Hi all, Some time ago I discovered that I wasn't able to add groups as members of a project (when not in the default domain) using "openstack.cloud.role_assignment". I spent some time debugging and figured what was the issue, and that a solution was already in place for "users", and not "groups". I also noticed that the master branch had all this part of the codebase rewritten, and probably the bug doesn't exist in there, but I believe that version of the sdk won't work with Xena. Additionally just noticed that the stable/yoga branch also has the issue. So, I'm sending a patch to fix this issue, hoping the next tag/release of openstacksdk could have the fix. You can find them here: https://review.opendev.org/q/topic:pedro%252Ffix-group-assignment-on-domain My guess is that the only relevant one would be the one for 'stable/yoga' and I can drop the other. Also I'm assuming that Zuul is taking its time to run CI, and I'll need to update some unit tests before it can be merged. Just wanted to know your thoughts before I finish with the tests. Thanks, Pedro. PS: An example of the current issue: The full traceback is: File "/tmp/ansible_openstack.cloud.role_assignment_payload_hcrpn6hu/ansible_openstack.cloud.role_assignment_payload.zip/ansible_collections/openstack/cloud/plugins/module_utils/openstack.py", line 407, in __call__ results = self.run() File "/tmp/ansible_openstack.cloud.role_assignment_payload_hcrpn6hu/ansible_openstack.cloud.role_assignment_payload.zip/ansible_collections/openstack/cloud/plugins/modules/role_assignment.py", line 178, in run File "/home/ollivander/.local/lib/python3.9/site-packages/openstack/cloud/_identity.py", line 1379, in grant_role raise exc.OpenStackCloudException( failed: [localhost] (item={'name': 'sa', 'groups': ['openstack-sa', 'openstack-pe', 'openstack-technology']}) => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "ansible_loop_var": "item", "changed": false, "extra_data": { "data": null, "details": "None", "response": "None" }, "invocation": { "module_args": { "api_timeout": null, "auth": null, "auth_type": null, "availability_zone": null, "ca_cert": null, "client_cert": null, "client_key": null, "domain": "LDAP", "group": "openstack-pe", "interface": "public", "project": "sa", "region_name": null, "role": "member", "state": "present", "timeout": 180, "user": null, "validate_certs": null, "wait": true } }, "item": { "groups": [ "openstack-sa", "openstack-pe", "openstack-technology" ], "name": "sa" }, "msg": "Must specify either a user or a group" }