Hey folks,
I’m building out a multi-tenant infrastructure for a BPO setup using terraform_cxascode. We’ve got several client divisions, and I need to ensure that the OAuth clients we provision only have access to their specific division’s data. The goal is to avoid any cross-tenant data leakage while keeping the Terraform state clean.
I’m currently using the genesyscloud_oauth_client resource. I know I can set scopes in the JSON body, but I’m struggling with how to enforce division-level restrictions programmatically. The API documentation hints at using division_id in the request, but I’m not seeing a clear way to scope the client itself to a division in the provider.
Here’s a snippet of what I’m trying:
resource "genesyscloud_oauth_client" "bpo_client" {
name = "BPO Client 1"
scopes = ["analytics:report:read", "routing:interaction:read"]
# How do I restrict this to division_id = "abc123"?
}
When I try to pass a division_id argument, Terraform throws an error saying it’s not a valid argument. Am I missing a nested block or a specific attribute? Or is there a different approach to handling this kind of scoping in CX as Code?
Any pointers would be appreciated.