Add support for LDAP user and group in policy attachments #446
Conversation
acolombier
force-pushed
the
feat/policy-attachment-ldap-support
branch
from
abc1424 to
e3b3244
Compare
acolombier
force-pushed
the
feat/policy-attachment-ldap-support
branch
from
e3b3244 to
7ddd072
Compare
Minio can actually provide information about LDAP users/groups that it has a configuration for. Removing the section that perform LDAP user/group assert removes the ability for the provider to perform drift detection/reconciliation. |
|
@BuJo after further digging, it looks like only Tested locally with a mix set of static users and group, as well as LDAP user and group too. Tested happy path and reconciliation. I feel like the user custom logic should definitely be covered with unit tests, but AFAIS, this would require some refactoring to support DI in order to allow IMHO, this refactoring should neither happen in this PR as it is out of scope with the task at hand, and unfortunately I'm unsure I currently have the time to put that effort in too. I have added couple of debug output so if this ever regress in future versions, there should at least be some debugging starting point. Hopefully this is acceptable. |
acolombier
force-pushed
the
feat/policy-attachment-ldap-support
branch
from
d6e76b0 to
969b158
Compare
|
Hi! Thank you very much for work in this feature, I need this. |
✅ Published in release 1.14.0. |
This PR implements the following changes:
group_namein the resourceminio_iam_group_policy_attachmentuser_namein the resourceminio_iam_user_policy_attachmentReference
Closing issues
Note
When running
tfplugindocs(v0.14.1), it did update couple of syntax unrelated to this change; it now seems to make the difference between optional arguments and read-only arguments.Currently, I have only pushed those that are relevant to this PR (doc related to the proposed change), but let me know if you would like me to push the other updates in a new PR.