This is SUPER helpful as a beginner to TF. We are currently in the process of integrating our Okta environment with our HRIS, so Okta user accounts automatically get created, updated, and deactivated based on the data in the HRIS. So for that use-case, I don't think TF would be helpful for us. However, I still envision many other use-cases, such as using TF to maintain a source of truth for admin roles for users, service accounts, memberships to groups that give sensitive access, etc. Integrating these source of truth configurations with a CI/CD pipeline seems like an amazing way to maintain a secure and scalable baseline. Thanks again for such a helpful crash course on managing Okta with TF!
@suleimanmo Жыл бұрын
Great video. Thank you so much
@thompson9451 Жыл бұрын
Amazing! So helpful
@success-ahmed10 ай бұрын
4:20 tell terraform to use okta provider 7:52 get the right kind of key for terraform 10:58 grant the scopes 13:00 creating a user 16:13 group resource 17:30 erros 23:33 add user to group 24:47 taking things down 27:32 terraform variable 30:30 terraform fmt 31:36 terraform import 36:40 config drift 38:39 api rate limit
@OktaDev10 ай бұрын
Thank you for laying out these chapters markers!
@RichardCollette9 ай бұрын
@@OktaDev You could add them to the video itself.
@swinyerbruce1889 ай бұрын
Error: failed to create user: the API returned an error: You do not have permission to perform the requested action - Okta application integration requires Admin role to be assigned
@selvakumarranganathan6754 ай бұрын
try adding "Organization Administrator" role for the terraform workspace or whatever your application
@wasiushina355010 ай бұрын
This is so helpful. Do you have a module for bulk okta users and group import to Terraform? As I have a project where i need to import about 800 users and 100 groups to terraform. your examples shows how to import each users by import code block. Please advise. Thanks
@OktaDev10 ай бұрын
There are a couple different ways to approach bulk import. To do it entirely within Terraform, try the users data source (registry.terraform.io/providers/okta/okta/latest/docs/data-sources/users) and groups data source (registry.terraform.io/providers/okta/okta/latest/docs/data-sources/groups). If those don't provide all the data you need to import your users, or if you'd simply prefer to use a separate script for processing them, utilize the users API (developer.okta.com/docs/reference/api/users/) and groups API (developer.okta.com/docs/reference/api/groups/) to get the information you need to write or generate your Terraform code. If you're new to working with the APIs, check developer.okta.com/code/ to see if we have an SDK for your preferred language. Any time you're doing bulk operations that hit the Okta API, including with Terraform, be mindful of the rate limit. The easiest way to check the rate limit for your Terraform is to navigate to your Terraform app integration in the admin console (applications -> applications -> your Terraform integration app name), and click the Application Rate Limits tab in it. This shows the current settings as a percent of your total rate limit or in requests per minute. When experimenting with bulk operations, I've found it helpful to add appropriate delays in my code to ensure that it never consumes the rate limit, because there's a backoff period after the rate limit is exceeded when no requests can complete.