Reorder capabilities and add some to admin role (SumoLogic#179)

* Reorder capabilities to prevent terraform plan change output and add two capabilities to admin

* Fix one more

terraform/CMS-role.tf

@@ -2,7 +2,7 @@ resource "sumologic_role" "CMS" {
   name             = "${var.role_prefix[var.env]}-CMS"
   description      = "CMS Team"
   filter_predicate = "_sourceCategory=publishing* OR _sourceCategory=mrln-elb OR _sourceCategory=infrastructure-mysql-slow OR _sourceCategory=merlin-proxy OR _sourceCategory=merlin-proxy-elb OR _sourceCategory=${sumologic_http_source.HTTP_fastly-co-prd.category} OR _sourceCategory=network-vpn-f5 OR _sourceCategory=cms-fallback-* OR _source=cms-fallback-*"
-  capabilities     = ["viewCollectors", "manageMonitors", "viewPartitions", "createAccessKeys", "changeDataAccessLevel"]
+  capabilities     = ["manageMonitors", "viewPartitions", "createAccessKeys", "changeDataAccessLevel", "viewCollectors"]
 }
 
 resource "ad_group_to_ou" "ad-group-CMS" {

terraform/ECOMM-role.tf

@@ -2,7 +2,7 @@ resource "sumologic_role" "ECOMM" {
   name             = "${var.role_prefix[var.env]}-ECOMM"
   description      = "E-Commerce Team"
   filter_predicate = "_sourceCategory=applogs-store OR _sourceCategory=applogs-ecomm OR _sourceCategory=applogs-lire OR _sourceCategory=lire-* OR _sourceCategory=ecomm-hdweb OR _sourceCategory=ecommerce-* OR _sourceCategory=${sumologic_http_source.HTTP_stg-ecommerce-payflow.category} OR _sourceCategory=prd/ecommerce/payflow OR _sourceCategory=business-ax-etl OR _sourceCategory=aristo-prd OR _sourceCategory=axpetl-prd OR _sourceCategory=${sumologic_http_source.PPD_dist-dev.category} OR _sourceCategory=${sumologic_http_source.Ecomm-Payflow_ecommerce-payflow-http.category} OR _sourceCategory=linux-* ecmcore OR _sourceCategory=linux-* payflow OR _sourceCategory=infra-jenkins* OR _sourceCategory=sugar* OR _sourceCategory=${sumologic_http_source.HTTP_myaccount-prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_myaccount-stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_Lire.category} OR _sourceCategory=linux-* sugar OR _sourceCategory=${sumologic_http_source.Ecomm-Payflow_ecommerce-ecmcore-http.category} OR _sourceCategory=circa OR _sourceCategory=${sumologic_http_source.Ecomm-Payflow_ecommerce-payflow-http.category} OR _source=${sumologic_http_source.Ecomm-Payflow_ecommerce-ecmcore-http.name} OR _source=${sumologic_http_source.Ecomm-Payflow_ecommerce-payflow-http.name} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-waf-apps_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-waf-apps_prd.category} OR _sourceCategory=tokenization* OR _sourceCategory=ecmcore-* OR _sourceCategory=ecr-* OR _sourceCategory=${sumologic_http_source.Ecomm-Payflow_ecommerce-payflow-api-stg.category} OR ${module.nytimes-spg-petstore.search_filter} OR ${module.nytimes-spg-productservice.search_filter} OR ${module.nytimes-spg-printsite-management-service.search_filter} OR ${module.nytimes-spg-invoice-service.search_filter} OR ${module.nytimes-spg-subinfo.search_filter} OR ${module.nytimes-spg-itunes-subscription-service.search_filter} OR ${module.nytimes-spg-inyt-subscription-api.search_filter} OR ${module.nytimes-spg-inyt-datacompliance-api.search_filter} OR _sourceCategory=nytm-payflow-waf-prd OR ${module.nytimes-spg-settlements.search_filter} OR ${module.nytimes-spg-paypal-integration.search_filter}"
-  capabilities     = ["viewScheduledViews", "manageFieldExtractionRules", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "viewCollectors", "manageFields", "changeDataAccessLevel"]
+  capabilities     = ["viewScheduledViews", "manageFieldExtractionRules", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "changeDataAccessLevel", "viewCollectors", "manageFields"]
 }
 
 resource "ad_group_to_ou" "ad-group-ECOMM" {

terraform/Myaccount_Fastly_Logs-role.tf

@@ -2,7 +2,7 @@ resource "sumologic_role" "Myaccount_Fastly_Logs" {
   name             = "${var.role_prefix[var.env]}-Myaccount Fastly Logs"
   description      = "Access to fastly logs for myaccount service"
   filter_predicate = "_sourceCategory=${sumologic_http_source.HTTP_myaccount-prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_myaccount-stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-myaccount_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-myaccount_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-myaccount_dev.category}"
-  capabilities     = ["viewScheduledViews", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "viewCollectors", "changeDataAccessLevel"]
+  capabilities     = ["viewScheduledViews", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "changeDataAccessLevel", "viewCollectors"]
 }
 
 resource "ad_group_to_ou" "ad-group-Myaccount_Fastly_Logs" {

terraform/Network-role.tf

@@ -2,7 +2,7 @@ resource "sumologic_role" "Network" {
   name             = "${var.role_prefix[var.env]}-Network"
   description      = "Network Team"
   filter_predicate = "_index=Network OR _index=Virtualization OR _sourceCategory=voice-tel* OR _sourceCategory=network-* OR _sourceCategory=forti-analyzer OR _sourceCategory=\"clearpass Logs\""
-  capabilities     = ["viewScheduledViews", "metricsExtraction", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "viewCollectors", "changeDataAccessLevel"]
+  capabilities     = ["viewScheduledViews", "metricsExtraction", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "changeDataAccessLevel", "viewCollectors"]
 }
 
 resource "ad_group_to_ou" "ad-group-Network" {

terraform/Samizdat-role.tf

@@ -2,7 +2,7 @@ resource "sumologic_role" "Samizdat" {
   name             = "${var.role_prefix[var.env]}-Samizdat"
   description      = "Samizdat Application Logs"
   filter_predicate = "(_sourceCategory=linux-* AND _sourceName=*/samizdat-*/*.log) OR _sourceCategory=${sumologic_http_source.GKE_Samizdat_Dev.category} OR _sourceCategory=webandmobile-samizdat-iad OR _sourceCategory=samizdat-graphql-elb-prd-iad1 OR _sourceCategory=samizdat-graphql-elb-prd-pdx1 OR _sourceCategory=${sumologic_http_source.HTTP_webprd-www.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-www_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_samizdat-fluentd.category}"
-  capabilities     = ["viewScheduledViews", "metricsExtraction", "manageFieldExtractionRules", "manageMonitors", "viewPartitions", "manageScheduledViews", "viewFields", "viewFieldExtraction", "createAccessKeys", "manageFields", "changeDataAccessLevel"]
+  capabilities     = ["viewScheduledViews", "metricsExtraction", "manageFieldExtractionRules", "manageMonitors", "viewPartitions", "manageScheduledViews", "viewFields", "viewFieldExtraction", "createAccessKeys", "changeDataAccessLevel", "manageFields"]
 }
 
 resource "ad_group_to_ou" "ad-group-Samizdat" {

terraform/admin.tf

@@ -7,6 +7,7 @@ resource "sumologic_role" "admin" {
     "manageAccessKeys",
     "metricsExtraction",
     "manageFieldExtractionRules",
+    "viewMonitorsV2",
     "manageMonitors",
     "metricsRules",
     "viewPartitions",
@@ -28,6 +29,7 @@ resource "sumologic_role" "admin" {
     "manageSaml",
     "manageContent",
     "createAccessKeys",
+    "manageMonitorsV2",
     "manageSupportAccountAccess",
     "shareDashboardOutsideOrg",
     "metricsTransformation",

terraform/fastly-role.tf

@@ -2,7 +2,7 @@ resource "sumologic_role" "fastly" {
   name             = "${var.role_prefix[var.env]}-fastly"
   description      = "Accessing fastly logs"
   filter_predicate = "_sourceCategory=${sumologic_http_source.HTTP_fastly-gcs-assets_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-static_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-www_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-gcs-assets_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-static_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-www_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-www-purge_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mktg_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mktg_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mktg-purge_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mktg-purge_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_video-service.category} OR _sourceCategory=${sumologic_http_source.HTTP_video-service-stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-waf-apps_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-waf-apps_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-nytco_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-nytco_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-rss_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-rss_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mwcm_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mwcm_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-int_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-int_prd.category} OR _sourceCategory=${sumologic_http_source.SEO_fastly-spiderbites_stg.category} OR _sourceCategory=${sumologic_http_source.SEO_fastly-spiderbites_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-advertising-waf_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-advertising-waf_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-advertising_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-advertising_prd.category}"
-  capabilities     = ["manageFieldExtractionRules", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "manageFields", "changeDataAccessLevel"]
+  capabilities     = ["manageFieldExtractionRules", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "changeDataAccessLevel", "manageFields"]
 }
 
 resource "ad_group_to_ou" "ad-group-fastly" {

terraform/teams.tf

@@ -10,7 +10,7 @@ module "offers" {
 
   name          = "offers"
   search_filter = "_sourceCategory=${sumologic_http_source.HTTP_fastly-mktg_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mktg_stg.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mktg-purge_prd.category} OR _sourceCategory=${sumologic_http_source.HTTP_fastly-mktg-purge_stg.category}"
-  capabilities  = ["viewScheduledViews", "manageFieldExtractionRules", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "viewCollectors", "manageFields", "changeDataAccessLevel"]
+  capabilities  = ["viewScheduledViews", "manageFieldExtractionRules", "manageMonitors", "viewPartitions", "viewFields", "viewFieldExtraction", "createAccessKeys", "changeDataAccessLevel", "viewCollectors", "manageFields"]
   group_manager = "CN=Thiaw\\, Lamine,OU=Users,OU=NYHQ,OU=NYTMG,DC=ent,DC=nytint,DC=com"
   env           = var.env
 }