commit 4ddcfa533414b4628655d52ba56c47ae8ca5a5a4 Author: Ryan Malloy Date: Thu Nov 14 17:33:52 2024 +0000 Add main.tf diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..ec84587 --- /dev/null +++ b/main.tf @@ -0,0 +1,45 @@ +# Okta AD Integration Resources +resource "okta_group" "ad_users" { + name = var.ad_group_name + description = var.ad_group_description +} + +resource "okta_group_rule" "ad_users_rule" { + name = "AD Users Rule" + expression = "isMemberOfAnyGroupName(\"${var.ad_group_name}\")" + status = "ACTIVE" + group_assignments = [okta_group.ad_users.id] +} + +resource "okta_profile_mapping" "ad_to_okta_mapping" { + source { + type = "ACTIVE_DIRECTORY" + } + target { + type = "OKTA" + } + + attribute_mappings = var.ad_user_profile_mappings +} + +# SailPoint Configuration for AD-Okta Identities +data "http" "sailpoint_identity_sources" { + url = "${var.sailpoint_api_url}/v3/identity-sources" + request_headers = { + Authorization = "Bearer ${var.sailpoint_api_token}" + } +} + +# Triggering Identity Sync +resource "http" "sailpoint_identity_sync" { + url = "${var.sailpoint_api_url}/v3/identity-sources/sync" + method = "POST" + request_headers = { + Authorization = "Bearer ${var.sailpoint_api_token}" + Content-Type = "application/json" + } + + request_body = jsonencode({ + sourceId = data.http.sailpoint_identity_sources.body # This assumes the ID is retrieved from the identity sources data + }) +} \ No newline at end of file