prismacloud 1.7.0, Apr 14 25

prismacloud 1.7.0 published on Monday, Apr 14, 2025 by paloaltonetworks

paloaltonetworks/terraform-provider-prismacloud

prismacloud.PermissionGroup

Explore with Pulumi AI

prismacloud 1.7.0 published on Monday, Apr 14, 2025 by paloaltonetworks

paloaltonetworks/terraform-provider-prismacloud

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as prismacloud from "@pulumi/prismacloud";

const example = new prismacloud.PermissionGroup("example", {
    description: "Made by Pulumi",
    features: [{
        featureName: "settingsAuditLogs",
        operations: [{
            read: true,
        }],
    }],
});

import pulumi
import pulumi_prismacloud as prismacloud

example = prismacloud.PermissionGroup("example",
    description="Made by Pulumi",
    features=[{
        "feature_name": "settingsAuditLogs",
        "operations": [{
            "read": True,
        }],
    }])

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/prismacloud/prismacloud"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := prismacloud.NewPermissionGroup(ctx, "example", &prismacloud.PermissionGroupArgs{
			Description: pulumi.String("Made by Pulumi"),
			Features: prismacloud.PermissionGroupFeatureArray{
				&prismacloud.PermissionGroupFeatureArgs{
					FeatureName: pulumi.String("settingsAuditLogs"),
					Operations: prismacloud.PermissionGroupFeatureOperationArray{
						&prismacloud.PermissionGroupFeatureOperationArgs{
							Read: pulumi.Bool(true),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Prismacloud = Pulumi.Prismacloud;

return await Deployment.RunAsync(() => 
{
    var example = new Prismacloud.PermissionGroup("example", new()
    {
        Description = "Made by Pulumi",
        Features = new[]
        {
            new Prismacloud.Inputs.PermissionGroupFeatureArgs
            {
                FeatureName = "settingsAuditLogs",
                Operations = new[]
                {
                    new Prismacloud.Inputs.PermissionGroupFeatureOperationArgs
                    {
                        Read = true,
                    },
                },
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.prismacloud.PermissionGroup;
import com.pulumi.prismacloud.PermissionGroupArgs;
import com.pulumi.prismacloud.inputs.PermissionGroupFeatureArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new PermissionGroup("example", PermissionGroupArgs.builder()
            .description("Made by Pulumi")
            .features(PermissionGroupFeatureArgs.builder()
                .featureName("settingsAuditLogs")
                .operations(PermissionGroupFeatureOperationArgs.builder()
                    .read(true)
                    .build())
                .build())
            .build());

    }
}

resources:
  example:
    type: prismacloud:PermissionGroup
    properties:
      description: Made by Pulumi
      features:
        - featureName: settingsAuditLogs
          operations:
            - read: true

Create PermissionGroup Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PermissionGroup(name: string, args: PermissionGroupArgs, opts?: CustomResourceOptions);

@overload
def PermissionGroup(resource_name: str,
                    args: PermissionGroupArgs,
                    opts: Optional[ResourceOptions] = None)

@overload
def PermissionGroup(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    features: Optional[Sequence[PermissionGroupFeatureArgs]] = None,
                    accept_account_groups: Optional[bool] = None,
                    accept_code_repositories: Optional[bool] = None,
                    accept_resource_lists: Optional[bool] = None,
                    custom: Optional[bool] = None,
                    description: Optional[str] = None,
                    name: Optional[str] = None,
                    permission_group_type: Optional[str] = None)

func NewPermissionGroup(ctx *Context, name string, args PermissionGroupArgs, opts ...ResourceOption) (*PermissionGroup, error)

public PermissionGroup(string name, PermissionGroupArgs args, CustomResourceOptions? opts = null)

public PermissionGroup(String name, PermissionGroupArgs args)
public PermissionGroup(String name, PermissionGroupArgs args, CustomResourceOptions options)

type: prismacloud:PermissionGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PermissionGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PermissionGroupArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PermissionGroupArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PermissionGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PermissionGroupArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var permissionGroupResource = new Prismacloud.PermissionGroup("permissionGroupResource", new()
{
    Features = new[]
    {
        new Prismacloud.Inputs.PermissionGroupFeatureArgs
        {
            FeatureName = "string",
            Operations = new[]
            {
                new Prismacloud.Inputs.PermissionGroupFeatureOperationArgs
                {
                    Create = false,
                    Delete = false,
                    Read = false,
                    Update = false,
                },
            },
        },
    },
    AcceptAccountGroups = false,
    AcceptCodeRepositories = false,
    AcceptResourceLists = false,
    Custom = false,
    Description = "string",
    Name = "string",
    PermissionGroupType = "string",
});

example, err := prismacloud.NewPermissionGroup(ctx, "permissionGroupResource", &prismacloud.PermissionGroupArgs{
	Features: prismacloud.PermissionGroupFeatureArray{
		&prismacloud.PermissionGroupFeatureArgs{
			FeatureName: pulumi.String("string"),
			Operations: prismacloud.PermissionGroupFeatureOperationArray{
				&prismacloud.PermissionGroupFeatureOperationArgs{
					Create: pulumi.Bool(false),
					Delete: pulumi.Bool(false),
					Read:   pulumi.Bool(false),
					Update: pulumi.Bool(false),
				},
			},
		},
	},
	AcceptAccountGroups:    pulumi.Bool(false),
	AcceptCodeRepositories: pulumi.Bool(false),
	AcceptResourceLists:    pulumi.Bool(false),
	Custom:                 pulumi.Bool(false),
	Description:            pulumi.String("string"),
	Name:                   pulumi.String("string"),
	PermissionGroupType:    pulumi.String("string"),
})

var permissionGroupResource = new PermissionGroup("permissionGroupResource", PermissionGroupArgs.builder()
    .features(PermissionGroupFeatureArgs.builder()
        .featureName("string")
        .operations(PermissionGroupFeatureOperationArgs.builder()
            .create(false)
            .delete(false)
            .read(false)
            .update(false)
            .build())
        .build())
    .acceptAccountGroups(false)
    .acceptCodeRepositories(false)
    .acceptResourceLists(false)
    .custom(false)
    .description("string")
    .name("string")
    .permissionGroupType("string")
    .build());

permission_group_resource = prismacloud.PermissionGroup("permissionGroupResource",
    features=[{
        "feature_name": "string",
        "operations": [{
            "create": False,
            "delete": False,
            "read": False,
            "update": False,
        }],
    }],
    accept_account_groups=False,
    accept_code_repositories=False,
    accept_resource_lists=False,
    custom=False,
    description="string",
    name="string",
    permission_group_type="string")

const permissionGroupResource = new prismacloud.PermissionGroup("permissionGroupResource", {
    features: [{
        featureName: "string",
        operations: [{
            create: false,
            "delete": false,
            read: false,
            update: false,
        }],
    }],
    acceptAccountGroups: false,
    acceptCodeRepositories: false,
    acceptResourceLists: false,
    custom: false,
    description: "string",
    name: "string",
    permissionGroupType: "string",
});

type: prismacloud:PermissionGroup
properties:
    acceptAccountGroups: false
    acceptCodeRepositories: false
    acceptResourceLists: false
    custom: false
    description: string
    features:
        - featureName: string
          operations:
            - create: false
              delete: false
              read: false
              update: false
    name: string
    permissionGroupType: string

PermissionGroup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PermissionGroup resource accepts the following input properties:

Features List<PermissionGroupFeature>: Collection of permitted features associated with the role, as defined below.
AcceptAccountGroups bool: Accept account groups.
AcceptCodeRepositories bool: Accept code repositories.
AcceptResourceLists bool: Accept resource lists.
Custom bool: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
Description string: Description.
Name string: Name of the permission group.
PermissionGroupType string: Permission Group type. Valid values are Default, Custom or Internal.

Features []PermissionGroupFeatureArgs: Collection of permitted features associated with the role, as defined below.
AcceptAccountGroups bool: Accept account groups.
AcceptCodeRepositories bool: Accept code repositories.
AcceptResourceLists bool: Accept resource lists.
Custom bool: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
Description string: Description.
Name string: Name of the permission group.
PermissionGroupType string: Permission Group type. Valid values are Default, Custom or Internal.

features List<PermissionGroupFeature>: Collection of permitted features associated with the role, as defined below.
acceptAccountGroups Boolean: Accept account groups.
acceptCodeRepositories Boolean: Accept code repositories.
acceptResourceLists Boolean: Accept resource lists.
custom Boolean: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description String: Description.
name String: Name of the permission group.
permissionGroupType String: Permission Group type. Valid values are Default, Custom or Internal.

features PermissionGroupFeature[]: Collection of permitted features associated with the role, as defined below.
acceptAccountGroups boolean: Accept account groups.
acceptCodeRepositories boolean: Accept code repositories.
acceptResourceLists boolean: Accept resource lists.
custom boolean: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description string: Description.
name string: Name of the permission group.
permissionGroupType string: Permission Group type. Valid values are Default, Custom or Internal.

features Sequence[PermissionGroupFeatureArgs]: Collection of permitted features associated with the role, as defined below.
accept_account_groups bool: Accept account groups.
accept_code_repositories bool: Accept code repositories.
accept_resource_lists bool: Accept resource lists.
custom bool: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description str: Description.
name str: Name of the permission group.
permission_group_type str: Permission Group type. Valid values are Default, Custom or Internal.

features List<Property Map>: Collection of permitted features associated with the role, as defined below.
acceptAccountGroups Boolean: Accept account groups.
acceptCodeRepositories Boolean: Accept code repositories.
acceptResourceLists Boolean: Accept resource lists.
custom Boolean: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description String: Description.
name String: Name of the permission group.
permissionGroupType String: Permission Group type. Valid values are Default, Custom or Internal.

Outputs

All input properties are implicitly available as output properties. Additionally, the PermissionGroup resource produces the following output properties:

AssociatedRoles Dictionary<string, string>: List of associated user roles which cannot exist in the system without the permission group.
Id string: The provider-assigned unique ID for this managed resource.
LastModifiedBy string: Last modified by
LastModifiedTs double: (int) Last modified timestamp.

AssociatedRoles map[string]string: List of associated user roles which cannot exist in the system without the permission group.
Id string: The provider-assigned unique ID for this managed resource.
LastModifiedBy string: Last modified by
LastModifiedTs float64: (int) Last modified timestamp.

associatedRoles Map<String,String>: List of associated user roles which cannot exist in the system without the permission group.
id String: The provider-assigned unique ID for this managed resource.
lastModifiedBy String: Last modified by
lastModifiedTs Double: (int) Last modified timestamp.

associatedRoles {[key: string]: string}: List of associated user roles which cannot exist in the system without the permission group.
id string: The provider-assigned unique ID for this managed resource.
lastModifiedBy string: Last modified by
lastModifiedTs number: (int) Last modified timestamp.

associated_roles Mapping[str, str]: List of associated user roles which cannot exist in the system without the permission group.
id str: The provider-assigned unique ID for this managed resource.
last_modified_by str: Last modified by
last_modified_ts float: (int) Last modified timestamp.

associatedRoles Map<String>: List of associated user roles which cannot exist in the system without the permission group.
id String: The provider-assigned unique ID for this managed resource.
lastModifiedBy String: Last modified by
lastModifiedTs Number: (int) Last modified timestamp.

Look up Existing PermissionGroup Resource

Get an existing PermissionGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PermissionGroupState, opts?: CustomResourceOptions): PermissionGroup

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        accept_account_groups: Optional[bool] = None,
        accept_code_repositories: Optional[bool] = None,
        accept_resource_lists: Optional[bool] = None,
        associated_roles: Optional[Mapping[str, str]] = None,
        custom: Optional[bool] = None,
        description: Optional[str] = None,
        features: Optional[Sequence[PermissionGroupFeatureArgs]] = None,
        last_modified_by: Optional[str] = None,
        last_modified_ts: Optional[float] = None,
        name: Optional[str] = None,
        permission_group_type: Optional[str] = None) -> PermissionGroup

func GetPermissionGroup(ctx *Context, name string, id IDInput, state *PermissionGroupState, opts ...ResourceOption) (*PermissionGroup, error)

public static PermissionGroup Get(string name, Input<string> id, PermissionGroupState? state, CustomResourceOptions? opts = null)

public static PermissionGroup get(String name, Output<String> id, PermissionGroupState state, CustomResourceOptions options)

resources:  _:    type: prismacloud:PermissionGroup    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AcceptAccountGroups bool: Accept account groups.
AcceptCodeRepositories bool: Accept code repositories.
AcceptResourceLists bool: Accept resource lists.
AssociatedRoles Dictionary<string, string>: List of associated user roles which cannot exist in the system without the permission group.
Custom bool: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
Description string: Description.
Features List<PermissionGroupFeature>: Collection of permitted features associated with the role, as defined below.
LastModifiedBy string: Last modified by
LastModifiedTs double: (int) Last modified timestamp.
Name string: Name of the permission group.
PermissionGroupType string: Permission Group type. Valid values are Default, Custom or Internal.

AcceptAccountGroups bool: Accept account groups.
AcceptCodeRepositories bool: Accept code repositories.
AcceptResourceLists bool: Accept resource lists.
AssociatedRoles map[string]string: List of associated user roles which cannot exist in the system without the permission group.
Custom bool: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
Description string: Description.
Features []PermissionGroupFeatureArgs: Collection of permitted features associated with the role, as defined below.
LastModifiedBy string: Last modified by
LastModifiedTs float64: (int) Last modified timestamp.
Name string: Name of the permission group.
PermissionGroupType string: Permission Group type. Valid values are Default, Custom or Internal.

acceptAccountGroups Boolean: Accept account groups.
acceptCodeRepositories Boolean: Accept code repositories.
acceptResourceLists Boolean: Accept resource lists.
associatedRoles Map<String,String>: List of associated user roles which cannot exist in the system without the permission group.
custom Boolean: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description String: Description.
features List<PermissionGroupFeature>: Collection of permitted features associated with the role, as defined below.
lastModifiedBy String: Last modified by
lastModifiedTs Double: (int) Last modified timestamp.
name String: Name of the permission group.
permissionGroupType String: Permission Group type. Valid values are Default, Custom or Internal.

acceptAccountGroups boolean: Accept account groups.
acceptCodeRepositories boolean: Accept code repositories.
acceptResourceLists boolean: Accept resource lists.
associatedRoles {[key: string]: string}: List of associated user roles which cannot exist in the system without the permission group.
custom boolean: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description string: Description.
features PermissionGroupFeature[]: Collection of permitted features associated with the role, as defined below.
lastModifiedBy string: Last modified by
lastModifiedTs number: (int) Last modified timestamp.
name string: Name of the permission group.
permissionGroupType string: Permission Group type. Valid values are Default, Custom or Internal.

accept_account_groups bool: Accept account groups.
accept_code_repositories bool: Accept code repositories.
accept_resource_lists bool: Accept resource lists.
associated_roles Mapping[str, str]: List of associated user roles which cannot exist in the system without the permission group.
custom bool: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description str: Description.
features Sequence[PermissionGroupFeatureArgs]: Collection of permitted features associated with the role, as defined below.
last_modified_by str: Last modified by
last_modified_ts float: (int) Last modified timestamp.
name str: Name of the permission group.
permission_group_type str: Permission Group type. Valid values are Default, Custom or Internal.

acceptAccountGroups Boolean: Accept account groups.
acceptCodeRepositories Boolean: Accept code repositories.
acceptResourceLists Boolean: Accept resource lists.
associatedRoles Map<String>: List of associated user roles which cannot exist in the system without the permission group.
custom Boolean: Boolean value signifying whether this is a custom (i.e. user-defined) permission group.
description String: Description.
features List<Property Map>: Collection of permitted features associated with the role, as defined below.
lastModifiedBy String: Last modified by
lastModifiedTs Number: (int) Last modified timestamp.
name String: Name of the permission group.
permissionGroupType String: Permission Group type. Valid values are Default, Custom or Internal.

Supporting Types

PermissionGroupFeature, PermissionGroupFeatureArgs

FeatureName string: Prisma Cloud Feature Name.
Operations List<PermissionGroupFeatureOperation>: A mapping of operations and a boolean value representing whether the privilege to perform the operation needs to be granted, as defined below.

FeatureName string: Prisma Cloud Feature Name.
Operations []PermissionGroupFeatureOperation: A mapping of operations and a boolean value representing whether the privilege to perform the operation needs to be granted, as defined below.

featureName String: Prisma Cloud Feature Name.
operations List<PermissionGroupFeatureOperation>: A mapping of operations and a boolean value representing whether the privilege to perform the operation needs to be granted, as defined below.

featureName string: Prisma Cloud Feature Name.
operations PermissionGroupFeatureOperation[]: A mapping of operations and a boolean value representing whether the privilege to perform the operation needs to be granted, as defined below.

feature_name str: Prisma Cloud Feature Name.
operations Sequence[PermissionGroupFeatureOperation]: A mapping of operations and a boolean value representing whether the privilege to perform the operation needs to be granted, as defined below.

featureName String: Prisma Cloud Feature Name.
operations List<Property Map>: A mapping of operations and a boolean value representing whether the privilege to perform the operation needs to be granted, as defined below.

PermissionGroupFeatureOperation, PermissionGroupFeatureOperationArgs

Create bool: Create operation.
Delete bool: Delete operation.
Read bool: Read operation.
Update bool: Update operation.

Create bool: Create operation.
Delete bool: Delete operation.
Read bool: Read operation.
Update bool: Update operation.

create Boolean: Create operation.
delete Boolean: Delete operation.
read Boolean: Read operation.
update Boolean: Update operation.

create boolean: Create operation.
delete boolean: Delete operation.
read boolean: Read operation.
update boolean: Update operation.

create bool: Create operation.
delete bool: Delete operation.
read bool: Read operation.
update bool: Update operation.

create Boolean: Create operation.
delete Boolean: Delete operation.
read Boolean: Read operation.
update Boolean: Update operation.

Package Details

Repository: prismacloud paloaltonetworks/terraform-provider-prismacloud
License
Notes: This Pulumi package is based on the prismacloud Terraform Provider.

prismacloud 1.7.0 published on Monday, Apr 14, 2025 by paloaltonetworks

paloaltonetworks/terraform-provider-prismacloud

prismacloud.PermissionGroup

On this page

On this page

Example Usage

Create PermissionGroup Resource

Constructor syntax

Parameters

Constructor example

PermissionGroup Resource Properties

Inputs

Outputs

Look up Existing PermissionGroup Resource

Supporting Types

PermissionGroupFeature, PermissionGroupFeatureArgs

PermissionGroupFeatureOperation, PermissionGroupFeatureOperationArgs

Package Details

On this page

On this page