Update syntax to respect TF minimum version (1.0.0)

Most of the changes are related to the strictness of TF v0.12 https://www.terraform.io/language/upgrade-guides/0-12 > Due to the design of the configuration language decoder in > Terraform v0.11 and earlier, it was in many cases possible to > interchange the argument syntax (with =) and the block syntax > (with just braces) when dealing with map arguments vs. nested > blocks. However, this led to some subtle bugs and limitations, > so Terraform v0.12 now requires consistent usage of argument > syntax for arguments and nested block syntax for nested blocks. This commit validates both examples against Terraform 1 The min terraform version is going to be updated to 1.0.0 #11650 Fixes #11652
gravitational · Apr 15, 2022 · 6136ba8 · 6136ba8
1 parent 0dac870
commit 6136ba8
Show file tree

Hide file tree

Showing 3 changed files with 171 additions and 2 deletions.
diff --git a/docs/pages/setup/guides/terraform-provider.mdx b/docs/pages/setup/guides/terraform-provider.mdx
@@ -155,12 +155,12 @@ role using Terraform.
 <Tabs>
 <TabItem scope={["cloud"]} label="Teleport Cloud">
 ```
-(!examples/resources/terraform/terraform-user-role-cloud.tf!)
+(!examples/resources/terraform/terraform-user-role-cloud.tf012.tf!)
 ```
 </TabItem>
 <TabItem scope={["oss", "enterprise"]} label="Self-Hosted">
 ```
-(!examples/resources/terraform/terraform-user-role-self-hosted.tf!)
+(!examples/resources/terraform/terraform-user-role-self-hosted.tf012.tf!)
 ```
 </TabItem>
 </Tabs>

diff --git a/examples/resources/terraform/terraform-user-role-cloud.tf012.tf b/examples/resources/terraform/terraform-user-role-cloud.tf012.tf
@@ -0,0 +1,83 @@
+terraform {
+  required_providers {
+    teleport = {
+      version = ">= (=teleport.version=)"
+      source  = "gravitational.com/teleport/teleport"
+    }
+  }
+}
+
+provider "teleport" {
+  # Update addr to point to your Teleport Cloud tenant URL
+  addr               = "mytenant.teleport.sh"
+  identity_file_path = "terraform-identity"
+}
+
+resource "teleport_role" "terraform-test" {
+  metadata = {
+    name        = "terraform-test"
+    description = "Terraform test role"
+    labels = {
+      example  = "yes"
+    }
+  }
+
+  spec = {
+    options = {
+      forward_agent           = false
+      max_session_ttl         = "30m"
+      port_forwarding         = false
+      client_idle_timeout     = "1h"
+      disconnect_expired_cert = true
+      permit_x11_forwarding   = false
+      request_access          = "denied"
+    }
+
+    allow = {
+      logins = ["this-user-does-not-exist"]
+
+      rules = [
+        {
+          resources = ["user", "role"]
+          verbs = ["list"]
+        }
+      ]
+
+      request = {
+        roles = ["example"]
+        claims_to_roles = [
+          {
+            claim = "example"
+            value = "example"
+            roles = ["example"]
+          }
+        ]
+      }
+
+      node_labels = {
+         key = ["example"]
+         value = ["yes"]
+      }
+    }
+
+    deny = {
+      logins = ["anonymous"]
+    }
+  }
+}
+
+resource "teleport_user" "terraform-test" {
+  metadata = {
+    name        = "terraform-test"
+    description = "Test terraform user"
+    expires     = "2022-10-12T07:20:50Z"
+
+    labels = {
+      test      = "true"
+    }
+  }
+
+  spec = {
+    roles = ["terraform-test"]
+  }
+}
diff --git a/examples/resources/terraform/terraform-user-role-self-hosted.tf012.tf b/examples/resources/terraform/terraform-user-role-self-hosted.tf012.tf
@@ -0,0 +1,86 @@
+terraform {
+  required_providers {
+    teleport = {
+      version = ">= (=teleport.version=)"
+      source  = "gravitational.com/teleport/teleport"
+    }
+  }
+}
+
+provider "teleport" {
+  # Update addr to point to Teleport Auth/Proxy
+  # addr               = "auth.example.com:3025"
+  addr               = "proxy.example.com:443"
+  cert_path          = "auth.crt"
+  key_path           = "auth.key"
+  root_ca_path       = "auth.cas"
+}
+
+resource "teleport_role" "terraform-test" {
+  metadata = {
+    name        = "terraform-test"
+    description = "Terraform test role"
+    labels = {
+      example  = "yes"
+    }
+  }
+
+  spec = {
+    options = {
+      forward_agent           = false
+      max_session_ttl         = "30m"
+      port_forwarding         = false
+      client_idle_timeout     = "1h"
+      disconnect_expired_cert = true
+      permit_x11_forwarding   = false
+      request_access          = "denied"
+    }
+
+    allow = {
+      logins = ["this-user-does-not-exist"]
+
+      rules = [
+        {
+          resources = ["user", "role"]
+          verbs = ["list"]
+        }
+      ]
+
+      request = {
+        roles = ["example"]
+        claims_to_roles = [
+          {
+            claim = "example"
+            value = "example"
+            roles = ["example"]
+          }
+        ]
+      }
+
+      node_labels = {
+         key = ["example"]
+         value = ["yes"]
+      }
+    }
+
+    deny = {
+      logins = ["anonymous"]
+    }
+  }
+}
+
+resource "teleport_user" "terraform-test" {
+  metadata = {
+    name        = "terraform-test"
+    description = "Test terraform user"
+    expires     = "2022-10-12T07:20:50Z"
+
+    labels = {
+      test      = "true"
+    }
+  }
+
+  spec = {
+    roles = ["terraform-test"]
+  }
+}