terraform-provider-googleworkspace
terraform-provider-googleworkspace copied to clipboard
hashicorp
group-settings: error 400 if group settings' email value differs in capital/lower-case letters from group email
Hi there,
Terraform Version
Terraform v1.2.1 on linux_amd64
- provider registry.terraform.io/hashicorp/googleworkspace v0.7.0
Affected Resource(s)
- group-settings
Configuration
Group configuration:
resource-a:
email: "[email protected]"
name: "[email protected]"
resource-b:
email: "[email protected]"
name: "[email protected]"
Output
Terraform will perform the following actions:
# module.gworkspace.module.group_settings["resource-a"].googleworkspace_group_settings.group_settings will be updated in-place
~ resource "googleworkspace_group_settings" "group_settings" {
~ email = "[email protected]" -> "[email protected]"
id = "[email protected]"
name = "[email protected]"
# (23 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.gworkspace.module.group_settings["resource-b"].googleworkspace_group_settings.group_settings will be updated in-place
~ resource "googleworkspace_group_settings" "group_settings" {
~ email = "[email protected]" -> "[email protected]"
id = "[email protected]"
name = "[email protected]"
# (23 unchanged attributes hidden)
# (1 unchanged block hidden)
}
╷
│ Error: googleapi: Error 400: Required, required
│
│ with module.gworkspace.module.group_settings["resource-a"].googleworkspace_group_settings.group_settings,
│ on modules/group_settings/main.tf line 14, in resource "googleworkspace_group_settings" "group_settings":
│ 14: resource "googleworkspace_group_settings" "group_settings" {
│
╵
╷
│ Error: googleapi: Error 400: Required, required
│
│ with module.gworkspace.module.group_settings["resource-b"].googleworkspace_group_settings.group_settings,
│ on modules/group_settings/main.tf line 14, in resource "googleworkspace_group_settings" "group_settings":
│ 14: resource "googleworkspace_group_settings" "group_settings" {
│
Hi @jazzlyn, thanks for raising this issue and showing a workaround for others who might have the same issue!
I've found that the underlying cause is that the 2 APIs used to manage Groups (Directory API) and Group Settings (Group Settings API) handle the group's email differently. When groups are made the email is automatically converted to lower case. Group settings are made using the original email with upper case characters, which happens behind the scenes on Google's backend when new groups are made. This mismatch of emails using/not using upper case characters causes issues, and there's no way for the provider to update the group settings to use the lower case email.
As the root cause is inconsistent handling of capitalisation by Google's APIs I'd recommend avoiding putting capital letters in the groups email value. I'm working on a solution for this issue but avoiding it is best, given the restrictions on what the provider can control.
Saw this as well, but after destroying and making sure group name was lower case it appears to be fine. I orginally had the name of the group and email in UPPER case.
@SarahFrench any chance that this provider can be adopted by someone still working for hashicorp?