page_title:"coderd_group Resource - coderd"

subcategory:""

description:|-

A group on the Coder deployment. If you want to have a group resource with unmanaged members, but still want to read the members in Terraform, use the`data.coderd_group` data source.

A group on the Coder deployment. If you want to have a group resource with unmanaged members, but still want to read the members in Terraform, use the`data.coderd_group` data source. Creating groups requires an Enterprise license.

-`deprecation_message` (String) If set, the template will be marked as deprecated and users will be blocked from creating new workspaces from it.

-`description` (String) A description of the template.

-`display_name` (String) The display name of the template. Defaults to the template name.

-`failure_ttl_ms` (Number) The max lifetime before Coder stops all resources for failed workspaces created from this template, in milliseconds.

-`failure_ttl_ms` (Number) The max lifetime before Coder stops all resources for failed workspaces created from this template, in milliseconds. Requires an enterprise Coder deployment.

-`icon` (String) Relative path or external URL that specifes an icon to be displayed in the dashboard.

-`organization_id` (String) The ID of the organization. Defaults to the provider's default organization

-`require_active_version` (Boolean) Whether workspaces must be created from the active version of this template. Defaults to false.

-`time_til_dormant_autodelete_ms` (Number) The max lifetime before Coder permanently deletes dormant workspaces created from this template.

-`time_til_dormant_ms` (Number) The max lifetime before Coder locks inactive workspaces created from this template, in milliseconds.

-`require_active_version` (Boolean) Whether workspaces must be created from the active version of this template. Defaults to false. Requires an enterprise Coder deployment.

-`time_til_dormant_autodelete_ms` (Number) The max lifetime before Coder permanently deletes dormant workspaces created from this template. Requires an enterprise Coder deployment.

-`time_til_dormant_ms` (Number) The max lifetime before Coder locks inactive workspaces created from this template, in milliseconds. Requires an enterprise Coder deployment.

}

resp.Diagnostics.Append(CheckGroupEntitlements(ctx,d.data.Features)...)

ifresp.Diagnostics.HasError() {

}

client:=d.data.Client

ifdata.OrganizationID.IsNull() {

Members types.Set`tfsdk:"members"`

}

funcCheckGroupEntitlements(ctx context.Context,featuresmap[codersdk.FeatureName]codersdk.Feature) (diags diag.Diagnostics) {

if!features[codersdk.FeatureTemplateRBAC].Enabled {

diags.AddError("Feature not enabled","Your license is not entitled to create groups.")

}

}

func (r*GroupResource)Metadata(ctx context.Context,req resource.MetadataRequest,resp*resource.MetadataResponse) {

resp.TypeName=req.ProviderTypeName+"_group"

}

func (r*GroupResource)Schema(ctx context.Context,req resource.SchemaRequest,resp*resource.SchemaResponse) {

resp.Schema= schema.Schema{

MarkdownDescription:"A group on the Coder deployment. If you want to have a group resource with unmanaged members, but still want to read the members in Terraform, use the `data.coderd_group` data source.",

MarkdownDescription:"A group on the Coder deployment. If you want to have a group resource with unmanaged members, but still want to read the members in Terraform, use the `data.coderd_group` data source. Requires an Enterprise license.",

Attributes:map[string]schema.Attribute{

"id": schema.StringAttribute{

}

resp.Diagnostics.Append(CheckGroupEntitlements(ctx,r.data.Features)...)

ifresp.Diagnostics.HasError() {

}

client:=r.data.Client

ifdata.OrganizationID.IsUnknown() {

import (

})

}

funcTestAccGroupResourceAGPL(t*testing.T) {

ifos.Getenv("TF_ACC")=="" {

t.Skip("Acceptance tests are disabled.")

}

ctx:=context.Background()

client:=integration.StartCoder(ctx,t,"group_acc_agpl",false)

firstUser,err:=client.User(ctx,codersdk.Me)

require.NoError(t,err)

cfg1:=testAccGroupResourceconfig{

URL:client.URL.String(),

Token:client.SessionToken(),

Name:PtrTo("example-group"),

DisplayName:PtrTo("Example Group"),

AvatarUrl:PtrTo("https://google.com"),

QuotaAllowance:PtrTo(int32(100)),

Members:PtrTo([]string{firstUser.ID.String()}),

}

resource.Test(t, resource.TestCase{

IsUnitTest:true,

PreCheck:func() {testAccPreCheck(t) },

ProtoV6ProviderFactories:testAccProtoV6ProviderFactories,

Steps: []resource.TestStep{

{

Config:cfg1.String(t),

ExpectError:regexp.MustCompile("Your license is not entitled to create groups."),

},

},

})

}

typetestAccGroupResourceconfigstruct {

t.Skip("Acceptance tests are disabled.")

}

ctx:=context.Background()

client:=integration.StartCoder(ctx,t,"org_data_acc",true)

client:=integration.StartCoder(ctx,t,"org_data_acc",false)

firstUser,err:=client.User(ctx,codersdk.Me)

require.NoError(t,err)

typeCoderdProviderDatastruct {

Client*codersdk.Client

DefaultOrganizationID uuid.UUID

Featuresmap[codersdk.FeatureName]codersdk.Feature

}

}

data.DefaultOrganizationID=UUIDValue(user.OrganizationIDs[0])

}

entitlements,err:=client.Entitlements(ctx)

iferr!=nil {

resp.Diagnostics.AddError("Client Error","failed to get deployment entitlements: "+err.Error())

}

providerData:=&CoderdProviderData{

Client:client,

DefaultOrganizationID:data.DefaultOrganizationID.ValueUUID(),

Features:entitlements.Features,

}

resp.DataSourceData=providerData

resp.ResourceData=providerData

}

func (mTemplateResourceModel)EqualTemplateMetadata(otherTemplateResourceModel)bool {

func (m*TemplateResourceModel)EqualTemplateMetadata(other*TemplateResourceModel)bool {

returnm.Name.Equal(other.Name)&&

m.DisplayName.Equal(other.DisplayName)&&

m.Description.Equal(other.Description)&&

m.RequireActiveVersion.Equal(other.RequireActiveVersion)

}

func (m*TemplateResourceModel)CheckEntitlements(ctx context.Context,featuresmap[codersdk.FeatureName]codersdk.Feature) (diags diag.Diagnostics) {

diags.Append(m.AutostopRequirement.As(ctx,&autoStop, basetypes.ObjectAsOptions{})...)

ifdiags.HasError() {

}

requiresScheduling:=len(autoStop.DaysOfWeek)>0||

!m.AllowUserAutostart.ValueBool()||

!m.AllowUserAutostop.ValueBool()||

m.FailureTTLMillis.ValueInt64()!=0||

m.TimeTilDormantAutoDeleteMillis.ValueInt64()!=0||

m.TimeTilDormantMillis.ValueInt64()!=0||

len(m.AutostartPermittedDaysOfWeek.Elements())!=7

requiresActiveVersion:=m.RequireActiveVersion.ValueBool()

requiresACL:=!m.ACL.IsNull()

ifrequiresScheduling||requiresActiveVersion||requiresACL {

ifrequiresScheduling&&!features[codersdk.FeatureAdvancedTemplateScheduling].Enabled {

diags.AddError(

"Feature not enabled",

"Your license is not entitled to use advanced template scheduling, so you cannot modify any of the following fields from their defaults: auto_stop_requirement, auto_start_permitted_days_of_week, allow_user_auto_start, allow_user_auto_stop, failure_ttl_ms, time_til_dormant_ms, time_til_dormant_autodelete_ms.",

)

}

ifrequiresActiveVersion&&!features[codersdk.FeatureAccessControl].Enabled {

diags.AddError(

"Feature not enabled",

"Your license is not entitled to use access control, so you cannot set require_active_version.",

)

}

ifrequiresACL&&!features[codersdk.FeatureTemplateRBAC].Enabled {

diags.AddError(

"Feature not enabled",

"Your license is not entitled to use template access control, so you cannot set acl.",

)

}

}

}

typeTemplateVersionstruct {

Name types.String`tfsdk:"name"`

Default:booldefault.StaticBool(true),

},

"failure_ttl_ms": schema.Int64Attribute{

MarkdownDescription:"The max lifetime before Coder stops all resources for failed workspaces created from this template, in milliseconds.",

MarkdownDescription:"The max lifetime before Coder stops all resources for failed workspaces created from this template, in milliseconds. Requires an enterprise Coder deployment.",

Optional:true,

Computed:true,

Default:int64default.StaticInt64(0),

},

"time_til_dormant_ms": schema.Int64Attribute{

MarkdownDescription:"The max lifetime before Coder locks inactive workspaces created from this template, in milliseconds.",

MarkdownDescription:"The max lifetime before Coder locks inactive workspaces created from this template, in milliseconds. Requires an enterprise Coder deployment.",

Optional:true,

Computed:true,

Default:int64default.StaticInt64(0),

},

"time_til_dormant_autodelete_ms": schema.Int64Attribute{

MarkdownDescription:"The max lifetime before Coder permanently deletes dormant workspaces created from this template.",

MarkdownDescription:"The max lifetime before Coder permanently deletes dormant workspaces created from this template. Requires an enterprise Coder deployment.",

Optional:true,

Computed:true,

Default:int64default.StaticInt64(0),

},

"require_active_version": schema.BoolAttribute{

MarkdownDescription:"Whether workspaces must be created from the active version of this template. Defaults to false.",

MarkdownDescription:"Whether workspaces must be created from the active version of this template. Defaults to false. Requires an enterprise Coder deployment.",

Optional:true,

Computed:true,

Default:booldefault.StaticBool(false),

data.DisplayName=data.Name

}

resp.Diagnostics.Append(data.CheckEntitlements(ctx,r.data.Features)...)

ifresp.Diagnostics.HasError() {

}

client:=r.data.Client

orgID:=data.OrganizationID.ValueUUID()

vartemplateResp codersdk.Template

newState.DisplayName=newState.Name

}

resp.Diagnostics.Append(newState.CheckEntitlements(ctx,r.data.Features)...)

ifresp.Diagnostics.HasError() {

}

orgID:=newState.OrganizationID.ValueUUID()

templateID:=newState.ID.ValueUUID()

client:=r.data.Client

templateMetadataChanged:=!newState.EqualTemplateMetadata(curState)

templateMetadataChanged:=!newState.EqualTemplateMetadata(&curState)

iftemplateMetadataChanged {

tflog.Trace(ctx,"change in template metadata detected, updating.")

})

}

funcTestAccTemplateResourceAGPL(t*testing.T) {

ifos.Getenv("TF_ACC")=="" {

t.Skip("Acceptance tests are disabled.")

}

ctx:=context.Background()

client:=integration.StartCoder(ctx,t,"template_acc",false)

firstUser,err:=client.User(ctx,codersdk.Me)

require.NoError(t,err)

cfg1:=testAccTemplateResourceConfig{

URL:client.URL.String(),

Token:client.SessionToken(),

Name:PtrTo("example-template"),

Versions: []testAccTemplateVersionConfig{

{

Directory:PtrTo("../../integration/template-test/example-template/"),

Active:PtrTo(true),

},

},

AllowUserAutostart:PtrTo(false),

}

cfg2.AllowUserAutostart=nil

cfg2.AutostopRequirement.DaysOfWeek=PtrTo([]string{"monday","tuesday"})

cfg3.AutostopRequirement.null=true

cfg3.AutostartRequirement=PtrTo([]string{})

cfg4.FailureTTL=PtrTo(int64(1))

cfg5.FailureTTL=nil

cfg5.AutostartRequirement=nil

cfg5.RequireActiveVersion=PtrTo(true)

cfg6.RequireActiveVersion=nil

cfg6.ACL=testAccTemplateACLConfig{

GroupACL: []testAccTemplateKeyValueConfig{

{

Key:PtrTo(firstUser.OrganizationIDs[0].String()),

Value:PtrTo("use"),

},

},

}

for_,cfg:=range []testAccTemplateResourceConfig{cfg1,cfg2,cfg3,cfg4} {

resource.Test(t, resource.TestCase{

PreCheck:func() {testAccPreCheck(t) },

IsUnitTest:true,

ProtoV6ProviderFactories:testAccProtoV6ProviderFactories,

Steps: []resource.TestStep{

{

Config:cfg.String(t),

ExpectError:regexp.MustCompile("Your license is not entitled to use advanced template scheduling"),

},

},

})

}

resource.Test(t, resource.TestCase{

PreCheck:func() {testAccPreCheck(t) },

IsUnitTest:true,

ProtoV6ProviderFactories:testAccProtoV6ProviderFactories,

Steps: []resource.TestStep{

{

Config:cfg5.String(t),

ExpectError:regexp.MustCompile("Your license is not entitled to use access control"),

},

{

Config:cfg6.String(t),

ExpectError:regexp.MustCompile("Your license is not entitled to use template access control"),

},

},

})

}

typetestAccTemplateResourceConfigstruct {

}

if!r.data.Features[codersdk.FeatureWorkspaceProxy].Enabled {

resp.Diagnostics.AddError("Feature not enabled","Your license is not entitled to create workspace proxies.")

}

client:=r.data.Client

wsp,err:=client.CreateWorkspaceProxy(ctx, codersdk.CreateWorkspaceProxyRequest{

Name:data.Name.ValueString(),