| page_title | subcategory | description |
|---|---|---|
Resource hcp_project_iam_policy - terraform-provider-hcp |
Cloud Platform |
Sets the project's IAM policy and replaces any existing policy. |
!> Be Careful! You can accidentally lock yourself out of your project using
this resource. Deleting a hcp_project_iam_policy removes access from anyone
without organization-level access to the project. It is not recommended to use
hcp_project_iam_policy with your provider project to avoid locking yourself out,
and it should generally only be used with projects fully managed by Terraform.
If you are trying to additively give permissions to the project, prefer using
hcp_project_iam_binding. If you do use this resource, it is recommended to
import the policy before applying the change.
Sets the project's IAM policy and replaces any existing policy.
~> Note: hcp_project_iam_policy can not be used in conjunction with
hcp_project_iam_binding.
data "hcp_iam_policy" "example" {
bindings = [
{
role = "roles/contributor"
principals = [
"example-user-id-1",
"example-group-id-1",
"example-sp-1"
]
},
]
}
resource "hcp_project" "my_project" {
name = "example"
}
resource "hcp_project_iam_policy" "project_policy" {
project_id = hcp_project.my_project.resource_id
policy_data = data.hcp_iam_policy.example.policy_data
}policy_data(String) The policy to apply.
project_id(String) The ID of the HCP project to apply the IAM Policy to. If unspecified, the project configured on the provider is used.
etag(String) The etag captures the existing state of the policy.
Import is supported using the following syntax:
# Project IAM Policy can be imported by specifying the project id
terraform import hcp_project_iam_policy.example 840e3701-55b6-4f86-8c17-b1fe397303c5