Docs Home
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm.getIamAccessGroup
Explore with Pulumi AI
Retrieve information about an IAM Access Group. Access groups can be used to define a set of permissions that you want to grant to a group of users.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const accgroup = ibm.getIamAccessGroup({
accessGroupName: ibm_iam_access_group.accgroup.name,
});
import pulumi
import pulumi_ibm as ibm
accgroup = ibm.get_iam_access_group(access_group_name=ibm_iam_access_group["accgroup"]["name"])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ibm.LookupIamAccessGroup(ctx, &ibm.LookupIamAccessGroupArgs{
AccessGroupName: pulumi.StringRef(ibm_iam_access_group.Accgroup.Name),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var accgroup = Ibm.GetIamAccessGroup.Invoke(new()
{
AccessGroupName = ibm_iam_access_group.Accgroup.Name,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IbmFunctions;
import com.pulumi.ibm.inputs.GetIamAccessGroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var accgroup = IbmFunctions.getIamAccessGroup(GetIamAccessGroupArgs.builder()
.accessGroupName(ibm_iam_access_group.accgroup().name())
.build());
}
}
variables:
accgroup:
fn::invoke:
function: ibm:getIamAccessGroup
arguments:
accessGroupName: ${ibm_iam_access_group.accgroup.name}
Using getIamAccessGroup
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getIamAccessGroup(args: GetIamAccessGroupArgs, opts?: InvokeOptions): Promise<GetIamAccessGroupResult>
function getIamAccessGroupOutput(args: GetIamAccessGroupOutputArgs, opts?: InvokeOptions): Output<GetIamAccessGroupResult>def get_iam_access_group(access_group_name: Optional[str] = None,
id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetIamAccessGroupResult
def get_iam_access_group_output(access_group_name: Optional[pulumi.Input[str]] = None,
id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetIamAccessGroupResult]func LookupIamAccessGroup(ctx *Context, args *LookupIamAccessGroupArgs, opts ...InvokeOption) (*LookupIamAccessGroupResult, error)
func LookupIamAccessGroupOutput(ctx *Context, args *LookupIamAccessGroupOutputArgs, opts ...InvokeOption) LookupIamAccessGroupResultOutput> Note: This function is named LookupIamAccessGroup in the Go SDK.
public static class GetIamAccessGroup
{
public static Task<GetIamAccessGroupResult> InvokeAsync(GetIamAccessGroupArgs args, InvokeOptions? opts = null)
public static Output<GetIamAccessGroupResult> Invoke(GetIamAccessGroupInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetIamAccessGroupResult> getIamAccessGroup(GetIamAccessGroupArgs args, InvokeOptions options)
public static Output<GetIamAccessGroupResult> getIamAccessGroup(GetIamAccessGroupArgs args, InvokeOptions options)
fn::invoke:
function: ibm:index/getIamAccessGroup:getIamAccessGroup
arguments:
# arguments dictionaryThe following arguments are supported:
- Access
Group stringName - The name of the access group that you want to retrieve details for. If no access group is specified, all access groups that exist in the IBM Cloud account are returned.
- Id string
- (String) The ID of the IAM access group.
- Access
Group stringName - The name of the access group that you want to retrieve details for. If no access group is specified, all access groups that exist in the IBM Cloud account are returned.
- Id string
- (String) The ID of the IAM access group.
- access
Group StringName - The name of the access group that you want to retrieve details for. If no access group is specified, all access groups that exist in the IBM Cloud account are returned.
- id String
- (String) The ID of the IAM access group.
- access
Group stringName - The name of the access group that you want to retrieve details for. If no access group is specified, all access groups that exist in the IBM Cloud account are returned.
- id string
- (String) The ID of the IAM access group.
- access_
group_ strname - The name of the access group that you want to retrieve details for. If no access group is specified, all access groups that exist in the IBM Cloud account are returned.
- id str
- (String) The ID of the IAM access group.
- access
Group StringName - The name of the access group that you want to retrieve details for. If no access group is specified, all access groups that exist in the IBM Cloud account are returned.
- id String
- (String) The ID of the IAM access group.
getIamAccessGroup Result
The following output properties are available:
- Groups
List<Get
Iam Access Group Group> - (List) A list of IAM access groups that are set up for an IBM Cloud account.
- Id string
- (String) The ID of the IAM access group.
- Access
Group stringName
- Groups
[]Get
Iam Access Group Group - (List) A list of IAM access groups that are set up for an IBM Cloud account.
- Id string
- (String) The ID of the IAM access group.
- Access
Group stringName
- groups
List<Get
Iam Access Group Group> - (List) A list of IAM access groups that are set up for an IBM Cloud account.
- id String
- (String) The ID of the IAM access group.
- access
Group StringName
- groups
Get
Iam Access Group Group[] - (List) A list of IAM access groups that are set up for an IBM Cloud account.
- id string
- (String) The ID of the IAM access group.
- access
Group stringName
- groups
Sequence[Get
Iam Access Group Group] - (List) A list of IAM access groups that are set up for an IBM Cloud account.
- id str
- (String) The ID of the IAM access group.
- access_
group_ strname
- groups List<Property Map>
- (List) A list of IAM access groups that are set up for an IBM Cloud account.
- id String
- (String) The ID of the IAM access group.
- access
Group StringName
Supporting Types
GetIamAccessGroupGroup
- Crn string
- (String) CRN of the access group
- Description string
- (String) The description of the IAM access group.
- Iam
Profile List<string>Ids - (Array of Strings) A list of trusted profile IDs that belong to the access group.
- Iam
Service List<string>Ids - (Array of Strings) A list of service IDs that belong to the access group.
- Ibm
Ids List<string> - (Array of Strings) A list of IBM ID that belong to the access group.
- Id string
- (String) The ID of the IAM access group.
- Name string
- (String) The name of the dynamic rule.
- Rules
List<Get
Iam Access Group Group Rule> - (List) A list of dynamic rules that are applied to the IAM access group.
- Crn string
- (String) CRN of the access group
- Description string
- (String) The description of the IAM access group.
- Iam
Profile []stringIds - (Array of Strings) A list of trusted profile IDs that belong to the access group.
- Iam
Service []stringIds - (Array of Strings) A list of service IDs that belong to the access group.
- Ibm
Ids []string - (Array of Strings) A list of IBM ID that belong to the access group.
- Id string
- (String) The ID of the IAM access group.
- Name string
- (String) The name of the dynamic rule.
- Rules
[]Get
Iam Access Group Group Rule - (List) A list of dynamic rules that are applied to the IAM access group.
- crn String
- (String) CRN of the access group
- description String
- (String) The description of the IAM access group.
- iam
Profile List<String>Ids - (Array of Strings) A list of trusted profile IDs that belong to the access group.
- iam
Service List<String>Ids - (Array of Strings) A list of service IDs that belong to the access group.
- ibm
Ids List<String> - (Array of Strings) A list of IBM ID that belong to the access group.
- id String
- (String) The ID of the IAM access group.
- name String
- (String) The name of the dynamic rule.
- rules
List<Get
Iam Access Group Group Rule> - (List) A list of dynamic rules that are applied to the IAM access group.
- crn string
- (String) CRN of the access group
- description string
- (String) The description of the IAM access group.
- iam
Profile string[]Ids - (Array of Strings) A list of trusted profile IDs that belong to the access group.
- iam
Service string[]Ids - (Array of Strings) A list of service IDs that belong to the access group.
- ibm
Ids string[] - (Array of Strings) A list of IBM ID that belong to the access group.
- id string
- (String) The ID of the IAM access group.
- name string
- (String) The name of the dynamic rule.
- rules
Get
Iam Access Group Group Rule[] - (List) A list of dynamic rules that are applied to the IAM access group.
- crn str
- (String) CRN of the access group
- description str
- (String) The description of the IAM access group.
- iam_
profile_ Sequence[str]ids - (Array of Strings) A list of trusted profile IDs that belong to the access group.
- iam_
service_ Sequence[str]ids - (Array of Strings) A list of service IDs that belong to the access group.
- ibm_
ids Sequence[str] - (Array of Strings) A list of IBM ID that belong to the access group.
- id str
- (String) The ID of the IAM access group.
- name str
- (String) The name of the dynamic rule.
- rules
Sequence[Get
Iam Access Group Group Rule] - (List) A list of dynamic rules that are applied to the IAM access group.
- crn String
- (String) CRN of the access group
- description String
- (String) The description of the IAM access group.
- iam
Profile List<String>Ids - (Array of Strings) A list of trusted profile IDs that belong to the access group.
- iam
Service List<String>Ids - (Array of Strings) A list of service IDs that belong to the access group.
- ibm
Ids List<String> - (Array of Strings) A list of IBM ID that belong to the access group.
- id String
- (String) The ID of the IAM access group.
- name String
- (String) The name of the dynamic rule.
- rules List<Property Map>
- (List) A list of dynamic rules that are applied to the IAM access group.
GetIamAccessGroupGroupRule
- Conditions
List<Get
Iam Access Group Group Rule Condition> - (List) A list of conditions that the rule must satisfy.
- Expiration double
- (Integer) The number of hours that authenticated users can work in IBM Cloud before they must refresh their access.
- Identity
Provider string - (String) The URI of your identity provider. This is the SAML "entity ID" field, which is sometimes referred to as the issuer ID, for the identity provider as part of the federation configuration for onboarding with IBMID.
- Name string
- (String) The name of the dynamic rule.
- Rule
Id string - (String) The ID of the dynamic rule.
- Conditions
[]Get
Iam Access Group Group Rule Condition - (List) A list of conditions that the rule must satisfy.
- Expiration float64
- (Integer) The number of hours that authenticated users can work in IBM Cloud before they must refresh their access.
- Identity
Provider string - (String) The URI of your identity provider. This is the SAML "entity ID" field, which is sometimes referred to as the issuer ID, for the identity provider as part of the federation configuration for onboarding with IBMID.
- Name string
- (String) The name of the dynamic rule.
- Rule
Id string - (String) The ID of the dynamic rule.
- conditions
List<Get
Iam Access Group Group Rule Condition> - (List) A list of conditions that the rule must satisfy.
- expiration Double
- (Integer) The number of hours that authenticated users can work in IBM Cloud before they must refresh their access.
- identity
Provider String - (String) The URI of your identity provider. This is the SAML "entity ID" field, which is sometimes referred to as the issuer ID, for the identity provider as part of the federation configuration for onboarding with IBMID.
- name String
- (String) The name of the dynamic rule.
- rule
Id String - (String) The ID of the dynamic rule.
- conditions
Get
Iam Access Group Group Rule Condition[] - (List) A list of conditions that the rule must satisfy.
- expiration number
- (Integer) The number of hours that authenticated users can work in IBM Cloud before they must refresh their access.
- identity
Provider string - (String) The URI of your identity provider. This is the SAML "entity ID" field, which is sometimes referred to as the issuer ID, for the identity provider as part of the federation configuration for onboarding with IBMID.
- name string
- (String) The name of the dynamic rule.
- rule
Id string - (String) The ID of the dynamic rule.
- conditions
Sequence[Get
Iam Access Group Group Rule Condition] - (List) A list of conditions that the rule must satisfy.
- expiration float
- (Integer) The number of hours that authenticated users can work in IBM Cloud before they must refresh their access.
- identity_
provider str - (String) The URI of your identity provider. This is the SAML "entity ID" field, which is sometimes referred to as the issuer ID, for the identity provider as part of the federation configuration for onboarding with IBMID.
- name str
- (String) The name of the dynamic rule.
- rule_
id str - (String) The ID of the dynamic rule.
- conditions List<Property Map>
- (List) A list of conditions that the rule must satisfy.
- expiration Number
- (Integer) The number of hours that authenticated users can work in IBM Cloud before they must refresh their access.
- identity
Provider String - (String) The URI of your identity provider. This is the SAML "entity ID" field, which is sometimes referred to as the issuer ID, for the identity provider as part of the federation configuration for onboarding with IBMID.
- name String
- (String) The name of the dynamic rule.
- rule
Id String - (String) The ID of the dynamic rule.
GetIamAccessGroupGroupRuleCondition
- Claim string
- (String) The key value to evaluate the condition against. The key depends on what key-value pairs your identity provider provides. For example, your identity provider might include a key that is named
blueGroupsand that holds all the user groups that have access. To apply a condition for a specific user group within theblueGroupskey, you specifyblueGroupsas your claim and add the value that you are looking for invalue. - Operator string
- (String) The operation to perform on the claim. Supported values are
EQUALS,QUALS_IGNORE_CASE,IN,NOT_EQUALS_IGNORE_CASE,NOT_EQUALS, andCONTAINS. - Value string
- (String) The value that the claim is compared to by using the
operator.
- Claim string
- (String) The key value to evaluate the condition against. The key depends on what key-value pairs your identity provider provides. For example, your identity provider might include a key that is named
blueGroupsand that holds all the user groups that have access. To apply a condition for a specific user group within theblueGroupskey, you specifyblueGroupsas your claim and add the value that you are looking for invalue. - Operator string
- (String) The operation to perform on the claim. Supported values are
EQUALS,QUALS_IGNORE_CASE,IN,NOT_EQUALS_IGNORE_CASE,NOT_EQUALS, andCONTAINS. - Value string
- (String) The value that the claim is compared to by using the
operator.
- claim String
- (String) The key value to evaluate the condition against. The key depends on what key-value pairs your identity provider provides. For example, your identity provider might include a key that is named
blueGroupsand that holds all the user groups that have access. To apply a condition for a specific user group within theblueGroupskey, you specifyblueGroupsas your claim and add the value that you are looking for invalue. - operator String
- (String) The operation to perform on the claim. Supported values are
EQUALS,QUALS_IGNORE_CASE,IN,NOT_EQUALS_IGNORE_CASE,NOT_EQUALS, andCONTAINS. - value String
- (String) The value that the claim is compared to by using the
operator.
- claim string
- (String) The key value to evaluate the condition against. The key depends on what key-value pairs your identity provider provides. For example, your identity provider might include a key that is named
blueGroupsand that holds all the user groups that have access. To apply a condition for a specific user group within theblueGroupskey, you specifyblueGroupsas your claim and add the value that you are looking for invalue. - operator string
- (String) The operation to perform on the claim. Supported values are
EQUALS,QUALS_IGNORE_CASE,IN,NOT_EQUALS_IGNORE_CASE,NOT_EQUALS, andCONTAINS. - value string
- (String) The value that the claim is compared to by using the
operator.
- claim str
- (String) The key value to evaluate the condition against. The key depends on what key-value pairs your identity provider provides. For example, your identity provider might include a key that is named
blueGroupsand that holds all the user groups that have access. To apply a condition for a specific user group within theblueGroupskey, you specifyblueGroupsas your claim and add the value that you are looking for invalue. - operator str
- (String) The operation to perform on the claim. Supported values are
EQUALS,QUALS_IGNORE_CASE,IN,NOT_EQUALS_IGNORE_CASE,NOT_EQUALS, andCONTAINS. - value str
- (String) The value that the claim is compared to by using the
operator.
- claim String
- (String) The key value to evaluate the condition against. The key depends on what key-value pairs your identity provider provides. For example, your identity provider might include a key that is named
blueGroupsand that holds all the user groups that have access. To apply a condition for a specific user group within theblueGroupskey, you specifyblueGroupsas your claim and add the value that you are looking for invalue. - operator String
- (String) The operation to perform on the claim. Supported values are
EQUALS,QUALS_IGNORE_CASE,IN,NOT_EQUALS_IGNORE_CASE,NOT_EQUALS, andCONTAINS. - value String
- (String) The value that the claim is compared to by using the
operator.
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.