azuread_group - Allow creation of group in administrative unit #984
Conversation
With this implementation it is possible to create a group directly in an administrative unit provided by its id as property on a group resource. There is currently a strange behavior where you've to wait for approx 10min until you can read the additional group property after creation the group through the new implementation. There is also no test written yet.
There was a problem hiding this comment.
Thanks for this contribution @ccadruvi! This is looking promising, however we will need to be very clear about how this will conflict with the azuread_administrative_unit_member resource and the members property of the administrative_unit resource. I've made some suggestions below, if you can look at these and rebase to include the SDK changes from manicminer/hamilton#206 (released in v0.55.0), then I'll take another look. Thanks!
There was a problem hiding this comment.
Thanks for updating @ccadruvi. I made a small change so that the current AU memberships are retrieved when updating the group. Just waiting for test results but this LGTM 👍
|
Test results (failures are unrelated)
|
|
This functionality has been released in v2.35.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Allows the creation of a group in an administrative unit directly. This allows to have less permissions, e.g. Groups Administrator on an administrative unit scope instead of tenant scope.
Fixes #906
Depends on this PR in hamilton: manicminer/hamilton#206
Edit: now also depends on manicminer/hamilton#220