Add a data source for aiven_organization_user_group, and provide group members as list input rather than separate resources

[maur1]

What is currently missing?

In order to not overwrite users that are auto assigned to groups on sign-up I would like to import the aiven_organization_user_group from Aiven and use this as the source for user -> group assignment.

Would also be nice to be able to pass in a list of user_id´s in the aiven_organization_user_group_member resource.

How could this be improved?

Re-use code from existing endpoints and utilize already existing api endpoint: GET https://console.aiven.io/v1/organization//user-groups/

Is this a feature you would work on yourself?

No

• [ ] I plan to open a pull request for this feature.

[Serpentiel]

Hey, @maur1! 👋

Thank you for raising this! I will pass your suggestion down to the team.

Would also be nice to be able to pass in a list of user_id´s in the aiven_organization_user_group_member resource.

Could you please confirm if this is not an approach that's going to work for your needs?

variables.tf:

variable "user_ids" {
  description = "List of user IDs to be added to the group"
  type        = list(string)
}

main.tf:

resource "aiven_organization_user_group_member" "project_admin" {
  for_each = toset(var.user_ids)

  group_id        = aiven_organization_user_group.example.group_id
  organization_id = aiven_organization.main.id
  user_id         = each.value
}

This should allow you to achieve what you're looking for, if I'm not mistaken.

[maur1]

Hey, @maur1! 👋

Thank you for raising this! I will pass your suggestion down to the team.

Would also be nice to be able to pass in a list of user_id´s in the aiven_organization_user_group_member resource.

Could you please confirm if this is not an approach that's going to work for your needs?

variables.tf:

variable "user_ids" {
  description = "List of user IDs to be added to the group"
  type        = list(string)
}

main.tf:

resource "aiven_organization_user_group_member" "project_admin" {
  for_each = toset(var.user_ids)

  group_id        = aiven_organization_user_group.example.group_id
  organization_id = aiven_organization.main.id
  user_id         = each.value
}

This should allow you to achieve what you're looking for, if I'm not mistaken.

Thanks for the suggestion! That would work, but it would be even better to have it accept a list as default.

Looking forwards to the teams work on the import of aiven_organization_user_group.

[Serpentiel]

Hey again, @maur1! 👋

Thanks for the suggestion! That would work, but it would be even better to have it accept a list as default.

Thank you for your comment. We are limited by the API spec in this question and unfortunately are unable to add the list field in this case due to the recommendations on the development of Terraform provider that they should be as close to the API contract itself as possible, with little to none extra logic in place.

The correct and recommended way to handle such cases is as I mentioned above by creating a variable and using the for_each function of the Terraform.

Looking forwards to the teams work on the import of aiven_organization_user_group.

We will be bringing this up and there is a possibility that a data source for this resource will be available soon.

[Serpentiel]

Hey, @maur1! 👋

I'm sorry for a long reply. I can see that a data source for the aiven_organization_user_group resource is already available: https://registry.terraform.io/providers/aiven/aiven/latest/docs/data-sources/organization_user_group.

Please let us know if it's missing something that you would expect from it.

I will be closing this issue for now, feel free to reopen it in case there's something to add!