SumoLogic

Pulumi Official
Package maintained by Pulumi
v0.6.0 published on Thursday, Apr 7, 2022 by Pulumi

ContentPermission

Provides a way to configure permissions on a content to share it with a user, a role, or the entire org. You can read more here.

There are three permission levels View, Edit and Manage. You can read more about different levels here.

When you add a new permission to a content, all the lower level permissions are added by default. For example, giving a user “Manage” permission on a content, implicitly gives them “Edit” and “View” permissions on the content. Due to this behavior, when you add a higher level permission, you must also add all the lower level permissions. For example, when you give a user “Edit” permission via the resource, you must give them “View” permission otherwise state and configuration will be out of sync.

Example Usage

using System.Collections.Generic;
using System.Text.Json;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;

class MyStack : Stack
{
    public MyStack()
    {
        var personalFolder = Output.Create(SumoLogic.GetPersonalFolder.InvokeAsync());
        var permissionTestContent = new SumoLogic.Content("permissionTestContent", new SumoLogic.ContentArgs
        {
            ParentId = personalFolder.Apply(personalFolder => personalFolder.Id),
            Config = JsonSerializer.Serialize(new Dictionary<string, object?>
            {
                { "type", "FolderSyncDefinition" },
                { "name", "test_permission_resource_folder" },
                { "description", "" },
                { "children", new[]
                    {
                    }
                 },
            }),
        });
        var role = Output.Create(SumoLogic.GetRole.InvokeAsync(new SumoLogic.GetRoleArgs
        {
            Name = "test_role",
        }));
        var user = Output.Create(SumoLogic.GetUser.InvokeAsync(new SumoLogic.GetUserArgs
        {
            Email = "user@example.com",
        }));
        // Grant user `user@example.com` "Manage" permission and role `test_role`
        // "View" permission on the folder `test_permission_resource_folder`.
        var contentPermissionTest = new SumoLogic.ContentPermission("contentPermissionTest", new SumoLogic.ContentPermissionArgs
        {
            ContentId = permissionTestContent.Id,
            NotifyRecipient = true,
            NotificationMessage = "You now have the permission to access this content",
            Permissions = 
            {
                new SumoLogic.Inputs.ContentPermissionPermissionArgs
                {
                    PermissionName = "View",
                    SourceType = "role",
                    SourceId = role.Apply(role => role.Id),
                },
                new SumoLogic.Inputs.ContentPermissionPermissionArgs
                {
                    PermissionName = "View",
                    SourceType = "user",
                    SourceId = user.Apply(user => user.Id),
                },
                new SumoLogic.Inputs.ContentPermissionPermissionArgs
                {
                    PermissionName = "Edit",
                    SourceType = "user",
                    SourceId = user.Apply(user => user.Id),
                },
                new SumoLogic.Inputs.ContentPermissionPermissionArgs
                {
                    PermissionName = "Manage",
                    SourceType = "user",
                    SourceId = user.Apply(user => user.Id),
                },
            },
        });
    }

}
package main

import (
	"encoding/json"

	"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		personalFolder, err := sumologic.GetPersonalFolder(ctx, nil, nil)
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"type":        "FolderSyncDefinition",
			"name":        "test_permission_resource_folder",
			"description": "",
			"children":    []interface{}{},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		permissionTestContent, err := sumologic.NewContent(ctx, "permissionTestContent", &sumologic.ContentArgs{
			ParentId: pulumi.String(personalFolder.Id),
			Config:   pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		role, err := sumologic.LookupRole(ctx, &GetRoleArgs{
			Name: pulumi.StringRef("test_role"),
		}, nil)
		if err != nil {
			return err
		}
		user, err := sumologic.LookupUser(ctx, &GetUserArgs{
			Email: pulumi.StringRef("user@example.com"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = sumologic.NewContentPermission(ctx, "contentPermissionTest", &sumologic.ContentPermissionArgs{
			ContentId:           permissionTestContent.ID(),
			NotifyRecipient:     pulumi.Bool(true),
			NotificationMessage: pulumi.String("You now have the permission to access this content"),
			Permissions: ContentPermissionPermissionArray{
				&ContentPermissionPermissionArgs{
					PermissionName: pulumi.String("View"),
					SourceType:     pulumi.String("role"),
					SourceId:       pulumi.String(role.Id),
				},
				&ContentPermissionPermissionArgs{
					PermissionName: pulumi.String("View"),
					SourceType:     pulumi.String("user"),
					SourceId:       pulumi.String(user.Id),
				},
				&ContentPermissionPermissionArgs{
					PermissionName: pulumi.String("Edit"),
					SourceType:     pulumi.String("user"),
					SourceId:       pulumi.String(user.Id),
				},
				&ContentPermissionPermissionArgs{
					PermissionName: pulumi.String("Manage"),
					SourceType:     pulumi.String("user"),
					SourceId:       pulumi.String(user.Id),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import pulumi
import json
import pulumi_sumologic as sumologic

personal_folder = sumologic.get_personal_folder()
permission_test_content = sumologic.Content("permissionTestContent",
    parent_id=personal_folder.id,
    config=json.dumps({
        "type": "FolderSyncDefinition",
        "name": "test_permission_resource_folder",
        "description": "",
        "children": [],
    }))
role = sumologic.get_role(name="test_role")
user = sumologic.get_user(email="user@example.com")
# Grant user `user@example.com` "Manage" permission and role `test_role`
# "View" permission on the folder `test_permission_resource_folder`.
content_permission_test = sumologic.ContentPermission("contentPermissionTest",
    content_id=permission_test_content.id,
    notify_recipient=True,
    notification_message="You now have the permission to access this content",
    permissions=[
        sumologic.ContentPermissionPermissionArgs(
            permission_name="View",
            source_type="role",
            source_id=role.id,
        ),
        sumologic.ContentPermissionPermissionArgs(
            permission_name="View",
            source_type="user",
            source_id=user.id,
        ),
        sumologic.ContentPermissionPermissionArgs(
            permission_name="Edit",
            source_type="user",
            source_id=user.id,
        ),
        sumologic.ContentPermissionPermissionArgs(
            permission_name="Manage",
            source_type="user",
            source_id=user.id,
        ),
    ])
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";

const personalFolder = sumologic.getPersonalFolder({});
const permissionTestContent = new sumologic.Content("permissionTestContent", {
    parentId: personalFolder.then(personalFolder => personalFolder.id),
    config: JSON.stringify({
        type: "FolderSyncDefinition",
        name: "test_permission_resource_folder",
        description: "",
        children: [],
    }),
});
const role = sumologic.getRole({
    name: "test_role",
});
const user = sumologic.getUser({
    email: "user@example.com",
});
// Grant user `user@example.com` "Manage" permission and role `test_role`
// "View" permission on the folder `test_permission_resource_folder`.
const contentPermissionTest = new sumologic.ContentPermission("contentPermissionTest", {
    contentId: permissionTestContent.id,
    notifyRecipient: true,
    notificationMessage: "You now have the permission to access this content",
    permissions: [
        {
            permissionName: "View",
            sourceType: "role",
            sourceId: role.then(role => role.id),
        },
        {
            permissionName: "View",
            sourceType: "user",
            sourceId: user.then(user => user.id),
        },
        {
            permissionName: "Edit",
            sourceType: "user",
            sourceId: user.then(user => user.id),
        },
        {
            permissionName: "Manage",
            sourceType: "user",
            sourceId: user.then(user => user.id),
        },
    ],
});

Coming soon!

Create a ContentPermission Resource

new ContentPermission(name: string, args: ContentPermissionArgs, opts?: CustomResourceOptions);
@overload
def ContentPermission(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      content_id: Optional[str] = None,
                      notification_message: Optional[str] = None,
                      notify_recipient: Optional[bool] = None,
                      permissions: Optional[Sequence[ContentPermissionPermissionArgs]] = None)
@overload
def ContentPermission(resource_name: str,
                      args: ContentPermissionArgs,
                      opts: Optional[ResourceOptions] = None)
func NewContentPermission(ctx *Context, name string, args ContentPermissionArgs, opts ...ResourceOption) (*ContentPermission, error)
public ContentPermission(string name, ContentPermissionArgs args, CustomResourceOptions? opts = null)
public ContentPermission(String name, ContentPermissionArgs args)
public ContentPermission(String name, ContentPermissionArgs args, CustomResourceOptions options)
type: sumologic:ContentPermission
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ContentPermissionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ContentPermissionArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ContentPermissionArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ContentPermissionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ContentPermissionArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ContentPermission Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ContentPermission resource accepts the following input properties:

ContentId string

The identifier of the content item for which you want to update permissions.

NotifyRecipient bool

Boolean value. Set it to "true" to notify the recipients by email.

Permissions List<Pulumi.SumoLogic.Inputs.ContentPermissionPermissionArgs>

Permission block defining permission on the content. See permission schema for details.

NotificationMessage string

The notification message to send to the users.

ContentId string

The identifier of the content item for which you want to update permissions.

NotifyRecipient bool

Boolean value. Set it to "true" to notify the recipients by email.

Permissions []ContentPermissionPermissionArgs

Permission block defining permission on the content. See permission schema for details.

NotificationMessage string

The notification message to send to the users.

contentId String

The identifier of the content item for which you want to update permissions.

notifyRecipient Boolean

Boolean value. Set it to "true" to notify the recipients by email.

permissions ListPermissionPermissionArgs>

Permission block defining permission on the content. See permission schema for details.

notificationMessage String

The notification message to send to the users.

contentId string

The identifier of the content item for which you want to update permissions.

notifyRecipient boolean

Boolean value. Set it to "true" to notify the recipients by email.

permissions ContentPermissionPermissionArgs[]

Permission block defining permission on the content. See permission schema for details.

notificationMessage string

The notification message to send to the users.

content_id str

The identifier of the content item for which you want to update permissions.

notify_recipient bool

Boolean value. Set it to "true" to notify the recipients by email.

permissions Sequence[ContentPermissionPermissionArgs]

Permission block defining permission on the content. See permission schema for details.

notification_message str

The notification message to send to the users.

contentId String

The identifier of the content item for which you want to update permissions.

notifyRecipient Boolean

Boolean value. Set it to "true" to notify the recipients by email.

permissions List

Permission block defining permission on the content. See permission schema for details.

notificationMessage String

The notification message to send to the users.

Outputs

All input properties are implicitly available as output properties. Additionally, the ContentPermission resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up an Existing ContentPermission Resource

Get an existing ContentPermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ContentPermissionState, opts?: CustomResourceOptions): ContentPermission
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        content_id: Optional[str] = None,
        notification_message: Optional[str] = None,
        notify_recipient: Optional[bool] = None,
        permissions: Optional[Sequence[ContentPermissionPermissionArgs]] = None) -> ContentPermission
func GetContentPermission(ctx *Context, name string, id IDInput, state *ContentPermissionState, opts ...ResourceOption) (*ContentPermission, error)
public static ContentPermission Get(string name, Input<string> id, ContentPermissionState? state, CustomResourceOptions? opts = null)
public static ContentPermission get(String name, Output<String> id, ContentPermissionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
ContentId string

The identifier of the content item for which you want to update permissions.

NotificationMessage string

The notification message to send to the users.

NotifyRecipient bool

Boolean value. Set it to "true" to notify the recipients by email.

Permissions List<Pulumi.SumoLogic.Inputs.ContentPermissionPermissionArgs>

Permission block defining permission on the content. See permission schema for details.

ContentId string

The identifier of the content item for which you want to update permissions.

NotificationMessage string

The notification message to send to the users.

NotifyRecipient bool

Boolean value. Set it to "true" to notify the recipients by email.

Permissions []ContentPermissionPermissionArgs

Permission block defining permission on the content. See permission schema for details.

contentId String

The identifier of the content item for which you want to update permissions.

notificationMessage String

The notification message to send to the users.

notifyRecipient Boolean

Boolean value. Set it to "true" to notify the recipients by email.

permissions ListPermissionPermissionArgs>

Permission block defining permission on the content. See permission schema for details.

contentId string

The identifier of the content item for which you want to update permissions.

notificationMessage string

The notification message to send to the users.

notifyRecipient boolean

Boolean value. Set it to "true" to notify the recipients by email.

permissions ContentPermissionPermissionArgs[]

Permission block defining permission on the content. See permission schema for details.

content_id str

The identifier of the content item for which you want to update permissions.

notification_message str

The notification message to send to the users.

notify_recipient bool

Boolean value. Set it to "true" to notify the recipients by email.

permissions Sequence[ContentPermissionPermissionArgs]

Permission block defining permission on the content. See permission schema for details.

contentId String

The identifier of the content item for which you want to update permissions.

notificationMessage String

The notification message to send to the users.

notifyRecipient Boolean

Boolean value. Set it to "true" to notify the recipients by email.

permissions List

Permission block defining permission on the content. See permission schema for details.

Supporting Types

ContentPermissionPermission

PermissionName string

Content permission name. Valid values are View, GrantView, Edit, GrantEdit, Manage, and GrantManage. You can read more about permission levels here.

SourceId string

An identifier that belongs to the source type chosen above. For example, if the sourceType is set to user, sourceId should be identifier of the user you want to share content with (same goes for role and org source type).

SourceType string

Type of source for the permission. Valid values are user, role, and org.

PermissionName string

Content permission name. Valid values are View, GrantView, Edit, GrantEdit, Manage, and GrantManage. You can read more about permission levels here.

SourceId string

An identifier that belongs to the source type chosen above. For example, if the sourceType is set to user, sourceId should be identifier of the user you want to share content with (same goes for role and org source type).

SourceType string

Type of source for the permission. Valid values are user, role, and org.

permissionName String

Content permission name. Valid values are View, GrantView, Edit, GrantEdit, Manage, and GrantManage. You can read more about permission levels here.

sourceId String

An identifier that belongs to the source type chosen above. For example, if the sourceType is set to user, sourceId should be identifier of the user you want to share content with (same goes for role and org source type).

sourceType String

Type of source for the permission. Valid values are user, role, and org.

permissionName string

Content permission name. Valid values are View, GrantView, Edit, GrantEdit, Manage, and GrantManage. You can read more about permission levels here.

sourceId string

An identifier that belongs to the source type chosen above. For example, if the sourceType is set to user, sourceId should be identifier of the user you want to share content with (same goes for role and org source type).

sourceType string

Type of source for the permission. Valid values are user, role, and org.

permission_name str

Content permission name. Valid values are View, GrantView, Edit, GrantEdit, Manage, and GrantManage. You can read more about permission levels here.

source_id str

An identifier that belongs to the source type chosen above. For example, if the sourceType is set to user, sourceId should be identifier of the user you want to share content with (same goes for role and org source type).

source_type str

Type of source for the permission. Valid values are user, role, and org.

permissionName String

Content permission name. Valid values are View, GrantView, Edit, GrantEdit, Manage, and GrantManage. You can read more about permission levels here.

sourceId String

An identifier that belongs to the source type chosen above. For example, if the sourceType is set to user, sourceId should be identifier of the user you want to share content with (same goes for role and org source type).

sourceType String

Type of source for the permission. Valid values are user, role, and org.

Import

Permisions on a content item can be imported using the content identifier, e.g.hcl // import permissions for content item with identifier = 0000000008E0183E

 $ pulumi import sumologic:index/contentPermission:ContentPermission dashboard_permission_import 0000000008E0183E

Package Details

Repository
https://github.com/pulumi/pulumi-sumologic
License
Apache-2.0
Notes

This Pulumi package is based on the sumologic Terraform Provider.