Unable to create account group of nested child groups

[CanadaLifeKyle]

Describe the bug

As per https://registry.terraform.io/providers/PaloAltoNetworks/prismacloud/latest/docs/resources/account_group#child_group_ids I am attempting to create an account group that consists of several nested, child groups.

data "prismacloud_account_group" "azure" {
  name = "Azure Group"
}

data "prismacloud_account_group" "aws" {
  name = "AWS Group"
}

data "prismacloud_account_group" "gcp" {
  name = "GCP Group"
}

resource "prismacloud_account_group" "azure_aws_gcp" {
  name        = "Combined Azure, AWS and GCP Group"
  description = "Managed by terraform"
  child_group_ids = [
    data.prismacloud_account_group.azure.group_id,
    data.prismacloud_account_group.aws.group_id,
    data.prismacloud_account_group.gcp.group_id
  ]
}

Terraform plan succeeds with this configuration.

Expected behavior

When the terraform is applied, I was expecting to successfully create a nested account group.

Current behavior

Terraform returns an error:

│ Error: 400/https://api.ca.prismacloud.io/cloud/group Error(msg:nested_groups_disallowed severity:error subject:invalid_param_value)

Possible solution

It's likely that Prismacloud no longer supports nested account groups, in which the documentation would need to be updated.

Steps to reproduce

See bug description for terraform code.

Your Environment

• GitLab w/ gitlab-runner 16.6.0
• Terraform v1.4
• Prismacloud terraform provider v1.5.1

[ftbrecordspan]

@CanadaLifeKyle thanks for raising this issue! It is primarily a documentation issue and we will address it in an upcoming release. Nested Account Groups are not a generally available feature and therefore fall outside of the scope of support for the Prisma Cloud Terraform Provider.

[ftbrecordspan]

1.5.3 adds support for this capability.

[CanadaLifeKyle]

1.5.3 adds support for this capability.

I have attempted again with v1.5.3 and receive the same error as before when using v1.5.1.