# Providers provider "okta" { org_name = var.okta_org_name base_url = var.okta_base_url api_token = var.okta_api_token } provider "http" {} # Okta AD Integration Resources resource "okta_group" "ad_users" { name = var.ad_group_name description = var.ad_group_description } resource "okta_group_rule" "ad_users_rule" { name = "AD Users Rule" expression = "isMemberOfAnyGroupName(\"${var.ad_group_name}\")" status = "ACTIVE" group_assignments = [okta_group.ad_users.id] } resource "okta_profile_mapping" "ad_to_okta_mapping" { source { type = "ACTIVE_DIRECTORY" } target { type = "OKTA" } attribute_mappings = var.ad_user_profile_mappings } # SailPoint Configuration for AD-Okta Identities data "http" "sailpoint_identity_sources" { url = "${var.sailpoint_api_url}/v3/identity-sources" request_headers = { Authorization = "Bearer ${var.sailpoint_api_token}" } } # Triggering Identity Sync resource "http" "sailpoint_identity_sync" { url = "${var.sailpoint_api_url}/v3/identity-sources/sync" method = "POST" request_headers = { Authorization = "Bearer ${var.sailpoint_api_token}" Content-Type = "application/json" } request_body = jsonencode({ sourceId = data.http.sailpoint_identity_sources.body # This assumes the ID is retrieved from the identity sources data }) }