Docs Home
hsdp 0.65.3 published on Tuesday, Apr 15, 2025 by philips-software
hsdp.IamGroup
Explore with Pulumi AI
hsdp 0.65.3 published on Tuesday, Apr 15, 2025 by philips-software
Provides a resource for managing HSDP IAM groups
Example Usage
The following example creates a group
import * as pulumi from "@pulumi/pulumi";
import * as hsdp from "@pulumi/hsdp";
const tdrUsers = new hsdp.IamGroup("tdrUsers", {
managingOrganization: hsdp_iam_org.devorg.id,
description: "Group for TDR Users with Contract and Dataitem roles",
roles: [hsdp_iam_role.TDRALL.id],
users: [
hsdp_iam_user.admin.id,
hsdp_iam_user.developer.id,
],
services: [hsdp_iam_service.test.id],
devices: [],
});
import pulumi
import pulumi_hsdp as hsdp
tdr_users = hsdp.IamGroup("tdrUsers",
managing_organization=hsdp_iam_org["devorg"]["id"],
description="Group for TDR Users with Contract and Dataitem roles",
roles=[hsdp_iam_role["TDRALL"]["id"]],
users=[
hsdp_iam_user["admin"]["id"],
hsdp_iam_user["developer"]["id"],
],
services=[hsdp_iam_service["test"]["id"]],
devices=[])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/hsdp/hsdp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := hsdp.NewIamGroup(ctx, "tdrUsers", &hsdp.IamGroupArgs{
ManagingOrganization: pulumi.Any(hsdp_iam_org.Devorg.Id),
Description: pulumi.String("Group for TDR Users with Contract and Dataitem roles"),
Roles: pulumi.StringArray{
hsdp_iam_role.TDRALL.Id,
},
Users: pulumi.StringArray{
hsdp_iam_user.Admin.Id,
hsdp_iam_user.Developer.Id,
},
Services: pulumi.StringArray{
hsdp_iam_service.Test.Id,
},
Devices: pulumi.StringArray{},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Hsdp = Pulumi.Hsdp;
return await Deployment.RunAsync(() =>
{
var tdrUsers = new Hsdp.IamGroup("tdrUsers", new()
{
ManagingOrganization = hsdp_iam_org.Devorg.Id,
Description = "Group for TDR Users with Contract and Dataitem roles",
Roles = new[]
{
hsdp_iam_role.TDRALL.Id,
},
Users = new[]
{
hsdp_iam_user.Admin.Id,
hsdp_iam_user.Developer.Id,
},
Services = new[]
{
hsdp_iam_service.Test.Id,
},
Devices = new[] {},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.hsdp.IamGroup;
import com.pulumi.hsdp.IamGroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var tdrUsers = new IamGroup("tdrUsers", IamGroupArgs.builder()
.managingOrganization(hsdp_iam_org.devorg().id())
.description("Group for TDR Users with Contract and Dataitem roles")
.roles(hsdp_iam_role.TDRALL().id())
.users(
hsdp_iam_user.admin().id(),
hsdp_iam_user.developer().id())
.services(hsdp_iam_service.test().id())
.devices()
.build());
}
}
resources:
tdrUsers:
type: hsdp:IamGroup
properties:
managingOrganization: ${hsdp_iam_org.devorg.id}
description: Group for TDR Users with Contract and Dataitem roles
roles:
- ${hsdp_iam_role.TDRALL.id}
users:
- ${hsdp_iam_user.admin.id}
- ${hsdp_iam_user.developer.id}
services:
- ${hsdp_iam_service.test.id}
devices: []
This assumes a role definition exists:
import * as pulumi from "@pulumi/pulumi";
import * as hsdp from "@pulumi/hsdp";
const tDRALL = new hsdp.IamRole("tDRALL", {
description: "Role for TDR users with ALL access",
permissions: [
"DATAITEM.CREATEONBEHALF",
"DATAITEM.READ",
"DATAITEM.DELETEONBEHALF",
"DATAITEM.DELETE",
"CONTRACT.CREATE",
"DATAITEM.READONBEHALF",
"CONTRACT.READ",
"DATAITEM.CREATE",
],
managingOrganization: hsdp_iam_org.devorg.id,
});
import pulumi
import pulumi_hsdp as hsdp
t_drall = hsdp.IamRole("tDRALL",
description="Role for TDR users with ALL access",
permissions=[
"DATAITEM.CREATEONBEHALF",
"DATAITEM.READ",
"DATAITEM.DELETEONBEHALF",
"DATAITEM.DELETE",
"CONTRACT.CREATE",
"DATAITEM.READONBEHALF",
"CONTRACT.READ",
"DATAITEM.CREATE",
],
managing_organization=hsdp_iam_org["devorg"]["id"])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/hsdp/hsdp"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := hsdp.NewIamRole(ctx, "tDRALL", &hsdp.IamRoleArgs{
Description: pulumi.String("Role for TDR users with ALL access"),
Permissions: pulumi.StringArray{
pulumi.String("DATAITEM.CREATEONBEHALF"),
pulumi.String("DATAITEM.READ"),
pulumi.String("DATAITEM.DELETEONBEHALF"),
pulumi.String("DATAITEM.DELETE"),
pulumi.String("CONTRACT.CREATE"),
pulumi.String("DATAITEM.READONBEHALF"),
pulumi.String("CONTRACT.READ"),
pulumi.String("DATAITEM.CREATE"),
},
ManagingOrganization: pulumi.Any(hsdp_iam_org.Devorg.Id),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Hsdp = Pulumi.Hsdp;
return await Deployment.RunAsync(() =>
{
var tDRALL = new Hsdp.IamRole("tDRALL", new()
{
Description = "Role for TDR users with ALL access",
Permissions = new[]
{
"DATAITEM.CREATEONBEHALF",
"DATAITEM.READ",
"DATAITEM.DELETEONBEHALF",
"DATAITEM.DELETE",
"CONTRACT.CREATE",
"DATAITEM.READONBEHALF",
"CONTRACT.READ",
"DATAITEM.CREATE",
},
ManagingOrganization = hsdp_iam_org.Devorg.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.hsdp.IamRole;
import com.pulumi.hsdp.IamRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var tDRALL = new IamRole("tDRALL", IamRoleArgs.builder()
.description("Role for TDR users with ALL access")
.permissions(
"DATAITEM.CREATEONBEHALF",
"DATAITEM.READ",
"DATAITEM.DELETEONBEHALF",
"DATAITEM.DELETE",
"CONTRACT.CREATE",
"DATAITEM.READONBEHALF",
"CONTRACT.READ",
"DATAITEM.CREATE")
.managingOrganization(hsdp_iam_org.devorg().id())
.build());
}
}
resources:
tDRALL:
type: hsdp:IamRole
properties:
description: Role for TDR users with ALL access
permissions:
- DATAITEM.CREATEONBEHALF
- DATAITEM.READ
- DATAITEM.DELETEONBEHALF
- DATAITEM.DELETE
- CONTRACT.CREATE
- DATAITEM.READONBEHALF
- CONTRACT.READ
- DATAITEM.CREATE
managingOrganization: ${hsdp_iam_org.devorg.id}
Create IamGroup Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IamGroup(name: string, args: IamGroupArgs, opts?: CustomResourceOptions);@overload
def IamGroup(resource_name: str,
args: IamGroupArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IamGroup(resource_name: str,
opts: Optional[ResourceOptions] = None,
managing_organization: Optional[str] = None,
description: Optional[str] = None,
devices: Optional[Sequence[str]] = None,
drift_detection: Optional[bool] = None,
iam_group_id: Optional[str] = None,
name: Optional[str] = None,
roles: Optional[Sequence[str]] = None,
services: Optional[Sequence[str]] = None,
users: Optional[Sequence[str]] = None)func NewIamGroup(ctx *Context, name string, args IamGroupArgs, opts ...ResourceOption) (*IamGroup, error)public IamGroup(string name, IamGroupArgs args, CustomResourceOptions? opts = null)
public IamGroup(String name, IamGroupArgs args)
public IamGroup(String name, IamGroupArgs args, CustomResourceOptions options)
type: hsdp:IamGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IamGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IamGroupArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IamGroupArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IamGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IamGroupArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var iamGroupResource = new Hsdp.IamGroup("iamGroupResource", new()
{
ManagingOrganization = "string",
Description = "string",
Devices = new[]
{
"string",
},
DriftDetection = false,
IamGroupId = "string",
Name = "string",
Roles = new[]
{
"string",
},
Services = new[]
{
"string",
},
Users = new[]
{
"string",
},
});
example, err := hsdp.NewIamGroup(ctx, "iamGroupResource", &hsdp.IamGroupArgs{
ManagingOrganization: pulumi.String("string"),
Description: pulumi.String("string"),
Devices: pulumi.StringArray{
pulumi.String("string"),
},
DriftDetection: pulumi.Bool(false),
IamGroupId: pulumi.String("string"),
Name: pulumi.String("string"),
Roles: pulumi.StringArray{
pulumi.String("string"),
},
Services: pulumi.StringArray{
pulumi.String("string"),
},
Users: pulumi.StringArray{
pulumi.String("string"),
},
})
var iamGroupResource = new IamGroup("iamGroupResource", IamGroupArgs.builder()
.managingOrganization("string")
.description("string")
.devices("string")
.driftDetection(false)
.iamGroupId("string")
.name("string")
.roles("string")
.services("string")
.users("string")
.build());
iam_group_resource = hsdp.IamGroup("iamGroupResource",
managing_organization="string",
description="string",
devices=["string"],
drift_detection=False,
iam_group_id="string",
name="string",
roles=["string"],
services=["string"],
users=["string"])
const iamGroupResource = new hsdp.IamGroup("iamGroupResource", {
managingOrganization: "string",
description: "string",
devices: ["string"],
driftDetection: false,
iamGroupId: "string",
name: "string",
roles: ["string"],
services: ["string"],
users: ["string"],
});
type: hsdp:IamGroup
properties:
description: string
devices:
- string
driftDetection: false
iamGroupId: string
managingOrganization: string
name: string
roles:
- string
services:
- string
users:
- string
IamGroup Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IamGroup resource accepts the following input properties:
- Managing
Organization string - The managing organization ID
- Description string
- The description of the group
- Devices List<string>
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - Drift
Detection bool - Iam
Group stringId - The GUID of the group
- Name string
- The name of the group
- Roles List<string>
- The list of role IDS to assign to this group
- Services List<string>
- The list of service identity IDs to include in this group. See
hsdp.IamService - Users List<string>
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- Managing
Organization string - The managing organization ID
- Description string
- The description of the group
- Devices []string
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - Drift
Detection bool - Iam
Group stringId - The GUID of the group
- Name string
- The name of the group
- Roles []string
- The list of role IDS to assign to this group
- Services []string
- The list of service identity IDs to include in this group. See
hsdp.IamService - Users []string
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- managing
Organization String - The managing organization ID
- description String
- The description of the group
- devices List<String>
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift
Detection Boolean - iam
Group StringId - The GUID of the group
- name String
- The name of the group
- roles List<String>
- The list of role IDS to assign to this group
- services List<String>
- The list of service identity IDs to include in this group. See
hsdp.IamService - users List<String>
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- managing
Organization string - The managing organization ID
- description string
- The description of the group
- devices string[]
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift
Detection boolean - iam
Group stringId - The GUID of the group
- name string
- The name of the group
- roles string[]
- The list of role IDS to assign to this group
- services string[]
- The list of service identity IDs to include in this group. See
hsdp.IamService - users string[]
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- managing_
organization str - The managing organization ID
- description str
- The description of the group
- devices Sequence[str]
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift_
detection bool - iam_
group_ strid - The GUID of the group
- name str
- The name of the group
- roles Sequence[str]
- The list of role IDS to assign to this group
- services Sequence[str]
- The list of service identity IDs to include in this group. See
hsdp.IamService - users Sequence[str]
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- managing
Organization String - The managing organization ID
- description String
- The description of the group
- devices List<String>
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift
Detection Boolean - iam
Group StringId - The GUID of the group
- name String
- The name of the group
- roles List<String>
- The list of role IDS to assign to this group
- services List<String>
- The list of service identity IDs to include in this group. See
hsdp.IamService - users List<String>
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
Outputs
All input properties are implicitly available as output properties. Additionally, the IamGroup resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing IamGroup Resource
Get an existing IamGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IamGroupState, opts?: CustomResourceOptions): IamGroup@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
devices: Optional[Sequence[str]] = None,
drift_detection: Optional[bool] = None,
iam_group_id: Optional[str] = None,
managing_organization: Optional[str] = None,
name: Optional[str] = None,
roles: Optional[Sequence[str]] = None,
services: Optional[Sequence[str]] = None,
users: Optional[Sequence[str]] = None) -> IamGroupfunc GetIamGroup(ctx *Context, name string, id IDInput, state *IamGroupState, opts ...ResourceOption) (*IamGroup, error)public static IamGroup Get(string name, Input<string> id, IamGroupState? state, CustomResourceOptions? opts = null)public static IamGroup get(String name, Output<String> id, IamGroupState state, CustomResourceOptions options)resources: _: type: hsdp:IamGroup get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- The description of the group
- Devices List<string>
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - Drift
Detection bool - Iam
Group stringId - The GUID of the group
- Managing
Organization string - The managing organization ID
- Name string
- The name of the group
- Roles List<string>
- The list of role IDS to assign to this group
- Services List<string>
- The list of service identity IDs to include in this group. See
hsdp.IamService - Users List<string>
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- Description string
- The description of the group
- Devices []string
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - Drift
Detection bool - Iam
Group stringId - The GUID of the group
- Managing
Organization string - The managing organization ID
- Name string
- The name of the group
- Roles []string
- The list of role IDS to assign to this group
- Services []string
- The list of service identity IDs to include in this group. See
hsdp.IamService - Users []string
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- description String
- The description of the group
- devices List<String>
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift
Detection Boolean - iam
Group StringId - The GUID of the group
- managing
Organization String - The managing organization ID
- name String
- The name of the group
- roles List<String>
- The list of role IDS to assign to this group
- services List<String>
- The list of service identity IDs to include in this group. See
hsdp.IamService - users List<String>
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- description string
- The description of the group
- devices string[]
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift
Detection boolean - iam
Group stringId - The GUID of the group
- managing
Organization string - The managing organization ID
- name string
- The name of the group
- roles string[]
- The list of role IDS to assign to this group
- services string[]
- The list of service identity IDs to include in this group. See
hsdp.IamService - users string[]
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- description str
- The description of the group
- devices Sequence[str]
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift_
detection bool - iam_
group_ strid - The GUID of the group
- managing_
organization str - The managing organization ID
- name str
- The name of the group
- roles Sequence[str]
- The list of role IDS to assign to this group
- services Sequence[str]
- The list of service identity IDs to include in this group. See
hsdp.IamService - users Sequence[str]
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
- description String
- The description of the group
- devices List<String>
- The list of IAM device identity IDs to include in this group. See
hsdp.IamDevice - drift
Detection Boolean - iam
Group StringId - The GUID of the group
- managing
Organization String - The managing organization ID
- name String
- The name of the group
- roles List<String>
- The list of role IDS to assign to this group
- services List<String>
- The list of service identity IDs to include in this group. See
hsdp.IamService - users List<String>
- The list of user IDs to include in this group. The provider only manages this list of users. Existing users added by others means to the group by the provider. It is not practical to manage hundreds or thousands of users this way of course.
Import
$ pulumi import hsdp:index/iamGroup:IamGroup An existing group can be imported using `hsdp_iam_group`, e.g.
$ pulumi import hsdp:index/iamGroup:IamGroup mygroup a-guid
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- hsdp philips-software/terraform-provider-hsdp
- License
- Notes
- This Pulumi package is based on the
hsdpTerraform Provider.
hsdp 0.65.3 published on Tuesday, Apr 15, 2025 by philips-software