From 083e30a6d812e6424107a3eccd026c9c745b6216 Mon Sep 17 00:00:00 2001 From: Daniel Hougaard Date: Mon, 16 Sep 2024 17:15:28 +0400 Subject: [PATCH 1/2] fix: added missing permission subjects --- internal/provider/resource/project_role_resource.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/provider/resource/project_role_resource.go b/internal/provider/resource/project_role_resource.go index ed81941..e4ae58d 100644 --- a/internal/provider/resource/project_role_resource.go +++ b/internal/provider/resource/project_role_resource.go @@ -18,7 +18,7 @@ import ( var ( _ resource.Resource = &projectRoleResource{} PERMISSION_ACTIONS = []string{"create", "edit", "delete", "read"} - PERMISSION_SUBJECTS = []string{"role", "member", "groups", "settings", "integrations", "webhooks", "service-tokens", "environments", "tags", "audit-logs", "ip-allowlist", "workspace", "secrets", "secret-rollback", "secret-approval", "secret-rotation", "identity"} + PERMISSION_SUBJECTS = []string{"role", "member", "groups", "settings", "integrations", "webhooks", "service-tokens", "environments", "tags", "audit-logs", "ip-allowlist", "workspace", "secrets", "secret-rollback", "secret-approval", "secret-rotation", "identity", "certificate-authorities", "certificates", "certificate-templates", "kms", "pki-alerts", "pki-collections"} ) // NewProjectResource is a helper function to simplify the provider implementation. From a7b3bd3aa3981fa054d07fce3f28493dfd327587 Mon Sep 17 00:00:00 2001 From: Daniel Hougaard Date: Mon, 16 Sep 2024 17:15:50 +0400 Subject: [PATCH 2/2] docs: missing permission subjects --- docs/resources/project_identity_specific_privilege.md | 2 +- docs/resources/project_role.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/resources/project_identity_specific_privilege.md b/docs/resources/project_identity_specific_privilege.md index bc3c317..090b959 100644 --- a/docs/resources/project_identity_specific_privilege.md +++ b/docs/resources/project_identity_specific_privilege.md @@ -86,7 +86,7 @@ Required: - `actions` (List of String) Describe what action an entity can take. Enum: create,edit,delete,read - `conditions` (Attributes) The conditions to scope permissions (see [below for nested schema](#nestedatt--permission--conditions)) -- `subject` (String) Describe what action an entity can take. Enum: role,member,groups,settings,integrations,webhooks,service-tokens,environments,tags,audit-logs,ip-allowlist,workspace,secrets,secret-rollback,secret-approval,secret-rotation,identity +- `subject` (String) Describe what action an entity can take. Enum: role,member,groups,settings,integrations,webhooks,service-tokens,environments,tags,audit-logs,ip-allowlist,workspace,secrets,secret-rollback,secret-approval,secret-rotation,identity,certificate-authorities,certificates,certificate-templates,kms,pki-alerts,pki-collections ### Nested Schema for `permission.conditions` diff --git a/docs/resources/project_role.md b/docs/resources/project_role.md index bb7e7de..80ffd48 100644 --- a/docs/resources/project_role.md +++ b/docs/resources/project_role.md @@ -75,7 +75,7 @@ resource "infisical_project_role" "biller" { Required: - `action` (String) Describe what action an entity can take. Enum: create,edit,delete,read -- `subject` (String) Describe what action an entity can take. Enum: role,member,groups,settings,integrations,webhooks,service-tokens,environments,tags,audit-logs,ip-allowlist,workspace,secrets,secret-rollback,secret-approval,secret-rotation,identity +- `subject` (String) Describe what action an entity can take. Enum: role,member,groups,settings,integrations,webhooks,service-tokens,environments,tags,audit-logs,ip-allowlist,workspace,secrets,secret-rollback,secret-approval,secret-rotation,identity,certificate-authorities,certificates,certificate-templates,kms,pki-alerts,pki-collections Optional: