π‘ Learn more about Masterpoint below.
Terraform module for declaratively managing GitHub teams and their related settings within your organization. It enables you to:
- Manage GitHub teams and their configurations
- Control team memberships and roles
- Configure repository collaborators
- Manage organization membership
- Review request delegation settings
- Control team privacy
The module provides flexibility in managing organization memberships through the organization_memberships_enabled variable:
-
When
true(default):- Terraform creates GitHub organization memberships for all users listed in
organization_memberships - Manages role assignments (admin/member)
- Handles the
downgrade_on_destroybehavior per member: when organization membership resource is destroyed, the member will not be removed from the organization. Instead, the member's role will be downgraded tomember.
- Terraform creates GitHub organization memberships for all users listed in
-
When
false:- No GitHub organization memberships are managed by Terraform
- Team memberships and other resources continue to be managed
- A GitHub organization.
- Organization admin access.
- GitHub provider configuration with appropriate permissions.
module "github_teams" {
source = "masterpointio/teams/github"
version = "X.X.X"
github_organization = "example-org"
organization_memberships = [
{
username = "user1"
role = "admin"
},
{
username = "user2"
role = "member"
},
{
username = "user3"
role = "member"
}
]
teams = {
"developers" = {
name = "Developers"
description = "Development team"
privacy = "closed"
members = [
{
username = "user1"
role = "maintainer"
},
{
username = "user2"
role = "member"
}
],
review_request_delegation = {
algorithm = "ROUND_ROBIN"
member_count = 2
notify = true
}
},
"platform-engineers" = {
name = "Platform Engineers"
description = "Platform engineering team"
members = [
{
username = "user3"
role = "member"
}
]
}
}
repository_collaborators = {
"example-org/repo1" = [
{
username = "user3"
permission = "push"
}
]
}
}The module enforces several validations:
- All team members must be listed in
organization_memberships - Valid roles (admin/member) for organization members
- Valid team member roles (maintainer/member)
- Team name slugification rules
- Repository collaborator permissions
| Name | Version |
|---|---|
| terraform | >= 1.7 |
| github | >= 6.0 |
| Name | Version |
|---|---|
| github | >= 6.0 |
No modules.
| Name | Type |
|---|---|
| github_membership.default | resource |
| github_repository_collaborator.default | resource |
| github_team.default | resource |
| github_team_membership.default | resource |
| github_team_settings.default | resource |
| github_user_invitation_accepter.default | resource |
| github_organization.current | data source |
| github_users.all_users | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| github_organization | The GitHub organization name | string |
n/a | yes |
| organization_memberships | List of organization members. Each member can be configured with a role ('admin' or 'member') and downgrade behavior. | list(object({ |
[] |
no |
| organization_memberships_enabled | Whether to manage organization memberships with Terraform. If false, organization memberships must be managed outside of Terraform. | bool |
true |
no |
| repository_collaborators | Map of repositories to their list of collaborators. Key format: owner/repository | map(list(object({ |
{} |
no |
| teams | Map of teams to manage | map(object({ |
{} |
no |
| Name | Description |
|---|---|
| organization_memberships | Map of organization members and their roles |
| repository_collaborators | Map of repository collaborators in format 'repo:username' with their permissions |
| team_memberships | Map of team memberships in format 'team:username' with their roles |
| team_settings | Map of team settings for teams with review request delegation configured |
| teams | Map of team names to their properties including ID and slug |
Powered by the Masterpoint team and driven forward by contributions from the community β€οΈ
Contributions are welcome and appreciated!
Found an issue or want to request a feature? Open an issue
Want to fix a bug you found or add some functionality? Fork, clone, commit, push, and PR β we'll check it out.
Established in 2016, Masterpoint is a team of experienced software and platform engineers specializing in Infrastructure as Code (IaC). We provide expert guidance to organizations of all sizes, helping them leverage the latest IaC practices to accelerate their engineering teams.
Our mission is to simplify cloud infrastructure so developers can innovate faster, safer, and with greater confidence. By open-sourcing tools and modules that we use internally, we aim to contribute back to the community, promoting consistency, quality, and security.
- π Open Source: We live and breathe open source, contributing to and maintaining hundreds of projects across multiple organizations.
- π 1% for the Planet: Demonstrating our commitment to environmental sustainability, we are proud members of 1% for the Planet, pledging to donate 1% of our annual sales to environmental nonprofits.
- πΊπ¦ 1% Towards Ukraine: With team members and friends affected by the ongoing Russo-Ukrainian war, we donate 1% of our annual revenue to invasion relief efforts, supporting organizations providing aid to those in need. Here's how you can help Ukraine with just a few clicks.
We're active members of the community and are always publishing content, giving talks, and sharing our hard earned expertise. Here are a few ways you can see what we're up to:
... and be sure to connect with our founder, Matt Gowie.
Copyright Β© 2016-2025 Masterpoint Consulting LLC
![@github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}