-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloud Identity Group datasources #6704
Cloud Identity Group datasources #6704
Comments
Hi @benv666 ! Sorry, I didn't see you had opened this - I had started working on the datasources yesterday and was hoping it wouldn't take me as long as it did, but alas, I've got the PR out for them. I didn't make the group singular, I misunderstood that that's what you were looking for. Let me know if this will work or if you need a singular data source for |
Hi @megan07! Awesome! |
Hi @megan07, Somehow I can't seem to get terraform authenticated in a proper fashion to be able to list my organization's groups, let alone its members. I'm running terraform using Thanks! |
Hi @benv666! |
Hi @megan07! |
Hi @benv666! Admittedly I didn't read through that link, sorry. It sounds like there isn't any public-facing documentation on this, so I will summarize what I did.
That should be all you need to allow that service account to create and list groups. If you are still struggling, please let me know! |
Hi @megan07! Thanks again for your explanation -- at first we could not find the _GROUPS_ADMIN_ROLE in the response, so we decided to create a new role, which did show up in the response. data "google_cloud_identity_groups" "map" {
provider = google-beta
parent = "customers/XXXXXX"
}
data "google_cloud_identity_group_memberships" "map" {
for_each = local.groupmap
provider = google-beta
group = each.value.name
}
locals {
groupmap = {
for group in data.google_cloud_identity_groups.map.groups : group["group_key"].0["id"] => group
}
groupmapmembers = {
for group, vals in data.google_cloud_identity_group_memberships.map : group => {
for member in vals.memberships : member.member_key.0.id => (length(regexall("@gcpgroups\\.", member.member_key.0.id)) != 0 ? "group" :
(length(regexall("gserviceaccount\\.com$", member.member_key.0.id)) != 0 ? "serviceAccount" : "user")
)
}
}
} which generates something like:
Thanks again! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
Community Note
Description
Issue #3479 has been closed, and while it implements the resources to create groups and members it does not add any data sources.
Due to Azure AD sync our google groups are created and managed externally, but we would like to iterate over groups and especially group members using terraform to create resources for each group member.
It would be great to have these data sources available.
New or Affected Resource(s)
Potential Terraform Configuration
References
The text was updated successfully, but these errors were encountered: