New resource 'azuread_group_member'

[tiwood]

This adds a new resource to manage Azure AD Group Membership with Terraform.

• New resource 'azuread_group_member'
• Add tests
• Add documentation

Example Usage

data "azuread_user" "my_user" {
  user_principal_name = "johndoe@hashicorp.com"
}

resource "azuread_group" "my_group" {
  name = "my_group"
}

resource "azuread_group_member" "test" {
  group_object_id   = "${azuread_group.my_group.id}"
  member_object_id  = "${data.azuread_user.my_user.id}"
}

Argument Reference

The following arguments are supported:

• group_object_id - (Required) The Object ID of the Azure AD Group you want to add the Member to.
• member_object_id - (Required) The Object ID of the Azure AD Object you want to add as a Member to the Group. Supported Object types are Users, Groups or Service Principals.

[tiwood]

Related: #36

[tiwood]

@tombuildsstuff @katbyte
any idea when this can be reviewed?
Thanks!

[katbyte]

@tiwood, we are currently busy with .12 and some work on the azurerm provider. Unfortunately I can't make any promises but I hope to earmark some time towards azuread in a couple weeks near the end of the month.

[katbyte]

Additionally i'd like to support setting group members via the group resource itself at the same time this is released.

[tiwood]

I will look into this in the next days.

[katbyte]

Hi @tiwood,

Thanks for the resource. Overall this looks pretty good to me and i've only left a couple comment inline. I would like to see support for setting group members from the group resource at the same time we merge this. If thats to big of ask let me know and i am happy to implement it myself.

[katbyte]

minor these two lines can be merged:

	if _, err := client.AddMember(ctx, groupID, properties); err != nil {

[katbyte]

These two lines could be merged

[katbyte]

Is this debug log redundant as we immediately return an error?

[katbyte]

Can we note that this forces a new resource?

Suggested change

	* `group_object_id` - (Required) The Object ID of the Azure AD Group you want to add the Member to.
	* `group_object_id` - (Required) The Object ID of the Azure AD Group you want to add the Member to. Changing this forces a new resource to be created.

[katbyte]

Suggested change

	* `member_object_id` - (Required) The Object ID of the Azure AD Object you want to add as a Member to the Group. Supported Object types are Users, Groups or Service Principals.
	* `member_object_id` - (Required) The Object ID of the Azure AD Object you want to add as a Member to the Group. Supported Object types are Users, Groups or Service Principals. Changing this forces a new resource to be created.

[katbyte]

Suggested change

[landro]

Any idea about ETA for this PR, @tiwood ? Can I help in any way?

[katbyte]

@landro, looks like PR comments still need to be addressed as well as adding the members property to the group resource

[evenh]

@katbyte Would a new PR (based on this PR) be acceptable (with fixes)?

[katbyte]

@evenh, yep given this has sat for a month i think its reasonable to open a new one.

[landro]

Ok Great. You can expect a pull request from @evenh tomorrow.

…

6. jun. 2019 kl. 17:56 skrev kt ***@***.***>: @evenh, yep given this has sat for a month i think its reasonable to open a new one. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

[katbyte]

Looks like i had some fixes on a local branch, i'll push that now. nope was for group owners

One thing also is i was going to use {group_id}/member/{object_id} to prevent conflicts with owners

[tiwood]

@katbyte @evenh @landro Thank you for helping, I'm currently pretty busy with customer projects and was unable to work on this in a timely matter.

As this is a much requested feature, your help is much appreciated.

[katbyte]

no bother @tiwood, thank you for starting them 🙂

[katbyte]

closing in favour of #100

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!