powerscale_role (Resource)
This resource is used to manage the role entity of PowerScale Array. We can Create, Update and Delete the role using this resource. We can also import an existing role from PowerScale array.
Example Usage
/*
Copyright (c) 2024 Dell Inc., or its subsidiaries. All Rights Reserved.
Licensed under the Mozilla Public License Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://mozilla.org/MPL/2.0/
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
# Available actions: Create, Update, Delete and Import
# After `terraform apply` of this example file for the first time, you will create a role on the PowerScale
# PowerScale role allows you to permit and limit access to administrative areas of your cluster on a per-user basis through roles.
resource "powerscale_role" "role_test" {
# Required
name = "role_test"
# Optional fields only for creating
zone = "System"
# Optional fields both for creating and updating
description = "role_test_description"
# To add members, the uid/gid is required. Please use user/user_group datasource to look up the uid/gid needed.
members = [
{
id = "UID:10"
},
{
id = "UID:0"
},
{
id = "GID:31"
}
]
# To add privileges, the id is required. Please use role privilege datasource to look up the role privilege id needed.
privileges = [
{
id = "ISI_PRIV_SYS_SUPPORT",
permission = "r"
},
{
id = "ISI_PRIV_SYS_SHUTDOWN",
permission = "r"
}
]
}
# After the execution of above resource block, role would have been created on the PowerScale array.
# For more information, Please check the terraform state file.
Schema
Required
name
(String) Specifies the name of the role.
Optional
description
(String) Specifies the description of the role.members
(Attributes List) Specifies the users or groups that have this role. (see below for nested schema)privileges
(Attributes List) Specifies the privileges granted by this role. (see below for nested schema)zone
(String) Specifies which access zone to use.
Read-Only
id
(String) Specifies the ID of the role.
Nested Schema for members
Required:
id
(String) Specifies the serialized form of a persona, which can be ‘UID:0’
Read-Only:
name
(String) Specifies the persona name, which must be combined with a type.type
(String) Specifies the type of persona, which must be combined with a name.
Nested Schema for privileges
Required:
id
(String) Specifies the ID of the privilege.
Optional:
permission
(String) permission of the privilege, ‘r’ = read , ‘x’ = read-execute, ‘w’ = read-execute-write, ‘-’ = no permission
Read-Only:
name
(String) Specifies the name of the privilege.
Import
Import is supported using the following syntax:
# Copyright (c) 2024 Dell Inc., or its subsidiaries. All Rights Reserved.
# Licensed under the Mozilla Public License Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://mozilla.org/MPL/2.0/
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# The command is
# terraform import powerscale_role.role_test [<zone_id>:]<role_id>
# Example1, <zone_id> is Optional, defaults to System:
terraform import powerscale_role.role_test role_id
# Example2:
terraform import powerscale_role.role_test zone_id:role_id
# after running this command, populate the name field and other required parameters in the config file to start managing this resource.
# Note: running "terraform show" after importing shows the current config/state of the resource. You can copy/paste that config to make it easier to manage the resource.