scalr_access_policy
Resource: scalr_access_policy
Manages the Scalr IAM access policies. Create, update and destroy.
Example Usage
resource "scalr_role" "reader" {
name = "Reader"
account_id = "acc-xxxxxxxxxx"
description = "Read access to all resources."
permissions = [
"*:read",
]
}
resource "scalr_access_policy" "team_read_all_on_acc_scope" {
subject {
type = "team"
id = "team-xxxxxxxxxx"
}
scope {
type = "account"
id = "acc-xxxxxxxxxx"
}
role_ids = [
scalr_role.reader.id
]
}
Schema
Required
role_ids
(List of String) The list of the role IDs.scope
(Block List, Min: 1, Max: 1) Defines the scope where access policy is applied. (see below for nested schema)subject
(Block List, Min: 1, Max: 1) Defines the subject of the access policy. (see below for nested schema)
Read-Only
id
(String) The ID of this resource.is_system
(Boolean) The access policy is a built-in read-only policy that cannot be updated or deleted.
Nested Schema for scope
scope
Required:
id
(String) The scope ID,acc-<RANDOM STRING>
for account,env-<RANDOM STRING>
for environment,ws-<RANDOM STRING>
for workspace.type
(String) The scope identity type, is one ofaccount
,environment
, orworkspace
.
Nested Schema for subject
subject
Required:
id
(String) The subject ID,user-<RANDOM STRING>
for user,team-<RANDOM STRING>
for team,sa-<RANDOM STRING>
for service account.type
(String) The subject type, is one ofuser
,team
, orservice_account
.
Import
Import is supported using the following syntax:
terraform import scalr_access_policy.example ap-xxxxxxxxxx
Updated 10 months ago