I have tried to use TF code to attach a managed group to a Role. Unfortunately, it hasn’t attached. When I go into the UI, the managed group has been created, the users have successfully been attached to the group, so all good there.
I look at the role, which is global, and there are no Principals attached. When I try to add a principal, the managed group is not an option.
Is this something that cannot be done, or is there a workaround to get this working?
We are using AAD to sign in, so the users are automatically getting created and added to the managed group.
resource “boundary_managed_group” “oidc_group” {
name = “Azure Group Test”
description = “OIDC managed group for Azure”
auth_method_id = boundary_auth_method_oidc.provider.id
filter = “"/userinfo/groups" == "45fbc535-4e9b-4927-8789-1d19cca3e531"”
}
resource “boundary_role” “oidc_role” {
name = “Read Only”
description = “Read Only Role”
principal_ids = [boundary_managed_group.oidc_group.id]
grant_strings = [“id=*;type=role;actions=list,read”]
scope_id = “global”
resource “boundary_scope” “orgdev” {
scope_id = “global”
name = “Development”
description = “Development”
auto_create_default_role = true
auto_create_admin_role = true
}