Skip to content

Fix TF role preset rule addition logic#51296

Merged
hugoShaka merged 1 commit intomasterfrom
hugo/fix-50208-tf-role-preset
Jan 21, 2025
Merged

Fix TF role preset rule addition logic#51296
hugoShaka merged 1 commit intomasterfrom
hugo/fix-50208-tf-role-preset

Conversation

@hugoShaka
Copy link
Copy Markdown
Contributor

@hugoShaka hugoShaka commented Jan 21, 2025
edited
Loading

This PR solves two bugs:

  • all the resources were in a single allow rule, while our preset rule addition logic only knows how to add new rules, not resources to existing rules
  • the rule addition logic does not apply for every preset, it uses the defaultAllowRules map which did not contain the TF role. We were not even trying to add new rules to the TF role.

Historical reconstitution:
image

This can affect the following resources:

types.KindDynamicWindowsDesktop,
types.KindBot,
types.KindInstaller,
types.KindAccessMonitoringRule,
types.KindStaticHostUser,
types.KindWorkloadIdentity,

Fixes: #50208
Changelog: FIxes a bug causing the terraform-provider preset role to not automatically allow newly supported resources.

@hugoShaka hugoShaka added terraform-provider Issues relating to the Teleport Terraform provider in the teleport-plugins repo backport/branch/v16 backport/branch/v17 labels Jan 21, 2025
@hugoShaka hugoShaka added this pull request to the merge queue Jan 21, 2025
Merged via the queue into master with commit 5de236e Jan 21, 2025
@hugoShaka hugoShaka deleted the hugo/fix-50208-tf-role-preset branch January 21, 2025 17:23
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Jan 21, 2025

@hugoShaka See the table below for backport results.

Branch Result
branch/v16 Failed
branch/v17 Create PR

This was referenced Jan 21, 2025
Merged
Merged
carloscastrojumo pushed a commit to carloscastrojumo/teleport that referenced this pull request Feb 19, 2025
@hugoShaka @carloscastrojumo
Fix TF role preset rule addition logic (gravitational#51296)
9f56445
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marcoandredinis marcoandredinis marcoandredinis approved these changes

@tigrato tigrato tigrato approved these changes

Assignees

No one assigned

Labels

backport/branch/v17 size/md terraform-provider Issues relating to the Teleport Terraform provider in the teleport-plugins repo

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

New resources are not added to the Terraform preset role.

3 participants

@hugoShaka @marcoandredinis @tigrato