demo-terraform/main.tf

54 lines
1.4 KiB
Terraform
Raw Normal View History

2024-11-14 17:36:14 +00:00
# Providers
provider "okta" {
org_name = var.okta_org_name
base_url = var.okta_base_url
api_token = var.okta_api_token
}
provider "http" {}
2024-11-14 17:33:52 +00:00
# Okta AD Integration Resources
resource "okta_group" "ad_users" {
name = var.ad_group_name
description = var.ad_group_description
}
resource "okta_group_rule" "ad_users_rule" {
name = "AD Users Rule"
expression = "isMemberOfAnyGroupName(\"${var.ad_group_name}\")"
status = "ACTIVE"
group_assignments = [okta_group.ad_users.id]
}
resource "okta_profile_mapping" "ad_to_okta_mapping" {
source {
type = "ACTIVE_DIRECTORY"
}
target {
type = "OKTA"
}
attribute_mappings = var.ad_user_profile_mappings
}
# SailPoint Configuration for AD-Okta Identities
data "http" "sailpoint_identity_sources" {
url = "${var.sailpoint_api_url}/v3/identity-sources"
request_headers = {
Authorization = "Bearer ${var.sailpoint_api_token}"
}
}
# Triggering Identity Sync
resource "http" "sailpoint_identity_sync" {
url = "${var.sailpoint_api_url}/v3/identity-sources/sync"
method = "POST"
request_headers = {
Authorization = "Bearer ${var.sailpoint_api_token}"
Content-Type = "application/json"
}
request_body = jsonencode({
sourceId = data.http.sailpoint_identity_sources.body # This assumes the ID is retrieved from the identity sources data
})
}