The gitlab_group_ldap_link
resource allows to manage the lifecycle of an LDAP integration with a group.
Upstream API: GitLab REST API docs
resource "gitlab_group_ldap_link" "test" {
group_id = "12345"
cn = "testuser"
group_access = "developer"
ldap_provider = "ldapmain"
}
group
(String) The ID or URL-encoded path of the groupldap_provider
(String) The name of the LDAP provider as stored in the GitLab database. Note that this is NOT the value of the label
attribute as shown in the web UI. In most cases this will be ldapmain
but you may use the LDAP check rake task for receiving the LDAP server name: LDAP: ... Server: ldapmain
access_level
(String, Deprecated) Minimum access level for members of the LDAP group. Valid values are: no one
, minimal
, guest
, reporter
, developer
, maintainer
, owner
, master
cn
(String) The CN of the LDAP group to link with. Required if filter
is not provided.filter
(String) The LDAP filter for the group. Required if cn
is not provided. Requires GitLab Premium or above.force
(Boolean) If true, then delete and replace an existing LDAP link if one exists. Will also remove an LDAP link if the parent group is not found.group_access
(String) Minimum access level for members of the LDAP group. Valid values are: no one
, minimal
, guest
, reporter
, developer
, maintainer
, owner
, master
id
(String) The ID of this resource.Import is supported using the following syntax:
# GitLab group ldap links can be imported using an id made up of `group_id:ldap_provider:cn:filter`. CN and Filter are mutually exclusive, so one will be missing.
# If using the CN for the group link, the ID will end with a blank filter (":"). e.g.,
terraform import gitlab_group_ldap_link.test "12345:ldapmain:testcn:"
# If using the Filter for the group link, the ID will have two "::" in the middle due to having a blank CN. e.g.,
terraform import gitlab_group_ldap_link.test "12345:ldapmain::testfilter"