Docs Home
incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva
incapsula.getAccountPermissions
Explore with Pulumi AI
incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva
A mapping between permission identifiers and “human-readable” permission names. Provides the ability to use the permission display names when creating and modifying user roles.
To get the current list of permission display names in the account, use the /v1/abilities/accounts/{accountId} API found in the v1 section of the Role Management API Definition page.
To access a subset of the permissions from the data source, use the optional filtering.
The filter_by_text argument is case-insensitive. When used, it generates the keys attribute.
The attribute map is always generated and contains all the account permissions (permission DisplayName to permission Key map).
Using the map attribute with an incorrect permission display name will cause the plan step to fail.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as incapsula from "@pulumi/incapsula";
const accountPermissions = incapsula.getAccountPermissions({
accountId: data.incapsula_account_data.account_data.current_account,
});
const role1 = new incapsula.AccountRole("role1", {
accountId: data.incapsula_account_data.account_data.current_account,
description: "Sample Role Description 1",
permissions: [
"canAddSite",
"canEditSite",
accountPermissions.then(accountPermissions => accountPermissions.map?.["View Infra Protect settings"]),
accountPermissions.then(accountPermissions => accountPermissions.map?.["Delete exception from policy"]),
],
});
import pulumi
import pulumi_incapsula as incapsula
account_permissions = incapsula.get_account_permissions(account_id=data["incapsula_account_data"]["account_data"]["current_account"])
role1 = incapsula.AccountRole("role1",
account_id=data["incapsula_account_data"]["account_data"]["current_account"],
description="Sample Role Description 1",
permissions=[
"canAddSite",
"canEditSite",
account_permissions.map["View Infra Protect settings"],
account_permissions.map["Delete exception from policy"],
])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/incapsula/v3/incapsula"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
accountPermissions, err := incapsula.GetAccountPermissions(ctx, &incapsula.GetAccountPermissionsArgs{
AccountId: data.Incapsula_account_data.Account_data.Current_account,
}, nil);
if err != nil {
return err
}
_, err = incapsula.NewAccountRole(ctx, "role1", &incapsula.AccountRoleArgs{
AccountId: pulumi.Any(data.Incapsula_account_data.Account_data.Current_account),
Description: pulumi.String("Sample Role Description 1"),
Permissions: pulumi.StringArray{
pulumi.String("canAddSite"),
pulumi.String("canEditSite"),
pulumi.String(accountPermissions.Map.View Infra Protect settings),
pulumi.String(accountPermissions.Map.Delete exception from policy),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Incapsula = Pulumi.Incapsula;
return await Deployment.RunAsync(() =>
{
var accountPermissions = Incapsula.GetAccountPermissions.Invoke(new()
{
AccountId = data.Incapsula_account_data.Account_data.Current_account,
});
var role1 = new Incapsula.AccountRole("role1", new()
{
AccountId = data.Incapsula_account_data.Account_data.Current_account,
Description = "Sample Role Description 1",
Permissions = new[]
{
"canAddSite",
"canEditSite",
accountPermissions.Apply(getAccountPermissionsResult => getAccountPermissionsResult.Map?.View_Infra_Protect_settings),
accountPermissions.Apply(getAccountPermissionsResult => getAccountPermissionsResult.Map?.Delete_exception_from_policy),
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.incapsula.IncapsulaFunctions;
import com.pulumi.incapsula.inputs.GetAccountPermissionsArgs;
import com.pulumi.incapsula.AccountRole;
import com.pulumi.incapsula.AccountRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var accountPermissions = IncapsulaFunctions.getAccountPermissions(GetAccountPermissionsArgs.builder()
.accountId(data.incapsula_account_data().account_data().current_account())
.build());
var role1 = new AccountRole("role1", AccountRoleArgs.builder()
.accountId(data.incapsula_account_data().account_data().current_account())
.description("Sample Role Description 1")
.permissions(
"canAddSite",
"canEditSite",
accountPermissions.applyValue(getAccountPermissionsResult -> getAccountPermissionsResult.map().View Infra Protect settings()),
accountPermissions.applyValue(getAccountPermissionsResult -> getAccountPermissionsResult.map().Delete exception from policy()))
.build());
}
}
resources:
role1:
type: incapsula:AccountRole
properties:
accountId: ${data.incapsula_account_data.account_data.current_account}
description: Sample Role Description 1
permissions:
- canAddSite
- canEditSite
- ${accountPermissions.map"View Infra Protect settings"[%!s(MISSING)]}
- ${accountPermissions.map"Delete exception from policy"[%!s(MISSING)]}
variables:
accountPermissions:
fn::invoke:
function: incapsula:getAccountPermissions
arguments:
accountId: ${data.incapsula_account_data.account_data.current_account}
In this example, we are using the generated keys attribute filtered by filter_by_text argument.
import * as pulumi from "@pulumi/pulumi";
import * as incapsula from "@pulumi/incapsula";
const accountPermissions = incapsula.getAccountPermissions({
accountId: data.incapsula_account_data.account_data.current_account,
filterByText: "site",
});
const role2 = new incapsula.AccountRole("role2", {
accountId: data.incapsula_account_data.account_data.current_account,
description: "Sample Role Description 2",
permissions: accountPermissions.then(accountPermissions => accountPermissions.keys),
});
import pulumi
import pulumi_incapsula as incapsula
account_permissions = incapsula.get_account_permissions(account_id=data["incapsula_account_data"]["account_data"]["current_account"],
filter_by_text="site")
role2 = incapsula.AccountRole("role2",
account_id=data["incapsula_account_data"]["account_data"]["current_account"],
description="Sample Role Description 2",
permissions=account_permissions.keys)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/incapsula/v3/incapsula"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
accountPermissions, err := incapsula.GetAccountPermissions(ctx, &incapsula.GetAccountPermissionsArgs{
AccountId: data.Incapsula_account_data.Account_data.Current_account,
FilterByText: pulumi.StringRef("site"),
}, nil)
if err != nil {
return err
}
_, err = incapsula.NewAccountRole(ctx, "role2", &incapsula.AccountRoleArgs{
AccountId: pulumi.Any(data.Incapsula_account_data.Account_data.Current_account),
Description: pulumi.String("Sample Role Description 2"),
Permissions: interface{}(accountPermissions.Keys),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Incapsula = Pulumi.Incapsula;
return await Deployment.RunAsync(() =>
{
var accountPermissions = Incapsula.GetAccountPermissions.Invoke(new()
{
AccountId = data.Incapsula_account_data.Account_data.Current_account,
FilterByText = "site",
});
var role2 = new Incapsula.AccountRole("role2", new()
{
AccountId = data.Incapsula_account_data.Account_data.Current_account,
Description = "Sample Role Description 2",
Permissions = accountPermissions.Apply(getAccountPermissionsResult => getAccountPermissionsResult.Keys),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.incapsula.IncapsulaFunctions;
import com.pulumi.incapsula.inputs.GetAccountPermissionsArgs;
import com.pulumi.incapsula.AccountRole;
import com.pulumi.incapsula.AccountRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var accountPermissions = IncapsulaFunctions.getAccountPermissions(GetAccountPermissionsArgs.builder()
.accountId(data.incapsula_account_data().account_data().current_account())
.filterByText("site")
.build());
var role2 = new AccountRole("role2", AccountRoleArgs.builder()
.accountId(data.incapsula_account_data().account_data().current_account())
.description("Sample Role Description 2")
.permissions(accountPermissions.applyValue(getAccountPermissionsResult -> getAccountPermissionsResult.keys()))
.build());
}
}
resources:
role2:
type: incapsula:AccountRole
properties:
accountId: ${data.incapsula_account_data.account_data.current_account}
description: Sample Role Description 2
permissions: ${accountPermissions.keys}
variables:
accountPermissions:
fn::invoke:
function: incapsula:getAccountPermissions
arguments:
accountId: ${data.incapsula_account_data.account_data.current_account}
filterByText: site
Using getAccountPermissions
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAccountPermissions(args: GetAccountPermissionsArgs, opts?: InvokeOptions): Promise<GetAccountPermissionsResult>
function getAccountPermissionsOutput(args: GetAccountPermissionsOutputArgs, opts?: InvokeOptions): Output<GetAccountPermissionsResult>def get_account_permissions(account_id: Optional[float] = None,
filter_by_text: Optional[str] = None,
id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAccountPermissionsResult
def get_account_permissions_output(account_id: Optional[pulumi.Input[float]] = None,
filter_by_text: Optional[pulumi.Input[str]] = None,
id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAccountPermissionsResult]func GetAccountPermissions(ctx *Context, args *GetAccountPermissionsArgs, opts ...InvokeOption) (*GetAccountPermissionsResult, error)
func GetAccountPermissionsOutput(ctx *Context, args *GetAccountPermissionsOutputArgs, opts ...InvokeOption) GetAccountPermissionsResultOutput> Note: This function is named GetAccountPermissions in the Go SDK.
public static class GetAccountPermissions
{
public static Task<GetAccountPermissionsResult> InvokeAsync(GetAccountPermissionsArgs args, InvokeOptions? opts = null)
public static Output<GetAccountPermissionsResult> Invoke(GetAccountPermissionsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetAccountPermissionsResult> getAccountPermissions(GetAccountPermissionsArgs args, InvokeOptions options)
public static Output<GetAccountPermissionsResult> getAccountPermissions(GetAccountPermissionsArgs args, InvokeOptions options)
fn::invoke:
function: incapsula:index/getAccountPermissions:getAccountPermissions
arguments:
# arguments dictionaryThe following arguments are supported:
- Account
Id double - Filter
By stringText - string value - Filter by account permission display names.
- Id string
- Account
Id float64 - Filter
By stringText - string value - Filter by account permission display names.
- Id string
- account
Id Double - filter
By StringText - string value - Filter by account permission display names.
- id String
- account
Id number - filter
By stringText - string value - Filter by account permission display names.
- id string
- account_
id float - filter_
by_ strtext - string value - Filter by account permission display names.
- id str
- account
Id Number - filter
By StringText - string value - Filter by account permission display names.
- id String
getAccountPermissions Result
The following output properties are available:
- Account
Id double - Id string
- Keys List<string>
- List of account permission keys filtered by
filter_by_textargument. - Map Dictionary<string, string>
- Map of all the account permissions where the key is the permission display name and the value is the permission key.
- Filter
By stringText
- Account
Id float64 - Id string
- Keys []string
- List of account permission keys filtered by
filter_by_textargument. - Map map[string]string
- Map of all the account permissions where the key is the permission display name and the value is the permission key.
- Filter
By stringText
- account
Id Double - id String
- keys List<String>
- List of account permission keys filtered by
filter_by_textargument. - map Map<String,String>
- Map of all the account permissions where the key is the permission display name and the value is the permission key.
- filter
By StringText
- account
Id number - id string
- keys string[]
- List of account permission keys filtered by
filter_by_textargument. - map {[key: string]: string}
- Map of all the account permissions where the key is the permission display name and the value is the permission key.
- filter
By stringText
- account_
id float - id str
- keys Sequence[str]
- List of account permission keys filtered by
filter_by_textargument. - map Mapping[str, str]
- Map of all the account permissions where the key is the permission display name and the value is the permission key.
- filter_
by_ strtext
- account
Id Number - id String
- keys List<String>
- List of account permission keys filtered by
filter_by_textargument. - map Map<String>
- Map of all the account permissions where the key is the permission display name and the value is the permission key.
- filter
By StringText
Package Details
- Repository
- incapsula imperva/terraform-provider-incapsula
- License
- Notes
- This Pulumi package is based on the
incapsulaTerraform Provider.
incapsula 3.33.0 published on Wednesday, Apr 30, 2025 by imperva