docs: correct steps for idp migration with terraform (#6259)

docs: correct steps for idp migration with terraform (#6259)
This commit is contained in:
Stefan Benz 2023-07-27 06:39:33 +02:00 committed by GitHub
parent 2fe76acd14
commit 48330fc4b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -28,8 +28,14 @@ Please note that you only have to perform this migration if you already have an
If that isn't your case please just add a new provider from scratch. If that isn't your case please just add a new provider from scratch.
To migrate to a specific provider, you need to follow a few essential steps: To migrate to a specific provider, you need to follow a few essential steps:
1. Create a desired IDP as Terraform resource for example [Google](https://registry.terraform.io/providers/zitadel/zitadel/latest/docs/resources/idp_google). 1. Create a desired IDP as Terraform resource for example [Google](https://registry.terraform.io/providers/zitadel/zitadel/latest/docs/resources/idp_google).
2. Make the corresponding API call to [migrate the IDP](./migrate#google-configuration), save the ID of the IDP for the import 2. Remove the old terraform resource from the state as to not destroy the migrated IDP accidentally.
3. Before applying the Terraform resources again, import the new IDP resource. ```bash
# terraform state rm *address*
terraform state rm zitadel_idp_oidc.oidc_idp
```
After this command you can also remove the resource from the terraform files, as it is not managed anymore but also not deleted
3. Make the corresponding API call to [migrate the IDP](./migrate#migrate-generic-oidc-provider), save the ID of the IDP for the import
4. Before applying the Terraform resources again, import the new IDP resource.
```bash ```bash
#resource "zitadel_idp_google" "google" { #resource "zitadel_idp_google" "google" {
# name = "Google" # name = "Google"
@ -44,5 +50,6 @@ To migrate to a specific provider, you need to follow a few essential steps:
# terraform import zitadel_idp_google.*resource_name* *id*:*client_secret* # terraform import zitadel_idp_google.*resource_name* *id*:*client_secret*
terraform import zitadel_idp_google.google 222302827723096428:GOCSPX-***** terraform import zitadel_idp_google.google 222302827723096428:GOCSPX-*****
```
You have now migrated your provider and you should be able to apply the resource again. There should be no changes and the IDP is maintained by Terraform again. You have now migrated your provider and you should be able to apply the resource again. There should be no changes and the IDP is maintained by Terraform again.