bright-orange-69401
02/19/2020, 8:29 AMResource
configuration in Pulumi ?
I'm trying to set up an SSO between Okta and AWS using Pulumi, and that requires 3 steps with 2 Resources
:
1. Create <http://okta.App|okta.App>
which generates metadata
2. Inject metadata and create aws.iam.IdentityProvider
, which has an ARN
3. Inject IdentityProvider
ARN back into the <http://okta.App|okta.App>
Resource created in step 1
I'm trying to pack this logic into a Component
but I struggle with step 3: can't seem to update a Resource
as part of a Component
Also tried using _import
but there's an URN conflict because the imported resource (step 3) would actually be the same as step 1...
Should I try creating a Dynamic Provider for that ? Can't it be done natively ?Resource
in a single Pulumi template ?important-ram-83431
02/20/2020, 9:37 AMbright-orange-69401
02/24/2020, 12:29 PMResource
via a Dynamic Provider that merely performs step 3 (validation of the SAML)
It's a similar process as the one used by Terraform & Pulumi for AWS ACM CertificateValidation
The Resource
just finds the SAML App by its ID and updates it with the metadata obtained in step 2 : it does not actually provision anything and does not have a delete
methodimportant-ram-83431
02/24/2020, 1:47 PMbright-orange-69401
02/24/2020, 1:55 PM