21 Jan 2025
10:35 PM
- last edited on
23 Jan 2025
07:01 AM
by
MaciejNeumann
Dear Team,
I have exported my current configuration using Terraform, but I am encountering an issue. The user groups have been exported; however, I do not see any management zone mappings in the user group .tf file.
I used the following export configuration:
```shell
.\terraform-provider-dynatrace_v1.70.0.exe -export -ref -id dynatrace_user_group
```
Sample output:
```hcl
# ID g-lf-s2612-monitoring-read-dev
resource "dynatrace_user_group" "G-LF-S2612-monitoring-read-dev" {
name = "G-LF-S2612-monitoring-read-dev"
# access_account = false
# cluster_admin = false
ldap_groups = [ "G-LF-SNSVC0002612-monitoring-read" ]
# manage_account = false
}
```
Automation expectation:
Currently, the Group query functionality is not enabled in our LDAP integration. We want to enable this configuration, but before doing so, we need to ensure that the user groups have the correct names and ldap_groups details. If the name and LDAP group do not match, we will need to manually update the ldap_group.
Example:
```hcl
# ID g-lf-s2612-monitoring-read-dev
resource "dynatrace_user_group" "G-LF-S2612-monitoring-read-dev" {
name = "G-LF-S2612-monitoring-read-dev"
# access_account = false
# cluster_admin = false
ldap_groups = [ "SNSVC0002612-monitoring-read" ]
# manage_account = false
}
```
In the above example, the ldap_group is using a user-defined name rather than the LDAP AD group name. If I fail to update the ldap_group name field with the correct AD group name after enabling the Group query function, users will not be able to log in.
I am seeking an approach to tie management zones with the user groups via Terraform. Sso that user group management can be handled via Terraform.
Thank you.