dynatrace.getIamPolicies
Explore with Pulumi AI
Dynatrace SaaS only
To utilize this resource, please define the environment variables
DT_CLIENT_ID
,DT_CLIENT_SECRET
,DT_ACCOUNT_ID
with an OAuth client including the following permissions: Allow IAM policy configuration for environments (iam-policies-management
) and View environments (account-env-read
).
You can use the attributes environments
, accounts
and globals
to refine which policies you want to query for.
- The attribute
global
indicates whether the results should also contain global (Dynatrace defined) policies - The attribute
environment
is an array of environment IDs. - The results won’t contain any environment specific policies if the attribute
environments
has been omitted - The results will contain policies for all environments reachable via the given credentials if
environments
is set to["*"]
- The attribute
accounts
is an array of accounts UUIDs. Set this to["*"]
if you want to receive account specific policies. - The results won’t contain any account specific policies if the attribute
accounts
has been omitted
Example Usage
The following example queries for polices of all environments reachable via the given credentials, all accounts and all global policies.
import * as pulumi from "@pulumi/pulumi";
import * as dynatrace from "@pulumi/dynatrace";
const all = dynatrace.getIamPolicies({
accounts: ["*"],
environments: ["*"],
global: true,
});
import pulumi
import pulumi_dynatrace as dynatrace
all = dynatrace.get_iam_policies(accounts=["*"],
environments=["*"],
global_=True)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
Accounts: []string{
"*",
},
Environments: []string{
"*",
},
Global: pulumi.BoolRef(true),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dynatrace = Pulumi.Dynatrace;
return await Deployment.RunAsync(() =>
{
var all = Dynatrace.GetIamPolicies.Invoke(new()
{
Accounts = new[]
{
"*",
},
Environments = new[]
{
"*",
},
Global = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dynatrace.DynatraceFunctions;
import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
.accounts("*")
.environments("*")
.global(true)
.build());
}
}
variables:
all:
fn::invoke:
Function: dynatrace:getIamPolicies
Arguments:
accounts:
- '*'
environments:
- '*'
global: true
The following example queries for policies that are defined for the environment with the id abce234
. No account specific or global policies will be included.
import * as pulumi from "@pulumi/pulumi";
import * as dynatrace from "@pulumi/dynatrace";
const all = dynatrace.getIamPolicies({
environments: ["abce234"],
global: false,
});
import pulumi
import pulumi_dynatrace as dynatrace
all = dynatrace.get_iam_policies(environments=["abce234"],
global_=False)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
Environments: []string{
"abce234",
},
Global: pulumi.BoolRef(false),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dynatrace = Pulumi.Dynatrace;
return await Deployment.RunAsync(() =>
{
var all = Dynatrace.GetIamPolicies.Invoke(new()
{
Environments = new[]
{
"abce234",
},
Global = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dynatrace.DynatraceFunctions;
import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
.environments("abce234")
.global(false)
.build());
}
}
variables:
all:
fn::invoke:
Function: dynatrace:getIamPolicies
Arguments:
environments:
- abce234
global: false
Example Output
import * as pulumi from "@pulumi/pulumi";
import * as dynatrace from "@pulumi/dynatrace";
const all = dynatrace.getIamPolicies({
environments: ["*"],
accounts: ["*"],
global: true,
});
export const policies = all.then(all => all.policies);
import pulumi
import pulumi_dynatrace as dynatrace
all = dynatrace.get_iam_policies(environments=["*"],
accounts=["*"],
global_=True)
pulumi.export("policies", all.policies)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
all, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
Environments: []string{
"*",
},
Accounts: []string{
"*",
},
Global: pulumi.BoolRef(true),
}, nil)
if err != nil {
return err
}
ctx.Export("policies", all.Policies)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dynatrace = Pulumi.Dynatrace;
return await Deployment.RunAsync(() =>
{
var all = Dynatrace.GetIamPolicies.Invoke(new()
{
Environments = new[]
{
"*",
},
Accounts = new[]
{
"*",
},
Global = true,
});
return new Dictionary<string, object?>
{
["policies"] = all.Apply(getIamPoliciesResult => getIamPoliciesResult.Policies),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dynatrace.DynatraceFunctions;
import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
.environments("*")
.accounts("*")
.global(true)
.build());
ctx.export("policies", all.applyValue(getIamPoliciesResult -> getIamPoliciesResult.policies()));
}
}
variables:
all:
fn::invoke:
Function: dynatrace:getIamPolicies
Arguments:
environments:
- '*'
accounts:
- '*'
global: true
outputs:
policies: ${all.policies}
Changes to Outputs:
+ policies = [
+ {
+ account = "########-86d8-####-88bd-############"
+ environment = ""
+ global = false
+ id = "########-7a6a-####-a43e-#############-#account#-#########-86d8-####-88bd-############"
+ name = "storage:bucket-definitions:delete"
+ uuid = "########-7a6a-####-a43e-############"
},
...
+ {
+ account = ""
+ environment = "#######"
+ global = false
+ id = "########-c7d6-####-878c-#############-#environment#-########"
+ name = "some-policy"
+ uuid = "########-c7d6-####-878c-############"
},
...
+ {
+ account = ""
+ environment = ""
+ global = true
+ id = "########-6852-####-9d1b-#############-#global#-#global"
+ name = "Storage Events Read"
+ uuid = "########-6852-####-9d1b-############"
},
]
Using getIamPolicies
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getIamPolicies(args: GetIamPoliciesArgs, opts?: InvokeOptions): Promise<GetIamPoliciesResult>
function getIamPoliciesOutput(args: GetIamPoliciesOutputArgs, opts?: InvokeOptions): Output<GetIamPoliciesResult>
def get_iam_policies(accounts: Optional[Sequence[str]] = None,
environments: Optional[Sequence[str]] = None,
global_: Optional[bool] = None,
groups: Optional[Sequence[str]] = None,
opts: Optional[InvokeOptions] = None) -> GetIamPoliciesResult
def get_iam_policies_output(accounts: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
environments: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
global_: Optional[pulumi.Input[bool]] = None,
groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetIamPoliciesResult]
func GetIamPolicies(ctx *Context, args *GetIamPoliciesArgs, opts ...InvokeOption) (*GetIamPoliciesResult, error)
func GetIamPoliciesOutput(ctx *Context, args *GetIamPoliciesOutputArgs, opts ...InvokeOption) GetIamPoliciesResultOutput
> Note: This function is named GetIamPolicies
in the Go SDK.
public static class GetIamPolicies
{
public static Task<GetIamPoliciesResult> InvokeAsync(GetIamPoliciesArgs args, InvokeOptions? opts = null)
public static Output<GetIamPoliciesResult> Invoke(GetIamPoliciesInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetIamPoliciesResult> getIamPolicies(GetIamPoliciesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: dynatrace:index/getIamPolicies:getIamPolicies
arguments:
# arguments dictionary
The following arguments are supported:
- Accounts List<string>
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - Environments List<string>
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - Global bool
- If
true
the results will contain global policies - Groups List<string>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- Accounts []string
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - Environments []string
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - Global bool
- If
true
the results will contain global policies - Groups []string
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global Boolean
- If
true
the results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts string[]
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments string[]
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global boolean
- If
true
the results will contain global policies - groups string[]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts Sequence[str]
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments Sequence[str]
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global_ bool
- If
true
the results will contain global policies - groups Sequence[str]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global Boolean
- If
true
the results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
getIamPolicies Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
List<Pulumiverse.
Dynatrace. Outputs. Get Iam Policies Policy> - Accounts List<string>
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - Environments List<string>
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - Global bool
- If
true
the results will contain global policies - Groups List<string>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
[]Get
Iam Policies Policy - Accounts []string
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - Environments []string
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - Global bool
- If
true
the results will contain global policies - Groups []string
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id String
- The provider-assigned unique ID for this managed resource.
- policies
List<Get
Iam Policies Policy> - accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global Boolean
- If
true
the results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id string
- The provider-assigned unique ID for this managed resource.
- policies
Get
Iam Policies Policy[] - accounts string[]
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments string[]
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global boolean
- If
true
the results will contain global policies - groups string[]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id str
- The provider-assigned unique ID for this managed resource.
- policies
Sequence[Get
Iam Policies Policy] - accounts Sequence[str]
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments Sequence[str]
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global_ bool
- If
true
the results will contain global policies - groups Sequence[str]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id String
- The provider-assigned unique ID for this managed resource.
- policies List<Property Map>
- accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*
the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*
the results will contain policies for all environments - global Boolean
- If
true
the results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
Supporting Types
GetIamPoliciesPolicy
Package Details
- Repository
- dynatrace pulumiverse/pulumi-dynatrace
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
dynatrace
Terraform Provider.