sotoon_iam_role_group_binding (Resource)

Relation between role and group. Existance of an instance from this resource will applies an specified role to all memebers of the group.

Example Usage

data "sotoon_workspace" "mycompany" {
  id = "ee6f89b5-e07c-42f1-9462-05cec9cd92d8" # Workspace ID
}

data "sotoon_iam_group" "deployers" {
  workspace_id = data.sotoon_workspace.mycompany.id
  name         = "deployers"
}

data "sotoon_iam_role" "compute_viewer" {
  name = "compute-viewer"
}

resource "sotoon_iam_role_group_binding" "deployers_are_compute_viewers" {
  group_id     = data.sotoon_iam_group.deployers.id
  workspace_id = data.sotoon_workspace.mycompany.id
  role_id      = data.sotoon_iam_role.compute_viewer.id
  items = {
    "zone" : "neda",
    "namespace" : "mycompany"
  }
}

Schema

Required

• group_id (String) ID of the group which the role going to be binded to that.
• role_id (String) ID of the role which is going to be applied on the members of the specified group.
• workspace_id (String) ID of the workspace that group is defined in that.

Optional

• items (Map of String) Items of the role-user binding.

Read-Only

• id (String) ID of the role-group binding
• last_updated (String) Timestamp of the last Terraform update of the role-user.

Import

Import is supported using the following syntax:

# Replace <role-id>, <group-id> and <workspace-id> with real values
terraform import sotoon_iam_role_group_binding.deployers_are_compute_viewers "<role-id>:<group-id>:<workspace-id>"

# For example:
terraform import sotoon_iam_role_group_binding.deployers_are_compute_viewers \
    "b8c133a4-a060-4906-8654-57988dbdf098:34f57a2f-6e4d-4ded-9025-ff00911d3313:ee6f89b5-e07c-42f1-9462-05cec9cd92d8"