Skip to content

scaleway_iam_group_membership support multiple memberships #3126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

scaleway_iam_group_membership support multiple memberships #3126

wants to merge 3 commits into from

Conversation

@Gnoale
Copy link
Contributor

@Gnoale Gnoale commented May 30, 2025
edited
Loading

Summary

Change the scaleway_iam_group_membership resource to support list of user ID and / or application ID

Use the SDK endpoint SetGroupMembers to make batch updates (HTTP PUT) instead of single POST / DELETE
=> implement a little exponential retry because the API returns sometimes HTTP 409 with a transient state status in the message

Implement the Update method

Terraform resource breaking change

scaleway_iam_group_membership

  • user_id string => user_ids TypeList string
  • application_id string => application_ids TypeList string

TF code example

locals {
  users = [
    {
      email    = "[email protected]"
      username = "amember"
    },
    {
      email    = "[email protected]"
      username = "amember2"
    },
    {
      email    = "[email protected]"
      username = "amember3"
    },
    {
      email    = "[email protected]"
      username = "amember4"
    },
  ]
}

resource "scaleway_iam_user" "users" {
  count    = length(local.users)
  email    = local.users[count.index].email
  username = local.users[count.index].username
}

resource "scaleway_iam_group" "misc" {
  name                = "misc"
  external_membership = true
}

resource "scaleway_iam_group_membership" "misc" {
  group_id = scaleway_iam_group.misc.id
  user_ids = [for user in scaleway_iam_user.users : user.id]
}

State sample

# scaleway_iam_group_membership.misc:
resource "scaleway_iam_group_membership" "misc" {
    application_ids = []
    group_id        = "cec91dd4-b87e-4a52-a936-b14301343e66"
    id              = "cec91dd4-b87e-4a52-a936-b14301343e66/user:5b2e896c-a4d3-48e6-83bf-16be9cd0018c,user:7e300e43-7ded-48ff-a18e-8ac7c9b50e0f,user:d33004cd-84d8-46dc-b701-a3ddce46b685,user:bee1e0ea-bd9a-415a-9a04-24d3227b61f1"
    user_ids        = [
        "5b2e896c-a4d3-48e6-83bf-16be9cd0018c",
        "7e300e43-7ded-48ff-a18e-8ac7c9b50e0f",
        "d33004cd-84d8-46dc-b701-a3ddce46b685",
        "bee1e0ea-bd9a-415a-9a04-24d3227b61f1",
    ]
}

fixes #3122

@github-actions github-actions bot added the iam IAM issues, bugs and feature requests label May 30, 2025
@Gnoale Gnoale force-pushed the bugfix-iam-members branch from 4815b45 to 93c166e Compare June 2, 2025 10:04
@Gnoale Gnoale marked this pull request as ready for review June 2, 2025 10:07
@Gnoale Gnoale requested a review from a team as a code owner June 2, 2025 10:07
@Gnoale Gnoale force-pushed the bugfix-iam-members branch 2 times, most recently from cee1062 to 35f9c78 Compare June 2, 2025 10:15
@Gnoale Gnoale changed the title Bugfix iam members fix scaleway_iam_group_membership multiple memberships Jun 2, 2025
@Gnoale Gnoale force-pushed the bugfix-iam-members branch from 35f9c78 to 03a8864 Compare June 2, 2025 10:30
@Gnoale Gnoale changed the title fix scaleway_iam_group_membership multiple memberships scaleway_iam_group_membership support multiple memberships Jun 2, 2025
@Gnoale Gnoale force-pushed the bugfix-iam-members branch from 03a8864 to 3a1b6f7 Compare June 2, 2025 10:44
@Gnoale Gnoale marked this pull request as draft June 2, 2025 12:57
@Gnoale
feat(iam): support scaleway_iam_group_membership batch update
b033180 
* use SetGroupMembers

* implement terraform update

* use expo retry with SetGroupMembers as the API sometimes needs a bit of time to converge
@Gnoale Gnoale force-pushed the bugfix-iam-members branch from 3a1b6f7 to b033180 Compare June 2, 2025 12:57
@Gnoale Gnoale closed this Jun 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@remyleone remyleone Awaiting requested review from remyleone remyleone will be requested when the pull request is marked ready for review remyleone is a code owner

Assignees

No one assigned

Labels

iam IAM issues, bugs and feature requests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

scaleway_iam_group_membership does not manage the addition of multiple users or applications simultaneously.

2 participants

@Gnoale