Example config for babbel provider about terraform-provider-rollbar HOT 7 CLOSED

@jtsaito Yes, that does sound like the API may be mixing up different levels of authentication.

When I get to implementing notifications (currently on the road map), I will work with the Rollbar API team to make sure we are handling auth in a reasonable way.

from terraform-provider-rollbar.

Thanks for this @jtsaito! Issue #12 covers the project access token DELETE endpoint. Maybe @mrunalk can give us some feedback on when that endpoint will be ready?

However, account tokens don't grant full access to all project related attributes.

Can you elaborate on this? I haven't so far been refused access to any resources with my account token.

from terraform-provider-rollbar.

@jmcvetta Sorry, I had not seen the issue list.

As documented

Many operations require a project-specific access token.

I.e. tokens, in addition to the account token. (Some how to me this seems to be mixing up different levels of authorisations but it is the way the API was designed.)

In a Terraform provider, the place to put such tokens should be in the provider definition itself. However, these tokens are per project, and putting them into the provider would require manually handling the attribute after creating projects etc. Therefore, the idea would be to generate the tokens on the fly, per every API request that requires them, and then delete the token again. However, this is not possible without a DELETE endpoint.

E.g., we are very much interested in creating notifications. But we would have to create project tokens for every API operation on a each project's notification. But then we could not delete them and would be stuck with an ever growing number of project tokens.

from terraform-provider-rollbar.

Thanks @fmasuhr! In that case, I will not prioritize keeping resource rollbar_user compatible with the current implementation.

from terraform-provider-rollbar.

@jmcvetta Please find below some example code:

provider "rollbar" {
  version = "0.1.5"

  api_key = <API_KEY>
}

data "rollbar_project" "exaple-spa" {
  name = "example"
}

data "rollbar_project_access_token" "example-spa-post-client-item" {
  project_id = data.rollbar_project.example-spa.id
  name       = "post_client_item"
}

data "rollbar_project_access_token" "example-spa-post-server-item" {
  project_id = data.rollbar_project.example-spa.id
  name       = "post_server_item"
}

We use this on dozens of projects but still need to do manual work, e.g. for cleaning up the auto generated project access tokens for read and write and for syncing project notifications.

We would actually have liked to implement Terraform resources for project tokens. However, account tokens don't grant full access to all project related attributes. This complicates the implementation because credentials should be handled at the Terraform provider (not resource) level. But the API requires us to fetch project tokens ad hoc (but there is no DELETE endpoint so we cannot clean them up) or fetch the project access tokens (but this requires a token to already be present).

It would be great if Rollbar could provide the DELETE endpoint.

Similarly we could not implement the project resource (instead of the read-only data source) because the full CRUD was not given by the API: update is missing.

We did actually ask for the endpoints but we were not given any definite response about the future of these features. Perhaps, you could let us know if adding these endpoints is now on the roadmap.

from terraform-provider-rollbar.

Hi folks! The existing provider implements resource rollbar_user. Are you using this resource?

from terraform-provider-rollbar.

Hey @jmcvetta apparently we are not using this resource at all. We had the plan to use this and implemented it some time ago but currently it is not in use.

from terraform-provider-rollbar.