Fix incorrect handling of trusted profile static CRN identities

IBM-Cloud · Sep 30, 2024 · c319f23 · c319f23
1 parent c01f2de
commit c319f23
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 18 deletions.
diff --git a/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_identity.go b/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_identity.go
@@ -122,7 +122,7 @@ func resourceIBMIamTrustedProfileIdentityCreate(context context.Context, d *sche
 		return diag.FromErr(fmt.Errorf("SetProfileIdentityWithContext failed %s\n%s", err, response))
 	}
 
-	d.SetId(fmt.Sprintf("%s/%s/%s", *setProfileIdentityOptions.ProfileID, *setProfileIdentityOptions.IdentityType, *profileIdentityResponse.Identifier))
+	d.SetId(fmt.Sprintf("%s|%s|%s", *setProfileIdentityOptions.ProfileID, *setProfileIdentityOptions.IdentityType, *profileIdentityResponse.Identifier))
 
 	return resourceIBMIamTrustedProfileIdentityRead(context, d, meta)
 }
@@ -135,14 +135,18 @@ func resourceIBMIamTrustedProfileIdentityRead(context context.Context, d *schema
 
 	getProfileIdentityOptions := &iamidentityv1.GetProfileIdentityOptions{}
 
-	parts, err := flex.SepIdParts(d.Id(), "/")
-	if err != nil {
-		return diag.FromErr(err)
+	parts_to_use, original_err := flex.SepIdParts(d.Id(), "|")
+	if original_err != nil {
+		parts, err := flex.SepIdParts(d.Id(), "/") // compatability - can be removed in future release
+		if err != nil {
+			return diag.FromErr(original_err)
+		}
+		parts_to_use = parts
 	}
 
-	getProfileIdentityOptions.SetProfileID(parts[0])
-	getProfileIdentityOptions.SetIdentityType(parts[1])
-	getProfileIdentityOptions.SetIdentifierID(parts[2])
+	getProfileIdentityOptions.SetProfileID(parts_to_use[0])
+	getProfileIdentityOptions.SetIdentityType(parts_to_use[1])
+	getProfileIdentityOptions.SetIdentifierID(parts_to_use[2])
 
 	profileIdentityResponse, response, err := iamIdentityClient.GetProfileIdentityWithContext(context, getProfileIdentityOptions)
 	if err != nil {
@@ -154,6 +158,8 @@ func resourceIBMIamTrustedProfileIdentityRead(context context.Context, d *schema
 		return diag.FromErr(fmt.Errorf("GetProfileIdentityWithContext failed %s\n%s", err, response))
 	}
 
+	d.SetId(fmt.Sprintf("%s|%s|%s", *getProfileIdentityOptions.ProfileID, *getProfileIdentityOptions.IdentityType, *getProfileIdentityOptions.IdentifierID))
+
 	if err = d.Set("profile_id", getProfileIdentityOptions.ProfileID); err != nil {
 		return diag.FromErr(fmt.Errorf("Error setting profile_id: %s", err))
 	}
@@ -188,14 +194,18 @@ func resourceIBMIamTrustedProfileIdentityDelete(context context.Context, d *sche
 
 	deleteProfileIdentityOptions := &iamidentityv1.DeleteProfileIdentityOptions{}
 
-	parts, err := flex.SepIdParts(d.Id(), "/")
-	if err != nil {
-		return diag.FromErr(err)
+	parts_to_use, original_err := flex.SepIdParts(d.Id(), "|")
+	if original_err != nil {
+		parts, err := flex.SepIdParts(d.Id(), "/") // compatability - remove in future release
+		if err != nil {
+			return diag.FromErr(original_err)
+		}
+		parts_to_use = parts
 	}
 
-	deleteProfileIdentityOptions.SetProfileID(parts[0])
-	deleteProfileIdentityOptions.SetIdentityType(parts[1])
-	deleteProfileIdentityOptions.SetIdentifierID(parts[2])
+	deleteProfileIdentityOptions.SetProfileID(parts_to_use[0])
+	deleteProfileIdentityOptions.SetIdentityType(parts_to_use[1])
+	deleteProfileIdentityOptions.SetIdentifierID(parts_to_use[2])
 
 	response, err := iamIdentityClient.DeleteProfileIdentityWithContext(context, deleteProfileIdentityOptions)
 	if err != nil {

diff --git a/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_identity_test.go b/ibm/service/iamidentity/resource_ibm_iam_trusted_profile_identity_test.go
@@ -119,7 +119,7 @@ func testAccCheckIBMIamTrustedProfileIdentityExists(n string, obj iamidentityv1.
 
 		getProfileIdentityOptions := &iamidentityv1.GetProfileIdentityOptions{}
 
-		parts, err := flex.SepIdParts(rs.Primary.ID, "/")
+		parts, err := flex.SepIdParts(rs.Primary.ID, "|")
 		if err != nil {
 			return err
 		}
@@ -150,7 +150,7 @@ func testAccCheckIBMIamTrustedProfileIdentityDestroy(s *terraform.State) error {
 
 		getProfileIdentityOptions := &iamidentityv1.GetProfileIdentityOptions{}
 
-		parts, err := flex.SepIdParts(rs.Primary.ID, "/")
+		parts, err := flex.SepIdParts(rs.Primary.ID, "|")
 		if err != nil {
 			return err
 		}

diff --git a/website/docs/r/iam_trusted_profile_identity.html.markdown b/website/docs/r/iam_trusted_profile_identity.html.markdown
@@ -38,7 +38,7 @@ Review the argument reference that you can specify for your resource.
 
 In addition to all argument references listed, you can access the following attribute references after your resource is created.
 
-* `id` - The unique identifier of the iam_trusted_profile_identity. Id is combination of `profile_id`/ `identity-type`/ `identifier-id`.
+* `id` - The unique identifier of the iam_trusted_profile_identity. Id is combination of `profile_id`| `identity-type`| `identifier-id`.
 
 
 ## Import
@@ -47,13 +47,13 @@ You can import the `ibm_iam_trusted_profile_identity` resource by using `iam_id`
 The `iam_id` property can be formed from `profile-id`, `identity-type`, and `identifier-id` in the following format:
 
 ```
-<profile-id>/<identity-type>/<identifier-id>
+<profile-id>|<identity-type>|<identifier-id>
 ```
 * `profile-id`: A string. ID of the trusted profile.
 * `identity-type`: A string. Type of the identity.
 * `identifier-id`: A string. Identifier of the identity that can assume the trusted profiles.
 
 # Syntax
 ```
-$ terraform import ibm_iam_trusted_profile_identity.iam_trusted_profile_identity <profile-id>/<identity-type>/<identifier-id>
+$ terraform import ibm_iam_trusted_profile_identity.iam_trusted_profile_identity <profile-id>|<identity-type>|<identifier-id>
 ```