Hi there,
I’m using Terraform to create and populate new AD security groups but I’m also unfortunately going into meltdown in the process. As my terraform knowledge is basic at best.
I’m successful in being able to create one group and populate with one user but it is looping through the JSON that is causing me problems.
SAMPLE JSON###
{
"groups": [
{
"name": "GROUP IT",
"members": [
"burnsm@contoso.com",
"simpsonh@contoso.com",
"flandersn@contoso.com",
"simpsonb@contoso.com"
]
},
{
"name": "GROUP ADMIN",
"members": [
"clownk@contoso.com",
"nahasapeemapetilona@contoso.com",
"simpsonb@contoso.com"
]
},
{
"name": "GROUP DRAMA",
"members": [
"simosonl@contoso.com",
"simpsonm@contoso.com"
]
},
{
"name": "GROUP PUBLIC",
"members": [
"szyslakm@contoso.com",
"muntzn@contoso.com"
]
}
]
}
main.tf
locals {
# get json
user_data = jsondecode(file("${path.module}/GroupsTemplate.json"))
}
resource “azuread_group” “new_groups” {
for_each = local.group_members_table
display_name = each.key
members = each.value
mail_enabled = false
security_enabled = false
}
data “azuread_user” “user” {
user_principal_name = “muntzn@contoso.com”
}
OUTPUT
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
- create
Terraform will perform the following actions:
azuread_group.new_groups[“groups”] will be created
- resource “azuread_group” “new_groups” {
- auto_subscribe_new_members = (known after apply)
- display_name = “groups”
- external_senders_allowed = (known after apply)
- hide_from_address_lists = (known after apply)
- hide_from_outlook_clients = (known after apply)
- id = (known after apply)
- mail = (known after apply)
- mail_enabled = false
- mail_nickname = (known after apply)
- members = [
- “f7053a57-67po-5290-a8c2-3465-fe69a469”,
]
- “f7053a57-67po-5290-a8c2-3465-fe69a469”,
- object_id = (known after apply)
- onpremises_domain_name = (known after apply)
- onpremises_netbios_name = (known after apply)
- onpremises_sam_account_name = (known after apply)
- onpremises_security_identifier = (known after apply)
- onpremises_sync_enabled = (known after apply)
- owners = (known after apply)
- preferred_language = (known after apply)
- prevent_duplicate_names = false
- proxy_addresses = (known after apply)
- security_enabled = false
- visibility = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
I understand why this is happening, but it’s just a solution to the problem that is hard for me to grasp. There were not many resources for nested json online so I hope that I have produced is enough to go on.