Docs Home
dome9 1.40.3 published on Monday, Apr 14, 2025 by dome9
dome9.Role
Explore with Pulumi AI
The Role resource is used to create and manage CloudGuard roles. Roles are used to manage access permissions for CloudGuard users.
Example Usage
Basic usage:
import * as pulumi from "@pulumi/pulumi";
import * as dome9 from "@pulumi/dome9";
const roleRs = new dome9.Role("roleRs", {
accesses: [
{
mainId: "MAIN_ID",
region: "us_east_1",
securityGroupId: "SECURITY_GROUP_ID",
traffic: "All Traffic",
type: "AWS",
},
{
mainId: "00000000-0000-0000-0000-000000000000",
type: "OrganizationalUnit",
},
],
creates: [],
crossAccountAccesses: [],
description: "ROLE_DESC",
permitAlertActions: false,
permitNotifications: false,
permitOnBoarding: false,
permitPolicies: false,
permitRulesets: false,
});
import pulumi
import pulumi_dome9 as dome9
role_rs = dome9.Role("roleRs",
accesses=[
{
"main_id": "MAIN_ID",
"region": "us_east_1",
"security_group_id": "SECURITY_GROUP_ID",
"traffic": "All Traffic",
"type": "AWS",
},
{
"main_id": "00000000-0000-0000-0000-000000000000",
"type": "OrganizationalUnit",
},
],
creates=[],
cross_account_accesses=[],
description="ROLE_DESC",
permit_alert_actions=False,
permit_notifications=False,
permit_on_boarding=False,
permit_policies=False,
permit_rulesets=False)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/dome9/dome9"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dome9.NewRole(ctx, "roleRs", &dome9.RoleArgs{
Accesses: dome9.RoleAccessArray{
&dome9.RoleAccessArgs{
MainId: pulumi.String("MAIN_ID"),
Region: pulumi.String("us_east_1"),
SecurityGroupId: pulumi.String("SECURITY_GROUP_ID"),
Traffic: pulumi.String("All Traffic"),
Type: pulumi.String("AWS"),
},
&dome9.RoleAccessArgs{
MainId: pulumi.String("00000000-0000-0000-0000-000000000000"),
Type: pulumi.String("OrganizationalUnit"),
},
},
Creates: pulumi.StringArray{},
CrossAccountAccesses: pulumi.StringArray{},
Description: pulumi.String("ROLE_DESC"),
PermitAlertActions: pulumi.Bool(false),
PermitNotifications: pulumi.Bool(false),
PermitOnBoarding: pulumi.Bool(false),
PermitPolicies: pulumi.Bool(false),
PermitRulesets: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dome9 = Pulumi.Dome9;
return await Deployment.RunAsync(() =>
{
var roleRs = new Dome9.Role("roleRs", new()
{
Accesses = new[]
{
new Dome9.Inputs.RoleAccessArgs
{
MainId = "MAIN_ID",
Region = "us_east_1",
SecurityGroupId = "SECURITY_GROUP_ID",
Traffic = "All Traffic",
Type = "AWS",
},
new Dome9.Inputs.RoleAccessArgs
{
MainId = "00000000-0000-0000-0000-000000000000",
Type = "OrganizationalUnit",
},
},
Creates = new[] {},
CrossAccountAccesses = new[] {},
Description = "ROLE_DESC",
PermitAlertActions = false,
PermitNotifications = false,
PermitOnBoarding = false,
PermitPolicies = false,
PermitRulesets = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dome9.Role;
import com.pulumi.dome9.RoleArgs;
import com.pulumi.dome9.inputs.RoleAccessArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleRs = new Role("roleRs", RoleArgs.builder()
.accesses(
RoleAccessArgs.builder()
.mainId("MAIN_ID")
.region("us_east_1")
.securityGroupId("SECURITY_GROUP_ID")
.traffic("All Traffic")
.type("AWS")
.build(),
RoleAccessArgs.builder()
.mainId("00000000-0000-0000-0000-000000000000")
.type("OrganizationalUnit")
.build())
.creates()
.crossAccountAccesses()
.description("ROLE_DESC")
.permitAlertActions(false)
.permitNotifications(false)
.permitOnBoarding(false)
.permitPolicies(false)
.permitRulesets(false)
.build());
}
}
resources:
roleRs:
type: dome9:Role
properties:
accesses:
- mainId: MAIN_ID
region: us_east_1
securityGroupId: SECURITY_GROUP_ID
traffic: All Traffic
type: AWS
- mainId: 00000000-0000-0000-0000-000000000000
type: OrganizationalUnit
creates: []
crossAccountAccesses: []
description: ROLE_DESC
permitAlertActions: false
permitNotifications: false
permitOnBoarding: false
permitPolicies: false
permitRulesets: false
Granting “view” permissions for All System Resources:
import * as pulumi from "@pulumi/pulumi";
import * as dome9 from "@pulumi/dome9";
const roleRs = new dome9.Role("roleRs", {
description: "ROLE_DESC",
views: [{}],
});
// Grants "view" permissions on All System Resources
import pulumi
import pulumi_dome9 as dome9
role_rs = dome9.Role("roleRs",
description="ROLE_DESC",
views=[{}])
# Grants "view" permissions on All System Resources
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/dome9/dome9"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dome9.NewRole(ctx, "roleRs", &dome9.RoleArgs{
Description: pulumi.String("ROLE_DESC"),
Views: dome9.RoleViewArray{
&dome9.RoleViewArgs{},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dome9 = Pulumi.Dome9;
return await Deployment.RunAsync(() =>
{
var roleRs = new Dome9.Role("roleRs", new()
{
Description = "ROLE_DESC",
Views = new[]
{
null,
},
});
// Grants "view" permissions on All System Resources
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dome9.Role;
import com.pulumi.dome9.RoleArgs;
import com.pulumi.dome9.inputs.RoleViewArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleRs = new Role("roleRs", RoleArgs.builder()
.description("ROLE_DESC")
.views()
.build());
// Grants "view" permissions on All System Resources
}
}
resources:
roleRs:
type: dome9:Role
properties:
description: ROLE_DESC
views:
- {}
Granting “manage” permissions for All System Resources:
import * as pulumi from "@pulumi/pulumi";
import * as dome9 from "@pulumi/dome9";
const roleRs = new dome9.Role("roleRs", {
description: "ROLE_DESC",
manages: [{}],
});
import pulumi
import pulumi_dome9 as dome9
role_rs = dome9.Role("roleRs",
description="ROLE_DESC",
manages=[{}])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/dome9/dome9"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dome9.NewRole(ctx, "roleRs", &dome9.RoleArgs{
Description: pulumi.String("ROLE_DESC"),
Manages: dome9.RoleManageArray{
&dome9.RoleManageArgs{},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dome9 = Pulumi.Dome9;
return await Deployment.RunAsync(() =>
{
var roleRs = new Dome9.Role("roleRs", new()
{
Description = "ROLE_DESC",
Manages = new[]
{
null,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dome9.Role;
import com.pulumi.dome9.RoleArgs;
import com.pulumi.dome9.inputs.RoleManageArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleRs = new Role("roleRs", RoleArgs.builder()
.description("ROLE_DESC")
.manages()
.build());
}
}
resources:
roleRs:
type: dome9:Role
properties:
description: ROLE_DESC
manages:
- {}
Create Role Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Role(name: string, args: RoleArgs, opts?: CustomResourceOptions);@overload
def Role(resource_name: str,
args: RoleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Role(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
permit_alert_actions: Optional[bool] = None,
cross_account_accesses: Optional[Sequence[str]] = None,
creates: Optional[Sequence[str]] = None,
manages: Optional[Sequence[RoleManageArgs]] = None,
name: Optional[str] = None,
accesses: Optional[Sequence[RoleAccessArgs]] = None,
permit_notifications: Optional[bool] = None,
permit_on_boarding: Optional[bool] = None,
permit_policies: Optional[bool] = None,
permit_rulesets: Optional[bool] = None,
role_id: Optional[str] = None,
views: Optional[Sequence[RoleViewArgs]] = None)func NewRole(ctx *Context, name string, args RoleArgs, opts ...ResourceOption) (*Role, error)public Role(string name, RoleArgs args, CustomResourceOptions? opts = null)type: dome9:Role
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var roleResource = new Dome9.Role("roleResource", new()
{
Description = "string",
PermitAlertActions = false,
CrossAccountAccesses = new[]
{
"string",
},
Creates = new[]
{
"string",
},
Manages = new[]
{
new Dome9.Inputs.RoleManageArgs
{
MainId = "string",
Region = "string",
SecurityGroupId = "string",
Traffic = "string",
Type = "string",
},
},
Name = "string",
Accesses = new[]
{
new Dome9.Inputs.RoleAccessArgs
{
MainId = "string",
Region = "string",
SecurityGroupId = "string",
Traffic = "string",
Type = "string",
},
},
PermitNotifications = false,
PermitOnBoarding = false,
PermitPolicies = false,
PermitRulesets = false,
RoleId = "string",
Views = new[]
{
new Dome9.Inputs.RoleViewArgs
{
MainId = "string",
Region = "string",
SecurityGroupId = "string",
Traffic = "string",
Type = "string",
},
},
});
example, err := dome9.NewRole(ctx, "roleResource", &dome9.RoleArgs{
Description: pulumi.String("string"),
PermitAlertActions: pulumi.Bool(false),
CrossAccountAccesses: pulumi.StringArray{
pulumi.String("string"),
},
Creates: pulumi.StringArray{
pulumi.String("string"),
},
Manages: .RoleManageArray{
&.RoleManageArgs{
MainId: pulumi.String("string"),
Region: pulumi.String("string"),
SecurityGroupId: pulumi.String("string"),
Traffic: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
Accesses: .RoleAccessArray{
&.RoleAccessArgs{
MainId: pulumi.String("string"),
Region: pulumi.String("string"),
SecurityGroupId: pulumi.String("string"),
Traffic: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
PermitNotifications: pulumi.Bool(false),
PermitOnBoarding: pulumi.Bool(false),
PermitPolicies: pulumi.Bool(false),
PermitRulesets: pulumi.Bool(false),
RoleId: pulumi.String("string"),
Views: .RoleViewArray{
&.RoleViewArgs{
MainId: pulumi.String("string"),
Region: pulumi.String("string"),
SecurityGroupId: pulumi.String("string"),
Traffic: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
})
var roleResource = new Role("roleResource", RoleArgs.builder()
.description("string")
.permitAlertActions(false)
.crossAccountAccesses("string")
.creates("string")
.manages(RoleManageArgs.builder()
.mainId("string")
.region("string")
.securityGroupId("string")
.traffic("string")
.type("string")
.build())
.name("string")
.accesses(RoleAccessArgs.builder()
.mainId("string")
.region("string")
.securityGroupId("string")
.traffic("string")
.type("string")
.build())
.permitNotifications(false)
.permitOnBoarding(false)
.permitPolicies(false)
.permitRulesets(false)
.roleId("string")
.views(RoleViewArgs.builder()
.mainId("string")
.region("string")
.securityGroupId("string")
.traffic("string")
.type("string")
.build())
.build());
role_resource = dome9.Role("roleResource",
description="string",
permit_alert_actions=False,
cross_account_accesses=["string"],
creates=["string"],
manages=[{
"main_id": "string",
"region": "string",
"security_group_id": "string",
"traffic": "string",
"type": "string",
}],
name="string",
accesses=[{
"main_id": "string",
"region": "string",
"security_group_id": "string",
"traffic": "string",
"type": "string",
}],
permit_notifications=False,
permit_on_boarding=False,
permit_policies=False,
permit_rulesets=False,
role_id="string",
views=[{
"main_id": "string",
"region": "string",
"security_group_id": "string",
"traffic": "string",
"type": "string",
}])
const roleResource = new dome9.Role("roleResource", {
description: "string",
permitAlertActions: false,
crossAccountAccesses: ["string"],
creates: ["string"],
manages: [{
mainId: "string",
region: "string",
securityGroupId: "string",
traffic: "string",
type: "string",
}],
name: "string",
accesses: [{
mainId: "string",
region: "string",
securityGroupId: "string",
traffic: "string",
type: "string",
}],
permitNotifications: false,
permitOnBoarding: false,
permitPolicies: false,
permitRulesets: false,
roleId: "string",
views: [{
mainId: "string",
region: "string",
securityGroupId: "string",
traffic: "string",
type: "string",
}],
});
type: dome9:Role
properties:
accesses:
- mainId: string
region: string
securityGroupId: string
traffic: string
type: string
creates:
- string
crossAccountAccesses:
- string
description: string
manages:
- mainId: string
region: string
securityGroupId: string
traffic: string
type: string
name: string
permitAlertActions: false
permitNotifications: false
permitOnBoarding: false
permitPolicies: false
permitRulesets: false
roleId: string
views:
- mainId: string
region: string
securityGroupId: string
traffic: string
type: string
Role Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Role resource accepts the following input properties:
- Description string
- CloudGuard role description.
- Accesses
List<Role
Access> - Access permission list (SRL Type).
- Creates List<string>
- Create permission list.
- Cross
Account List<string>Accesses - Cross account access.
- Manages
List<Role
Manage> - Manage permission list (SRL Type).
- Name string
- CloudGuard role name.
- Permit
Alert boolActions - Is permitted permit alert actions (Optional) .
- Permit
Notifications bool - Is permitted permit notifications (Optional) .
- Permit
On boolBoarding - Is permitted permit onboarding (Optional) .
- Permit
Policies bool - Is permitted permit policies (Optional) .
- Permit
Rulesets bool - Is permitted permit rulesets (Optional) .
- Role
Id string - Views
List<Role
View> - View permission list (SRL Type).
- Description string
- CloudGuard role description.
- Accesses
[]Role
Access Args - Access permission list (SRL Type).
- Creates []string
- Create permission list.
- Cross
Account []stringAccesses - Cross account access.
- Manages
[]Role
Manage Args - Manage permission list (SRL Type).
- Name string
- CloudGuard role name.
- Permit
Alert boolActions - Is permitted permit alert actions (Optional) .
- Permit
Notifications bool - Is permitted permit notifications (Optional) .
- Permit
On boolBoarding - Is permitted permit onboarding (Optional) .
- Permit
Policies bool - Is permitted permit policies (Optional) .
- Permit
Rulesets bool - Is permitted permit rulesets (Optional) .
- Role
Id string - Views
[]Role
View Args - View permission list (SRL Type).
- description String
- CloudGuard role description.
- accesses
List<Role
Access> - Access permission list (SRL Type).
- creates List<String>
- Create permission list.
- cross
Account List<String>Accesses - Cross account access.
- manages
List<Role
Manage> - Manage permission list (SRL Type).
- name String
- CloudGuard role name.
- permit
Alert BooleanActions - Is permitted permit alert actions (Optional) .
- permit
Notifications Boolean - Is permitted permit notifications (Optional) .
- permit
On BooleanBoarding - Is permitted permit onboarding (Optional) .
- permit
Policies Boolean - Is permitted permit policies (Optional) .
- permit
Rulesets Boolean - Is permitted permit rulesets (Optional) .
- role
Id String - views
List<Role
View> - View permission list (SRL Type).
- description string
- CloudGuard role description.
- accesses
Role
Access[] - Access permission list (SRL Type).
- creates string[]
- Create permission list.
- cross
Account string[]Accesses - Cross account access.
- manages
Role
Manage[] - Manage permission list (SRL Type).
- name string
- CloudGuard role name.
- permit
Alert booleanActions - Is permitted permit alert actions (Optional) .
- permit
Notifications boolean - Is permitted permit notifications (Optional) .
- permit
On booleanBoarding - Is permitted permit onboarding (Optional) .
- permit
Policies boolean - Is permitted permit policies (Optional) .
- permit
Rulesets boolean - Is permitted permit rulesets (Optional) .
- role
Id string - views
Role
View[] - View permission list (SRL Type).
- description str
- CloudGuard role description.
- accesses
Sequence[Role
Access Args] - Access permission list (SRL Type).
- creates Sequence[str]
- Create permission list.
- cross_
account_ Sequence[str]accesses - Cross account access.
- manages
Sequence[Role
Manage Args] - Manage permission list (SRL Type).
- name str
- CloudGuard role name.
- permit_
alert_ boolactions - Is permitted permit alert actions (Optional) .
- permit_
notifications bool - Is permitted permit notifications (Optional) .
- permit_
on_ boolboarding - Is permitted permit onboarding (Optional) .
- permit_
policies bool - Is permitted permit policies (Optional) .
- permit_
rulesets bool - Is permitted permit rulesets (Optional) .
- role_
id str - views
Sequence[Role
View Args] - View permission list (SRL Type).
- description String
- CloudGuard role description.
- accesses List<Property Map>
- Access permission list (SRL Type).
- creates List<String>
- Create permission list.
- cross
Account List<String>Accesses - Cross account access.
- manages List<Property Map>
- Manage permission list (SRL Type).
- name String
- CloudGuard role name.
- permit
Alert BooleanActions - Is permitted permit alert actions (Optional) .
- permit
Notifications Boolean - Is permitted permit notifications (Optional) .
- permit
On BooleanBoarding - Is permitted permit onboarding (Optional) .
- permit
Policies Boolean - Is permitted permit policies (Optional) .
- permit
Rulesets Boolean - Is permitted permit rulesets (Optional) .
- role
Id String - views List<Property Map>
- View permission list (SRL Type).
Outputs
All input properties are implicitly available as output properties. Additionally, the Role resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Role Resource
Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RoleState, opts?: CustomResourceOptions): Role@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
accesses: Optional[Sequence[RoleAccessArgs]] = None,
creates: Optional[Sequence[str]] = None,
cross_account_accesses: Optional[Sequence[str]] = None,
description: Optional[str] = None,
manages: Optional[Sequence[RoleManageArgs]] = None,
name: Optional[str] = None,
permit_alert_actions: Optional[bool] = None,
permit_notifications: Optional[bool] = None,
permit_on_boarding: Optional[bool] = None,
permit_policies: Optional[bool] = None,
permit_rulesets: Optional[bool] = None,
role_id: Optional[str] = None,
views: Optional[Sequence[RoleViewArgs]] = None) -> Rolefunc GetRole(ctx *Context, name string, id IDInput, state *RoleState, opts ...ResourceOption) (*Role, error)public static Role Get(string name, Input<string> id, RoleState? state, CustomResourceOptions? opts = null)public static Role get(String name, Output<String> id, RoleState state, CustomResourceOptions options)resources: _: type: dome9:Role get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Accesses
List<Role
Access> - Access permission list (SRL Type).
- Creates List<string>
- Create permission list.
- Cross
Account List<string>Accesses - Cross account access.
- Description string
- CloudGuard role description.
- Manages
List<Role
Manage> - Manage permission list (SRL Type).
- Name string
- CloudGuard role name.
- Permit
Alert boolActions - Is permitted permit alert actions (Optional) .
- Permit
Notifications bool - Is permitted permit notifications (Optional) .
- Permit
On boolBoarding - Is permitted permit onboarding (Optional) .
- Permit
Policies bool - Is permitted permit policies (Optional) .
- Permit
Rulesets bool - Is permitted permit rulesets (Optional) .
- Role
Id string - Views
List<Role
View> - View permission list (SRL Type).
- Accesses
[]Role
Access Args - Access permission list (SRL Type).
- Creates []string
- Create permission list.
- Cross
Account []stringAccesses - Cross account access.
- Description string
- CloudGuard role description.
- Manages
[]Role
Manage Args - Manage permission list (SRL Type).
- Name string
- CloudGuard role name.
- Permit
Alert boolActions - Is permitted permit alert actions (Optional) .
- Permit
Notifications bool - Is permitted permit notifications (Optional) .
- Permit
On boolBoarding - Is permitted permit onboarding (Optional) .
- Permit
Policies bool - Is permitted permit policies (Optional) .
- Permit
Rulesets bool - Is permitted permit rulesets (Optional) .
- Role
Id string - Views
[]Role
View Args - View permission list (SRL Type).
- accesses
List<Role
Access> - Access permission list (SRL Type).
- creates List<String>
- Create permission list.
- cross
Account List<String>Accesses - Cross account access.
- description String
- CloudGuard role description.
- manages
List<Role
Manage> - Manage permission list (SRL Type).
- name String
- CloudGuard role name.
- permit
Alert BooleanActions - Is permitted permit alert actions (Optional) .
- permit
Notifications Boolean - Is permitted permit notifications (Optional) .
- permit
On BooleanBoarding - Is permitted permit onboarding (Optional) .
- permit
Policies Boolean - Is permitted permit policies (Optional) .
- permit
Rulesets Boolean - Is permitted permit rulesets (Optional) .
- role
Id String - views
List<Role
View> - View permission list (SRL Type).
- accesses
Role
Access[] - Access permission list (SRL Type).
- creates string[]
- Create permission list.
- cross
Account string[]Accesses - Cross account access.
- description string
- CloudGuard role description.
- manages
Role
Manage[] - Manage permission list (SRL Type).
- name string
- CloudGuard role name.
- permit
Alert booleanActions - Is permitted permit alert actions (Optional) .
- permit
Notifications boolean - Is permitted permit notifications (Optional) .
- permit
On booleanBoarding - Is permitted permit onboarding (Optional) .
- permit
Policies boolean - Is permitted permit policies (Optional) .
- permit
Rulesets boolean - Is permitted permit rulesets (Optional) .
- role
Id string - views
Role
View[] - View permission list (SRL Type).
- accesses
Sequence[Role
Access Args] - Access permission list (SRL Type).
- creates Sequence[str]
- Create permission list.
- cross_
account_ Sequence[str]accesses - Cross account access.
- description str
- CloudGuard role description.
- manages
Sequence[Role
Manage Args] - Manage permission list (SRL Type).
- name str
- CloudGuard role name.
- permit_
alert_ boolactions - Is permitted permit alert actions (Optional) .
- permit_
notifications bool - Is permitted permit notifications (Optional) .
- permit_
on_ boolboarding - Is permitted permit onboarding (Optional) .
- permit_
policies bool - Is permitted permit policies (Optional) .
- permit_
rulesets bool - Is permitted permit rulesets (Optional) .
- role_
id str - views
Sequence[Role
View Args] - View permission list (SRL Type).
- accesses List<Property Map>
- Access permission list (SRL Type).
- creates List<String>
- Create permission list.
- cross
Account List<String>Accesses - Cross account access.
- description String
- CloudGuard role description.
- manages List<Property Map>
- Manage permission list (SRL Type).
- name String
- CloudGuard role name.
- permit
Alert BooleanActions - Is permitted permit alert actions (Optional) .
- permit
Notifications Boolean - Is permitted permit notifications (Optional) .
- permit
On BooleanBoarding - Is permitted permit onboarding (Optional) .
- permit
Policies Boolean - Is permitted permit policies (Optional) .
- permit
Rulesets Boolean - Is permitted permit rulesets (Optional) .
- role
Id String - views List<Property Map>
- View permission list (SRL Type).
Supporting Types
RoleAccess, RoleAccessArgs
- Main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- Region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- Security
Group stringId - AWS Security Group ID.
- Traffic string
- Accepted values: "All Traffic", "All Services".
- Type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- Main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- Region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- Security
Group stringId - AWS Security Group ID.
- Traffic string
- Accepted values: "All Traffic", "All Services".
- Type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id String - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region String
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group StringId - AWS Security Group ID.
- traffic String
- Accepted values: "All Traffic", "All Services".
- type String
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group stringId - AWS Security Group ID.
- traffic string
- Accepted values: "All Traffic", "All Services".
- type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main_
id str - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region str
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security_
group_ strid - AWS Security Group ID.
- traffic str
- Accepted values: "All Traffic", "All Services".
- type str
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id String - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region String
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group StringId - AWS Security Group ID.
- traffic String
- Accepted values: "All Traffic", "All Services".
- type String
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
RoleManage, RoleManageArgs
- Main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- Region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- Security
Group stringId - AWS Security Group ID.
- Traffic string
- Accepted values: "All Traffic", "All Services".
- Type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- Main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- Region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- Security
Group stringId - AWS Security Group ID.
- Traffic string
- Accepted values: "All Traffic", "All Services".
- Type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id String - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region String
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group StringId - AWS Security Group ID.
- traffic String
- Accepted values: "All Traffic", "All Services".
- type String
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group stringId - AWS Security Group ID.
- traffic string
- Accepted values: "All Traffic", "All Services".
- type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main_
id str - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region str
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security_
group_ strid - AWS Security Group ID.
- traffic str
- Accepted values: "All Traffic", "All Services".
- type str
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id String - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region String
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group StringId - AWS Security Group ID.
- traffic String
- Accepted values: "All Traffic", "All Services".
- type String
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
RoleView, RoleViewArgs
- Main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- Region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- Security
Group stringId - AWS Security Group ID.
- Traffic string
- Accepted values: "All Traffic", "All Services".
- Type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- Main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- Region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- Security
Group stringId - AWS Security Group ID.
- Traffic string
- Accepted values: "All Traffic", "All Services".
- Type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id String - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region String
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group StringId - AWS Security Group ID.
- traffic String
- Accepted values: "All Traffic", "All Services".
- type String
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id string - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region string
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group stringId - AWS Security Group ID.
- traffic string
- Accepted values: "All Traffic", "All Services".
- type string
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main_
id str - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region str
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security_
group_ strid - AWS Security Group ID.
- traffic str
- Accepted values: "All Traffic", "All Services".
- type str
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
- main
Id String - Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member).
- region String
- Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1".
- security
Group StringId - AWS Security Group ID.
- traffic String
- Accepted values: "All Traffic", "All Services".
- type String
- Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources.
Import
IP role can be imported; use <ROLE ID> as the import ID.
For example:
$ pulumi import dome9:index/role:Role role_rs 00000
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- dome9 dome9/terraform-provider-dome9
- License
- Notes
- This Pulumi package is based on the
dome9Terraform Provider.