github-actions[bot]
commented
7 months ago Thanks for the feature request. We evaluate it and update the issue accordingly.
Community Note
Voting for Prioritization
- Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
- Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
Volunteering to Work on This Issue
- If you are interested in working on this issue, please leave a comment.
- If this would be your first contribution, please review the contribution guide.
lechnerc77
What area do you want to see improved?
terraform provider
Is your feature request related to a problem? Please describe.
As of today you can evaluate which role collection are assigned to a user via the data source
btp_subaccount_user. This works if the role collections are directly assigned to a user.Another usual way is to assign role collections via groups which is supported by the corresponding resource
https://registry.terraform.io/providers/SAP/btp/latest/docs/resources/subaccount_role_collection_assignment. However in this case there is no way to find out the connection between role collections and groups neither via CLI nor via Terraform.Describe the solution you would like
The Terraform provider should support the functionality to retrieve the information which role collection is assigned to which group.
Describe alternatives you have considered
One possible way might be accessing the information via APIs, but this jeopardizes a consistent Terraform setup.
Additional context
This is certainly a cross-topic spanning from the security/XSUAA team to the BTP CLI and to the Terraform provider that needs to be aligned