Roles and Permission Management
The Shipa provider for Terraform allows you to manage both roles and permissions on Shipa directly from Terraform.
Creating Roles
terraform {
required_providers {
shipa = {
version = "0.0.13"
source = "shipa-corp/shipa"
}
}
}
provider "shipa" {
host = "http://target.shipa.cloud:80"
token = "<your-shipa-token>"
}
resource "shipa_role" "role1" {
name = "ShipaAdmin"
context = "app"
description = "test"
}
Component Definitions
Component | Description | Type |
---|---|---|
resource | shipa_role is Shipa's Terraform component for managing roles. | |
name | The name of the new role Required: Yes | string |
context | The context that should be bound to the new role Required: Yes Options: team app global / organization framework | string |
description | Description for the newly created role Required: No | string |
Assigning Permissions to Roles
terraform {
required_providers {
shipa = {
version = "0.0.13"
source = "shipa.io/terraform/shipa"
}
}
}
provider "shipa" {}
resource "shipa_permission" "permission1" {
name = "ShipaAdmin"
permission = ["app.read", "app.deploy"]
}
Component Definition
Component | Description | Type |
---|---|---|
resource | shipa_permission is Shipa's Terraform component for managing roles. | |
name | The name of the role to which permissions will be assigned to. Required: Yes | string |
permission | The permissions that should be assigned to the specified role. You can find a list of available permissions by running the following command from your Shipa CLI: shipa permission list Required: Yes | string |
Associating Roles to Users
terraform {
required_providers {
shipa = {
version = "0.0.13"
source = "shipa.io/terraform/shipa"
}
}
}
provider "shipa" {}
resource "shipa_role_association" "r1" {
name = "ShipaAdmin"
email = "[email protected]"
}
Component Definition
Component | Description | Type |
---|---|---|
resource | shipa_role_association is Shipa's Terraform component for associating existing roles to existing users. | |
name | The name of the existing role that will be associated to a user. Required: Yes | string |
The email of an existing Shipa user who will have the role associated to. Required: Yes | string |
Updated 9 months ago