Skip to main content

selectel_iam_group_v1

Last update:
For your information

These instructions are a copy of the Terraform provider's Selectel Terraform documentation in the Terraform Registry.

Creates and manages a user group for Selectel products using public API v1.Selectel products support Identity and Access Management (IAM).For more information about user groups, see the official Selectel documentation.

Example Usage

resource "selectel_iam_group_v1" "group_1" {
  name        = "My group"
  description = "My test group"
  role {
    role_name = "member"
    scope     = "account"
  }
}

Argument Reference

  • name - (Required) Group name.

  • description - (Optional) Group description.

  • role - (Optional) Manages group roles. You can add multiple roles - each role in a separate block.

    • role_name - (Required) Role name. Available role names are iam.admin, member, reader, billing, object_storage:admin, and object_storage_user.

    • scope - (Required) Scope of the role. Available scopes are account and project. If scope is project the project_id argument is required.

    • project_id - (Optional) Unique identifier of the associated project. If scope is project, the project_id argument is required. Retrieved from the selectel_vpc_project_v2 resource. Learn more about Projects.

Roles

To assign roles, use the following values for scope and role_name:

  • Account administrator - scope is account, role_name is member.

  • Billing administrator - scope is account, role_name is billing.

  • User administrator - scope is account, role_name is iam.admin.

  • Project administrator - scope is project, role_name is member.

  • Account viewer - scope is account, role_name is reader.

  • Project viewer - scope is project, role_name is reader.

  • Object storage admin - scope is project, role_name is object_storage:admin.

  • Object storage user - scope is project, role_name is object_storage_user.

Import

You can import a group:

export OS_DOMAIN_NAME=<account_id>
export OS_USERNAME=<username>
export OS_PASSWORD=<password>
terraform import selectel_iam_group_v1.group_1 <group_id>

where:

  • <account_id> - Selectel account ID. The account ID is in the top right corner of the Control panel. Learn more about Registration.

  • <username> - Name of the service user. To get the name, in the Control panel, go to Identity & Access ManagementUser management ⟶ the Service users tab ⟶ copy the name of the required user. Learn more about [Service Users](/access-control/access-management/

  • <password> - Password of the service user.

  • <group_id> - Unique identifier of the group, for example, abc1bb378ac84e1234b869b77aadd2ab. To get the group ID, use either iam-go or IAM API.