-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Removes embedded Okta Groups #2
Conversation
4885beb
to
abf95a1
Compare
I'd like to put this on hold until support for SSO permission sets has been merged until the AWS provider. While it's just okta groups it doesn't make sense to be part of this module; if it's Okta groups together with permission sets then it makes sense. edit: set this to draft so we can discuss before this is merged |
On the one hand I agree with you that its better to add support for Okta groups i.c.w. SSO permission sets so the full solution is implemented, but on the other hand not merging this makes the migration of the Geldmaat inception harder. If we are not going to merge this, are we then going to document that the creation of Okta groups is manual for now and remove this from the state? Maybe we should have a short call about this today! :-) |
7571bfe
to
314b887
Compare
We have decided to remove the Okta Groups from the module and manage them separately until we can implement the full solution including SSO permission set assignments. |
1850c05
to
025b86a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor fix required 🙂
Co-authored-by: Stephen Hoekstra <shoekstra@schubergphilis.com>
Hi @fgoncalves-io, @shoekstra, @marwinbaumannsbp. In the interest of getting the AWS SSO resources merged, please go give a thumbs up to 15808 We've completed most of the work for supporting the AWS SSO and AWS SSO Identity Store resources and datasources in Terraform. The 15322 [WIP] PR encompasses all of that work. But, the contribution guide for the repo recommends submitting small pull requests with the minimum required resources, so we've submitted 15808 as our initial PR with just |
The current value for
local.okta_groups
is fixed and a mix of AWS and Github groups.This change proposes separating AWS groups into a dedicate list and supporting custom groups in order to accommodate different needs. However, it still offers a default group
AWSPlatformAdmins
to avoid having to always pass a group name.