Error when using gitlab_group_membership Resource
Bug Report
Starting with GitLab Terraform Provider v17.9.0
(continuing in v17.10.0
), there is a bug in the gitlab_group_membership Resource which prevents users from creating group owners. The provider attempts to change the member_role_id
attribute to null
when executing resource "gitlab_group_membership" "owner"
for existing group memberships. This causes a 403 Forbidden
error when applying, making it impossible to update any GitLab group memberships or create group owners using Terraform. The provider worked correctly in version 17.8.0
.
Relevant Terraform Configuration
resource "gitlab_group_membership" "owner" {
group_id = var.group_id
user_id = var.user_id
access_level = "owner"
}
Relevant Terraform Command
terraform plan
terraform apply
Relevant Log Output
Plan output showing unwanted change:
gitlab_group_membership.owner["group|username"] will be updated in-place
~ resource "gitlab_group_membership" "owner" {
id = "123:456"
- member_role_id = 0 -> null
# (5 unchanged attributes hidden)
}
Apply error:
Error updating GitLab group membership
with gitlab_group_membership.owner["group|username"],
on groups.tf line 44, in resource "gitlab_group_membership" "owner":
44: resource "gitlab_group_membership" "owner" {
Error updating GitLab group membership: PUT https://gitlab.example.com/api/v4/groups/123/members/456: 403 {message: 403 Forbidden}
Additional Details
- GitLab Terraform Provider Version: `17.9.0`
- GitLab Instance Version: `17.9.2`
- Issue occurs in GitLab Terraform Provider v17.9.0 and v17.10.0
- Problem has been verified on two separate GitLab instances
- The API token has the correct permissions and scopes
- The same code used to work on version 17.8.0