Docs Home
Grafana v0.7.0 published on Tuesday, Nov 5, 2024 by pulumiverse
grafana.RoleAssignment
Explore with Pulumi AI
Deprecated: grafana.index/roleassignment.RoleAssignment has been deprecated in favor of grafana.enterprise/roleassignment.RoleAssignment
Manages the entire set of assignments for a role. Assignments that aren’t specified when applying this resource will be removed. Note: This resource is available only with Grafana Enterprise 9.2+.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as grafana from "@pulumiverse/grafana";
const testRole = new grafana.enterprise.Role("test_role", {
name: "Test Role",
uid: "testrole",
version: 1,
global: true,
permissions: [{
action: "org.users:add",
scope: "users:*",
}],
});
const testTeam = new grafana.oss.Team("test_team", {name: "terraform_test_team"});
const testUser = new grafana.oss.User("test_user", {
email: "terraform_user@test.com",
login: "terraform_user@test.com",
password: "password",
});
const testSa = new grafana.oss.ServiceAccount("test_sa", {
name: "terraform_test_sa",
role: "Viewer",
});
const test = new grafana.enterprise.RoleAssignment("test", {
roleUid: testRole.uid,
users: [testUser.id],
teams: [testTeam.id],
serviceAccounts: [testSa.id],
});
import pulumi
import pulumiverse_grafana as grafana
test_role = grafana.enterprise.Role("test_role",
name="Test Role",
uid="testrole",
version=1,
global_=True,
permissions=[{
"action": "org.users:add",
"scope": "users:*",
}])
test_team = grafana.oss.Team("test_team", name="terraform_test_team")
test_user = grafana.oss.User("test_user",
email="terraform_user@test.com",
login="terraform_user@test.com",
password="password")
test_sa = grafana.oss.ServiceAccount("test_sa",
name="terraform_test_sa",
role="Viewer")
test = grafana.enterprise.RoleAssignment("test",
role_uid=test_role.uid,
users=[test_user.id],
teams=[test_team.id],
service_accounts=[test_sa.id])
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-grafana/sdk/go/grafana/enterprise"
"github.com/pulumiverse/pulumi-grafana/sdk/go/grafana/oss"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
testRole, err := enterprise.NewRole(ctx, "test_role", &enterprise.RoleArgs{
Name: pulumi.String("Test Role"),
Uid: pulumi.String("testrole"),
Version: pulumi.Int(1),
Global: pulumi.Bool(true),
Permissions: enterprise.RolePermissionArray{
&enterprise.RolePermissionArgs{
Action: pulumi.String("org.users:add"),
Scope: pulumi.String("users:*"),
},
},
})
if err != nil {
return err
}
testTeam, err := oss.NewTeam(ctx, "test_team", &oss.TeamArgs{
Name: pulumi.String("terraform_test_team"),
})
if err != nil {
return err
}
testUser, err := oss.NewUser(ctx, "test_user", &oss.UserArgs{
Email: pulumi.String("terraform_user@test.com"),
Login: pulumi.String("terraform_user@test.com"),
Password: pulumi.String("password"),
})
if err != nil {
return err
}
testSa, err := oss.NewServiceAccount(ctx, "test_sa", &oss.ServiceAccountArgs{
Name: pulumi.String("terraform_test_sa"),
Role: pulumi.String("Viewer"),
})
if err != nil {
return err
}
_, err = enterprise.NewRoleAssignment(ctx, "test", &enterprise.RoleAssignmentArgs{
RoleUid: testRole.Uid,
Users: pulumi.IntArray{
testUser.ID(),
},
Teams: pulumi.StringArray{
testTeam.ID(),
},
ServiceAccounts: pulumi.StringArray{
testSa.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Grafana = Pulumiverse.Grafana;
return await Deployment.RunAsync(() =>
{
var testRole = new Grafana.Enterprise.Role("test_role", new()
{
Name = "Test Role",
Uid = "testrole",
Version = 1,
Global = true,
Permissions = new[]
{
new Grafana.Enterprise.Inputs.RolePermissionArgs
{
Action = "org.users:add",
Scope = "users:*",
},
},
});
var testTeam = new Grafana.Oss.Team("test_team", new()
{
Name = "terraform_test_team",
});
var testUser = new Grafana.Oss.User("test_user", new()
{
Email = "terraform_user@test.com",
Login = "terraform_user@test.com",
Password = "password",
});
var testSa = new Grafana.Oss.ServiceAccount("test_sa", new()
{
Name = "terraform_test_sa",
Role = "Viewer",
});
var test = new Grafana.Enterprise.RoleAssignment("test", new()
{
RoleUid = testRole.Uid,
Users = new[]
{
testUser.Id,
},
Teams = new[]
{
testTeam.Id,
},
ServiceAccounts = new[]
{
testSa.Id,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.grafana.enterprise.Role;
import com.pulumi.grafana.enterprise.RoleArgs;
import com.pulumi.grafana.enterprise.inputs.RolePermissionArgs;
import com.pulumi.grafana.oss.Team;
import com.pulumi.grafana.oss.TeamArgs;
import com.pulumi.grafana.oss.User;
import com.pulumi.grafana.oss.UserArgs;
import com.pulumi.grafana.oss.ServiceAccount;
import com.pulumi.grafana.oss.ServiceAccountArgs;
import com.pulumi.grafana.enterprise.RoleAssignment;
import com.pulumi.grafana.enterprise.RoleAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testRole = new Role("testRole", RoleArgs.builder()
.name("Test Role")
.uid("testrole")
.version(1)
.global(true)
.permissions(RolePermissionArgs.builder()
.action("org.users:add")
.scope("users:*")
.build())
.build());
var testTeam = new Team("testTeam", TeamArgs.builder()
.name("terraform_test_team")
.build());
var testUser = new User("testUser", UserArgs.builder()
.email("terraform_user@test.com")
.login("terraform_user@test.com")
.password("password")
.build());
var testSa = new ServiceAccount("testSa", ServiceAccountArgs.builder()
.name("terraform_test_sa")
.role("Viewer")
.build());
var test = new RoleAssignment("test", RoleAssignmentArgs.builder()
.roleUid(testRole.uid())
.users(testUser.id())
.teams(testTeam.id())
.serviceAccounts(testSa.id())
.build());
}
}
resources:
testRole:
type: grafana:enterprise:Role
name: test_role
properties:
name: Test Role
uid: testrole
version: 1
global: true
permissions:
- action: org.users:add
scope: users:*
testTeam:
type: grafana:oss:Team
name: test_team
properties:
name: terraform_test_team
testUser:
type: grafana:oss:User
name: test_user
properties:
email: terraform_user@test.com
login: terraform_user@test.com
password: password
testSa:
type: grafana:oss:ServiceAccount
name: test_sa
properties:
name: terraform_test_sa
role: Viewer
test:
type: grafana:enterprise:RoleAssignment
properties:
roleUid: ${testRole.uid}
users:
- ${testUser.id}
teams:
- ${testTeam.id}
serviceAccounts:
- ${testSa.id}
Create RoleAssignment Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RoleAssignment(name: string, args: RoleAssignmentArgs, opts?: CustomResourceOptions);@overload
def RoleAssignment(resource_name: str,
args: RoleAssignmentArgs,
opts: Optional[ResourceOptions] = None)
@overload
def RoleAssignment(resource_name: str,
opts: Optional[ResourceOptions] = None,
org_id: Optional[str] = None,
role_uid: Optional[str] = None,
service_accounts: Optional[Sequence[str]] = None,
teams: Optional[Sequence[str]] = None,
users: Optional[Sequence[int]] = None)func NewRoleAssignment(ctx *Context, name string, args RoleAssignmentArgs, opts ...ResourceOption) (*RoleAssignment, error)public RoleAssignment(string name, RoleAssignmentArgs args, CustomResourceOptions? opts = null)
public RoleAssignment(String name, RoleAssignmentArgs args)
public RoleAssignment(String name, RoleAssignmentArgs args, CustomResourceOptions options)
type: grafana:RoleAssignment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RoleAssignmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RoleAssignmentArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RoleAssignmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RoleAssignmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RoleAssignmentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
RoleAssignment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The RoleAssignment resource accepts the following input properties:
- Role
Uid string - Grafana RBAC role UID.
- Org
Id string - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- Service
Accounts List<string> - IDs of service accounts that the role should be assigned to.
- Teams List<string>
- IDs of teams that the role should be assigned to.
- Users List<int>
- IDs of users that the role should be assigned to.
- Role
Uid string - Grafana RBAC role UID.
- Org
Id string - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- Service
Accounts []string - IDs of service accounts that the role should be assigned to.
- Teams []string
- IDs of teams that the role should be assigned to.
- Users []int
- IDs of users that the role should be assigned to.
- role
Uid String - Grafana RBAC role UID.
- org
Id String - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- service
Accounts List<String> - IDs of service accounts that the role should be assigned to.
- teams List<String>
- IDs of teams that the role should be assigned to.
- users List<Integer>
- IDs of users that the role should be assigned to.
- role
Uid string - Grafana RBAC role UID.
- org
Id string - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- service
Accounts string[] - IDs of service accounts that the role should be assigned to.
- teams string[]
- IDs of teams that the role should be assigned to.
- users number[]
- IDs of users that the role should be assigned to.
- role_
uid str - Grafana RBAC role UID.
- org_
id str - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- service_
accounts Sequence[str] - IDs of service accounts that the role should be assigned to.
- teams Sequence[str]
- IDs of teams that the role should be assigned to.
- users Sequence[int]
- IDs of users that the role should be assigned to.
- role
Uid String - Grafana RBAC role UID.
- org
Id String - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- service
Accounts List<String> - IDs of service accounts that the role should be assigned to.
- teams List<String>
- IDs of teams that the role should be assigned to.
- users List<Number>
- IDs of users that the role should be assigned to.
Outputs
All input properties are implicitly available as output properties. Additionally, the RoleAssignment resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RoleAssignment Resource
Get an existing RoleAssignment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RoleAssignmentState, opts?: CustomResourceOptions): RoleAssignment@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
org_id: Optional[str] = None,
role_uid: Optional[str] = None,
service_accounts: Optional[Sequence[str]] = None,
teams: Optional[Sequence[str]] = None,
users: Optional[Sequence[int]] = None) -> RoleAssignmentfunc GetRoleAssignment(ctx *Context, name string, id IDInput, state *RoleAssignmentState, opts ...ResourceOption) (*RoleAssignment, error)public static RoleAssignment Get(string name, Input<string> id, RoleAssignmentState? state, CustomResourceOptions? opts = null)public static RoleAssignment get(String name, Output<String> id, RoleAssignmentState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Org
Id string - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- Role
Uid string - Grafana RBAC role UID.
- Service
Accounts List<string> - IDs of service accounts that the role should be assigned to.
- Teams List<string>
- IDs of teams that the role should be assigned to.
- Users List<int>
- IDs of users that the role should be assigned to.
- Org
Id string - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- Role
Uid string - Grafana RBAC role UID.
- Service
Accounts []string - IDs of service accounts that the role should be assigned to.
- Teams []string
- IDs of teams that the role should be assigned to.
- Users []int
- IDs of users that the role should be assigned to.
- org
Id String - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- role
Uid String - Grafana RBAC role UID.
- service
Accounts List<String> - IDs of service accounts that the role should be assigned to.
- teams List<String>
- IDs of teams that the role should be assigned to.
- users List<Integer>
- IDs of users that the role should be assigned to.
- org
Id string - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- role
Uid string - Grafana RBAC role UID.
- service
Accounts string[] - IDs of service accounts that the role should be assigned to.
- teams string[]
- IDs of teams that the role should be assigned to.
- users number[]
- IDs of users that the role should be assigned to.
- org_
id str - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- role_
uid str - Grafana RBAC role UID.
- service_
accounts Sequence[str] - IDs of service accounts that the role should be assigned to.
- teams Sequence[str]
- IDs of teams that the role should be assigned to.
- users Sequence[int]
- IDs of users that the role should be assigned to.
- org
Id String - The Organization ID. If not set, the Org ID defined in the provider block will be used.
- role
Uid String - Grafana RBAC role UID.
- service
Accounts List<String> - IDs of service accounts that the role should be assigned to.
- teams List<String>
- IDs of teams that the role should be assigned to.
- users List<Number>
- IDs of users that the role should be assigned to.
Import
$ pulumi import grafana:index/roleAssignment:RoleAssignment name "{{ roleUID }}"
$ pulumi import grafana:index/roleAssignment:RoleAssignment name "{{ orgID }}:{{ roleUID }}"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- grafana pulumiverse/pulumi-grafana
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
grafanaTerraform Provider.