Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ad_group_membership does not permit declaration of an empty group #165

Open
isometry opened this issue Jan 18, 2023 · 0 comments · May be fixed by #166
Open

ad_group_membership does not permit declaration of an empty group #165

isometry opened this issue Jan 18, 2023 · 0 comments · May be fixed by #166
Labels
bug Something isn't working

Comments

@isometry
Copy link

isometry commented Jan 18, 2023

Terraform Version and Provider Version

Terraform v1.3.7
on darwin_amd64
+ provider registry.terraform.io/hashicorp/ad v0.4.4
+ provider registry.terraform.io/hashicorp/local v2.2.3

Windows Version

Windows Server 2019 Datacenter

Affected Resource(s)

  • ad_group_membership

Terraform Configuration Files

resource "ad_group" "test" {
  container = "OU=Groups,DC=example,DC=com"

  name             = "Test"
  sam_account_name = "Test"
}
resource "ad_group_membership" "test" {
  group_id      = ad_group.test.id
  group_members = []
}

Expected Behavior

  • AD group Test should be created with explicitly no members.
  • Any changes to the membership of "Test" outside of Terraform should be detected and reverted the next time Terraform runs.

Actual Behavior

  • The ad_group_membership resource enforces MinItems: 1, and so will not permit explicit assignment of zero members.

Steps to Reproduce

Important Factoids

We have partially worked around this issue with for_each = { for group, members in local.group_members : group => members if length(members) > 0 } logic on our ad_group_membership resources, but have recently found that this does not consistently remove members when a given keys' members transitions to empty.

References

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
@isometry isometry added the bug Something isn't working label Jan 18, 2023
isometry added a commit to isometry/terraform-provider-ad that referenced this issue Jan 18, 2023
@isometry isometry linked a pull request Jan 18, 2023 that will close this issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant