Skip to content

Commit

Permalink
(GH-919) Update role permission and permissions documentation (#963)
Browse files Browse the repository at this point in the history 
* (GH-919) Update role permission and permissions documentation

* resolved issues
  • Loading branch information
@developerkunal
developerkunal authored May 27, 2024
1 parent 525eba1 commit 236d388
Show file tree
Hide file tree
Showing 6 changed files with 191 additions and 1 deletion.
54 changes: 54 additions & 0 deletions docs/resources/role_permission.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,50 @@ With this resource, you can manage role permissions (1-1).
permissions assigned to a role. To avoid potential issues, it is recommended not to use this resource in conjunction
with the `auth0_role_permissions` resource when managing permissions for the same role id.

## Example Usage

```terraform
# Example:
resource "auth0_resource_server" "resource_server" {
name = "test"
identifier = "test.example.com"
}
resource "auth0_resource_server_scopes" "resource_server_scopes" {
resource_server_identifier = auth0_resource_server.resource_server.identifier
scopes {
name = "store:create"
}
scopes {
name = "store:read"
}
scopes {
name = "store:update"
}
scopes {
name = "store:delete"
}
}
resource "auth0_role" "my_role" {
name = "My Role"
}
locals {
scopesList = [
for scope in auth0_resource_server_scopes.resource_server_scopes.scopes : scope.name
]
}
resource "auth0_role_permission" "my_role_perm" {
for_each = toset(local.scopesList)
role_id = auth0_role.my_role.id
resource_server_identifier = auth0_resource_server.resource_server.identifier
permission = each.value
}
```

<!-- schema generated by tfplugindocs -->
## Schema
Expand All @@ -29,4 +72,15 @@ with the `auth0_role_permissions` resource when managing permissions for the sam
- `id` (String) The ID of this resource.
- `resource_server_name` (String) Name of the resource server that the permission is associated with.

## Import

Import is supported using the following syntax:

```shell
# This resource can be imported by specifying the
# role ID, resource identifier, and permission name separated by "::" (note the double colon)
# <roleID>::<resourceServerIdentifier>::<permission>
#
# Example:
terraform import auth0_role_permission.permission "rol_XXXXXXXXXXXXX::https://example.com::read:foo"
```
51 changes: 50 additions & 1 deletion docs/resources/role_permissions.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,47 @@ With this resource, you can manage role permissions (1-many).
appends a permission to a role. To avoid potential issues, it is recommended not to use this resource in conjunction
with the `auth0_role_permission` resource when managing permissions for the same role id.


## Example Usage

```terraform
# Example:
resource "auth0_resource_server" "resource_server" {
name = "test"
identifier = "test.example.com"
}
resource "auth0_resource_server_scopes" "resource_server_scopes" {
resource_server_identifier = auth0_resource_server.resource_server.identifier
scopes {
name = "store:create"
}
scopes {
name = "store:read"
}
scopes {
name = "store:update"
}
scopes {
name = "store:delete"
}
}
resource "auth0_role" "my_role" {
name = "My Role"
}
resource "auth0_role_permissions" "my_role_perms" {
role_id = auth0_role.my_role.id
dynamic "permissions" {
for_each = auth0_resource_server_scopes.resource_server_scopes.scopes
content {
name = permissions.value.name
resource_server_identifier = auth0_resource_server.resource_server.identifier
}
}
}
```

<!-- schema generated by tfplugindocs -->
## Schema
Expand All @@ -39,4 +79,13 @@ Read-Only:
- `description` (String) Description of the permission.
- `resource_server_name` (String) Name of resource server that the permission is associated with.

## Import

Import is supported using the following syntax:

```shell
# This resource can be imported by specifying the role ID
#
# Example:
terraform import auth0_role_permissions.all_role_permissions "rol_XXXXXXXXXXXX"
```
6 changes: 6 additions & 0 deletions examples/resources/auth0_role_permission/import.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# This resource can be imported by specifying the
# role ID, resource identifier, and permission name separated by "::" (note the double colon)
# <roleID>::<resourceServerIdentifier>::<permission>
#
# Example:
terraform import auth0_role_permission.permission "rol_XXXXXXXXXXXXX::https://example.com::read:foo"
40 changes: 40 additions & 0 deletions examples/resources/auth0_role_permission/resource.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# Example:
resource "auth0_resource_server" "resource_server" {
name = "test"
identifier = "test.example.com"
}

resource "auth0_resource_server_scopes" "resource_server_scopes" {
resource_server_identifier = auth0_resource_server.resource_server.identifier

scopes {
name = "store:create"
}
scopes {
name = "store:read"
}
scopes {
name = "store:update"
}
scopes {
name = "store:delete"
}
}

resource "auth0_role" "my_role" {
name = "My Role"
}

locals {
scopesList = [
for scope in auth0_resource_server_scopes.resource_server_scopes.scopes : scope.name
]
}

resource "auth0_role_permission" "my_role_perm" {
for_each = toset(local.scopesList)

role_id = auth0_role.my_role.id
resource_server_identifier = auth0_resource_server.resource_server.identifier
permission = each.value
}
4 changes: 4 additions & 0 deletions examples/resources/auth0_role_permissions/import.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# This resource can be imported by specifying the role ID
#
# Example:
terraform import auth0_role_permissions.all_role_permissions "rol_XXXXXXXXXXXX"
37 changes: 37 additions & 0 deletions examples/resources/auth0_role_permissions/resource.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# Example:
resource "auth0_resource_server" "resource_server" {
name = "test"
identifier = "test.example.com"
}
resource "auth0_resource_server_scopes" "resource_server_scopes" {
resource_server_identifier = auth0_resource_server.resource_server.identifier

scopes {
name = "store:create"
}
scopes {
name = "store:read"
}
scopes {
name = "store:update"
}
scopes {
name = "store:delete"
}
}

resource "auth0_role" "my_role" {
name = "My Role"
}

resource "auth0_role_permissions" "my_role_perms" {
role_id = auth0_role.my_role.id

dynamic "permissions" {
for_each = auth0_resource_server_scopes.resource_server_scopes.scopes
content {
name = permissions.value.name
resource_server_identifier = auth0_resource_server.resource_server.identifier
}
}
}

0 comments on commit 236d388

Please sign in to comment.