Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Removing a member from a group outside of terraform causes an error during terraform plan #192

Closed
b-goberdhan opened this issue Dec 19, 2019 · 2 comments · Fixed by #227
Closed

Removing a member from a group outside of terraform causes an error during terraform plan #192

b-goberdhan opened this issue Dec 19, 2019 · 2 comments · Fixed by #227
Labels
bug feature/groups
Milestone
v0.8.0

Comments

@b-goberdhan
Copy link

b-goberdhan commented Dec 19, 2019
edited
Loading

We are currently have an AD Group that is managed by terraform. This group will be populated with members that applications. These applications are simple Azure Web Apps that have AD integration enabled.

When we deleted the Azure Web App through azure portal, it also removed the application from the AD Group (since it no longer exists).

When terraform ran it's planning stage, it would spit out the following error:
Error: Azure AD Group Member not found - groupObjectId:"<groupId>" / memberObjectId: "<memberId>"

Expected Behavior:
Terraform should continue with it's plan and should re-create the member since it no longer exists within the AD Group.

Temporary Workaround:
I ran the the following command to remove the member from the terraform state file:

terraform state rm "module.database.azuread_group_member.sql_appservice_member[1]"

Running terraform plan/apply worked afterwards.

Extra info:
azuread provider version: 0.7

The code used to create members of the AD Group (we use an iterator). The object id's of app services are passed in as variables into the module.

resource "azuread_group_member" "members" {
  count = length(var.ad_sql_app_service_object_ids)
  group_object_id = "${data.azuread_group.myappservices.id}"
  member_object_id = "${var.ad_app_service_object_ids[count.index]}"
}
@katbyte katbyte added this to the v0.8.0 milestone Mar 11, 2020
@katbyte katbyte mentioned this issue Mar 12, 2020
Merged
@ghost
Copy link

ghost commented Apr 11, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 11, 2020
@ghost
Copy link

ghost commented May 14, 2020

This has been released in version 0.8.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azuread" {
    version = "~> 0.8.0"
}
# ... other configuration ...

@ghost ghost unlocked this conversation May 14, 2020
@ghost ghost locked and limited conversation to collaborators May 14, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug feature/groups
Projects
None yet
Milestone
v0.8.0
2 participants
@katbyte @b-goberdhan