1. Packages
  2. Dynatrace
  3. API Docs
  4. getIamPolicies
Dynatrace v0.21.0 published on Sunday, Nov 17, 2024 by Pulumiverse

dynatrace.getIamPolicies

Explore with Pulumi AI

dynatrace logo
Dynatrace v0.21.0 published on Sunday, Nov 17, 2024 by Pulumiverse

    Dynatrace SaaS only

    To utilize this resource, please define the environment variables DT_CLIENT_ID, DT_CLIENT_SECRET, DT_ACCOUNT_ID with an OAuth client including the following permissions: Allow IAM policy configuration for environments (iam-policies-management) and View environments (account-env-read).

    You can use the attributes environments, accounts and globals to refine which policies you want to query for.

    • The attribute global indicates whether the results should also contain global (Dynatrace defined) policies
    • The attribute environment is an array of environment IDs.
    • The results won’t contain any environment specific policies if the attribute environments has been omitted
    • The results will contain policies for all environments reachable via the given credentials if environments is set to ["*"]
    • The attribute accounts is an array of accounts UUIDs. Set this to ["*"] if you want to receive account specific policies.
    • The results won’t contain any account specific policies if the attribute accounts has been omitted

    Example Usage

    The following example queries for polices of all environments reachable via the given credentials, all accounts and all global policies.

    import * as pulumi from "@pulumi/pulumi";
    import * as dynatrace from "@pulumi/dynatrace";
    
    const all = dynatrace.getIamPolicies({
        accounts: ["*"],
        environments: ["*"],
        global: true,
    });
    
    import pulumi
    import pulumi_dynatrace as dynatrace
    
    all = dynatrace.get_iam_policies(accounts=["*"],
        environments=["*"],
        global_=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
    			Accounts: []string{
    				"*",
    			},
    			Environments: []string{
    				"*",
    			},
    			Global: pulumi.BoolRef(true),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Dynatrace = Pulumi.Dynatrace;
    
    return await Deployment.RunAsync(() => 
    {
        var all = Dynatrace.GetIamPolicies.Invoke(new()
        {
            Accounts = new[]
            {
                "*",
            },
            Environments = new[]
            {
                "*",
            },
            Global = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.dynatrace.DynatraceFunctions;
    import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
                .accounts("*")
                .environments("*")
                .global(true)
                .build());
    
        }
    }
    
    variables:
      all:
        fn::invoke:
          Function: dynatrace:getIamPolicies
          Arguments:
            accounts:
              - '*'
            environments:
              - '*'
            global: true
    

    The following example queries for policies that are defined for the environment with the id abce234. No account specific or global policies will be included.

    import * as pulumi from "@pulumi/pulumi";
    import * as dynatrace from "@pulumi/dynatrace";
    
    const all = dynatrace.getIamPolicies({
        environments: ["abce234"],
        global: false,
    });
    
    import pulumi
    import pulumi_dynatrace as dynatrace
    
    all = dynatrace.get_iam_policies(environments=["abce234"],
        global_=False)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
    			Environments: []string{
    				"abce234",
    			},
    			Global: pulumi.BoolRef(false),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Dynatrace = Pulumi.Dynatrace;
    
    return await Deployment.RunAsync(() => 
    {
        var all = Dynatrace.GetIamPolicies.Invoke(new()
        {
            Environments = new[]
            {
                "abce234",
            },
            Global = false,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.dynatrace.DynatraceFunctions;
    import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
                .environments("abce234")
                .global(false)
                .build());
    
        }
    }
    
    variables:
      all:
        fn::invoke:
          Function: dynatrace:getIamPolicies
          Arguments:
            environments:
              - abce234
            global: false
    

    Example Output

    import * as pulumi from "@pulumi/pulumi";
    import * as dynatrace from "@pulumi/dynatrace";
    
    const all = dynatrace.getIamPolicies({
        environments: ["*"],
        accounts: ["*"],
        global: true,
    });
    export const policies = all.then(all => all.policies);
    
    import pulumi
    import pulumi_dynatrace as dynatrace
    
    all = dynatrace.get_iam_policies(environments=["*"],
        accounts=["*"],
        global_=True)
    pulumi.export("policies", all.policies)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		all, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
    			Environments: []string{
    				"*",
    			},
    			Accounts: []string{
    				"*",
    			},
    			Global: pulumi.BoolRef(true),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("policies", all.Policies)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Dynatrace = Pulumi.Dynatrace;
    
    return await Deployment.RunAsync(() => 
    {
        var all = Dynatrace.GetIamPolicies.Invoke(new()
        {
            Environments = new[]
            {
                "*",
            },
            Accounts = new[]
            {
                "*",
            },
            Global = true,
        });
    
        return new Dictionary<string, object?>
        {
            ["policies"] = all.Apply(getIamPoliciesResult => getIamPoliciesResult.Policies),
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.dynatrace.DynatraceFunctions;
    import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
                .environments("*")
                .accounts("*")
                .global(true)
                .build());
    
            ctx.export("policies", all.applyValue(getIamPoliciesResult -> getIamPoliciesResult.policies()));
        }
    }
    
    variables:
      all:
        fn::invoke:
          Function: dynatrace:getIamPolicies
          Arguments:
            environments:
              - '*'
            accounts:
              - '*'
            global: true
    outputs:
      policies: ${all.policies}
    
    Changes to Outputs:
      + policies = [
          + {
              + account     = "########-86d8-####-88bd-############"
              + environment = ""
              + global      = false
              + id          = "########-7a6a-####-a43e-#############-#account#-#########-86d8-####-88bd-############"      
              + name        = "storage:bucket-definitions:delete"
              + uuid        = "########-7a6a-####-a43e-############"
            },
            ...
          + {
              + account     = ""
              + environment = "#######"
              + global      = false
              + id          = "########-c7d6-####-878c-#############-#environment#-########"
              + name        = "some-policy"
              + uuid        = "########-c7d6-####-878c-############"
            }, 
            ...
          + {
              + account     = ""
              + environment = ""
              + global      = true
              + id          = "########-6852-####-9d1b-#############-#global#-#global"
              + name        = "Storage Events Read"
              + uuid        = "########-6852-####-9d1b-############"
            },               
        ]
    

    Using getIamPolicies

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getIamPolicies(args: GetIamPoliciesArgs, opts?: InvokeOptions): Promise<GetIamPoliciesResult>
    function getIamPoliciesOutput(args: GetIamPoliciesOutputArgs, opts?: InvokeOptions): Output<GetIamPoliciesResult>
    def get_iam_policies(accounts: Optional[Sequence[str]] = None,
                         environments: Optional[Sequence[str]] = None,
                         global_: Optional[bool] = None,
                         groups: Optional[Sequence[str]] = None,
                         opts: Optional[InvokeOptions] = None) -> GetIamPoliciesResult
    def get_iam_policies_output(accounts: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                         environments: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                         global_: Optional[pulumi.Input[bool]] = None,
                         groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                         opts: Optional[InvokeOptions] = None) -> Output[GetIamPoliciesResult]
    func GetIamPolicies(ctx *Context, args *GetIamPoliciesArgs, opts ...InvokeOption) (*GetIamPoliciesResult, error)
    func GetIamPoliciesOutput(ctx *Context, args *GetIamPoliciesOutputArgs, opts ...InvokeOption) GetIamPoliciesResultOutput

    > Note: This function is named GetIamPolicies in the Go SDK.

    public static class GetIamPolicies 
    {
        public static Task<GetIamPoliciesResult> InvokeAsync(GetIamPoliciesArgs args, InvokeOptions? opts = null)
        public static Output<GetIamPoliciesResult> Invoke(GetIamPoliciesInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetIamPoliciesResult> getIamPolicies(GetIamPoliciesArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: dynatrace:index/getIamPolicies:getIamPolicies
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Accounts List<string>
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    Environments List<string>
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    Global bool
    If true the results will contain global policies
    Groups List<string>
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    Accounts []string
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    Environments []string
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    Global bool
    If true the results will contain global policies
    Groups []string
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    accounts List<String>
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments List<String>
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global Boolean
    If true the results will contain global policies
    groups List<String>
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    accounts string[]
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments string[]
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global boolean
    If true the results will contain global policies
    groups string[]
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    accounts Sequence[str]
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments Sequence[str]
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global_ bool
    If true the results will contain global policies
    groups Sequence[str]
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    accounts List<String>
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments List<String>
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global Boolean
    If true the results will contain global policies
    groups List<String>
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies

    getIamPolicies Result

    The following output properties are available:

    Id string
    The provider-assigned unique ID for this managed resource.
    Policies List<Pulumiverse.Dynatrace.Outputs.GetIamPoliciesPolicy>
    Accounts List<string>
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    Environments List<string>
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    Global bool
    If true the results will contain global policies
    Groups List<string>
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    Id string
    The provider-assigned unique ID for this managed resource.
    Policies []GetIamPoliciesPolicy
    Accounts []string
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    Environments []string
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    Global bool
    If true the results will contain global policies
    Groups []string
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    id String
    The provider-assigned unique ID for this managed resource.
    policies List<GetIamPoliciesPolicy>
    accounts List<String>
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments List<String>
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global Boolean
    If true the results will contain global policies
    groups List<String>
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    id string
    The provider-assigned unique ID for this managed resource.
    policies GetIamPoliciesPolicy[]
    accounts string[]
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments string[]
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global boolean
    If true the results will contain global policies
    groups string[]
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    id str
    The provider-assigned unique ID for this managed resource.
    policies Sequence[GetIamPoliciesPolicy]
    accounts Sequence[str]
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments Sequence[str]
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global_ bool
    If true the results will contain global policies
    groups Sequence[str]
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
    id String
    The provider-assigned unique ID for this managed resource.
    policies List<Property Map>
    accounts List<String>
    The results will contain policies defined for the given accountID. If one of the entries contains * the results will contain policies for all accounts
    environments List<String>
    The results will contain policies defined for the given environments. If one of the entries contains * the results will contain policies for all environments
    global Boolean
    If true the results will contain global policies
    groups List<String>
    The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies

    Supporting Types

    GetIamPoliciesPolicy

    Id string
    Name string
    The name of the policy
    Uuid string
    The UUID of the policy
    Account string
    The account UUID the policy is defined for
    Environment string
    The environment ID the policy is defined for
    Global bool
    true if this is a global policy`
    Id string
    Name string
    The name of the policy
    Uuid string
    The UUID of the policy
    Account string
    The account UUID the policy is defined for
    Environment string
    The environment ID the policy is defined for
    Global bool
    true if this is a global policy`
    id String
    name String
    The name of the policy
    uuid String
    The UUID of the policy
    account String
    The account UUID the policy is defined for
    environment String
    The environment ID the policy is defined for
    global Boolean
    true if this is a global policy`
    id string
    name string
    The name of the policy
    uuid string
    The UUID of the policy
    account string
    The account UUID the policy is defined for
    environment string
    The environment ID the policy is defined for
    global boolean
    true if this is a global policy`
    id str
    name str
    The name of the policy
    uuid str
    The UUID of the policy
    account str
    The account UUID the policy is defined for
    environment str
    The environment ID the policy is defined for
    global_ bool
    true if this is a global policy`
    id String
    name String
    The name of the policy
    uuid String
    The UUID of the policy
    account String
    The account UUID the policy is defined for
    environment String
    The environment ID the policy is defined for
    global Boolean
    true if this is a global policy`

    Package Details

    Repository
    dynatrace pulumiverse/pulumi-dynatrace
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the dynatrace Terraform Provider.
    dynatrace logo
    Dynatrace v0.21.0 published on Sunday, Nov 17, 2024 by Pulumiverse