[Bug] elasticstack_fleet_enrollment_tokens Data Source not collecting Policy Tokens #528
Description
Describe the bug
The elasticstack_fleet_enrollment_tokens data source is not producing any results for some of the Fleet Agent Policies. This was working fine when we started our deployment but as time went on and more policies were created some of the tokens disappeared from our queries.
I believe this is happening because the elasticstack_fleet_enrollment_tokens data source performs a query of all tokens and then filters for the requested token after the values are retrieved. The results are truncated to 20 items per page, and the requested token is lost to the next page. The query can be seen in the TRACE output where the query is requesting all tokens (GET /api/fleet/enrollment_api_keys). The query does not include a kuery param to target a specific agent policy.
I have confirmed that running this query manually generates a number of results, but does not contain the tokens for the Fleet agent policies that are also not reporting enrollment tokens via the elasticstack_fleet_enrollment_tokens data source.
The data source source should include a kuery param to limit the results to only those for the intended Fleet Agent Policy.
Searching for policy tokens for policy ID b0842530-858c-11ee-8101-5972d5470162:
# This command generates a number of results, but does not include the requested value for policy ID b0842530-858c-11ee-8101-5972d5470162
GET kbn:/api/fleet/enrollment_api_keys
# Whereas this query produces the intended results
GET kbn:/api/fleet/enrollment_api_keys?kuery=policy_id:b0842530-858c-11ee-8101-5972d5470162
To Reproduce
Steps to reproduce the behavior:
- Create a series on Fleet Agent policies. (> 20 ?)
- Create a datasource for all agent policies to collect their tokens.
- The older tokens will not have values in the
elasticstack_fleet_enrollment_tokensoutput.
Expected behavior
Each data object for elasticstack_fleet_enrollment_tokens contains values.
Debug output
---[ REQUEST ]---------------------------------------
GET /api/fleet/enrollment_api_keys HTTP/1.1
Host: kibana.cloud.nreca.org
User-Agent: Go-http-client/1.1
Authorization: ***************************************************
Accept-Encoding: gzip
-----------------------------------------------------: tf_provider_addr=registry.terraform.io/elastic/elasticstack tf_req_id=8845a308-7113-ee46-2e46-96f6fd775f79 @caller=github.com/elastic/terraform-provider-elasticstack/inter
nal/utils/http_log.go:39 tf_data_source_type=elasticstack_fleet_enrollment_tokens @module=elasticstack tf_mux_provider=tf5to6server.v5tov6Server tf_rpc=ReadDataSource timestamp=2024-01-09T17:00:16.038-0500
2024-01-09T17:00:16.039-0500 [DEBUG] provider.terraform-provider-elasticstack_v0.11.0: Fleet API Request Details:
---[ REQUEST ]---------------------------------------
GET /api/fleet/enrollment_api_keys HTTP/1.1
Host: kibana.cloud.nreca.org
User-Agent: Go-http-client/1.1
Authorization: ***************************************************
Accept-Encoding: gzip
-----------------------------------------------------: tf_provider_addr=registry.terraform.io/elastic/elasticstack @caller=github.com/elastic/terraform-provider-elasticstack/internal/utils/http_log.go:39 @module=elasticstack t
f_data_source_type=elasticstack_fleet_enrollment_tokens tf_mux_provider=tf5to6server.v5tov6Server tf_req_id=c6dce289-a902-9efd-0737-03972a29912c tf_rpc=ReadDataSource timestamp=2024-01-09T17:00:16.038-0500
ESC[0mESC[1mmodule.fleet_agent_policy["aws_log_aggregator_prod"].data.elasticstack_fleet_enrollment_tokens.main: Read complete after 0s [id=2c959d50-87bf-11ee-8101-5972d5470162]ESC[0m
ESC[0mESC[1mmodule.fleet_agent_policy["elk_log_aggregator_prod"].data.elasticstack_fleet_enrollment_tokens.main: Read complete after 0s [id=b0842530-858c-11ee-8101-5972d5470162]ESC[0m
Screenshots
If applicable, add screenshots to help explain your problem.
Versions (please complete the following information):
- OS: Linux
- Terraform Version 1.3.9
- Provider version 0.11.0
- Elasticsearch Version 8.11.3
Additional context