Docs Home
Sumo Logic v0.23.7 published on Thursday, Oct 24, 2024 by Pulumi
sumologic.ContentPermission
Explore with Pulumi AI
Provides a way to configure permissions on a content to share it with a user, a role, or the entire org. You can read more here.
There are three permission levels View, Edit and Manage. You can read more about different
levels here.
When you add a new permission to a content, all the lower level permissions are added by default. For example, giving a user “Manage” permission on a content, implicitly gives them “Edit” and “View” permissions on the content. Due to this behavior, when you add a higher level permission, you must also add all the lower level permissions. For example, when you give a user “Edit” permission via the resource, you must give them “View” permission otherwise state and configuration will be out of sync.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";
const personalFolder = sumologic.getPersonalFolder({});
const permissionTestContent = new sumologic.Content("permission_test_content", {
parentId: personalFolder.then(personalFolder => personalFolder.id),
config: JSON.stringify({
type: "FolderSyncDefinition",
name: "test_permission_resource_folder",
description: "",
children: [],
}),
});
const role = sumologic.getRole({
name: "test_role",
});
const user = sumologic.getUser({
email: "user@example.com",
});
// Grant user `user@example.com` "Manage" permission and role `test_role`
// "View" permission on the folder `test_permission_resource_folder`.
const contentPermissionTest = new sumologic.ContentPermission("content_permission_test", {
contentId: permissionTestContent.id,
notifyRecipient: true,
notificationMessage: "You now have the permission to access this content",
permissions: [
{
permissionName: "View",
sourceType: "role",
sourceId: role.then(role => role.id),
},
{
permissionName: "View",
sourceType: "user",
sourceId: user.then(user => user.id),
},
{
permissionName: "Edit",
sourceType: "user",
sourceId: user.then(user => user.id),
},
{
permissionName: "Manage",
sourceType: "user",
sourceId: user.then(user => user.id),
},
],
});
import pulumi
import json
import pulumi_sumologic as sumologic
personal_folder = sumologic.get_personal_folder()
permission_test_content = sumologic.Content("permission_test_content",
parent_id=personal_folder.id,
config=json.dumps({
"type": "FolderSyncDefinition",
"name": "test_permission_resource_folder",
"description": "",
"children": [],
}))
role = sumologic.get_role(name="test_role")
user = sumologic.get_user(email="user@example.com")
# Grant user `user@example.com` "Manage" permission and role `test_role`
# "View" permission on the folder `test_permission_resource_folder`.
content_permission_test = sumologic.ContentPermission("content_permission_test",
content_id=permission_test_content.id,
notify_recipient=True,
notification_message="You now have the permission to access this content",
permissions=[
{
"permission_name": "View",
"source_type": "role",
"source_id": role.id,
},
{
"permission_name": "View",
"source_type": "user",
"source_id": user.id,
},
{
"permission_name": "Edit",
"source_type": "user",
"source_id": user.id,
},
{
"permission_name": "Manage",
"source_type": "user",
"source_id": user.id,
},
])
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
personalFolder, err := sumologic.GetPersonalFolder(ctx, &sumologic.GetPersonalFolderArgs{}, nil)
if err != nil {
return err
}
tmpJSON0, err := json.Marshal(map[string]interface{}{
"type": "FolderSyncDefinition",
"name": "test_permission_resource_folder",
"description": "",
"children": []interface{}{},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
permissionTestContent, err := sumologic.NewContent(ctx, "permission_test_content", &sumologic.ContentArgs{
ParentId: pulumi.String(personalFolder.Id),
Config: pulumi.String(json0),
})
if err != nil {
return err
}
role, err := sumologic.LookupRole(ctx, &sumologic.LookupRoleArgs{
Name: pulumi.StringRef("test_role"),
}, nil)
if err != nil {
return err
}
user, err := sumologic.LookupUser(ctx, &sumologic.LookupUserArgs{
Email: pulumi.StringRef("user@example.com"),
}, nil)
if err != nil {
return err
}
// Grant user `user@example.com` "Manage" permission and role `test_role`
// "View" permission on the folder `test_permission_resource_folder`.
_, err = sumologic.NewContentPermission(ctx, "content_permission_test", &sumologic.ContentPermissionArgs{
ContentId: permissionTestContent.ID(),
NotifyRecipient: pulumi.Bool(true),
NotificationMessage: pulumi.String("You now have the permission to access this content"),
Permissions: sumologic.ContentPermissionPermissionArray{
&sumologic.ContentPermissionPermissionArgs{
PermissionName: pulumi.String("View"),
SourceType: pulumi.String("role"),
SourceId: pulumi.String(role.Id),
},
&sumologic.ContentPermissionPermissionArgs{
PermissionName: pulumi.String("View"),
SourceType: pulumi.String("user"),
SourceId: pulumi.String(user.Id),
},
&sumologic.ContentPermissionPermissionArgs{
PermissionName: pulumi.String("Edit"),
SourceType: pulumi.String("user"),
SourceId: pulumi.String(user.Id),
},
&sumologic.ContentPermissionPermissionArgs{
PermissionName: pulumi.String("Manage"),
SourceType: pulumi.String("user"),
SourceId: pulumi.String(user.Id),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;
return await Deployment.RunAsync(() =>
{
var personalFolder = SumoLogic.GetPersonalFolder.Invoke();
var permissionTestContent = new SumoLogic.Content("permission_test_content", new()
{
ParentId = personalFolder.Apply(getPersonalFolderResult => getPersonalFolderResult.Id),
Config = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["type"] = "FolderSyncDefinition",
["name"] = "test_permission_resource_folder",
["description"] = "",
["children"] = new[]
{
},
}),
});
var role = SumoLogic.GetRole.Invoke(new()
{
Name = "test_role",
});
var user = SumoLogic.GetUser.Invoke(new()
{
Email = "user@example.com",
});
// Grant user `user@example.com` "Manage" permission and role `test_role`
// "View" permission on the folder `test_permission_resource_folder`.
var contentPermissionTest = new SumoLogic.ContentPermission("content_permission_test", new()
{
ContentId = permissionTestContent.Id,
NotifyRecipient = true,
NotificationMessage = "You now have the permission to access this content",
Permissions = new[]
{
new SumoLogic.Inputs.ContentPermissionPermissionArgs
{
PermissionName = "View",
SourceType = "role",
SourceId = role.Apply(getRoleResult => getRoleResult.Id),
},
new SumoLogic.Inputs.ContentPermissionPermissionArgs
{
PermissionName = "View",
SourceType = "user",
SourceId = user.Apply(getUserResult => getUserResult.Id),
},
new SumoLogic.Inputs.ContentPermissionPermissionArgs
{
PermissionName = "Edit",
SourceType = "user",
SourceId = user.Apply(getUserResult => getUserResult.Id),
},
new SumoLogic.Inputs.ContentPermissionPermissionArgs
{
PermissionName = "Manage",
SourceType = "user",
SourceId = user.Apply(getUserResult => getUserResult.Id),
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.SumologicFunctions;
import com.pulumi.sumologic.inputs.GetPersonalFolderArgs;
import com.pulumi.sumologic.Content;
import com.pulumi.sumologic.ContentArgs;
import com.pulumi.sumologic.inputs.GetRoleArgs;
import com.pulumi.sumologic.inputs.GetUserArgs;
import com.pulumi.sumologic.ContentPermission;
import com.pulumi.sumologic.ContentPermissionArgs;
import com.pulumi.sumologic.inputs.ContentPermissionPermissionArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var personalFolder = SumologicFunctions.getPersonalFolder();
var permissionTestContent = new Content("permissionTestContent", ContentArgs.builder()
.parentId(personalFolder.applyValue(getPersonalFolderResult -> getPersonalFolderResult.id()))
.config(serializeJson(
jsonObject(
jsonProperty("type", "FolderSyncDefinition"),
jsonProperty("name", "test_permission_resource_folder"),
jsonProperty("description", ""),
jsonProperty("children", jsonArray(
))
)))
.build());
final var role = SumologicFunctions.getRole(GetRoleArgs.builder()
.name("test_role")
.build());
final var user = SumologicFunctions.getUser(GetUserArgs.builder()
.email("user@example.com")
.build());
// Grant user `user@example.com` "Manage" permission and role `test_role`
// "View" permission on the folder `test_permission_resource_folder`.
var contentPermissionTest = new ContentPermission("contentPermissionTest", ContentPermissionArgs.builder()
.contentId(permissionTestContent.id())
.notifyRecipient(true)
.notificationMessage("You now have the permission to access this content")
.permissions(
ContentPermissionPermissionArgs.builder()
.permissionName("View")
.sourceType("role")
.sourceId(role.applyValue(getRoleResult -> getRoleResult.id()))
.build(),
ContentPermissionPermissionArgs.builder()
.permissionName("View")
.sourceType("user")
.sourceId(user.applyValue(getUserResult -> getUserResult.id()))
.build(),
ContentPermissionPermissionArgs.builder()
.permissionName("Edit")
.sourceType("user")
.sourceId(user.applyValue(getUserResult -> getUserResult.id()))
.build(),
ContentPermissionPermissionArgs.builder()
.permissionName("Manage")
.sourceType("user")
.sourceId(user.applyValue(getUserResult -> getUserResult.id()))
.build())
.build());
}
}
resources:
permissionTestContent:
type: sumologic:Content
name: permission_test_content
properties:
parentId: ${personalFolder.id}
config:
fn::toJSON:
type: FolderSyncDefinition
name: test_permission_resource_folder
description:
children: []
# Grant user `user@example.com` "Manage" permission and role `test_role`
# // "View" permission on the folder `test_permission_resource_folder`.
contentPermissionTest:
type: sumologic:ContentPermission
name: content_permission_test
properties:
contentId: ${permissionTestContent.id}
notifyRecipient: true
notificationMessage: You now have the permission to access this content
permissions:
- permissionName: View
sourceType: role
sourceId: ${role.id}
- permissionName: View
sourceType: user
sourceId: ${user.id}
- permissionName: Edit
sourceType: user
sourceId: ${user.id}
- permissionName: Manage
sourceType: user
sourceId: ${user.id}
variables:
personalFolder:
fn::invoke:
Function: sumologic:getPersonalFolder
Arguments: {}
role:
fn::invoke:
Function: sumologic:getRole
Arguments:
name: test_role
user:
fn::invoke:
Function: sumologic:getUser
Arguments:
email: user@example.com
Create ContentPermission Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ContentPermission(name: string, args: ContentPermissionArgs, opts?: CustomResourceOptions);@overload
def ContentPermission(resource_name: str,
args: ContentPermissionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ContentPermission(resource_name: str,
opts: Optional[ResourceOptions] = None,
content_id: Optional[str] = None,
notify_recipient: Optional[bool] = None,
permissions: Optional[Sequence[ContentPermissionPermissionArgs]] = None,
notification_message: Optional[str] = None)func NewContentPermission(ctx *Context, name string, args ContentPermissionArgs, opts ...ResourceOption) (*ContentPermission, error)public ContentPermission(string name, ContentPermissionArgs args, CustomResourceOptions? opts = null)
public ContentPermission(String name, ContentPermissionArgs args)
public ContentPermission(String name, ContentPermissionArgs args, CustomResourceOptions options)
type: sumologic:ContentPermission
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ContentPermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ContentPermissionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ContentPermissionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ContentPermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ContentPermissionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var contentPermissionResource = new SumoLogic.ContentPermission("contentPermissionResource", new()
{
ContentId = "string",
NotifyRecipient = false,
Permissions = new[]
{
new SumoLogic.Inputs.ContentPermissionPermissionArgs
{
PermissionName = "string",
SourceId = "string",
SourceType = "string",
},
},
NotificationMessage = "string",
});
example, err := sumologic.NewContentPermission(ctx, "contentPermissionResource", &sumologic.ContentPermissionArgs{
ContentId: pulumi.String("string"),
NotifyRecipient: pulumi.Bool(false),
Permissions: sumologic.ContentPermissionPermissionArray{
&sumologic.ContentPermissionPermissionArgs{
PermissionName: pulumi.String("string"),
SourceId: pulumi.String("string"),
SourceType: pulumi.String("string"),
},
},
NotificationMessage: pulumi.String("string"),
})
var contentPermissionResource = new ContentPermission("contentPermissionResource", ContentPermissionArgs.builder()
.contentId("string")
.notifyRecipient(false)
.permissions(ContentPermissionPermissionArgs.builder()
.permissionName("string")
.sourceId("string")
.sourceType("string")
.build())
.notificationMessage("string")
.build());
content_permission_resource = sumologic.ContentPermission("contentPermissionResource",
content_id="string",
notify_recipient=False,
permissions=[{
"permission_name": "string",
"source_id": "string",
"source_type": "string",
}],
notification_message="string")
const contentPermissionResource = new sumologic.ContentPermission("contentPermissionResource", {
contentId: "string",
notifyRecipient: false,
permissions: [{
permissionName: "string",
sourceId: "string",
sourceType: "string",
}],
notificationMessage: "string",
});
type: sumologic:ContentPermission
properties:
contentId: string
notificationMessage: string
notifyRecipient: false
permissions:
- permissionName: string
sourceId: string
sourceType: string
ContentPermission Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ContentPermission resource accepts the following input properties:
- Content
Id string - The identifier of the content item for which you want to update permissions.
- Notify
Recipient bool - Boolean value. Set it to "true" to notify the recipients by email.
- Permissions
List<Pulumi.
Sumo Logic. Inputs. Content Permission Permission> - Permission block defining permission on the content. See permission schema for details.
- Notification
Message string - The notification message to send to the users.
- Content
Id string - The identifier of the content item for which you want to update permissions.
- Notify
Recipient bool - Boolean value. Set it to "true" to notify the recipients by email.
- Permissions
[]Content
Permission Permission Args - Permission block defining permission on the content. See permission schema for details.
- Notification
Message string - The notification message to send to the users.
- content
Id String - The identifier of the content item for which you want to update permissions.
- notify
Recipient Boolean - Boolean value. Set it to "true" to notify the recipients by email.
- permissions
List<Content
Permission Permission> - Permission block defining permission on the content. See permission schema for details.
- notification
Message String - The notification message to send to the users.
- content
Id string - The identifier of the content item for which you want to update permissions.
- notify
Recipient boolean - Boolean value. Set it to "true" to notify the recipients by email.
- permissions
Content
Permission Permission[] - Permission block defining permission on the content. See permission schema for details.
- notification
Message string - The notification message to send to the users.
- content_
id str - The identifier of the content item for which you want to update permissions.
- notify_
recipient bool - Boolean value. Set it to "true" to notify the recipients by email.
- permissions
Sequence[Content
Permission Permission Args] - Permission block defining permission on the content. See permission schema for details.
- notification_
message str - The notification message to send to the users.
- content
Id String - The identifier of the content item for which you want to update permissions.
- notify
Recipient Boolean - Boolean value. Set it to "true" to notify the recipients by email.
- permissions List<Property Map>
- Permission block defining permission on the content. See permission schema for details.
- notification
Message String - The notification message to send to the users.
Outputs
All input properties are implicitly available as output properties. Additionally, the ContentPermission resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ContentPermission Resource
Get an existing ContentPermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ContentPermissionState, opts?: CustomResourceOptions): ContentPermission@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
content_id: Optional[str] = None,
notification_message: Optional[str] = None,
notify_recipient: Optional[bool] = None,
permissions: Optional[Sequence[ContentPermissionPermissionArgs]] = None) -> ContentPermissionfunc GetContentPermission(ctx *Context, name string, id IDInput, state *ContentPermissionState, opts ...ResourceOption) (*ContentPermission, error)public static ContentPermission Get(string name, Input<string> id, ContentPermissionState? state, CustomResourceOptions? opts = null)public static ContentPermission get(String name, Output<String> id, ContentPermissionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Content
Id string - The identifier of the content item for which you want to update permissions.
- Notification
Message string - The notification message to send to the users.
- Notify
Recipient bool - Boolean value. Set it to "true" to notify the recipients by email.
- Permissions
List<Pulumi.
Sumo Logic. Inputs. Content Permission Permission> - Permission block defining permission on the content. See permission schema for details.
- Content
Id string - The identifier of the content item for which you want to update permissions.
- Notification
Message string - The notification message to send to the users.
- Notify
Recipient bool - Boolean value. Set it to "true" to notify the recipients by email.
- Permissions
[]Content
Permission Permission Args - Permission block defining permission on the content. See permission schema for details.
- content
Id String - The identifier of the content item for which you want to update permissions.
- notification
Message String - The notification message to send to the users.
- notify
Recipient Boolean - Boolean value. Set it to "true" to notify the recipients by email.
- permissions
List<Content
Permission Permission> - Permission block defining permission on the content. See permission schema for details.
- content
Id string - The identifier of the content item for which you want to update permissions.
- notification
Message string - The notification message to send to the users.
- notify
Recipient boolean - Boolean value. Set it to "true" to notify the recipients by email.
- permissions
Content
Permission Permission[] - Permission block defining permission on the content. See permission schema for details.
- content_
id str - The identifier of the content item for which you want to update permissions.
- notification_
message str - The notification message to send to the users.
- notify_
recipient bool - Boolean value. Set it to "true" to notify the recipients by email.
- permissions
Sequence[Content
Permission Permission Args] - Permission block defining permission on the content. See permission schema for details.
- content
Id String - The identifier of the content item for which you want to update permissions.
- notification
Message String - The notification message to send to the users.
- notify
Recipient Boolean - Boolean value. Set it to "true" to notify the recipients by email.
- permissions List<Property Map>
- Permission block defining permission on the content. See permission schema for details.
Supporting Types
ContentPermissionPermission, ContentPermissionPermissionArgs
- Permission
Name string - Content permission name. Valid values are
View,GrantView,Edit,GrantEdit,Manage, andGrantManage. You can read more about permission levels here. - Source
Id string - An identifier that belongs to the source type chosen above. For example,
if the
sourceTypeis set touser,sourceIdshould be identifier of the user you want to share content with (same goes for role and org source type). - Source
Type string - Type of source for the permission. Valid values are
user,role, andorg.
- Permission
Name string - Content permission name. Valid values are
View,GrantView,Edit,GrantEdit,Manage, andGrantManage. You can read more about permission levels here. - Source
Id string - An identifier that belongs to the source type chosen above. For example,
if the
sourceTypeis set touser,sourceIdshould be identifier of the user you want to share content with (same goes for role and org source type). - Source
Type string - Type of source for the permission. Valid values are
user,role, andorg.
- permission
Name String - Content permission name. Valid values are
View,GrantView,Edit,GrantEdit,Manage, andGrantManage. You can read more about permission levels here. - source
Id String - An identifier that belongs to the source type chosen above. For example,
if the
sourceTypeis set touser,sourceIdshould be identifier of the user you want to share content with (same goes for role and org source type). - source
Type String - Type of source for the permission. Valid values are
user,role, andorg.
- permission
Name string - Content permission name. Valid values are
View,GrantView,Edit,GrantEdit,Manage, andGrantManage. You can read more about permission levels here. - source
Id string - An identifier that belongs to the source type chosen above. For example,
if the
sourceTypeis set touser,sourceIdshould be identifier of the user you want to share content with (same goes for role and org source type). - source
Type string - Type of source for the permission. Valid values are
user,role, andorg.
- permission_
name str - Content permission name. Valid values are
View,GrantView,Edit,GrantEdit,Manage, andGrantManage. You can read more about permission levels here. - source_
id str - An identifier that belongs to the source type chosen above. For example,
if the
sourceTypeis set touser,sourceIdshould be identifier of the user you want to share content with (same goes for role and org source type). - source_
type str - Type of source for the permission. Valid values are
user,role, andorg.
- permission
Name String - Content permission name. Valid values are
View,GrantView,Edit,GrantEdit,Manage, andGrantManage. You can read more about permission levels here. - source
Id String - An identifier that belongs to the source type chosen above. For example,
if the
sourceTypeis set touser,sourceIdshould be identifier of the user you want to share content with (same goes for role and org source type). - source
Type String - Type of source for the permission. Valid values are
user,role, andorg.
Import
Permisions on a content item can be imported using the content identifier, e.g.:
hcl
// import permissions for content item with identifier = 0000000008E0183E
$ pulumi import sumologic:index/contentPermission:ContentPermission dashboard_permission_import 0000000008E0183E
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Sumo Logic pulumi/pulumi-sumologic
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sumologicTerraform Provider.