Error when using gitlab_group_membership Resource
Bug Report
Starting with GitLab Terraform Provider v17.9.0 (continuing in v17.10.0), there is a bug in the gitlab_group_membership Resource which prevents users from creating group owners. The provider attempts to change the member_role_id attribute to null when executing resource "gitlab_group_membership" "owner" for existing group memberships. This causes a 403 Forbidden error when applying, making it impossible to update any GitLab group memberships or create group owners using Terraform. The provider worked correctly in version 17.8.0.
Relevant Terraform Configuration
resource "gitlab_group_membership" "owner" {
group_id = var.group_id
user_id = var.user_id
access_level = "owner"
}
Relevant Terraform Command
terraform plan
terraform apply
Relevant Log Output
Plan output showing unwanted change:
gitlab_group_membership.owner["group|username"] will be updated in-place
~ resource "gitlab_group_membership" "owner" {
id = "123:456"
- member_role_id = 0 -> null
# (5 unchanged attributes hidden)
}
Apply error:
Error updating GitLab group membership
with gitlab_group_membership.owner["group|username"],
on groups.tf line 44, in resource "gitlab_group_membership" "owner":
44: resource "gitlab_group_membership" "owner" {
Error updating GitLab group membership: PUT https://gitlab.example.com/api/v4/groups/123/members/456: 403 {message: 403 Forbidden}
Additional Details
- GitLab Terraform Provider Version: `17.9.0`
- GitLab Instance Version: `17.9.2`
- Issue occurs in GitLab Terraform Provider v17.9.0 and v17.10.0
- Problem has been verified on two separate GitLab instances
- The API token has the correct permissions and scopes
- The same code used to work on version 17.8.0