objectscale_iam_policy (Data Source)

This data source retrieves the JSON definition and metadata of an IAM inline policy attached to a specified Dell ObjectScale principal (user, group, or role).

Example Usage

/*
Copyright (c) 2025 Dell Inc., or its subsidiaries. All Rights Reserved.

Licensed under the Mozilla Public License Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://mozilla.org/MPL/2.0/


Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

### Example: Get all policies in a namespace
data "objectscale_iam_policy" "all_policies" {
  namespace = "ns1"
}

output "all_policies" {
  value = data.objectscale_iam_policy.all_policies.policies
}

### Example: Get a policy by ARN

data "objectscale_iam_policy" "policy_by_arn" {
  namespace = "ns1"
  arn       = "urn:ecs:iam:::policy/ECSS3FullAccess"
}

output "policy_by_arn" {
  value = data.objectscale_iam_policy.policy_by_arn.policies[0]
}

### Example: Get policies attached to a user

data "objectscale_iam_policy" "user_policies" {
  namespace = "ns1"
  user      = "user1"
}

### Example: Get policies attached to a group

data "objectscale_iam_policy" "group_policies" {
  namespace = "ns1"
  group     = "group1"
}

### Example: Get policies attached to a role

data "objectscale_iam_policy" "role_policies" {
  namespace = "ns1"
  role      = "role1"
}

Schema

Required

  • namespace (String) Name of the namespace from where the IAM.

Optional

  • arn (String) ARN of the IAM Policy to be fetched.
  • group (String) Name of the group whose attached policies are to be fetched.
  • role (String) Name of the role whose attached policies are to be fetched.
  • user (String) Name of the user whose attached policies are to be fetched.

Read-Only

Nested Schema for policies

Read-Only:

  • arn (String) The resource name of the policy.
  • attachment_count (Number) The number of entities (users, groups, and roles) that the policy is attached to.
  • create_date (String) The date and time, in ISO 8601 date-time format, when the policy was created.
  • default_version_id (String) The identifier for the version of the policy that is set as the default version.
  • description (String) A friendly description of the policy.
  • is_attachable (Boolean) Specifies whether the policy can be attached to user, group, or role.
  • path (String) The path to the policy
  • permissions_boundary_usage_count (Number) Resource name of the policy that is used to set permissions boundary for the policy.
  • policy_id (String) The stable and unique string identifying the policy.
  • policy_name (String) The friendly name of the policy.
  • update_date (String) The date and time, in ISO 8601 date-time format, when the policy was created.
  • versions (Attributes List) List of IAM Policy Versions. (see below for nested schema)

Nested Schema for policies.versions

Read-Only:

  • create_date (String) The date and time, in ISO 8601 date-time format, when the policy was created.
  • document (String) The policy document, URL-encoded compliant with RFC 3986.
  • is_default_version (Boolean) Specifies whether the policy is the default version.
  • version_id (String) The identifier for the version of the policy that is set as the default version.