Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ad_group_membership removes all members of a group when destroying resource #176

Open
v-esteves opened this issue May 3, 2023 · 1 comment
Labels
bug Something isn't working

Comments

@v-esteves
Copy link

Terraform Version and Provider Version

Terraform v1.3.8
on windows_386

  • provider registry.terraform.io/hashicorp/ad v0.4.4

Windows Version

Windows Server 2022 Datacenter Azure Edition

Affected Resource(s)

ad_group_membership

Terraform Configuration Files

terraform {
  required_providers {
    ad = {
      source = "hashicorp/ad"
      version = "0.4.4"
    }
    azurerm = {
      source = "hashicorp/azurerm"
      version = ">= 3.25.0"
    }
  }
}

provider "ad" {
  winrm_hostname = ""
  winrm_username = ""
  winrm_password = ""
}

provider azurerm {
  features {}
}

variable "groups"  {
    type = list(object({
        group = string
  }))
}

data "ad_group" "ad_group" {
    count = length(var.groups)
    group_id = var.groups[count.index].group
}

resource "ad_group_membership" "ad_group_member" {
    for_each = {for i, v in data.ad_group.ad_group:  i => v}
    group_id = each.value.id
    group_members = [ "4dec9478-2511-4640-8102-3a456a404643" ]
}

Expected Behavior

Terraform apply executes correctly and the user is added to an existing list of groups.
Terraform destroy removes the user from the groups.

Actual Behavior

Terraform destroy removes ALL users from the groups, not only the added user.

Steps to Reproduce

  1. 'terraform apply -destroy'

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
@v-esteves v-esteves added the bug Something isn't working label May 3, 2023
@bryanfarmer
Copy link

Any movement on this issue? We have many shared groups that servers are added to for SCCM, Certificate auto-enrollment, etc. Removing all members would be extremely impacting.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants