Manage groups¶
Note
In the Juju ecosystem, groups are supported only when using JAAS.
Reference an externally managed group¶
To reference a group you’ve created outside of the current Terraform plan, in your Terraform plan add a data source of the juju_jaas_group type, specifying the name of the group. For example:
data "juju_jaas_group" "test" {
name = "group-0"
}
See more:
juju_jaas_group(data source)
Add a group¶
To add a group, in your Terraform plan create a resource of the juju_jaas_group type, specifying its name. For example:
resource "juju_jaas_group" "development" {
name = "devops-team"
}
See more:
juju_jaas_group(resource)
Manage access to a group¶
When using Juju with JAAS, to grant access to a group, in your Terraform plan add a resource type juju_jaas_access_group. Access can be granted to one or more users, service accounts, and/or groups. The resource must include the group ID, the JAAS group access level, and the list of desired users, service accounts, and/or groups. For example:
Note
At present, the only valid JAAS group access level is member, so granting an entity access to a group effectively means making them a member of the group.
resource "juju_jaas_access_group" "development" {
group_id = juju_jaas_group.target-group.uuid
access = "member"
users = ["[email protected]"]
service_accounts = ["Client-ID-1", "Client-ID-2"]
groups = [juju_jaas_group.development.uuid]
}
See more:
juju_jaas_access_group, JAAS | Group access levels