datadog.RestrictionPolicy
Explore with Pulumi AI
Provides a Datadog RestrictionPolicy resource. This can be used to create and manage Datadog restriction policies.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as datadog from "@pulumi/datadog";
// Create new restriction_policy resource
const foo = new datadog.RestrictionPolicy("foo", {
resourceId: "security-rule:abc-def-ghi",
bindings: [
{
principals: ["role:00000000-0000-1111-0000-000000000000"],
relation: "editor",
},
{
principals: ["org:10000000-0000-1111-0000-000000000000"],
relation: "viewer",
},
],
});
import pulumi
import pulumi_datadog as datadog
# Create new restriction_policy resource
foo = datadog.RestrictionPolicy("foo",
resource_id="security-rule:abc-def-ghi",
bindings=[
{
"principals": ["role:00000000-0000-1111-0000-000000000000"],
"relation": "editor",
},
{
"principals": ["org:10000000-0000-1111-0000-000000000000"],
"relation": "viewer",
},
])
package main
import (
"github.com/pulumi/pulumi-datadog/sdk/v4/go/datadog"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Create new restriction_policy resource
_, err := datadog.NewRestrictionPolicy(ctx, "foo", &datadog.RestrictionPolicyArgs{
ResourceId: pulumi.String("security-rule:abc-def-ghi"),
Bindings: datadog.RestrictionPolicyBindingArray{
&datadog.RestrictionPolicyBindingArgs{
Principals: pulumi.StringArray{
pulumi.String("role:00000000-0000-1111-0000-000000000000"),
},
Relation: pulumi.String("editor"),
},
&datadog.RestrictionPolicyBindingArgs{
Principals: pulumi.StringArray{
pulumi.String("org:10000000-0000-1111-0000-000000000000"),
},
Relation: pulumi.String("viewer"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Datadog = Pulumi.Datadog;
return await Deployment.RunAsync(() =>
{
// Create new restriction_policy resource
var foo = new Datadog.RestrictionPolicy("foo", new()
{
ResourceId = "security-rule:abc-def-ghi",
Bindings = new[]
{
new Datadog.Inputs.RestrictionPolicyBindingArgs
{
Principals = new[]
{
"role:00000000-0000-1111-0000-000000000000",
},
Relation = "editor",
},
new Datadog.Inputs.RestrictionPolicyBindingArgs
{
Principals = new[]
{
"org:10000000-0000-1111-0000-000000000000",
},
Relation = "viewer",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.datadog.RestrictionPolicy;
import com.pulumi.datadog.RestrictionPolicyArgs;
import com.pulumi.datadog.inputs.RestrictionPolicyBindingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Create new restriction_policy resource
var foo = new RestrictionPolicy("foo", RestrictionPolicyArgs.builder()
.resourceId("security-rule:abc-def-ghi")
.bindings(
RestrictionPolicyBindingArgs.builder()
.principals("role:00000000-0000-1111-0000-000000000000")
.relation("editor")
.build(),
RestrictionPolicyBindingArgs.builder()
.principals("org:10000000-0000-1111-0000-000000000000")
.relation("viewer")
.build())
.build());
}
}
resources:
# Create new restriction_policy resource
foo:
type: datadog:RestrictionPolicy
properties:
resourceId: security-rule:abc-def-ghi
bindings:
- principals:
- role:00000000-0000-1111-0000-000000000000
relation: editor
- principals:
- org:10000000-0000-1111-0000-000000000000
relation: viewer
Create RestrictionPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RestrictionPolicy(name: string, args: RestrictionPolicyArgs, opts?: CustomResourceOptions);
@overload
def RestrictionPolicy(resource_name: str,
args: RestrictionPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def RestrictionPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_id: Optional[str] = None,
bindings: Optional[Sequence[RestrictionPolicyBindingArgs]] = None)
func NewRestrictionPolicy(ctx *Context, name string, args RestrictionPolicyArgs, opts ...ResourceOption) (*RestrictionPolicy, error)
public RestrictionPolicy(string name, RestrictionPolicyArgs args, CustomResourceOptions? opts = null)
public RestrictionPolicy(String name, RestrictionPolicyArgs args)
public RestrictionPolicy(String name, RestrictionPolicyArgs args, CustomResourceOptions options)
type: datadog:RestrictionPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RestrictionPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RestrictionPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RestrictionPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RestrictionPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RestrictionPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var restrictionPolicyResource = new Datadog.RestrictionPolicy("restrictionPolicyResource", new()
{
ResourceId = "string",
Bindings = new[]
{
new Datadog.Inputs.RestrictionPolicyBindingArgs
{
Principals = new[]
{
"string",
},
Relation = "string",
},
},
});
example, err := datadog.NewRestrictionPolicy(ctx, "restrictionPolicyResource", &datadog.RestrictionPolicyArgs{
ResourceId: pulumi.String("string"),
Bindings: datadog.RestrictionPolicyBindingArray{
&datadog.RestrictionPolicyBindingArgs{
Principals: pulumi.StringArray{
pulumi.String("string"),
},
Relation: pulumi.String("string"),
},
},
})
var restrictionPolicyResource = new RestrictionPolicy("restrictionPolicyResource", RestrictionPolicyArgs.builder()
.resourceId("string")
.bindings(RestrictionPolicyBindingArgs.builder()
.principals("string")
.relation("string")
.build())
.build());
restriction_policy_resource = datadog.RestrictionPolicy("restrictionPolicyResource",
resource_id="string",
bindings=[{
"principals": ["string"],
"relation": "string",
}])
const restrictionPolicyResource = new datadog.RestrictionPolicy("restrictionPolicyResource", {
resourceId: "string",
bindings: [{
principals: ["string"],
relation: "string",
}],
});
type: datadog:RestrictionPolicy
properties:
bindings:
- principals:
- string
relation: string
resourceId: string
RestrictionPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The RestrictionPolicy resource accepts the following input properties:
- Resource
Id string - Identifier for the resource, formatted as resourcetype:resourceid.
- Bindings
List<Restriction
Policy Binding>
- Resource
Id string - Identifier for the resource, formatted as resourcetype:resourceid.
- Bindings
[]Restriction
Policy Binding Args
- resource
Id String - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings
List<Restriction
Policy Binding>
- resource
Id string - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings
Restriction
Policy Binding[]
- resource_
id str - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings
Sequence[Restriction
Policy Binding Args]
- resource
Id String - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings List<Property Map>
Outputs
All input properties are implicitly available as output properties. Additionally, the RestrictionPolicy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RestrictionPolicy Resource
Get an existing RestrictionPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RestrictionPolicyState, opts?: CustomResourceOptions): RestrictionPolicy
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
bindings: Optional[Sequence[RestrictionPolicyBindingArgs]] = None,
resource_id: Optional[str] = None) -> RestrictionPolicy
func GetRestrictionPolicy(ctx *Context, name string, id IDInput, state *RestrictionPolicyState, opts ...ResourceOption) (*RestrictionPolicy, error)
public static RestrictionPolicy Get(string name, Input<string> id, RestrictionPolicyState? state, CustomResourceOptions? opts = null)
public static RestrictionPolicy get(String name, Output<String> id, RestrictionPolicyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Bindings
List<Restriction
Policy Binding> - Resource
Id string - Identifier for the resource, formatted as resourcetype:resourceid.
- Bindings
[]Restriction
Policy Binding Args - Resource
Id string - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings
List<Restriction
Policy Binding> - resource
Id String - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings
Restriction
Policy Binding[] - resource
Id string - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings
Sequence[Restriction
Policy Binding Args] - resource_
id str - Identifier for the resource, formatted as resourcetype:resourceid.
- bindings List<Property Map>
- resource
Id String - Identifier for the resource, formatted as resourcetype:resourceid.
Supporting Types
RestrictionPolicyBinding, RestrictionPolicyBindingArgs
- Principals List<string>
- An array of principals. A principal is a subject or group of subjects. Each principal is formatted as
type:id
. Supported types:role
,team
,user
, andorg
. Org ID can be obtained using aGET /api/v2/current_user
API request. Find it in thedata.relationships.org.data.id
field. - Relation string
- The role/level of access. See this page for more details https://docs.datadoghq.com/api/latest/restriction-policies/#supported-relations-for-resources
- Principals []string
- An array of principals. A principal is a subject or group of subjects. Each principal is formatted as
type:id
. Supported types:role
,team
,user
, andorg
. Org ID can be obtained using aGET /api/v2/current_user
API request. Find it in thedata.relationships.org.data.id
field. - Relation string
- The role/level of access. See this page for more details https://docs.datadoghq.com/api/latest/restriction-policies/#supported-relations-for-resources
- principals List<String>
- An array of principals. A principal is a subject or group of subjects. Each principal is formatted as
type:id
. Supported types:role
,team
,user
, andorg
. Org ID can be obtained using aGET /api/v2/current_user
API request. Find it in thedata.relationships.org.data.id
field. - relation String
- The role/level of access. See this page for more details https://docs.datadoghq.com/api/latest/restriction-policies/#supported-relations-for-resources
- principals string[]
- An array of principals. A principal is a subject or group of subjects. Each principal is formatted as
type:id
. Supported types:role
,team
,user
, andorg
. Org ID can be obtained using aGET /api/v2/current_user
API request. Find it in thedata.relationships.org.data.id
field. - relation string
- The role/level of access. See this page for more details https://docs.datadoghq.com/api/latest/restriction-policies/#supported-relations-for-resources
- principals Sequence[str]
- An array of principals. A principal is a subject or group of subjects. Each principal is formatted as
type:id
. Supported types:role
,team
,user
, andorg
. Org ID can be obtained using aGET /api/v2/current_user
API request. Find it in thedata.relationships.org.data.id
field. - relation str
- The role/level of access. See this page for more details https://docs.datadoghq.com/api/latest/restriction-policies/#supported-relations-for-resources
- principals List<String>
- An array of principals. A principal is a subject or group of subjects. Each principal is formatted as
type:id
. Supported types:role
,team
,user
, andorg
. Org ID can be obtained using aGET /api/v2/current_user
API request. Find it in thedata.relationships.org.data.id
field. - relation String
- The role/level of access. See this page for more details https://docs.datadoghq.com/api/latest/restriction-policies/#supported-relations-for-resources
Import
$ pulumi import datadog:index/restrictionPolicy:RestrictionPolicy new_list "<policy_id>"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Datadog pulumi/pulumi-datadog
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
datadog
Terraform Provider.