Misc fixes

azuread/helpers/graph/group.go

@@ -17,9 +17,27 @@ func GroupAllMembers(groupId string, client graphrbac.GroupsClient, ctx context.
 
 	existingMembers := make([]string, 0)
 
+	var memberObjectID string
 	for it.NotDone() {
-		currUser, _ := it.Value().AsUser()
-		existingMembers = append(existingMembers, *currUser.ObjectID)
+		// possible members are users, groups or service principals
+		// we try to 'cast' each result as the corresponding type and diff
+		// if we found the object we're looking for
+		user, _ := it.Value().AsUser()
+		if user != nil {
+			memberObjectID = *user.ObjectID
+		}
+
+		group, _ := it.Value().AsADGroup()
+		if group != nil {
+			memberObjectID = *group.ObjectID
+		}
+
+		servicePrincipal, _ := it.Value().AsServicePrincipal()
+		if servicePrincipal != nil {
+			memberObjectID = *servicePrincipal.ObjectID
+		}
+
+		existingMembers = append(existingMembers, memberObjectID)
 		if err := it.NextWithContext(ctx); err != nil {
 			return nil, fmt.Errorf("Error during pagination of group members from Azure AD Group with ID %q: %+v", groupId, err)
 		}

azuread/resource_group.go

@@ -82,7 +82,9 @@ func resourceGroupCreate(d *schema.ResourceData, meta interface{}) error {
 		members := tf.ExpandStringSlicePtr(v.(*schema.Set).List())
 
 		for _, memberUuid := range *members {
-			if err := graph.GroupAddMember(*group.ObjectID, memberUuid, client, ctx); err != nil {
+			err := graph.GroupAddMember(*group.ObjectID, memberUuid, client, ctx)
+
+			if err != nil {
 				return err
 			}
 		}

azuread/resource_group_member.go

@@ -4,7 +4,8 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
+	"github.com/terraform-providers/terraform-provider-azuread/azuread/helpers/graph"
+
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/terraform-providers/terraform-provider-azuread/azuread/helpers/ar"
 	"github.com/terraform-providers/terraform-provider-azuread/azuread/helpers/validate"
@@ -42,15 +43,8 @@ func resourceGroupMemberCreate(d *schema.ResourceData, meta interface{}) error {
 
 	groupID := d.Get("group_object_id").(string)
 	memberID := d.Get("member_object_id").(string)
-	tenantID := client.TenantID
-
-	memberGraphURL := fmt.Sprintf("https://graph.windows.net/%s/directoryObjects/%s", tenantID, memberID)
 
-	properties := graphrbac.GroupAddMemberParameters{
-		URL: &memberGraphURL,
-	}
-
-	if _, err := client.AddMember(ctx, groupID, properties); err != nil {
+	if err := graph.GroupAddMember(groupID, memberID, client, ctx); err != nil {
 		return err
 	}
 
@@ -72,48 +66,16 @@ func resourceGroupMemberRead(d *schema.ResourceData, meta interface{}) error {
 	groupID := id[0]
 	memberID := id[1]
 
-	members, err := client.GetGroupMembersComplete(ctx, groupID)
+	members, err := graph.GroupAllMembers(groupID, client, ctx)
 	if err != nil {
 		return fmt.Errorf("Error retrieving Azure AD Group members (groupObjectId: %q): %+v", groupID, err)
 	}
 
 	var memberObjectID string
-	for members.NotDone() {
-		// possible members are users, groups or service principals
-		// we try to 'cast' each result as the corresponding type and diff
-		// if we found the object we're looking for
-		user, _ := members.Value().AsUser()
-		if user != nil {
-			if *user.ObjectID == memberID {
-				memberObjectID = *user.ObjectID
-				// we successfully found the directory object we're looking for, we can stop looping
-				// through the results
-				break
-			}
-		}
-
-		group, _ := members.Value().AsADGroup()
-		if group != nil {
-			if *group.ObjectID == memberID {
-				memberObjectID = *group.ObjectID
-				// we successfully found the directory object we're looking for, we can stop looping
-				// through the results
-				break
-			}
-		}
-
-		servicePrincipal, _ := members.Value().AsServicePrincipal()
-		if servicePrincipal != nil {
-			if *servicePrincipal.ObjectID == memberID {
-				memberObjectID = *servicePrincipal.ObjectID
-				// we successfully found the directory object we're looking for, we can stop looping
-				// through the results
-				break
-			}
-		}
 
-		if err = members.NextWithContext(ctx); err != nil {
-			return fmt.Errorf("Error listing Azure AD Group Members: %s", err)
+	for _, objectID := range members {
+		if objectID == memberID {
+			memberObjectID = objectID
 		}
 	}
 

azuread/resource_group_member_test.go

@@ -174,8 +174,8 @@ resource "azuread_group" "test" {
 }
 
 resource "azuread_group_member" "test" {
-	group_object_id 	= "${azuread_group.test.id}"
-	member_object_id 	= "${azuread_user.test.id}"
+	group_object_id 	= "${azuread_group.test.object_id}"
+	member_object_id 	= "${azuread_user.test.object_id}"
 }
 
 `, id, password)
@@ -193,8 +193,8 @@ resource "azuread_group" "testB" {
 }
 
 resource "azuread_group_member" "test" {
-	group_object_id 	= "${azuread_group.testA.id}"
-	member_object_id 	= "${azuread_group.testB.id}"
+	group_object_id 	= "${azuread_group.testA.object_id}"
+	member_object_id 	= "${azuread_group.testB.object_id}"
 }
 
 `, id)
@@ -216,8 +216,8 @@ resource "azuread_group" "test" {
 }
 
 resource "azuread_group_member" "test" {
-	group_object_id 	= "${azuread_group.test.id}"
-	member_object_id 	= "${azuread_service_principal.test.id}"
+	group_object_id 	= "${azuread_group.test.object_id}"
+	member_object_id 	= "${azuread_service_principal.test.object_id}"
 }
 
 `, id)

azuread/resource_group_test.go

@@ -171,7 +171,7 @@ resource "azuread_group" "test" {
 func testAccAzureADGroupWithMembers(id string, members []string) string {
 	return fmt.Sprintf(`
 resource "azuread_group" "test" {
-  name = "acctest%s"
+  name   = "acctest%s"
   members = [ %s ]
 }
 `, id, strings.Join(members, ", "))

website/docs/r/group.markdown

@@ -34,7 +34,7 @@ resource "azuread_user" "my_user" {
 
 resource "azuread_group" "my_group" {
   name = "MyGroup"
-  members = [ azuread_user.my_user.id /*, more users */ ]
+  members = [ azuread_user.my_user.object_id /*, more users */ ]
 }
 ```
 
@@ -43,7 +43,7 @@ resource "azuread_group" "my_group" {
 The following arguments are supported:
 
 * `name` - (Required) The display name for the Group. Changing this forces a new resource to be created.
-* `members` (Optional) A set of users who should be members of this Group.
+* `members` (Optional) A set of members who should be present in this Group. Supported Object types are Users, Groups or Service Principals. Do not use `azuread_group_member` at the same time as this argument.
 
 -> **NOTE:** Group names are not unique within Azure Active Directory.
 
@@ -55,7 +55,7 @@ The following attributes are exported:
 
 * `name` - The Display Name of the Group.
 
-* `members` - The Group Members in the Group.
+* `members` - The Members of the Group.
 
 ## Import
 

website/docs/r/group_member.markdown

@@ -3,13 +3,13 @@ layout: "azuread"
 page_title: "Azure Active Directory: azuread_group_member"
 sidebar_current: "docs-azuread-resource-azuread-group-member"
 description: |-
-  Manages a Group Membership within Azure Active Directory.
+  Manages a single Group Membership within Azure Active Directory.
 
 ---
 
 # azuread_group_member
 
-Manages a Group Membership within Azure Active Directory.
+Manages a single Group Membership within Azure Active Directory. Do not use this resource at the same time as `azuread_group.members`.
 
 ## Example Usage