datadog.getPermissions

Datadog v4.59.0 published on Wednesday, Oct 22, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as datadog from "@pulumi/datadog";

const ddPerms = datadog.getPermissions({});
// Example of using specific permissions to create an API Key Manager role
const apiKeyManager = new datadog.Role("api_key_manager", {
    name: "API Key Manager",
    permissions: [
        {
            id: ddPerms.then(ddPerms => ddPerms.permissions?.apiKeysRead),
        },
        {
            id: ddPerms.then(ddPerms => ddPerms.permissions?.apiKeysWrite),
        },
    ],
});

import pulumi
import pulumi_datadog as datadog

dd_perms = datadog.get_permissions()
# Example of using specific permissions to create an API Key Manager role
api_key_manager = datadog.Role("api_key_manager",
    name="API Key Manager",
    permissions=[
        {
            "id": dd_perms.permissions["apiKeysRead"],
        },
        {
            "id": dd_perms.permissions["apiKeysWrite"],
        },
    ])

package main

import (
	"github.com/pulumi/pulumi-datadog/sdk/v4/go/datadog"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		ddPerms, err := datadog.GetPermissions(ctx, &datadog.GetPermissionsArgs{}, nil)
		if err != nil {
			return err
		}
		// Example of using specific permissions to create an API Key Manager role
		_, err = datadog.NewRole(ctx, "api_key_manager", &datadog.RoleArgs{
			Name: pulumi.String("API Key Manager"),
			Permissions: datadog.RolePermissionArray{
				&datadog.RolePermissionArgs{
					Id: pulumi.String(ddPerms.Permissions.ApiKeysRead),
				},
				&datadog.RolePermissionArgs{
					Id: pulumi.String(ddPerms.Permissions.ApiKeysWrite),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Datadog = Pulumi.Datadog;

return await Deployment.RunAsync(() => 
{
    var ddPerms = Datadog.GetPermissions.Invoke();

    // Example of using specific permissions to create an API Key Manager role
    var apiKeyManager = new Datadog.Role("api_key_manager", new()
    {
        Name = "API Key Manager",
        Permissions = new[]
        {
            new Datadog.Inputs.RolePermissionArgs
            {
                Id = ddPerms.Apply(getPermissionsResult => getPermissionsResult.Permissions?.ApiKeysRead),
            },
            new Datadog.Inputs.RolePermissionArgs
            {
                Id = ddPerms.Apply(getPermissionsResult => getPermissionsResult.Permissions?.ApiKeysWrite),
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.datadog.DatadogFunctions;
import com.pulumi.datadog.inputs.GetPermissionsArgs;
import com.pulumi.datadog.Role;
import com.pulumi.datadog.RoleArgs;
import com.pulumi.datadog.inputs.RolePermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var ddPerms = DatadogFunctions.getPermissions(GetPermissionsArgs.builder()
            .build());

        // Example of using specific permissions to create an API Key Manager role
        var apiKeyManager = new Role("apiKeyManager", RoleArgs.builder()
            .name("API Key Manager")
            .permissions(            
                RolePermissionArgs.builder()
                    .id(ddPerms.permissions().apiKeysRead())
                    .build(),
                RolePermissionArgs.builder()
                    .id(ddPerms.permissions().apiKeysWrite())
                    .build())
            .build());

    }
}

resources:
  # Example of using specific permissions to create an API Key Manager role
  apiKeyManager:
    type: datadog:Role
    name: api_key_manager
    properties:
      name: API Key Manager
      permissions:
        - id: ${ddPerms.permissions.apiKeysRead}
        - id: ${ddPerms.permissions.apiKeysWrite}
variables:
  ddPerms:
    fn::invoke:
      function: datadog:getPermissions
      arguments: {}

Using getPermissions

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getPermissions(args: GetPermissionsArgs, opts?: InvokeOptions): Promise<GetPermissionsResult>
function getPermissionsOutput(args: GetPermissionsOutputArgs, opts?: InvokeOptions): Output<GetPermissionsResult>

def get_permissions(include_restricted: Optional[bool] = None,
                    opts: Optional[InvokeOptions] = None) -> GetPermissionsResult
def get_permissions_output(include_restricted: Optional[pulumi.Input[bool]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetPermissionsResult]

func GetPermissions(ctx *Context, args *GetPermissionsArgs, opts ...InvokeOption) (*GetPermissionsResult, error)
func GetPermissionsOutput(ctx *Context, args *GetPermissionsOutputArgs, opts ...InvokeOption) GetPermissionsResultOutput

> Note: This function is named GetPermissions in the Go SDK.

public static class GetPermissions 
{
    public static Task<GetPermissionsResult> InvokeAsync(GetPermissionsArgs args, InvokeOptions? opts = null)
    public static Output<GetPermissionsResult> Invoke(GetPermissionsInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetPermissionsResult> getPermissions(GetPermissionsArgs args, InvokeOptions options)
public static Output<GetPermissionsResult> getPermissions(GetPermissionsArgs args, InvokeOptions options)

fn::invoke:
  function: datadog:index/getPermissions:getPermissions
  arguments:
    # arguments dictionary

The following arguments are supported:

IncludeRestricted bool: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

IncludeRestricted bool: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

includeRestricted Boolean: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

includeRestricted boolean: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

include_restricted bool: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

includeRestricted Boolean: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

getPermissions Result

The following output properties are available:

Id string: The provider-assigned unique ID for this managed resource.
Permissions Dictionary<string, string>: Map of permissions names to their corresponding ID.
IncludeRestricted bool: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

Id string: The provider-assigned unique ID for this managed resource.
Permissions map[string]string: Map of permissions names to their corresponding ID.
IncludeRestricted bool: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

id String: The provider-assigned unique ID for this managed resource.
permissions Map<String,String>: Map of permissions names to their corresponding ID.
includeRestricted Boolean: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

id string: The provider-assigned unique ID for this managed resource.
permissions {[key: string]: string}: Map of permissions names to their corresponding ID.
includeRestricted boolean: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

id str: The provider-assigned unique ID for this managed resource.
permissions Mapping[str, str]: Map of permissions names to their corresponding ID.
include_restricted bool: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

id String: The provider-assigned unique ID for this managed resource.
permissions Map<String>: Map of permissions names to their corresponding ID.
includeRestricted Boolean: Whether to include restricted permissions. Restricted permissions are granted by default to all users of a Datadog org, and cannot be manually granted or revoked. Defaults to false.

Package Details

Repository: Datadog pulumi/pulumi-datadog
License: Apache-2.0
Notes: This Pulumi package is based on the datadog Terraform Provider.

Datadog v4.59.0 published on Wednesday, Oct 22, 2025 by Pulumi

pulumi/pulumi-datadog

datadog.getPermissions

On this page

On this page

Example Usage

Using getPermissions

getPermissions Result

Package Details

On this page

On this page