Documentation ¶
Index ¶
- Variables
- func BlueprintPermissionsSchema() map[string]schema.Attribute
- func NewBlueprintPermissionsResource() resource.Resource
- type BlueprintMetadataPermissionsTFBlock
- type BlueprintPermissionsModel
- type BlueprintPermissionsResource
- func (r *BlueprintPermissionsResource) Configure(ctx context.Context, req resource.ConfigureRequest, ...)
- func (r *BlueprintPermissionsResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)
- func (r *BlueprintPermissionsResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)
- func (r *BlueprintPermissionsResource) ImportState(ctx context.Context, req resource.ImportStateRequest, ...)
- func (r *BlueprintPermissionsResource) Metadata(ctx context.Context, req resource.MetadataRequest, ...)
- func (r *BlueprintPermissionsResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)
- func (r *BlueprintPermissionsResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)
- func (r *BlueprintPermissionsResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)
- type BlueprintPermissionsTFBlock
- type BlueprintRelationsPermissionsTFBlock
- type EntitiesBlueprintPermissionsModel
Constants ¶
This section is empty.
Variables ¶
View Source
var BlueprintPermissionsResourceMarkdownDescription = `
# Blueprint Permissions resource
Docs about blueprint permissions can be found [here](https://docs.getport.io/build-your-software-catalog/set-catalog-rbac/examples/#setting-blueprint-permissions)
` + "```hcl" + `
resource "port_blueprint_permissions" "microservices_permissions" {
blueprint_identifier = "my_blueprint_identifier"
entities = {
"register" = {
"roles" : [
"Member",
],
"users" : [],
"teams" : []
},
}
}
}` + "\n```" + `
## Example Usage
### Allow access to all members:
` + "```hcl" + `
resource "port_blueprint_permissions" "microservices_permissions" {
blueprint_identifier = "my_blueprint_identifier"
entities = {
"register" = {
"roles" : [
"Member",
],
"users" : [],
"teams" : []
},
"unregister" = {
"roles" : [
"Member",
],
"users" : [],
"teams" : []
},
"update" = {
"roles" : [
"Member",
],
"users" : ["test-admin-user@test.com"],
"teams" : []
},
"update_metadata_properties" = {
"icon" = {
"roles" : [
"Member",
],
"users" : [],
"teams" : []
},
"identifier" = {
"roles" : [
"Member",
],
"users" : [],
"teams" : ["Team Spiderman"]
},
"team" = {
"roles" : [
"Admin",
],
"users" : [],
"teams" : []
},
"title" = {
"roles" : [
"Member",
],
"users" : [],
"teams" : []
}
}
}
}` + "\n```" + `
### Allow update ` + "`" + `myStringProperty` + "``" + ` for admins and a specific user and team:
` + "```hcl" + `
resource "port_blueprint_permissions" "microservices_permissions" {
blueprint_identifier = "my_blueprint_identifier"
entities = {
# all properties from the previous example...
"update_properties" = {
"myStringProperty" = {
"roles": [
"Admin",
],
"users": ["test-admin-user@test.com"],
"teams": ["Team Spiderman"],
}
}
}
}
}` + "\n```" + `
### Allow update relations for a specific team for admins and a specific user and team:
` + "```hcl" + `
resource "port_blueprint_permissions" "microservices_permissions" {
blueprint_identifier = "my_blueprint_identifier"
entities = {
# all properties from the first example...
"update_relations" = {
"myRelations" = {
"roles": [
"Admin",
],
"users": ["test-admin-user@test.com"],
"teams": ["Team Spiderman"],
}
}
}
}` + "\n```" + `
## Disclaimer
- Blueprint permissions are created by default when blueprint is first created, this means that you should use this resource when you want to change the default permissions of a blueprint.
- When deleting a blueprint permissions resource using terraform, the blueprint permissions will not be deleted from Port, as they are required for the action to work, instead, the blueprint permissions will be removed from the terraform state.
- You always need to explicity set ` + "`" + `register|unregister|update|update_metadata_properties` + "`" + ` properties.
- All the permission lists (roles, users, teams) are managed by Port in a sorted manner, this means that if your ` + "`" + `.tf` + "`" + ` has for example roles defined out of order, your state will be invalid
E.g:
` + "```hcl" + `
resource "port_blueprint_permissions" "microservices_permissions" {
blueprint_identifier = "my_blueprint_identifier"
entities = {
# invalid:
"register" = {
"roles" : [
"Member",
"Admin",
],
"users" : [],
"teams" : []
},
# valid
"register" = {
"roles" : [
"Admin",
"Member",
],
"users" : [],
"teams" : []
},
...
},
},
}` + "\n```"
Functions ¶
Types ¶
type BlueprintMetadataPermissionsTFBlock ¶
type BlueprintMetadataPermissionsTFBlock struct { Team *BlueprintPermissionsTFBlock `tfsdk:"team"` Icon *BlueprintPermissionsTFBlock `tfsdk:"icon"` Identifier *BlueprintPermissionsTFBlock `tfsdk:"identifier"` Title *BlueprintPermissionsTFBlock `tfsdk:"title"` }
type BlueprintPermissionsModel ¶
type BlueprintPermissionsModel struct { ID types.String `tfsdk:"id"` BlueprintIdentifier types.String `tfsdk:"blueprint_identifier"` Entities *EntitiesBlueprintPermissionsModel `tfsdk:"entities"` }
type BlueprintPermissionsResource ¶
type BlueprintPermissionsResource struct {
// contains filtered or unexported fields
}
func (*BlueprintPermissionsResource) Configure ¶
func (r *BlueprintPermissionsResource) Configure(ctx context.Context, req resource.ConfigureRequest, resp *resource.ConfigureResponse)
func (*BlueprintPermissionsResource) Create ¶
func (r *BlueprintPermissionsResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse)
func (*BlueprintPermissionsResource) Delete ¶
func (r *BlueprintPermissionsResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse)
func (*BlueprintPermissionsResource) ImportState ¶
func (r *BlueprintPermissionsResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse)
func (*BlueprintPermissionsResource) Metadata ¶
func (r *BlueprintPermissionsResource) Metadata(ctx context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse)
func (*BlueprintPermissionsResource) Read ¶
func (r *BlueprintPermissionsResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse)
func (*BlueprintPermissionsResource) Schema ¶
func (r *BlueprintPermissionsResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse)
func (*BlueprintPermissionsResource) Update ¶
func (r *BlueprintPermissionsResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse)
type BlueprintRelationsPermissionsTFBlock ¶
type BlueprintRelationsPermissionsTFBlock map[string]BlueprintPermissionsTFBlock
type EntitiesBlueprintPermissionsModel ¶
type EntitiesBlueprintPermissionsModel struct { Register *BlueprintPermissionsTFBlock `tfsdk:"register"` Unregister *BlueprintPermissionsTFBlock `tfsdk:"unregister"` Update *BlueprintPermissionsTFBlock `tfsdk:"update"` UpdateProperties *BlueprintRelationsPermissionsTFBlock `tfsdk:"update_properties"` UpdateMetadataProperties *BlueprintMetadataPermissionsTFBlock `tfsdk:"update_metadata_properties"` UpdateRelations *BlueprintRelationsPermissionsTFBlock `tfsdk:"update_relations"` }
Click to show internal directories.
Click to hide internal directories.