorV2.Version"
# Session recording
- "SessionRecordingConfigV2.Spec.Mode"
- "SessionRecordingConfigV2.Kind"
- - "SessionRecordingConfigV2.Version"
# Trusted cluster
- "TrustedClusterV2.Kind"
- - "TrustedClusterV2.Version"
# User
- "UserV2.Kind"
- - "UserV2.Version"
# These fields will be marked as Required: true
required_fields:
# App
- "AppV3.Metadata.Name"
+ - "AppV3.Version"
# Auth preference
- "AuthPreferenceV2.Spec"
@@ -277,42 +265,54 @@ required_fields:
- "DatabaseV3.Spec.Protocol"
- "DatabaseV3.Spec.URI"
- "DatabaseV3.Metadata.Name"
+ - "DatabaseV3.Version"
# Github connector
- "GithubConnectorV3.Spec"
- "GithubConnectorV3.Spec.ClientID"
- "GithubConnectorV3.Spec.ClientSecret"
- "GithubConnectorV3.Metadata.Name"
+ - "GithubConnectorV3.Version"
# OIDC connector
- "OIDCConnectorV3.Spec"
- "OIDCConnectorV3.Metadata.Name"
+ - "OIDCConnectorV3.Version"
# Okta import rule
- "OktaImportRuleV1.Spec"
- "OktaImportRuleV1.Metadata.Name"
+ - "OktaImportRuleV1.Version"
# Provision token
- "ProvisionTokenV2.Spec"
- "ProvisionTokenV2.Spec.Options"
- "ProvisionTokenV2.Spec.Roles"
+ - "ProvisionTokenV2.Version"
- # Role
- - "RoleV6.Metadata.Name"
+ # Role
+ - "RoleV6.Metadata.Name"
+ - "RoleV6.Version"
# SAML connector
- "SAMLConnectorV2.Spec"
- "SAMLConnectorV2.Spec.AssertionConsumerService"
- "SAMLConnectorV2.Spec.AttributesToRoles"
- - "SAMLConnectorV2.Metadata.Name"
+ - "SAMLConnectorV2.Metadata.Name"
+ - "SAMLConnectorV2.Version"
# Trusted cluster
- - "TrustedClusterV2.Metadata.Name"
+ - "TrustedClusterV2.Metadata.Name"
+ - "TrustedClusterV2.Version"
- "TrustedClusterV2.Spec"
# User
- "UserV2.Metadata.Name"
-
+ - "UserV2.Version"
+
+ - "SessionRecordingConfigV2.Version"
+ - "ClusterMaintenanceConfigV1.Version"
+ - "AuthPreferenceV2.Version"
# These fields must be marked as sensitive
sensitive_fields:
@@ -341,6 +341,51 @@ plan_modifiers:
- "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
- "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ # Version MUST NOT change. Due to the way Terraform imports back the resource
+ # in its state (the provider relies on `USeStateForUnknown`) and the fact
+ # Teleport mixes the injected defaults with the original resource, defaults
+ # are set only on resource creation. Upgrading an existing resource will
+ # create a hybrid: a resource with the new version but old defaults.
+ AppV3.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ DatabaseV3.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ GithubConnectorV3.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ OIDCConnectorV3.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ OktaImportRuleV1.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ ProvisionTokenV2.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ RoleV6.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ SAMLConnectorV2.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ TrustedClusterV2.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ UserV2.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ SessionRecordingConfigV2.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ ClusterMaintenanceConfigV1.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+ AuthPreferenceV2.Version:
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.UseStateForUnknown()"
+ - "github.com/hashicorp/terraform-plugin-framework/tfsdk.RequiresReplace()"
+
validators:
# Expires must be in the future
Metadata.Expires:
@@ -379,8 +424,8 @@ validators:
- UseMapKeysPresentValidator("teleport.dev/origin")
UserV2.Version:
- UseVersionBetween(2,2)
- ClsuterMaintenanceConfigV1.Version:
- - UserVersionBetween(1,1)
+ ClusterMaintenanceConfigV1.Version:
+ - UseVersionBetween(1,1)
time_type:
type: "TimeType"
diff --git a/terraform/reference.mdx b/terraform/reference.mdx
index b01d9e87f..a4959f0cc 100755
--- a/terraform/reference.mdx
+++ b/terraform/reference.mdx
@@ -84,6 +84,45 @@ provider "teleport" {
}
```
+## Provider resource versioning
+
+Since Teleport 15, you MUST set the version on each resource, and version cannot
+be changed in-place. Terraform will delete the resource and create a new one if
+a version change is required.
+
+This is not enforced on previous Teleport provider versions, but we recommend doing
+so. When the version is not specified, Terraform will pick the latest one by default.
+However, version upgrades don't re-apply the resource defaults. This could lead
+to different results if you create a new resource or upgrade an existing one.
+To mitigate this, you should explicitly set the resource version.
+
+
+ Upgrading the Terraform Provider to a new version with `teleport_role`
+ resources without a specified version can change the role behavior and access
+ rules. You must set the role version before upgrading to ensure the role
+ access rules don't change.
+
+ The default role version is the highest supported:
+
+ * v12 default role version is `v5`
+ * v13 default role version is `v6`
+ * v14 default role version is `v7`
+
+ For example, before upgrading from v12 to v13, edit every unversionned role
+ to pin the `v5` version:
+
+ ```terraform
+ resource "teleport_role" "test" {
+ version = "v5"
+ metadata = {
+ name = "my-role"
+ }
+ // ...
+ }
+ ```
+
+
+
## teleport_access_list
| Name | Type | Required | Description |
@@ -100,7 +139,7 @@ header is the header for the resource.
| kind | string | | kind is a resource kind. |
| metadata | object | | metadata is resource metadata. |
| sub_kind | string | | sub_kind is an optional resource sub kind, used in some resources. |
-| version | string | | version is version. |
+| version | string | * | version is version. |
#### header.metadata
@@ -121,7 +160,7 @@ spec is the specification for the access list.
| Name | Type | Required | Description |
|---------------------|--------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| audit | object | | audit describes the frequency that this access list must be audited. |
+| audit | object | * | audit describes the frequency that this access list must be audited. |
| description | string | | description is an optional plaintext description of the access list. |
| grants | object | * | grants describes the access granted by membership to this access list. |
| membership | string | | membership defines how list membership is applied. There are two possible values: `explicit` (default): To be considered ag member of the access list, a user must both meet the `membership_requires` conditions AND be explicitly added to the list. `implicit`: Any user meeting the `membership_requires` conditions will automatically be cosidered a member of this list. |
@@ -140,7 +179,7 @@ audit describes the frequency that this access list must be audited.
|-----------------|--------------|----------|---------------------------------------------------------|
| next_audit_date | RFC3339 time | | |
| notifications | object | | notifications is the configuration for notifying users. |
-| recurrence | object | | recurrence is the recurrence definition |
+| recurrence | object | * | recurrence is the recurrence definition |
##### spec.audit.notifications
@@ -157,7 +196,7 @@ recurrence is the recurrence definition
| Name | Type | Required | Description |
|--------------|--------|----------|---------------------------------------------------------------------|
| day_of_month | number | | day_of_month is the day of month that reviews will be scheduled on. |
-| frequency | number | | frequency is the frequency of reviews. |
+| frequency | number | * | frequency is the frequency of reviews. |
#### spec.grants
@@ -275,7 +314,10 @@ resource "teleport_access_list" "crane-operation" {
}
title = "Crane operation"
audit = {
- frequency = "3600h" // 150 days
+ recurrence = {
+ frequency = 3 # audit every 3 months
+ day_of_month = 15 # audit happen 15's day of the month. Possible values are 1, 15, and 31.
+ }
}
}
}
@@ -289,7 +331,7 @@ resource "teleport_access_list" "crane-operation" {
| metadata | object | | Metadata is the app resource metadata. |
| spec | object | | Spec is the app resource spec. |
| sub_kind | string | | SubKind is an optional resource subkind. |
-| version | string | | Version is the resource version. |
+| version | string | * | Version is the resource version. |
### metadata
@@ -383,7 +425,7 @@ resource "teleport_app" "example" {
| metadata | object | | Metadata is resource metadata |
| spec | object | * | Spec is an AuthPreference specification |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources |
-| version | string | | Version is a resource version |
+| version | string | * | Version is a resource version |
### metadata
@@ -557,7 +599,7 @@ resource "teleport_bot" "example" {
| nonce | number | | Nonce is used to protect against concurrent modification of the maintenance window. Clients should treat nonces as opaque. |
| spec | object | | |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources |
-| version | string | | Version is version |
+| version | string | * | Version is version |
### metadata
@@ -700,7 +742,7 @@ resource "teleport_cluster_networking_config" "example" {
| metadata | object | | Metadata is the database metadata. |
| spec | object | | Spec is the database spec. |
| sub_kind | string | | SubKind is an optional resource subkind. |
-| version | string | | Version is the resource version. |
+| version | string | * | Version is the resource version. |
### metadata
@@ -960,7 +1002,7 @@ resource "teleport_database" "example" {
| metadata | object | | Metadata holds resource metadata. |
| spec | object | * | Spec is an Github connector specification. |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. |
-| version | string | | Version is a resource version. |
+| version | string | * | Version is a resource version. |
### metadata
@@ -1051,10 +1093,10 @@ resource "teleport_github_connector" "github" {
| Name | Type | Required | Description |
|-------------------|--------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| metadata | object | | Metadata is resource metadata. |
-| priority | number | | Priority is the priority of the login rule relative to other login rules in the same cluster. Login rules with a lower numbered priority will be evaluated first. |
+| priority | number | * | Priority is the priority of the login rule relative to other login rules in the same cluster. Login rules with a lower numbered priority will be evaluated first. |
| traits_expression | string | | TraitsExpression is a predicate expression which should return the desired traits for the user upon login. |
| traits_map | object | | TraitsMap is a map of trait keys to lists of predicate expressions which should evaluate to the desired values for that trait. |
-| version | string | | Version is the resource version. |
+| version | string | * | Version is the resource version. |
### metadata
@@ -1065,7 +1107,7 @@ Metadata is resource metadata.
| description | string | | Description is object description |
| expires | RFC3339 time | | Expires is a global expiry time header can be set on any resource in the system. |
| labels | map of strings | | Labels is a set of labels |
-| name | string | | Name is an object name |
+| name | string | * | Name is an object name |
| namespace | string | | Namespace is object namespace. The field should be called "namespace" when it returns in Teleport 2.4. |
| revision | string | | Revision is an opaque identifier which tracks the versions of a resource over time. Clients should ignore and not alter its value but must return the revision in any updates of a resource. |
@@ -1116,7 +1158,7 @@ resource "teleport_login_rule" "example" {
| metadata | object | | Metadata holds resource metadata. |
| spec | object | * | Spec is an OIDC connector specification. |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. |
-| version | string | | Version is a resource version. |
+| version | string | * | Version is a resource version. |
### metadata
@@ -1204,7 +1246,7 @@ resource "teleport_oidc_connector" "example" {
| metadata | object | | Metadata is resource metadata |
| spec | object | * | Spec is the specification for the Okta import rule. |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources |
-| version | string | | Version is version |
+| version | string | * | Version is version |
### metadata
@@ -1319,7 +1361,7 @@ resource "teleport_okta_import_rule" "example" {
| metadata | object | | Metadata is resource metadata |
| spec | object | * | Spec is a provisioning token V2 spec |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources |
-| version | string | | Version is version |
+| version | string | * | Version is version |
### metadata
@@ -1566,7 +1608,7 @@ resource "teleport_provision_token" "iam-token" {
| metadata | object | | Metadata is resource metadata |
| spec | object | | Spec is a role specification |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources |
-| version | string | | Version is version |
+| version | string | * | Version is version |
### metadata
@@ -2035,7 +2077,7 @@ resource "teleport_role" "example" {
| metadata | object | | Metadata holds resource metadata. |
| spec | object | * | Spec is an SAML connector specification. |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. |
-| version | string | | Version is a resource version. |
+| version | string | * | Version is a resource version. |
### metadata
@@ -2154,7 +2196,7 @@ resource "teleport_saml_connector" "example" {
| metadata | object | | Metadata is resource metadata |
| spec | object | | Spec is a SessionRecordingConfig specification |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources |
-| version | string | | Version is a resource version |
+| version | string | * | Version is a resource version |
### metadata
@@ -2204,7 +2246,7 @@ resource "teleport_session_recording_config" "example" {
| metadata | object | | Metadata holds resource metadata. |
| spec | object | * | Spec is a Trusted Cluster specification. |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources. |
-| version | string | | Version is a resource version. |
+| version | string | * | Version is a resource version. |
### metadata
@@ -2275,7 +2317,7 @@ resource "teleport_trusted_cluster" "cluster" {
|----------|--------|----------|-------------------------------|
| metadata | object | | Metadata is resource metadata |
| spec | object | | Specification of the device. |
-| version | string | | Version is version |
+| version | string | * | Version is version |
### metadata
@@ -2297,24 +2339,8 @@ Specification of the device.
| enroll_status | string | | |
| os_type | string | * | |
| owner | string | | |
-| profile | object | | |
| source | object | | |
-#### spec.profile
-
-
-
-| Name | Type | Required | Description |
-|-----------------------|------------------|----------|-------------|
-| external_id | string | | |
-| jamf_binary_version | string | | |
-| model_identifier | string | | |
-| os_build | string | | |
-| os_build_supplemental | string | | |
-| os_usernames | array of strings | | |
-| os_version | string | | |
-| update_time | RFC3339 time | | |
-
#### spec.source
@@ -2345,7 +2371,7 @@ resource "teleport_trusted_device" "TESTDEVICE1" {
| metadata | object | | Metadata is resource metadata |
| spec | object | | Spec is a user specification |
| sub_kind | string | | SubKind is an optional resource sub kind, used in some resources |
-| version | string | | Version is version |
+| version | string | * | Version is version |
### metadata
diff --git a/terraform/test/fixtures/access_list_0_create.tf b/terraform/test/fixtures/access_list_0_create.tf
index 4e16b8aa0..25f1f57eb 100644
--- a/terraform/test/fixtures/access_list_0_create.tf
+++ b/terraform/test/fixtures/access_list_0_create.tf
@@ -1,5 +1,6 @@
resource "teleport_access_list" "test" {
header = {
+ version = "v1"
metadata = {
name = "test"
labels = {
diff --git a/terraform/test/fixtures/access_list_1_update.tf b/terraform/test/fixtures/access_list_1_update.tf
index f1f6fb7ec..98fd07074 100644
--- a/terraform/test/fixtures/access_list_1_update.tf
+++ b/terraform/test/fixtures/access_list_1_update.tf
@@ -1,5 +1,6 @@
resource "teleport_access_list" "test" {
header = {
+ version = "v1"
metadata = {
name = "test"
labels = {
diff --git a/terraform/test/fixtures/access_list_2_expiring.tf b/terraform/test/fixtures/access_list_2_expiring.tf
index bc7327110..bf8db84aa 100644
--- a/terraform/test/fixtures/access_list_2_expiring.tf
+++ b/terraform/test/fixtures/access_list_2_expiring.tf
@@ -1,5 +1,6 @@
resource "teleport_access_list" "test" {
header = {
+ version = "v1"
metadata = {
name = "test"
labels = {
diff --git a/terraform/test/fixtures/app_0_create.tf b/terraform/test/fixtures/app_0_create.tf
index 0be1ef514..4ed0020dd 100644
--- a/terraform/test/fixtures/app_0_create.tf
+++ b/terraform/test/fixtures/app_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_app" "test" {
+ version = "v3"
metadata = {
name = "example"
description = "Test app"
@@ -11,4 +12,4 @@ resource "teleport_app" "test" {
spec = {
uri = "localhost:3000"
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/app_0_create_auth_b64.tf b/terraform/test/fixtures/app_0_create_auth_b64.tf
index 417973d92..099b890f2 100644
--- a/terraform/test/fixtures/app_0_create_auth_b64.tf
+++ b/terraform/test/fixtures/app_0_create_auth_b64.tf
@@ -1,4 +1,5 @@
resource "teleport_app" "test_auth_b64" {
+ version = "v3"
metadata = {
name = "test_auth_b64"
description = "Test app"
@@ -11,4 +12,4 @@ resource "teleport_app" "test_auth_b64" {
spec = {
uri = "localhost:3000"
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/app_0_create_auth_files.tf b/terraform/test/fixtures/app_0_create_auth_files.tf
index 82dcf649a..1c0d04287 100644
--- a/terraform/test/fixtures/app_0_create_auth_files.tf
+++ b/terraform/test/fixtures/app_0_create_auth_files.tf
@@ -1,4 +1,5 @@
resource "teleport_app" "test_auth_files" {
+ version = "v3"
metadata = {
name = "test_auth_files"
description = "Test app"
@@ -11,4 +12,4 @@ resource "teleport_app" "test_auth_files" {
spec = {
uri = "localhost:3000"
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/app_0_create_with_cache.tf b/terraform/test/fixtures/app_0_create_with_cache.tf
index 7d12013e9..886a727cd 100644
--- a/terraform/test/fixtures/app_0_create_with_cache.tf
+++ b/terraform/test/fixtures/app_0_create_with_cache.tf
@@ -1,4 +1,5 @@
resource "teleport_app" "test_with_cache" {
+ version = "v3"
metadata = {
name = "example"
description = "Test app"
diff --git a/terraform/test/fixtures/app_1_update.tf b/terraform/test/fixtures/app_1_update.tf
index 2228d4325..e90516dea 100644
--- a/terraform/test/fixtures/app_1_update.tf
+++ b/terraform/test/fixtures/app_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_app" "test" {
+ version = "v3"
metadata = {
name = "test"
description = "Test app"
diff --git a/terraform/test/fixtures/auth_preference_0_set.tf b/terraform/test/fixtures/auth_preference_0_set.tf
index 83ce7d4bf..79778b0b8 100644
--- a/terraform/test/fixtures/auth_preference_0_set.tf
+++ b/terraform/test/fixtures/auth_preference_0_set.tf
@@ -1,4 +1,5 @@
resource "teleport_auth_preference" "test" {
+ version = "v2"
metadata = {
labels = {
"example" = "yes"
diff --git a/terraform/test/fixtures/auth_preference_1_update.tf b/terraform/test/fixtures/auth_preference_1_update.tf
index a3793c8c5..443a6cbfb 100644
--- a/terraform/test/fixtures/auth_preference_1_update.tf
+++ b/terraform/test/fixtures/auth_preference_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_auth_preference" "test" {
+ version = "v2"
metadata = {
labels = {
"teleport.dev/origin" = "dynamic"
diff --git a/terraform/test/fixtures/bot_0_create.tf b/terraform/test/fixtures/bot_0_create.tf
index 5e7b3e167..46df14a9e 100644
--- a/terraform/test/fixtures/bot_0_create.tf
+++ b/terraform/test/fixtures/bot_0_create.tf
@@ -3,6 +3,7 @@ locals {
}
resource "teleport_provision_token" "bot_test" {
+ version = "v2"
metadata = {
expires = "2038-01-01T00:00:00Z"
name = "bot-test"
diff --git a/terraform/test/fixtures/bot_1_update.tf b/terraform/test/fixtures/bot_1_update.tf
index a9313fa9f..8aedf3c94 100644
--- a/terraform/test/fixtures/bot_1_update.tf
+++ b/terraform/test/fixtures/bot_1_update.tf
@@ -3,6 +3,7 @@ locals {
}
resource "teleport_provision_token" "bot_test" {
+ version = "v2"
metadata = {
expires = "2038-01-01T00:00:00Z"
name = "bot-test"
diff --git a/terraform/test/fixtures/database_0_create.tf b/terraform/test/fixtures/database_0_create.tf
index 8ec2f25a3..1c464fbad 100644
--- a/terraform/test/fixtures/database_0_create.tf
+++ b/terraform/test/fixtures/database_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_database" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/database_1_update.tf b/terraform/test/fixtures/database_1_update.tf
index 7f6113b6a..6f221968a 100644
--- a/terraform/test/fixtures/database_1_update.tf
+++ b/terraform/test/fixtures/database_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_database" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/device_trust_0_create.tf b/terraform/test/fixtures/device_trust_0_create.tf
index 24063b7ad..316c4db16 100644
--- a/terraform/test/fixtures/device_trust_0_create.tf
+++ b/terraform/test/fixtures/device_trust_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_trusted_device" "TESTDEVICE1" {
+ version = "v1"
spec = {
asset_tag = "TESTDEVICE1"
os_type = "macos"
diff --git a/terraform/test/fixtures/device_trust_1_update.tf b/terraform/test/fixtures/device_trust_1_update.tf
index c3591ceb6..a886946e3 100644
--- a/terraform/test/fixtures/device_trust_1_update.tf
+++ b/terraform/test/fixtures/device_trust_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_trusted_device" "TESTDEVICE1" {
+ version = "v1"
spec = {
asset_tag = "TESTDEVICE1"
os_type = "macos"
@@ -7,6 +8,7 @@ resource "teleport_trusted_device" "TESTDEVICE1" {
}
resource "teleport_trusted_device" "TESTDEVICE2" {
+ version = "v1"
spec = {
asset_tag = "TESTDEVICE2"
os_type = "linux"
diff --git a/terraform/test/fixtures/github_connector_0_create.tf b/terraform/test/fixtures/github_connector_0_create.tf
index 05d92efe0..73c43fe0c 100644
--- a/terraform/test/fixtures/github_connector_0_create.tf
+++ b/terraform/test/fixtures/github_connector_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_github_connector" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/github_connector_1_update.tf b/terraform/test/fixtures/github_connector_1_update.tf
index a767bd50b..77f8c917d 100644
--- a/terraform/test/fixtures/github_connector_1_update.tf
+++ b/terraform/test/fixtures/github_connector_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_github_connector" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/github_connector_teams_to_roles.tf b/terraform/test/fixtures/github_connector_teams_to_roles.tf
index 2b37133d3..5a70476c1 100644
--- a/terraform/test/fixtures/github_connector_teams_to_roles.tf
+++ b/terraform/test/fixtures/github_connector_teams_to_roles.tf
@@ -14,6 +14,7 @@ resource "teleport_role" "myrole" {
resource "teleport_github_connector" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/github_connector_without_mapping.tf b/terraform/test/fixtures/github_connector_without_mapping.tf
index 996a6f628..fde49de4b 100644
--- a/terraform/test/fixtures/github_connector_without_mapping.tf
+++ b/terraform/test/fixtures/github_connector_without_mapping.tf
@@ -1,4 +1,5 @@
resource "teleport_github_connector" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
@@ -14,4 +15,4 @@ resource "teleport_github_connector" "test" {
teams_to_roles = []
teams_to_logins = []
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/maintenance_config_0_set.tf b/terraform/test/fixtures/maintenance_config_0_set.tf
index 5952b74db..acd14cea9 100644
--- a/terraform/test/fixtures/maintenance_config_0_set.tf
+++ b/terraform/test/fixtures/maintenance_config_0_set.tf
@@ -1,4 +1,5 @@
resource "teleport_cluster_maintenance_config" "test" {
+ version = "v1"
metadata = {
description = "Maintenance config"
}
diff --git a/terraform/test/fixtures/maintenance_config_1_update.tf b/terraform/test/fixtures/maintenance_config_1_update.tf
index 6b63ce691..4f46c9d1b 100644
--- a/terraform/test/fixtures/maintenance_config_1_update.tf
+++ b/terraform/test/fixtures/maintenance_config_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_cluster_maintenance_config" "test" {
+ version = "v1"
metadata = {
description = "Maintenance config"
}
diff --git a/terraform/test/fixtures/networking_config_0_set.tf b/terraform/test/fixtures/networking_config_0_set.tf
index b1e0c208b..5986f6588 100644
--- a/terraform/test/fixtures/networking_config_0_set.tf
+++ b/terraform/test/fixtures/networking_config_0_set.tf
@@ -1,4 +1,5 @@
resource "teleport_cluster_networking_config" "test" {
+ version = "v2"
metadata = {
labels = {
"example" = "yes"
diff --git a/terraform/test/fixtures/networking_config_1_update.tf b/terraform/test/fixtures/networking_config_1_update.tf
index fa78d050c..9eaec836a 100644
--- a/terraform/test/fixtures/networking_config_1_update.tf
+++ b/terraform/test/fixtures/networking_config_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_cluster_networking_config" "test" {
+ version = "v2"
metadata = {
labels = {
"example" = "no"
diff --git a/terraform/test/fixtures/oidc_connector_0_create.tf b/terraform/test/fixtures/oidc_connector_0_create.tf
index cbd284000..1aa2f761a 100644
--- a/terraform/test/fixtures/oidc_connector_0_create.tf
+++ b/terraform/test/fixtures/oidc_connector_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_oidc_connector" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
@@ -18,4 +19,4 @@ resource "teleport_oidc_connector" "test" {
redirect_url = ["https://example.com/redirect"]
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/oidc_connector_1_update.tf b/terraform/test/fixtures/oidc_connector_1_update.tf
index de85f803a..23ca59048 100644
--- a/terraform/test/fixtures/oidc_connector_1_update.tf
+++ b/terraform/test/fixtures/oidc_connector_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_oidc_connector" "test" {
+ version = "v3"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/oidc_connector_without_max_age.tf b/terraform/test/fixtures/oidc_connector_without_max_age.tf
index 9aead12ce..0a573d9f5 100644
--- a/terraform/test/fixtures/oidc_connector_without_max_age.tf
+++ b/terraform/test/fixtures/oidc_connector_without_max_age.tf
@@ -1,4 +1,5 @@
resource "teleport_oidc_connector" "test_max_age" {
+ version = "v3"
metadata = {
name = "test_max_age"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/okta_import_rule_0_create.tf b/terraform/test/fixtures/okta_import_rule_0_create.tf
index d5fd314f4..d19a869ca 100644
--- a/terraform/test/fixtures/okta_import_rule_0_create.tf
+++ b/terraform/test/fixtures/okta_import_rule_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_okta_import_rule" "test" {
+ version = "v1"
metadata = {
name = "example"
description = "Test Okta Import Rule"
diff --git a/terraform/test/fixtures/okta_import_rule_1_update.tf b/terraform/test/fixtures/okta_import_rule_1_update.tf
index 524323cee..c8ca4bdca 100644
--- a/terraform/test/fixtures/okta_import_rule_1_update.tf
+++ b/terraform/test/fixtures/okta_import_rule_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_okta_import_rule" "test" {
+ version = "v1"
metadata = {
name = "example"
description = "Test Okta Import Rule"
diff --git a/terraform/test/fixtures/provision_token_0_create.tf b/terraform/test/fixtures/provision_token_0_create.tf
index fb0c74f56..2f5185a00 100644
--- a/terraform/test/fixtures/provision_token_0_create.tf
+++ b/terraform/test/fixtures/provision_token_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_provision_token" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2038-01-01T00:00:00Z"
diff --git a/terraform/test/fixtures/provision_token_1_update.tf b/terraform/test/fixtures/provision_token_1_update.tf
index 494945667..63bf5e19d 100644
--- a/terraform/test/fixtures/provision_token_1_update.tf
+++ b/terraform/test/fixtures/provision_token_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_provision_token" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2038-01-01T00:00:00Z"
diff --git a/terraform/test/fixtures/provision_token_iam_create.tf b/terraform/test/fixtures/provision_token_iam_create.tf
index dd6dc49c3..c17db4b07 100644
--- a/terraform/test/fixtures/provision_token_iam_create.tf
+++ b/terraform/test/fixtures/provision_token_iam_create.tf
@@ -1,4 +1,5 @@
resource "teleport_provision_token" "iam-token" {
+ version = "v2"
metadata = {
name = "iam-token"
}
diff --git a/terraform/test/fixtures/provision_token_no_expiry_0_create.tf b/terraform/test/fixtures/provision_token_no_expiry_0_create.tf
index 4cf361f87..35e55ea32 100644
--- a/terraform/test/fixtures/provision_token_no_expiry_0_create.tf
+++ b/terraform/test/fixtures/provision_token_no_expiry_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_provision_token" "test" {
+ version = "v2"
metadata = {
name = "test"
labels = {
diff --git a/terraform/test/fixtures/provision_token_secret_0_create.tf b/terraform/test/fixtures/provision_token_secret_0_create.tf
index e758191ba..7564477f6 100644
--- a/terraform/test/fixtures/provision_token_secret_0_create.tf
+++ b/terraform/test/fixtures/provision_token_secret_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_provision_token" "test" {
+ version = "v2"
metadata = {
name = "thisisasecretandmustnotbelogged"
expires = "2038-01-01T00:00:00Z"
@@ -9,4 +10,4 @@ resource "teleport_provision_token" "test" {
spec = {
roles = ["Node", "Auth"]
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/provision_token_v2_0_create.tf b/terraform/test/fixtures/provision_token_v2_0_create.tf
index 70ed873e3..612187b3f 100644
--- a/terraform/test/fixtures/provision_token_v2_0_create.tf
+++ b/terraform/test/fixtures/provision_token_v2_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_provision_token" "test2" {
+ version = "v2"
metadata = {
name = "test2"
expires = "2038-01-01T00:00:00Z"
diff --git a/terraform/test/fixtures/provision_token_v2_1_update.tf b/terraform/test/fixtures/provision_token_v2_1_update.tf
index 07cf9f57c..b12498654 100644
--- a/terraform/test/fixtures/provision_token_v2_1_update.tf
+++ b/terraform/test/fixtures/provision_token_v2_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_provision_token" "test2" {
+ version = "v2"
metadata = {
name = "test2"
expires = "2038-01-01T00:00:00Z"
diff --git a/terraform/test/fixtures/role_0_create.tf b/terraform/test/fixtures/role_0_create.tf
index b1561825f..fe772e0dd 100644
--- a/terraform/test/fixtures/role_0_create.tf
+++ b/terraform/test/fixtures/role_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "test" {
+ version = "v7"
metadata = {
name = "test"
}
@@ -8,6 +9,4 @@ resource "teleport_role" "test" {
logins = ["anonymous"]
}
}
-
- version = "v6"
}
diff --git a/terraform/test/fixtures/role_1_update.tf b/terraform/test/fixtures/role_1_update.tf
index a3cfa22bc..32b5f653c 100644
--- a/terraform/test/fixtures/role_1_update.tf
+++ b/terraform/test/fixtures/role_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "test" {
+ version = "v7"
metadata = {
name = "test"
description = ""
diff --git a/terraform/test/fixtures/role_2_update.tf b/terraform/test/fixtures/role_2_update.tf
index 777051626..affecea59 100644
--- a/terraform/test/fixtures/role_2_update.tf
+++ b/terraform/test/fixtures/role_2_update.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "test" {
+ version = "v7"
metadata = {
name = "test"
description = "Test role"
diff --git a/terraform/test/fixtures/role_3_update.tf b/terraform/test/fixtures/role_3_update.tf
index c81b2f165..8de204411 100644
--- a/terraform/test/fixtures/role_3_update.tf
+++ b/terraform/test/fixtures/role_3_update.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "test" {
+ version = "v7"
metadata = {
name = "test"
expires = "2032-12-12T00:00:00Z"
diff --git a/terraform/test/fixtures/role_drift_0.tf b/terraform/test/fixtures/role_drift_0.tf
index e83a4cc23..76acae3c0 100644
--- a/terraform/test/fixtures/role_drift_0.tf
+++ b/terraform/test/fixtures/role_drift_0.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "splitbrain" {
+ version = "v7"
metadata = {
name = "splitbrain"
}
@@ -8,6 +9,4 @@ resource "teleport_role" "splitbrain" {
logins = ["one"]
}
}
-
- version = "v6"
}
diff --git a/terraform/test/fixtures/role_no_version.tf b/terraform/test/fixtures/role_no_version.tf
new file mode 100644
index 000000000..5fae1e107
--- /dev/null
+++ b/terraform/test/fixtures/role_no_version.tf
@@ -0,0 +1,11 @@
+resource "teleport_role" "test" {
+ metadata = {
+ name = "test"
+ }
+
+ spec = {
+ allow = {
+ logins = ["anonymous"]
+ }
+ }
+}
diff --git a/terraform/test/fixtures/role_upgrade_v4.tf b/terraform/test/fixtures/role_upgrade_v4.tf
index 0a8dfe637..0fea0bf7e 100644
--- a/terraform/test/fixtures/role_upgrade_v4.tf
+++ b/terraform/test/fixtures/role_upgrade_v4.tf
@@ -6,6 +6,9 @@ resource "teleport_role" "upgrade" {
spec = {
allow = {
logins = ["onev4"]
+ kubernetes_labels = {
+ env = ["dev", "prod"]
+ }
}
}
diff --git a/terraform/test/fixtures/role_upgrade_v5.tf b/terraform/test/fixtures/role_upgrade_v5.tf
index 9ce77afb9..ce97ec249 100644
--- a/terraform/test/fixtures/role_upgrade_v5.tf
+++ b/terraform/test/fixtures/role_upgrade_v5.tf
@@ -6,6 +6,9 @@ resource "teleport_role" "upgrade" {
spec = {
allow = {
logins = ["onev5"]
+ kubernetes_labels = {
+ env = ["dev", "prod"]
+ }
}
}
diff --git a/terraform/test/fixtures/role_upgrade_v6.tf b/terraform/test/fixtures/role_upgrade_v6.tf
index faed255dd..fbcda8d91 100644
--- a/terraform/test/fixtures/role_upgrade_v6.tf
+++ b/terraform/test/fixtures/role_upgrade_v6.tf
@@ -6,6 +6,9 @@ resource "teleport_role" "upgrade" {
spec = {
allow = {
logins = ["onev6"]
+ kubernetes_labels = {
+ env = ["dev", "prod"]
+ }
}
}
diff --git a/terraform/test/fixtures/role_upgrade_v7.tf b/terraform/test/fixtures/role_upgrade_v7.tf
new file mode 100644
index 000000000..2e79d4a3d
--- /dev/null
+++ b/terraform/test/fixtures/role_upgrade_v7.tf
@@ -0,0 +1,16 @@
+resource "teleport_role" "upgrade" {
+ metadata = {
+ name = "upgrade"
+ }
+
+ spec = {
+ allow = {
+ logins = ["onev7"]
+ kubernetes_labels = {
+ env = ["dev", "prod"]
+ }
+ }
+ }
+
+ version = "v7"
+}
diff --git a/terraform/test/fixtures/role_with_kube_resources.tf b/terraform/test/fixtures/role_with_kube_resources.tf
index 440aa4cc8..d54390b74 100644
--- a/terraform/test/fixtures/role_with_kube_resources.tf
+++ b/terraform/test/fixtures/role_with_kube_resources.tf
@@ -6,6 +6,9 @@ resource "teleport_role" "upgrade" {
spec = {
allow = {
logins = ["onev6"]
+ kubernetes_labels = {
+ env = ["dev", "prod"]
+ }
kubernetes_resources = [
{
kind = "pod"
diff --git a/terraform/test/fixtures/saml_connector_0_create.tf b/terraform/test/fixtures/saml_connector_0_create.tf
index d2984b056..1fef149a9 100644
--- a/terraform/test/fixtures/saml_connector_0_create.tf
+++ b/terraform/test/fixtures/saml_connector_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "admin" {
+ version = "v7"
metadata = {
name = "admin"
description = "admin role"
@@ -12,6 +13,7 @@ resource "teleport_role" "admin" {
}
resource "teleport_saml_connector" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
@@ -45,4 +47,4 @@ resource "teleport_saml_connector" "test" {
EOT
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/saml_connector_0_create_with_entitydescriptorurl.tf b/terraform/test/fixtures/saml_connector_0_create_with_entitydescriptorurl.tf
index a353631f7..18d4e7b17 100644
--- a/terraform/test/fixtures/saml_connector_0_create_with_entitydescriptorurl.tf
+++ b/terraform/test/fixtures/saml_connector_0_create_with_entitydescriptorurl.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "admin" {
+ version = "v7"
metadata = {
name = "admin"
description = "admin role"
@@ -12,6 +13,7 @@ resource "teleport_role" "admin" {
}
resource "teleport_saml_connector" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
@@ -30,4 +32,4 @@ resource "teleport_saml_connector" "test" {
acs = "https://example.com/v1/webapi/saml/acs"
entity_descriptor_url = "%v/app/exk4d7tmnz9DEaEw85d7/sso/saml/metadata"
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/saml_connector_0_create_without_entitydescriptor.tf b/terraform/test/fixtures/saml_connector_0_create_without_entitydescriptor.tf
index 8e717f812..cda230b9a 100644
--- a/terraform/test/fixtures/saml_connector_0_create_without_entitydescriptor.tf
+++ b/terraform/test/fixtures/saml_connector_0_create_without_entitydescriptor.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "admin" {
+ version = "v7"
metadata = {
name = "admin"
description = "admin role"
@@ -12,6 +13,7 @@ resource "teleport_role" "admin" {
}
resource "teleport_saml_connector" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
@@ -29,4 +31,4 @@ resource "teleport_saml_connector" "test" {
acs = "https://example.com/v1/webapi/saml/acs"
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/saml_connector_1_update.tf b/terraform/test/fixtures/saml_connector_1_update.tf
index 380224952..99dad8973 100644
--- a/terraform/test/fixtures/saml_connector_1_update.tf
+++ b/terraform/test/fixtures/saml_connector_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_role" "admin" {
+ version = "v7"
metadata = {
name = "admin"
description = "admin role"
@@ -12,6 +13,7 @@ resource "teleport_role" "admin" {
}
resource "teleport_saml_connector" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2032-10-12T07:20:50Z"
diff --git a/terraform/test/fixtures/session_recording_config_0_set.tf b/terraform/test/fixtures/session_recording_config_0_set.tf
index 49935e860..892adf9ba 100644
--- a/terraform/test/fixtures/session_recording_config_0_set.tf
+++ b/terraform/test/fixtures/session_recording_config_0_set.tf
@@ -1,4 +1,5 @@
resource "teleport_session_recording_config" "test" {
+ version = "v2"
metadata = {
labels = {
"example" = "yes"
@@ -10,4 +11,4 @@ resource "teleport_session_recording_config" "test" {
mode = "node"
proxy_checks_host_keys = true
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/session_recording_config_1_update.tf b/terraform/test/fixtures/session_recording_config_1_update.tf
index 4bf69561a..0a5b0eab0 100644
--- a/terraform/test/fixtures/session_recording_config_1_update.tf
+++ b/terraform/test/fixtures/session_recording_config_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_session_recording_config" "test" {
+ version = "v2"
metadata = {
labels = {
"example" = "yes"
@@ -10,4 +11,4 @@ resource "teleport_session_recording_config" "test" {
mode = "off"
proxy_checks_host_keys = true
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/user_0_create.tf b/terraform/test/fixtures/user_0_create.tf
index 5e5b29310..ac7697317 100644
--- a/terraform/test/fixtures/user_0_create.tf
+++ b/terraform/test/fixtures/user_0_create.tf
@@ -1,4 +1,5 @@
resource "teleport_user" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2035-10-12T07:20:50Z"
@@ -30,4 +31,4 @@ resource "teleport_user" "test" {
username = "example"
}]
}
-}
\ No newline at end of file
+}
diff --git a/terraform/test/fixtures/user_1_update.tf b/terraform/test/fixtures/user_1_update.tf
index e0653a19d..0e54a3286 100644
--- a/terraform/test/fixtures/user_1_update.tf
+++ b/terraform/test/fixtures/user_1_update.tf
@@ -1,4 +1,5 @@
resource "teleport_user" "test" {
+ version = "v2"
metadata = {
name = "test"
expires = "2035-10-12T07:20:52Z"
diff --git a/terraform/test/role_test.go b/terraform/test/role_test.go
index 8f59ea879..3eb7dd4c4 100644
--- a/terraform/test/role_test.go
+++ b/terraform/test/role_test.go
@@ -17,6 +17,10 @@ limitations under the License.
package test
import (
+ "regexp"
+
+ "github.com/google/go-cmp/cmp"
+ "github.com/google/go-cmp/cmp/cmpopts"
"github.com/gravitational/teleport/api/types"
"github.com/gravitational/trace"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
@@ -45,7 +49,7 @@ func (s *TerraformSuite) TestRole() {
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(name, "kind", "role"),
resource.TestCheckNoResourceAttr(name, "spec.options"),
- resource.TestCheckResourceAttr(name, "version", "v6"),
+ resource.TestCheckResourceAttr(name, "version", "v7"),
resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "anonymous"),
),
},
@@ -68,7 +72,7 @@ func (s *TerraformSuite) TestRole() {
resource.TestCheckResourceAttr(name, "spec.allow.node_labels.example.0", "yes"),
resource.TestCheckResourceAttr(name, "spec.allow.node_labels.example.1", "no"),
- resource.TestCheckResourceAttr(name, "version", "v6"),
+ resource.TestCheckResourceAttr(name, "version", "v7"),
),
},
{
@@ -198,7 +202,7 @@ func (s *TerraformSuite) TestRoleLoginsSplitBrain() {
Config: s.getFixture("role_drift_0.tf"),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(name, "kind", "role"),
- resource.TestCheckResourceAttr(name, "version", "v6"),
+ resource.TestCheckResourceAttr(name, "version", "v7"),
resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "one"),
),
},
@@ -221,7 +225,7 @@ func (s *TerraformSuite) TestRoleLoginsSplitBrain() {
Config: s.getFixture("role_drift_0.tf"),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(name, "kind", "role"),
- resource.TestCheckResourceAttr(name, "version", "v6"),
+ resource.TestCheckResourceAttr(name, "version", "v7"),
resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "one"),
),
},
@@ -239,6 +243,59 @@ func (s *TerraformSuite) TestRoleVersionUpgrade() {
return err
}
+ var noAccess []types.KubernetesResource
+
+ defaultV5Wildcard := []types.KubernetesResource{
+ {
+ Kind: "pod",
+ Namespace: types.Wildcard,
+ Name: types.Wildcard,
+ Verbs: []string{types.Wildcard},
+ },
+ }
+
+ defaultV7Wildcard := []types.KubernetesResource{
+ {
+ Kind: types.Wildcard,
+ Namespace: types.Wildcard,
+ Name: types.Wildcard,
+ Verbs: []string{types.Wildcard},
+ },
+ }
+
+ customWildcard := []types.KubernetesResource{
+ {
+ Kind: types.KindKubePod,
+ Namespace: "myns",
+ Name: types.Wildcard,
+ Verbs: []string{types.Wildcard},
+ },
+ }
+
+ checkRoleResource := func(version string, expected []types.KubernetesResource) resource.TestCheckFunc {
+ return func(state *terraform.State) error {
+ role, err := s.client.GetRole(s.Context(), "upgrade")
+ if err != nil {
+ return trace.Wrap(err)
+ }
+
+ if role.GetVersion() != version {
+ return trace.CompareFailed("wrong role version, was expecting %q, got %q", version, role.GetVersion())
+ }
+
+ rolev6, ok := (role).(*types.RoleV6)
+ if !ok {
+ return trace.CompareFailed("failed to convert role to rolve6")
+ }
+
+ diff := cmp.Diff(expected, rolev6.Spec.Allow.KubernetesResources, cmpopts.EquateEmpty())
+ if diff != "" {
+ return trace.CompareFailed("kube resources allow rules differs from expected result: %s", diff)
+ }
+ return nil
+ }
+ }
+
name := "teleport_role.upgrade"
resource.Test(s.T(), resource.TestCase{
@@ -251,6 +308,7 @@ func (s *TerraformSuite) TestRoleVersionUpgrade() {
resource.TestCheckResourceAttr(name, "kind", "role"),
resource.TestCheckResourceAttr(name, "version", "v4"),
resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev4"),
+ checkRoleResource(types.V4, defaultV5Wildcard),
),
},
{
@@ -263,6 +321,7 @@ func (s *TerraformSuite) TestRoleVersionUpgrade() {
resource.TestCheckResourceAttr(name, "kind", "role"),
resource.TestCheckResourceAttr(name, "version", "v5"),
resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev5"),
+ checkRoleResource(types.V5, defaultV5Wildcard),
),
},
{
@@ -275,6 +334,7 @@ func (s *TerraformSuite) TestRoleVersionUpgrade() {
resource.TestCheckResourceAttr(name, "kind", "role"),
resource.TestCheckResourceAttr(name, "version", "v6"),
resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev6"),
+ checkRoleResource(types.V6, noAccess),
),
},
{
@@ -290,12 +350,26 @@ func (s *TerraformSuite) TestRoleVersionUpgrade() {
resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.kind", "pod"),
resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.name", "*"),
resource.TestCheckResourceAttr(name, "spec.allow.kubernetes_resources.0.namespace", "myns"),
+ checkRoleResource(types.V6, customWildcard),
),
},
{
Config: s.getFixture("role_with_kube_resources.tf"),
PlanOnly: true,
},
+ {
+ Config: s.getFixture("role_upgrade_v7.tf"),
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttr(name, "kind", "role"),
+ resource.TestCheckResourceAttr(name, "version", "v7"),
+ resource.TestCheckResourceAttr(name, "spec.allow.logins.0", "onev7"),
+ checkRoleResource(types.V7, defaultV7Wildcard),
+ ),
+ },
+ {
+ Config: s.getFixture("role_upgrade_v7.tf"),
+ PlanOnly: true,
+ },
},
})
}
@@ -373,3 +447,17 @@ func (s *TerraformSuite) TestRoleWithKubernetesVerbs() {
},
})
}
+
+func (s *TerraformSuite) TestRoleNoVersion() {
+ re, err := regexp.Compile(".*The argument \"version\" is required, but no definition was found.*")
+ require.NoError(s.T(), err)
+ resource.Test(s.T(), resource.TestCase{
+ ProtoV6ProviderFactories: s.terraformProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: s.getFixture("role_no_version.tf"),
+ ExpectError: re,
+ },
+ },
+ })
+}
diff --git a/terraform/tfschema/accesslist/v1/accesslist_terraform.go b/terraform/tfschema/accesslist/v1/accesslist_terraform.go
index 4fd58d627..7ca0130cd 100644
--- a/terraform/tfschema/accesslist/v1/accesslist_terraform.go
+++ b/terraform/tfschema/accesslist/v1/accesslist_terraform.go
@@ -24,8 +24,6 @@ import (
math "math"
proto "github.com/gogo/protobuf/proto"
- _ "github.com/golang/protobuf/ptypes/duration"
- _ "github.com/golang/protobuf/ptypes/timestamp"
github_com_gravitational_teleport_api_gen_proto_go_teleport_accesslist_v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/accesslist/v1"
_ "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1"
github_com_gravitational_teleport_api_gen_proto_go_teleport_header_v1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/header/v1"
@@ -36,6 +34,8 @@ import (
github_com_hashicorp_terraform_plugin_framework_tfsdk "github.com/hashicorp/terraform-plugin-framework/tfsdk"
github_com_hashicorp_terraform_plugin_framework_types "github.com/hashicorp/terraform-plugin-framework/types"
github_com_hashicorp_terraform_plugin_go_tftypes "github.com/hashicorp/terraform-plugin-go/tftypes"
+ _ "google.golang.org/protobuf/types/known/durationpb"
+ _ "google.golang.org/protobuf/types/known/timestamppb"
)
// Reference imports to suppress errors if they are not otherwise used.
@@ -94,9 +94,10 @@ func GenSchemaAccessList(ctx context.Context) (github_com_hashicorp_terraform_pl
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Description: "version is version.",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
+ Description: "version is version.",
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
+ Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
}),
Description: "header is the header for the resource.",
@@ -128,16 +129,16 @@ func GenSchemaAccessList(ctx context.Context) (github_com_hashicorp_terraform_pl
},
"frequency": {
Description: "frequency is the frequency of reviews.",
- Optional: true,
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type,
},
}),
Description: "recurrence is the recurrence definition",
- Optional: true,
+ Required: true,
},
}),
Description: "audit describes the frequency that this access list must be audited.",
- Optional: true,
+ Required: true,
},
"description": {
Description: "description is an optional plaintext description of the access list.",
diff --git a/terraform/tfschema/devicetrust/v1/device_terraform.go b/terraform/tfschema/devicetrust/v1/device_terraform.go
index 4a9646bb6..338a5a383 100644
--- a/terraform/tfschema/devicetrust/v1/device_terraform.go
+++ b/terraform/tfschema/devicetrust/v1/device_terraform.go
@@ -26,14 +26,13 @@ import (
_ "github.com/gogo/protobuf/gogoproto"
proto "github.com/gogo/protobuf/proto"
- _ "github.com/golang/protobuf/ptypes/timestamp"
- github_com_gravitational_teleport_plugins_terraform_tfschema "github.com/gravitational/teleport-plugins/terraform/tfschema"
github_com_gravitational_teleport_api_types "github.com/gravitational/teleport/api/types"
github_com_hashicorp_terraform_plugin_framework_attr "github.com/hashicorp/terraform-plugin-framework/attr"
github_com_hashicorp_terraform_plugin_framework_diag "github.com/hashicorp/terraform-plugin-framework/diag"
github_com_hashicorp_terraform_plugin_framework_tfsdk "github.com/hashicorp/terraform-plugin-framework/tfsdk"
github_com_hashicorp_terraform_plugin_framework_types "github.com/hashicorp/terraform-plugin-framework/types"
github_com_hashicorp_terraform_plugin_go_tftypes "github.com/hashicorp/terraform-plugin-go/tftypes"
+ _ "google.golang.org/protobuf/types/known/timestamppb"
)
// Reference imports to suppress errors if they are not otherwise used.
@@ -107,52 +106,6 @@ func GenSchemaDeviceV1(ctx context.Context) (github_com_hashicorp_terraform_plug
Optional: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
- "profile": {
- Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{
- "external_id": {
- Description: "",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
- },
- "jamf_binary_version": {
- Description: "",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
- },
- "model_identifier": {
- Description: "",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
- },
- "os_build": {
- Description: "",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
- },
- "os_build_supplemental": {
- Description: "",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
- },
- "os_usernames": {
- Description: "",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.ListType{ElemType: github_com_hashicorp_terraform_plugin_framework_types.StringType},
- },
- "os_version": {
- Description: "",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
- },
- "update_time": {
- Description: "",
- Optional: true,
- Type: github_com_gravitational_teleport_plugins_terraform_tfschema.UseRFC3339Time(),
- },
- }),
- Description: "",
- Optional: true,
- },
"source": {
Attributes: github_com_hashicorp_terraform_plugin_framework_tfsdk.SingleNestedAttributes(map[string]github_com_hashicorp_terraform_plugin_framework_tfsdk.Attribute{
"name": {
@@ -174,10 +127,9 @@ func GenSchemaDeviceV1(ctx context.Context) (github_com_hashicorp_terraform_plug
Optional: true,
},
"version": {
- Computed: true,
Description: "Version is version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
}}, nil
@@ -415,171 +367,6 @@ func CopyDeviceV1FromTerraform(_ context.Context, tf github_com_hashicorp_terraf
}
}
}
- {
- a, ok := tf.Attrs["profile"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.Object)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile", "github.com/hashicorp/terraform-plugin-framework/types.Object"})
- } else {
- obj.Profile = nil
- if !v.Null && !v.Unknown {
- tf := v
- obj.Profile = &github_com_gravitational_teleport_api_types.DeviceProfile{}
- obj := obj.Profile
- {
- a, ok := tf.Attrs["update_time"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.update_time"})
- } else {
- v, ok := a.(github_com_gravitational_teleport_plugins_terraform_tfschema.TimeValue)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.update_time", "github.com/gravitational/teleport-plugins/terraform/tfschema.TimeValue"})
- } else {
- var t *time.Time
- if !v.Null && !v.Unknown {
- c := time.Time(v.Value)
- t = &c
- }
- obj.UpdateTime = t
- }
- }
- }
- {
- a, ok := tf.Attrs["model_identifier"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.model_identifier"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.model_identifier", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- } else {
- var t string
- if !v.Null && !v.Unknown {
- t = string(v.Value)
- }
- obj.ModelIdentifier = t
- }
- }
- }
- {
- a, ok := tf.Attrs["os_version"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.os_version"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.os_version", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- } else {
- var t string
- if !v.Null && !v.Unknown {
- t = string(v.Value)
- }
- obj.OsVersion = t
- }
- }
- }
- {
- a, ok := tf.Attrs["os_build"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.os_build"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.os_build", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- } else {
- var t string
- if !v.Null && !v.Unknown {
- t = string(v.Value)
- }
- obj.OsBuild = t
- }
- }
- }
- {
- a, ok := tf.Attrs["os_usernames"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.os_usernames"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.List)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.os_usernames", "github.com/hashicorp/terraform-plugin-framework/types.List"})
- } else {
- obj.OsUsernames = make([]string, len(v.Elems))
- if !v.Null && !v.Unknown {
- for k, a := range v.Elems {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.os_usernames", "github_com_hashicorp_terraform_plugin_framework_types.String"})
- } else {
- var t string
- if !v.Null && !v.Unknown {
- t = string(v.Value)
- }
- obj.OsUsernames[k] = t
- }
- }
- }
- }
- }
- }
- {
- a, ok := tf.Attrs["jamf_binary_version"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.jamf_binary_version"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.jamf_binary_version", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- } else {
- var t string
- if !v.Null && !v.Unknown {
- t = string(v.Value)
- }
- obj.JamfBinaryVersion = t
- }
- }
- }
- {
- a, ok := tf.Attrs["external_id"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.external_id"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.external_id", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- } else {
- var t string
- if !v.Null && !v.Unknown {
- t = string(v.Value)
- }
- obj.ExternalId = t
- }
- }
- }
- {
- a, ok := tf.Attrs["os_build_supplemental"]
- if !ok {
- diags.Append(attrReadMissingDiag{"DeviceV1.spec.profile.os_build_supplemental"})
- } else {
- v, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrReadConversionFailureDiag{"DeviceV1.spec.profile.os_build_supplemental", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- } else {
- var t string
- if !v.Null && !v.Unknown {
- t = string(v.Value)
- }
- obj.OsBuildSupplemental = t
- }
- }
- }
- }
- }
- }
- }
{
a, ok := tf.Attrs["owner"]
if !ok {
@@ -948,250 +735,6 @@ func CopyDeviceV1ToTerraform(ctx context.Context, obj *github_com_gravitational_
}
}
}
- {
- a, ok := tf.AttrTypes["profile"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile"})
- } else {
- o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ObjectType)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile", "github.com/hashicorp/terraform-plugin-framework/types.ObjectType"})
- } else {
- v, ok := tf.Attrs["profile"].(github_com_hashicorp_terraform_plugin_framework_types.Object)
- if !ok {
- v = github_com_hashicorp_terraform_plugin_framework_types.Object{
-
- AttrTypes: o.AttrTypes,
- Attrs: make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(o.AttrTypes)),
- }
- } else {
- if v.Attrs == nil {
- v.Attrs = make(map[string]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(tf.AttrTypes))
- }
- }
- if obj.Profile == nil {
- v.Null = true
- } else {
- obj := obj.Profile
- tf := &v
- {
- t, ok := tf.AttrTypes["update_time"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.update_time"})
- } else {
- v, ok := tf.Attrs["update_time"].(github_com_gravitational_teleport_plugins_terraform_tfschema.TimeValue)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.update_time", err})
- }
- v, ok = i.(github_com_gravitational_teleport_plugins_terraform_tfschema.TimeValue)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.update_time", "github.com/gravitational/teleport-plugins/terraform/tfschema.TimeValue"})
- }
- v.Null = false
- }
- if obj.UpdateTime == nil {
- v.Null = true
- } else {
- v.Null = false
- v.Value = time.Time(*obj.UpdateTime)
- }
- v.Unknown = false
- tf.Attrs["update_time"] = v
- }
- }
- {
- t, ok := tf.AttrTypes["model_identifier"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.model_identifier"})
- } else {
- v, ok := tf.Attrs["model_identifier"].(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.model_identifier", err})
- }
- v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.model_identifier", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- }
- v.Null = string(obj.ModelIdentifier) == ""
- }
- v.Value = string(obj.ModelIdentifier)
- v.Unknown = false
- tf.Attrs["model_identifier"] = v
- }
- }
- {
- t, ok := tf.AttrTypes["os_version"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.os_version"})
- } else {
- v, ok := tf.Attrs["os_version"].(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.os_version", err})
- }
- v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.os_version", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- }
- v.Null = string(obj.OsVersion) == ""
- }
- v.Value = string(obj.OsVersion)
- v.Unknown = false
- tf.Attrs["os_version"] = v
- }
- }
- {
- t, ok := tf.AttrTypes["os_build"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.os_build"})
- } else {
- v, ok := tf.Attrs["os_build"].(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.os_build", err})
- }
- v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.os_build", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- }
- v.Null = string(obj.OsBuild) == ""
- }
- v.Value = string(obj.OsBuild)
- v.Unknown = false
- tf.Attrs["os_build"] = v
- }
- }
- {
- a, ok := tf.AttrTypes["os_usernames"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.os_usernames"})
- } else {
- o, ok := a.(github_com_hashicorp_terraform_plugin_framework_types.ListType)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.os_usernames", "github.com/hashicorp/terraform-plugin-framework/types.ListType"})
- } else {
- c, ok := tf.Attrs["os_usernames"].(github_com_hashicorp_terraform_plugin_framework_types.List)
- if !ok {
- c = github_com_hashicorp_terraform_plugin_framework_types.List{
-
- ElemType: o.ElemType,
- Elems: make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.OsUsernames)),
- Null: true,
- }
- } else {
- if c.Elems == nil {
- c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.OsUsernames))
- }
- }
- if obj.OsUsernames != nil {
- t := o.ElemType
- if len(obj.OsUsernames) != len(c.Elems) {
- c.Elems = make([]github_com_hashicorp_terraform_plugin_framework_attr.Value, len(obj.OsUsernames))
- }
- for k, a := range obj.OsUsernames {
- v, ok := tf.Attrs["os_usernames"].(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.os_usernames", err})
- }
- v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.os_usernames", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- }
- v.Null = string(a) == ""
- }
- v.Value = string(a)
- v.Unknown = false
- c.Elems[k] = v
- }
- if len(obj.OsUsernames) > 0 {
- c.Null = false
- }
- }
- c.Unknown = false
- tf.Attrs["os_usernames"] = c
- }
- }
- }
- {
- t, ok := tf.AttrTypes["jamf_binary_version"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.jamf_binary_version"})
- } else {
- v, ok := tf.Attrs["jamf_binary_version"].(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.jamf_binary_version", err})
- }
- v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.jamf_binary_version", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- }
- v.Null = string(obj.JamfBinaryVersion) == ""
- }
- v.Value = string(obj.JamfBinaryVersion)
- v.Unknown = false
- tf.Attrs["jamf_binary_version"] = v
- }
- }
- {
- t, ok := tf.AttrTypes["external_id"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.external_id"})
- } else {
- v, ok := tf.Attrs["external_id"].(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.external_id", err})
- }
- v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.external_id", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- }
- v.Null = string(obj.ExternalId) == ""
- }
- v.Value = string(obj.ExternalId)
- v.Unknown = false
- tf.Attrs["external_id"] = v
- }
- }
- {
- t, ok := tf.AttrTypes["os_build_supplemental"]
- if !ok {
- diags.Append(attrWriteMissingDiag{"DeviceV1.spec.profile.os_build_supplemental"})
- } else {
- v, ok := tf.Attrs["os_build_supplemental"].(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- i, err := t.ValueFromTerraform(ctx, github_com_hashicorp_terraform_plugin_go_tftypes.NewValue(t.TerraformType(ctx), nil))
- if err != nil {
- diags.Append(attrWriteGeneralError{"DeviceV1.spec.profile.os_build_supplemental", err})
- }
- v, ok = i.(github_com_hashicorp_terraform_plugin_framework_types.String)
- if !ok {
- diags.Append(attrWriteConversionFailureDiag{"DeviceV1.spec.profile.os_build_supplemental", "github.com/hashicorp/terraform-plugin-framework/types.String"})
- }
- v.Null = string(obj.OsBuildSupplemental) == ""
- }
- v.Value = string(obj.OsBuildSupplemental)
- v.Unknown = false
- tf.Attrs["os_build_supplemental"] = v
- }
- }
- }
- v.Unknown = false
- tf.Attrs["profile"] = v
- }
- }
- }
{
t, ok := tf.AttrTypes["owner"]
if !ok {
diff --git a/terraform/tfschema/loginrule/v1/loginrule_terraform.go b/terraform/tfschema/loginrule/v1/loginrule_terraform.go
index 0b252859f..c58d30db7 100644
--- a/terraform/tfschema/loginrule/v1/loginrule_terraform.go
+++ b/terraform/tfschema/loginrule/v1/loginrule_terraform.go
@@ -73,8 +73,8 @@ func GenSchemaLoginRule(ctx context.Context) (github_com_hashicorp_terraform_plu
},
"name": {
Description: "Name is an object name",
- Optional: true,
PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"namespace": {
@@ -95,7 +95,7 @@ func GenSchemaLoginRule(ctx context.Context) (github_com_hashicorp_terraform_plu
},
"priority": {
Description: "Priority is the priority of the login rule relative to other login rules in the same cluster. Login rules with a lower numbered priority will be evaluated first.",
- Optional: true,
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.Int64Type,
},
"traits_expression": {
@@ -113,9 +113,10 @@ func GenSchemaLoginRule(ctx context.Context) (github_com_hashicorp_terraform_plu
Optional: true,
},
"version": {
- Description: "Version is the resource version.",
- Optional: true,
- Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
+ Description: "Version is the resource version.",
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
+ Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
}}, nil
}
diff --git a/terraform/tfschema/types_terraform.go b/terraform/tfschema/types_terraform.go
index 52f658b48..2b567802b 100644
--- a/terraform/tfschema/types_terraform.go
+++ b/terraform/tfschema/types_terraform.go
@@ -26,7 +26,6 @@ import (
_ "github.com/gogo/protobuf/gogoproto"
proto "github.com/gogo/protobuf/proto"
- _ "github.com/golang/protobuf/ptypes/timestamp"
github_com_gravitational_teleport_api_constants "github.com/gravitational/teleport/api/constants"
_ "github.com/gravitational/teleport/api/gen/proto/go/attestation/v1"
github_com_gravitational_teleport_api_types "github.com/gravitational/teleport/api/types"
@@ -35,6 +34,7 @@ import (
github_com_hashicorp_terraform_plugin_framework_tfsdk "github.com/hashicorp/terraform-plugin-framework/tfsdk"
github_com_hashicorp_terraform_plugin_framework_types "github.com/hashicorp/terraform-plugin-framework/types"
github_com_hashicorp_terraform_plugin_go_tftypes "github.com/hashicorp/terraform-plugin-go/tftypes"
+ _ "google.golang.org/protobuf/types/known/timestamppb"
)
// Reference imports to suppress errors if they are not otherwise used.
@@ -507,10 +507,9 @@ func GenSchemaDatabaseV3(ctx context.Context) (github_com_hashicorp_terraform_pl
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is the resource version.",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)},
},
@@ -675,10 +674,9 @@ func GenSchemaAppV3(ctx context.Context) (github_com_hashicorp_terraform_plugin_
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is the resource version.",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)},
},
@@ -1095,10 +1093,9 @@ func GenSchemaProvisionTokenV2(ctx context.Context) (github_com_hashicorp_terraf
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)},
},
@@ -1335,10 +1332,9 @@ func GenSchemaSessionRecordingConfigV2(ctx context.Context) (github_com_hashicor
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is a resource version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)},
},
@@ -1542,10 +1538,9 @@ func GenSchemaAuthPreferenceV2(ctx context.Context) (github_com_hashicorp_terraf
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is a resource version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)},
},
@@ -2526,10 +2521,9 @@ func GenSchemaRoleV6(ctx context.Context) (github_com_hashicorp_terraform_plugin
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 7)},
},
@@ -2664,10 +2658,9 @@ func GenSchemaUserV2(ctx context.Context) (github_com_hashicorp_terraform_plugin
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)},
},
@@ -2837,10 +2830,9 @@ func GenSchemaOIDCConnectorV3(ctx context.Context) (github_com_hashicorp_terrafo
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is a resource version.",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)},
},
@@ -3047,10 +3039,9 @@ func GenSchemaSAMLConnectorV2(ctx context.Context) (github_com_hashicorp_terrafo
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is a resource version.",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(2, 2)},
},
@@ -3209,10 +3200,9 @@ func GenSchemaGithubConnectorV3(ctx context.Context) (github_com_hashicorp_terra
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is a resource version.",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(3, 3)},
},
@@ -3330,10 +3320,9 @@ func GenSchemaTrustedClusterV2(ctx context.Context) (github_com_hashicorp_terraf
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is a resource version.",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
}}, nil
@@ -3421,11 +3410,11 @@ func GenSchemaClusterMaintenanceConfigV1(ctx context.Context) (github_com_hashic
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
+ Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(1, 1)},
},
}}, nil
}
@@ -3541,10 +3530,9 @@ func GenSchemaOktaImportRuleV1(ctx context.Context) (github_com_hashicorp_terraf
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
},
"version": {
- Computed: true,
Description: "Version is version",
- Optional: true,
- PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown()},
+ PlanModifiers: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributePlanModifier{github_com_hashicorp_terraform_plugin_framework_tfsdk.UseStateForUnknown(), github_com_hashicorp_terraform_plugin_framework_tfsdk.RequiresReplace()},
+ Required: true,
Type: github_com_hashicorp_terraform_plugin_framework_types.StringType,
Validators: []github_com_hashicorp_terraform_plugin_framework_tfsdk.AttributeValidator{UseVersionBetween(1, 1)},
},