unleash_project_access: Add option to actually delete role assignments on destroy

[mkusmiy]

Problem

The unleash_project_access resource intentionally skips deletion on terraform destroy, only showing a warning:

"The projectAccess resource was removed from the Terraform state, but not deleted from the actual system."

This causes unleash_role deletion to fail with RoleInUseError because the role is still assigned to groups.

Current Workaround

Using null_resource with a destroy-time provisioner to manually call the API and remove role assignments.

Proposed Solution

Add an optional force_delete or delete_on_destroy argument to actually remove the role assignments when the resource is destroyed, allowing dependent resources like unleash_role to be cleaned up properly.

Use Case

When tearing down an environment, we need to delete:

1. Role assignments (via unleash_project_access)
2. Custom roles (via unleash_role)

Currently step 2 fails because step 1 doesn't actually remove anything.

[gastonfournier]

Thanks! This was intentional during early development, and we never got back to it, arguably because nobody raised the need for it, so thanks for sharing this!

WRT your proposed solution, why not just implement deletion? Is there any particular reason why suggesting force_delete or delete_on_destroy over the simpler deletion implementation?

[mkusmiy]

no particular reason. Dev team knows better why they have not implemented it right away so I was proposing to have at least something, but "just implement deletion" absolutely works for my case.

[gastonfournier]

So, one challenge I'm currently seeing is that our API doesn't allow us to empty user_access. I'm also trying to understand what you mean by: When tearing down an environment, as the term environment might be overloaded. Do you mean an Unleash environment? If that's the case, it shouldn't affect users and roles, so I'm guessing you mean something different.

If you could include a small snippet with a sample configuration before and after the environment removal, that would help me understand.