diff --git a/examples/role/main.tf b/examples/role/main.tf index abddebff..baf765bf 100644 --- a/examples/role/main.tf +++ b/examples/role/main.tf @@ -1,40 +1,49 @@ -resource "dome9_role" "role_rs" { - name = "ROLE_NAME" - description = "ROLE_DESC" - access { - type = "AWS" - main_id = "MAIN_ID" - region = "us_east_1" - security_group_id = "SECURITY_GROUP_ID" - traffic = "All Traffic" - } - access { - type = "OrganizationalUnit" - main_id = "00000000-0000-0000-0000-000000000000" - } - - permit_notifications = false - permit_rulesets = false - permit_policies = false - permit_alert_actions = false - permit_on_boarding = false - create = [] - cross_account_access = [] -} - - -data "dome9_role" "data" { - id = "${dome9_role.role_rs.id}" -} - -output "getId" { - value = "${data.dome9_role.data.id}" -} - -output "getDescription" { - value = "${data.dome9_role.data.description}" -} - -output "getItems" { - value = "${data.dome9_role.data.access}" -} +resource "dome9_role" "role_rs" { + name = "ROLE_NAME" + description = "ROLE_DESC" + access { + type = "AWS" + main_id = "MAIN_ID" + region = "us_east_1" + security_group_id = "SECURITY_GROUP_ID" + traffic = "All Traffic" + } + access { + type = "OrganizationalUnit" + main_id = "00000000-0000-0000-0000-000000000000" + } + + manage { + type = "CodeSecurityResources" + main_id = "Member" + } + + view { + type = "CloudGuardResources" + } + + permit_notifications = false + permit_rulesets = false + permit_policies = false + permit_alert_actions = false + permit_on_boarding = false + create = [] + cross_account_access = [] +} + + +data "dome9_role" "data" { + id = "${dome9_role.role_rs.id}" +} + +output "getId" { + value = "${data.dome9_role.data.id}" +} + +output "getDescription" { + value = "${data.dome9_role.data.description}" +} + +output "getItems" { + value = "${data.dome9_role.data.access}" +} diff --git a/vendor/github.com/dome9/dome9-sdk-go/services/cloudaccounts/azure_org/azure_org.go b/vendor/github.com/dome9/dome9-sdk-go/services/cloudaccounts/azure_org/azure_org.go index 95db8cb4..00bc3cc6 100644 --- a/vendor/github.com/dome9/dome9-sdk-go/services/cloudaccounts/azure_org/azure_org.go +++ b/vendor/github.com/dome9/dome9-sdk-go/services/cloudaccounts/azure_org/azure_org.go @@ -113,7 +113,7 @@ type AzureSimplifiedOnboardingExecCmdRequest struct { func (service *Service) Create(body OnboardingRequest) (*OrganizationManagementViewModel, *http.Response, error) { v := new(OrganizationManagementViewModel) - resp, err := service.Client.NewRequestDo("POST", cloudaccounts.RESTfulServicePathAzureOrgMgmt, nil, body, v) + resp, err := service.Client.NewRequestDoRetry("POST", cloudaccounts.RESTfulServicePathAzureOrgMgmt, nil, body, v, nil) if err != nil { return nil, nil, err } @@ -127,7 +127,7 @@ func (service *Service) UpdateOrganizationManagementAsync(id string, body Onboar } relativeURL := fmt.Sprintf("%s/%s", cloudaccounts.RESTfulServicePathAzureOrgMgmt, id) - resp, err := service.Client.NewRequestDo("PUT", relativeURL, nil, body, nil) + resp, err := service.Client.NewRequestDoRetry("PUT", relativeURL, nil, body, nil, nil) if err != nil { return nil, err } @@ -137,7 +137,7 @@ func (service *Service) UpdateOrganizationManagementAsync(id string, body Onboar func (service *Service) Delete(id string) (*http.Response, error) { relativeURL := fmt.Sprintf("%s/%s", cloudaccounts.RESTfulServicePathAzureOrgMgmt, id) - resp, err := service.Client.NewRequestDo("DELETE", relativeURL, nil, nil, nil) + resp, err := service.Client.NewRequestDoRetry("DELETE", relativeURL, nil, nil, nil, nil) if err != nil { return nil, err } @@ -152,7 +152,7 @@ func (service *Service) Get(id string) (*OrganizationManagementViewModel, *http. v := new(OrganizationManagementViewModel) relativeURL := fmt.Sprintf("%s/%s", cloudaccounts.RESTfulServicePathAzureOrgMgmt, id) - resp, err := service.Client.NewRequestDo("GET", relativeURL, nil, nil, v) + resp, err := service.Client.NewRequestDoRetry("GET", relativeURL, nil, nil, v, nil) if err != nil { return nil, nil, err } @@ -162,7 +162,7 @@ func (service *Service) Get(id string) (*OrganizationManagementViewModel, *http. func (service *Service) GetAll() (*[]OrganizationManagementViewModel, *http.Response, error) { v := new([]OrganizationManagementViewModel) - resp, err := service.Client.NewRequestDo("GET", cloudaccounts.RESTfulServicePathAzureOrgMgmt, nil, nil, v) + resp, err := service.Client.NewRequestDoRetry("GET", cloudaccounts.RESTfulServicePathAzureOrgMgmt, nil, nil, v, nil) if err != nil { return nil, nil, err } @@ -174,7 +174,7 @@ func (service *Service) GenerateOnboardingExecutionCommand(body AzureSimplifiedO v := new(string) relativeURL := fmt.Sprintf("%s/%s", cloudaccounts.RESTfulPathAzure, cloudaccounts.RESTfulServicePathAzureOnboardingExecutionCommand) - resp, err := service.Client.NewRequestDo("POST", relativeURL, nil, body, v) + resp, err := service.Client.NewRequestDoRetry("POST", relativeURL, nil, body, v, nil) if err != nil { return nil, nil, err } diff --git a/website/docs/d/role.html.markdown b/website/docs/d/role.html.markdown index 2c96dfdd..e90d3f3b 100644 --- a/website/docs/d/role.html.markdown +++ b/website/docs/d/role.html.markdown @@ -8,7 +8,7 @@ description: |- # Data Source: dome9_role -Use this data source to get information about a role in Dome9. +Use this data source to get information about a role in CloudGuard. ## Example Usage @@ -29,13 +29,13 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: -* `name` - (Required) Dome9 role name. -* `description` - (Required) Dome9 role description. +* `name` - (Required) CloudGuard role name. +* `description` - (Required) CloudGuard role description. * `permit_rulesets` - Is permitted permit rulesets (Optional) . * `permit_notifications` - Is permitted permit notifications (Optional) . * `permit_policies` - Is permitted permit policies (Optional) . * `permit_alert_actions` - Is permitted permit alert actions (Optional) . -* `permit_on_boarding` - Is permitted permit on boarding (Optional) . +* `permit_on_boarding` - Is permitted permit onboarding (Optional) . * `cross_account_access` - (Optional) Cross account access. * `create` - (Optional) Create permission list. * `access` - (Optional) Access permission list ([SRL](#SRL) Type). @@ -43,8 +43,8 @@ In addition to all arguments above, the following attributes are exported: * `manage` - (Optional) Manage permission list ([SRL](#SRL) Type). ### SRL -* `type` - (Optional) Accepted values: AWS, Azure, GCP, OrganizationalUnit. -* `main_id` - (Optional) Cloud Account or Organizational Unit ID. +* `type` - (Optional) Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources. +* `main_id` - (Optional) Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member). * `region` - (Optional) Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "ap_east_1", "me_south_1", "af_south_1", "eu_south_1", "ap_northeast_3", "me_central_1", "ap_south_2", "ap_southeast_3", "ap_southeast_4", "eu_central_2", "eu_south_2", "il_central_1", "ca_west_1". * `security_group_id` - (Optional) AWS Security Group ID. * `traffic` - (Optional) Accepted values: "All Traffic", "All Services". diff --git a/website/docs/r/role.html.markdown b/website/docs/r/role.html.markdown index 2c12fbd6..548b234b 100644 --- a/website/docs/r/role.html.markdown +++ b/website/docs/r/role.html.markdown @@ -8,7 +8,7 @@ description: |- # dome9_role -The Role resource is used to create and manage Dome9 roles. Roles are used to manage access permissions for Dome9 users. +The Role resource is used to create and manage CloudGuard roles. Roles are used to manage access permissions for CloudGuard users. ## Example Usage @@ -45,13 +45,13 @@ resource "dome9_role" "role_rs" { The following arguments are supported: -* `name` - (Required) Dome9 role name. -* `description` - (Required) Dome9 role description. +* `name` - (Required) CloudGuard role name. +* `description` - (Required) CloudGuard role description. * `permit_rulesets` - Is permitted permit rulesets (Optional) . * `permit_notifications` - Is permitted permit notifications (Optional) . * `permit_policies` - Is permitted permit policies (Optional) . * `permit_alert_actions` - Is permitted permit alert actions (Optional) . -* `permit_on_boarding` - Is permitted permit on boarding (Optional) . +* `permit_on_boarding` - Is permitted permit onboarding (Optional) . * `cross_account_access` - (Optional) Cross account access. * `create` - (Optional) Create permission list. * `access` - (Optional) Access permission list ([SRL](#SRL) Type). @@ -59,8 +59,8 @@ The following arguments are supported: * `manage` - (Optional) Manage permission list ([SRL](#SRL) Type). ### SRL -* `type` - (Optional) Accepted values: AWS, Azure, GCP, OrganizationalUnit. -* `main_id` - (Optional) Cloud Account or Organizational Unit ID. +* `type` - (Optional) Accepted values: AWS, Azure, GCP, OrganizationalUnit, CloudGuardResources, CodeSecurityResources. +* `main_id` - (Optional) Cloud Account, Organizational Unit ID or CodeSecurity Access Level (Admin, Member). * `region` - (Optional) Accepted values: "us_east_1", "us_west_1", "eu_west_1", "ap_southeast_1", "ap_northeast_1", "us_west_2", "sa_east_1", "ap_southeast_2", "eu_central_1", "ap_northeast_2", "ap_south_1", "us_east_2", "ca_central_1", "eu_west_2", "eu_west_3", "eu_north_1", "il_central_1", "ca_west_1". * `security_group_id` - (Optional) AWS Security Group ID. * `traffic` - (Optional) Accepted values: "All Traffic", "All Services".