Add external ID support for groups
Qwiz opened this issue · 5 comments
Hello!
Artifactory supports setting external ID for azure AD groups since 7.28.9.
https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.28.9
But terraform provider doesn't have this argument in artifactory_group resource.
Field externalId also missing in JSON schema in JFrog docs. But setting it works as expected at least for Artifactory 7.35.2.
Could you add it?
Thanks
We (Skoda-auto) would need it too.
@Qwiz Thank you for the report. We have scheduled to implement this in upcoming sprint.
We have updated the provider from 4.0.0 to 6.6.0 and see now lot of changes around the external_id attribute:
# artifactory_group.group["RG_AZ_MY_GROUP"] will be updated in-place
~ resource "artifactory_group" "group" {
- external_id = "e2749ce1-6062-4c0d-a253-67f1ea6706df" -> null
id = "RG_AZ_MY_GROUP"
name = "RG_AZ_MY_GROUP"
# (8 unchanged attributes hidden)
}
We are using SCIM for provisioning groups in Artifactory and the external id was auto-populated by the SCIM implementation in Artifactory.
I am wondering whether the update to 6.6.0 and the removal of the external id will cause any issues.
Also on a side note: What exactly is this feature external_id supposed to solve/work?
We use SAML protocol, so we have to create the Groups by Terraform in JFrog to be linked with SAML information.
@martinm82 External ID was introduced in 7.28.9.
To support Azure Active Directory users, the field External ID field was added to the group definition and can be set via the group creation UI.
I don't know how SCIM's external ID interacts with Artifactory so my suggestion would be to import those groups so the external ID are now part of TF state.