sotoon_iam_rule (Resource)

Manages a IAM rule instance.

Example Usage

data "sotoon_workspace" "mycompany" {
  id = "ee6f89b5-e07c-42f1-9462-05cec9cd92d8" # Workspace ID
}

data "sotoon_service" "compute" {
  name = "compute"
}

resource "sotoon_iam_rule" "can_do_something" {
  name         = "can-do-something"
  workspace_id = data.sotoon_workspace.mycompany.id
  actions      = ["GET"]
  service      = data.sotoon_service.compute.id
  path         = "/path/to/some/resource/*"
  is_denial    = false
}

Schema

Required

actions (List of String) List of the actions which this rule applied on that.
is_denial (Boolean) Defines is this rule denial or not.
name (String) Name of the rule.
path (String) The path that the rule is going to be applied on that
service (String) The service which this rule applied on that. The ID and name of the services are same and there is no difference in passing ID or name of a service.
workspace_id (String) ID of the Workspace which the rule is going to be defined in that.

Read-Only

id (String) ID of the rule.

Import

Import is supported using the following syntax:

# Replace <rule-id> and <workspace-id> with real values
terraform import sotoon_iam_rule.can_do_something "<rule-id>:<workspace-id>"

# For example:
terraform import sotoon_iam_rule.can_do_something "b8c133a4-a060-4906-8654-57988dbdf098:ee6f89b5-e07c-42f1-9462-05cec9cd92d8"