Assesments-enforced Attribute not set when creating a new Organization through API

Avatar
Ilker van den Berg
  • Updated

Problem

When creating a new organization in Terraform Enterprise using the API, the assessments-enforced attribute is not set to true in the initial POST request, even when specified in the payload. The API response incorrectly shows the value as false.

Prerequisites

  • A running instance of Terraform Enterprise.
  • An admin-level user or team API token with permissions to manage organizations.

Cause

The Terraform Enterprise API endpoint for organization creation (POST /api/v2/organizations) does not correctly process the assessments-enforced attribute upon initial creation. A subsequent PATCH request is required to update the attribute for an existing organization.

Solution

To enforce assessments on a new organization, you must perform two sequential API calls: one to create the organization and a second to update the assessments-enforced attribute.

Step 1: Set Environment Variables

First, export your admin API token as an environment variable for use in subsequent commands. Replace <TOKEN_VALUE> with your actual token.

$ export TOKEN="<TOKEN_VALUE>"

Step 2: Create the Organization

Create a JSON payload file named payload.json to define the new organization. Note that assessments-enforced is included here but will be ignored by the API on creation.

{
  "data": {
    "type": "organizations",
    "attributes": {
      "name": "<ORGANIZATION_NAME>",
      "email": "<USER_EMAIL@DOMAIN.EXT>",
      "assessments-enforced": true
    }
  }
}

Next, use curl to send the POST request to create the organization. Replace <TFE_FQDN> with your Terraform Enterprise hostname.

$ curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request POST \
  --data @payload.json \
  https://<TFE_FQDN>/api/v2/organizations

The API response will show the organization was created, but with "assessments-enforced": false.

Step 3: Update the Organization

Create a second JSON payload file named update.json. This payload is nearly identical but will be used in a PATCH request.

{
  "data": {
    "type": "organizations",
    "attributes": {
      "assessments-enforced": true
    }
  }
}

Finally, send a PATCH request to the specific organization's endpoint to update the attribute. Replace <TFE_FQDN> and <ORGANIZATION_NAME> with your values.

$ curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request PATCH \
  --data @update.json \
  https://<TFE_FQDN>/api/v2/organizations/<ORGANIZATION_NAME>

Outcome

The response from the PATCH request will confirm that the attribute has been successfully updated.

## ...
"assessments-enforced": true,
## ...

The organization is now correctly configured with assessments enforced.

Additional Information

For more details on managing organizations, refer to the official Terraform Enterprise API documentation.

Articles in this section

See more

Related articles