The article below describes on how to do Role Assignments for Reference User Groups using Terraform Provider.
To start with as mentioned in the below article on how we can reference USer Groups from Account level to either organization level or project level or from Organisation Level to Project Level.
We have reference a User Group from Account Level to Project Level in the below example.
Now we need to do role assignments using Harness Terraform provider.
The TF file configuration :
terraform {
required_providers {
harness = {
source = "harness/harness"
version = "0.17.3"
}
}
}
provider "harness" {
# Configuration options
endpoint = "https://app.harness.io/gateway"
account_id = "xxxxxxxx-xxxxxxxxxxxxxxxx"
platform_api_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
resource "harness_platform_role_assignments" "example1" {
org_id = "neworg"
project_id = "newtestunderorg"
resource_group_identifier = "_all_project_level_resources"
role_identifier = "_project_admin"
principal {
identifier = "scimminrole"
type = "USER_GROUP"
scope_level = "account"
}
disabled = false
managed = false
}
We have to fill up fields like Organization ID, Project ID, Resource Group Identifier, Role Identifier, and then the User Group Identifier.
We can get these values from the Harness UI or the API as mentioned here: https://apidocs.harness.io/
Before running the terraform script :
After execution the terraform script :
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Note : The Scope_level value such as account will be lower case and not upper case