mirrors/terraform-provider-proxmox
0
0
Fork 0
mirror of https://github.com/bpg/terraform-provider-proxmox.git synced 2025-06-30 10:33:46 +00:00
Code
afcbb415a3
terraform-provider-proxmox/docs/resources/virtual_environment_acl.md
hrmny afcbb415a3
feat(access): add ACL resource (#1166) 
* feat: add ACL resource

Signed-off-by: hrmny <8845940+ForsakenHarmony@users.noreply.github.com>

* chore: move code under /access, cleanup acc tests

Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>

---------

Signed-off-by: hrmny <8845940+ForsakenHarmony@users.noreply.github.com>
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Co-authored-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
2024-05-08 20:22:15 -04:00

2.2 KiB
Raw Blame History

layout title parent subcategory description
page proxmox_virtual_environment_acl Resources Virtual Environment Manages ACLs on the Proxmox cluster. ACLs are used to control access to resources in the Proxmox cluster. Each ACL consists of a path, a user, group or token, a role, and a flag to allow propagation of permissions.

Resource: proxmox_virtual_environment_acl

Manages ACLs on the Proxmox cluster.

ACLs are used to control access to resources in the Proxmox cluster. Each ACL consists of a path, a user, group or token, a role, and a flag to allow propagation of permissions.

Example Usage

resource "proxmox_virtual_environment_user" "operations_automation" {
  comment  = "Managed by Terraform"
  password = "a-strong-password"
  user_id  = "operations-automation@pve"
}

resource "proxmox_virtual_environment_role" "operations_monitoring" {
  role_id = "operations-monitoring"

  privileges = [
    "VM.Monitor",
  ]
}

resource "proxmox_virtual_environment_acl" "operations_automation_monitoring" {
  user_id = proxmox_virtual_environment_user.operations_automation.user_id
  role_id = proxmox_virtual_environment_role.operations_monitoring.role_id

  path      = "/vms/1234"
  propagate = true
}

Schema

Required

  • path (String) Access control path
  • role_id (String) The role to apply

Optional

  • group_id (String) The group the ACL should apply to (mutually exclusive with token_id and user_id)
  • propagate (Boolean) Allow to propagate (inherit) permissions.
  • token_id (String) The token the ACL should apply to (mutually exclusive with group_id and user_id)
  • user_id (String) The user the ACL should apply to (mutually exclusive with group_id and token_id)

Read-Only

  • id (String) The unique identifier of this resource.

Import

Import is supported using the following syntax:

#!/usr/bin/env sh
# ACL can be imported using its unique identifier, e.g.: {path}?entity_id={group|user@realm|user@realm!token}?role_id={role}
terraform import proxmox_virtual_environment_acl.operations_automation_monitoring /?entity_id=monitor@pve&role_id=operations-monitoring