search

sbercloud-terraform / terraform-provider-sbercloud

Terraform SberCloud Provider
https://registry.terraform.io/providers/sbercloud-terraform/sbercloud/latest/docs
Mozilla Public License 2.0
34 stars 21 forks source link

"How to Assign Roles to Scope 'All-Projects' in SberCloud? Missing Info in Docs" #241

Closed qukly closed 1 year ago

qukly commented 1 year ago

Request from AmazMe project

Terraform Version Terraform v1.1.3 on linux_amd64

Affected Resource(s) sbercloud_identity_role_assignment

SberCloud has an API that lets you add roles to group with a "all-project" scope, which is different from a global scope. But when I check out the docs for the sbercloud_identity_role_assignment resource, there's nothing that tells how to actually do it.

image

If it can't be done now, can you change the provider to make it work? It would really help in case with lots of projects. If it can be done, can you guide us how to do it?

Thank you.

Ccaswell42 commented 1 year ago

You can set project_id to all. Like this: 

resource "sbercloud_identity_role_assignment" "role1" {
  role_id    = "c81785187cdc4a3fb799fc035e33776f"
  group_id   = var.group_id
  project_id = "all"
}

We will add this item to the documentation in the next release.

qukly commented 1 year ago

Hi, Thank you for reply, project_id = "all" works like a charm