» google_cloud_identity_group

A Cloud Identity resource representing a Group.

» Example Usage - Cloud Identity Groups Basic

resource "google_cloud_identity_group" "cloud_identity_group_basic" {
  provider = google-beta
  display_name = "my-identity-group"

  parent = "customers/A01b123xz"

  group_key {
    id = "my-identity-group@example.com"
  }

  labels = {
    "cloudidentity.googleapis.com/groups.discussion_forum" = ""
  }
}

» Argument Reference

The following arguments are supported:

  • group_key - (Required) EntityKey of the Group. Structure is documented below.

  • parent - (Required) The resource name of the entity under which this Group resides in the Cloud Identity resource hierarchy. Must be of the form identitysources/{identity_source_id} for external-identity-mapped groups or customers/{customer_id} for Google Groups.

  • labels - (Required) The labels that apply to the Group. Must not contain more than one entry. Must contain the entry 'cloudidentity.googleapis.com/groups.discussion_forum': '' if the Group is a Google Group or 'system/groups/external': '' if the Group is an external-identity-mapped group.

The group_key block supports:

  • id - (Required) The ID of the entity. For Google-managed entities, the id must be the email address of an existing group or user. For external-identity-mapped entities, the id must be a string conforming to the Identity Source's requirements. Must be unique within a namespace.

  • namespace - (Optional) The namespace in which the entity exists. If not specified, the EntityKey represents a Google-managed entity such as a Google user or a Google Group. If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of identitysources/{identity_source_id}.


  • display_name - (Optional) The display name of the Group.

  • description - (Optional) An extended description to help users determine the purpose of a Group. Must not be longer than 4,096 characters.

» Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format {{name}}

  • name - Resource name of the Group in the format: groups/{group_id}, where group_id is the unique ID assigned to the Group.

  • create_time - The time when the Group was created.

  • update_time - The time when the Group was last updated.

» Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 4 minutes.
  • update - Default is 4 minutes.
  • delete - Default is 4 minutes.

» Import

Group can be imported using any of these accepted formats:

$ terraform import -provider=google-beta google_cloud_identity_group.default {{name}}