stackit-dev-tools/terraform-provider-stackitprivatepreview
3
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

IAM Role Assignment (#665)

Browse source 
* Initial PoC for a Project Role Assignment resource

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* fix: move project_role_assignment into new "authorization" resource group

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* feat: add authorization_project_role_assignment acceptance test

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* docs: add authorization_project_role_assignment docs and examples

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* fix: linting

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* feat: add generic role_assignment resources

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* feat: add infrastructure for experimental features

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* feat: Make IAM resources part of the iam experiment

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* fix: Log an error if an experiment does not exist

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

* fix: Do not cache the experiment check

Caching the experiment check causes problems when
running the provider in debug mode, since
configure in the provider can be called multiple
times there with different configurations, with
different experiments enabled.

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>

---------

Signed-off-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>
Co-authored-by: Benjamin Ritter <benjamin.ritter@stackit.cloud>
This commit is contained in:
Benjamin Ritter 2025-03-14 10:31:05 +01:00 committed by GitHub
parent 69b117f4e7
commit dadea7a904
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
18 changed files with 853 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/index.md
View file

@ -157,6 +157,7 @@ Note: AWS specific checks must be skipped as they do not work on STACKIT. For de
- `default_region` (String) Region will be used as the default location for regional services. Not all services require a region, some are global
- `dns_custom_endpoint` (String) Custom endpoint for the DNS service
- `enable_beta_resources` (Boolean) Enable beta resources. Default is false.
- `experiments` (List of String) Enables experiments. These are unstable features without official support. More information can be found in the README. Available Experiments: [iam]
- `iaas_custom_endpoint` (String) Custom endpoint for the IaaS service
- `loadbalancer_custom_endpoint` (String) Custom endpoint for the Load Balancer service
- `logme_custom_endpoint` (String) Custom endpoint for the LogMe service

37
docs/resources/authorization_organization_role_assignment.md Normal file
View file

@ -0,0 +1,37 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "stackit_authorization_organization_role_assignment Resource - stackit"
subcategory: ""
description: |-
organization Role Assignment resource schema.
~> This resource is part of the iam experiment and is likely going to undergo significant changes or be removed in the future. Use it at your own discretion.
---
# stackit_authorization_organization_role_assignment (Resource)
organization Role Assignment resource schema.
~> This resource is part of the iam experiment and is likely going to undergo significant changes or be removed in the future. Use it at your own discretion.
## Example Usage
```terraform
resource "stackit_authorization_organization_role_assignment" "example" {
resource_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
role = "owner"
subject = "john.doe@stackit.cloud"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `resource_id` (String) organization Resource to assign the role to.
- `role` (String) Role to be assigned
- `subject` (String) Identifier of user, service account or client. Usually email address or name in case of clients
### Read-Only
- `id` (String) Terraform's internal resource identifier. It is structured as "[resource_id],[role],[subject]".

37
docs/resources/authorization_project_role_assignment.md Normal file
View file

@ -0,0 +1,37 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "stackit_authorization_project_role_assignment Resource - stackit"
subcategory: ""
description: |-
project Role Assignment resource schema.
~> This resource is part of the iam experiment and is likely going to undergo significant changes or be removed in the future. Use it at your own discretion.
---
# stackit_authorization_project_role_assignment (Resource)
project Role Assignment resource schema.
~> This resource is part of the iam experiment and is likely going to undergo significant changes or be removed in the future. Use it at your own discretion.
## Example Usage
```terraform
resource "stackit_authorization_project_role_assignment" "example" {
resource_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
role = "owner"
subject = "john.doe@stackit.cloud"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `resource_id` (String) project Resource to assign the role to.
- `role` (String) Role to be assigned
- `subject` (String) Identifier of user, service account or client. Usually email address or name in case of clients
### Read-Only
- `id` (String) Terraform's internal resource identifier. It is structured as "[resource_id],[role],[subject]".