Comments (7)
@jtsaito Yes, that does sound like the API may be mixing up different levels of authentication.
When I get to implementing notifications (currently on the road map), I will work with the Rollbar API team to make sure we are handling auth in a reasonable way.
from terraform-provider-rollbar.
Thanks for this @jtsaito! Issue #12 covers the project access token DELETE endpoint. Maybe @mrunalk can give us some feedback on when that endpoint will be ready?
However, account tokens don't grant full access to all project related attributes.
Can you elaborate on this? I haven't so far been refused access to any resources with my account token.
from terraform-provider-rollbar.
@jmcvetta Sorry, I had not seen the issue list.
As documented
Many operations require a project-specific access token.
I.e. tokens, in addition to the account token. (Some how to me this seems to be mixing up different levels of authorisations but it is the way the API was designed.)
In a Terraform provider, the place to put such tokens should be in the provider definition itself. However, these tokens are per project, and putting them into the provider would require manually handling the attribute after creating projects etc. Therefore, the idea would be to generate the tokens on the fly, per every API request that requires them, and then delete the token again. However, this is not possible without a DELETE endpoint.
E.g., we are very much interested in creating notifications. But we would have to create project tokens for every API operation on a each project's notification. But then we could not delete them and would be stuck with an ever growing number of project tokens.
from terraform-provider-rollbar.
Thanks @fmasuhr! In that case, I will not prioritize keeping resource rollbar_user
compatible with the current implementation.
from terraform-provider-rollbar.
@jmcvetta Please find below some example code:
provider "rollbar" {
version = "0.1.5"
api_key = <API_KEY>
}
data "rollbar_project" "exaple-spa" {
name = "example"
}
data "rollbar_project_access_token" "example-spa-post-client-item" {
project_id = data.rollbar_project.example-spa.id
name = "post_client_item"
}
data "rollbar_project_access_token" "example-spa-post-server-item" {
project_id = data.rollbar_project.example-spa.id
name = "post_server_item"
}
We use this on dozens of projects but still need to do manual work, e.g. for cleaning up the auto generated project access tokens for read
and write
and for syncing project notifications.
We would actually have liked to implement Terraform resources for project tokens. However, account tokens don't grant full access to all project related attributes. This complicates the implementation because credentials should be handled at the Terraform provider (not resource) level. But the API requires us to fetch project tokens ad hoc (but there is no DELETE endpoint so we cannot clean them up) or fetch the project access tokens (but this requires a token to already be present).
It would be great if Rollbar could provide the DELETE endpoint.
Similarly we could not implement the project resource (instead of the read-only data source) because the full CRUD was not given by the API: update is missing.
We did actually ask for the endpoints but we were not given any definite response about the future of these features. Perhaps, you could let us know if adding these endpoints is now on the roadmap.
from terraform-provider-rollbar.
Hi folks! The existing provider implements resource rollbar_user
. Are you using this resource?
from terraform-provider-rollbar.
Hey @jmcvetta apparently we are not using this resource at all. We had the plan to use this and implemented it some time ago but currently it is not in use.
from terraform-provider-rollbar.
Related Issues (20)
- Add support for web hook notification rules HOT 1
- Accelerate Terraform Refresh
- Support web hook integration as a resource HOT 4
- temperamental "Error: 0" in `terraform plan` caused by unhandled 502 from rollbar HOT 2
- Terraform plugin crashing v 1.7.0 HOT 9
- More graceful rate limiting handling HOT 27
- Inconsistent Error: 1 Channel not found HOT 7
- Setting timezone on project HOT 2
- Plugin crashing after upgrade to 1.9.0 HOT 5
- TEST issue, please ignore
- TEST issue, please ignore 2
- Plugin still crashing after upgrade to 1.10.0 HOT 4
- v1.10 crashing HOT 3
- Bug: Root resource │ was present, but now absent HOT 20
- feature-request terraform resource for "rollbar_notification_enable" HOT 5
- Provider produced inconsistent result after apply HOT 1
- resource_user refresh performance improvement HOT 2
- Missing config object option in Slack notification rule HOT 1
- Team resouce after created saves "null" IDs since ver 1.11.0 HOT 4
- Support better management of Project's sub-features/settings HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-rollbar.