A group access token cannot be used to create a group access token to nested group

Summary

As a devOps engineer, I want to let a "main" IaC repository to create "children" repositories, and configure via terraform some variables like gitlab token, created, still via terraform, with the right access level.

Steps to reproduce

• Create two groups : "Root" and "Nested"
• Create a group access token for "root" group, with "owner" access level
• curl --request POST --header "PRIVATE-TOKEN: glpat-<root access token>" \ --header "Content-Type:application/json" \ --data '{ "name":"test_token", "scopes":["api"], "access_level": 50 }' \ "https://gitlab.com/api/v4/groups/<id of nested group>/access_tokens"

What is the current bug behavior?

Creation return {"message":"400 Bad request - User does not have permission to create group access token"}

What is the expected correct behavior?

Creation should return something like {"id": <id>,"name":"test_token","revoked":false,"created_at":"2022-06-21T21:50:08.436Z","scopes":["api"],"user_id": <user id>,"last_used_at":null,"active":true,"expires_at":null,"access_level":50,"token":"glpat-<token>"

Output of checks

This bug happens on GitLab.com