search

tailscale / terraform-provider-tailscale

Terraform provider for Tailscale
https://registry.terraform.io/providers/tailscale/tailscale
MIT License
255 stars 46 forks source link

Support for ACL grants in acl policy #331

Closed theexiile1305 closed 6 months ago

theexiile1305 commented 6 months ago

Is your feature request related to a problem? Please describe. It's apparently not possible to create acl grants aka the object grants object in the acl policy.

Describe the solution you'd like A way to create the grants obejct in the tailscale_acl ressource.

Additional context In the following example, terraform validate and terrraform plan return the error json: unknown field "grants". (This error may be caused by a new ACL function that is not yet supported by this terraform provider. If you are using a valid ACL field, please raise an issue (https://github.com/tailscale/terraform-provider-tailscale/issues/new/choose)


resource "tailscale_acl" "acl" {
  acl = jsonencode({
      grants : [{
        "src" : ["group:my-team"],
        "dst" : ["tag:k8s-operator"],
        "app" : {
          "tailscale.com/cap/kubernetes" : [{
            "impersonate" : {
              "groups" : ["system:fancy-users"],
            },
          }],
        },
        }
      ]
  })