Skip to content

Commit 7dfd6ab

Browse files
GilTeraSkyGilTeraSky
committed
fix docs
Signed-off-by: GilTS <gil@terasky.com>
1 parent b1ec12e commit 7dfd6ab

File tree

1 file changed

+37
-27
lines changed

1 file changed

+37
-27
lines changed

docs/resources/custom_iam_role.md

Lines changed: 37 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -37,24 +37,26 @@ resource "tanzu-mission-control_custom_iam_role" "demo-role" {
3737
}
3838
}
3939
40-
resources = [
40+
allowed_scopes = [
4141
"ORGANIZATION",
4242
"CLUSTER_GROUP",
4343
"CLUSTER"
4444
]
4545
4646
tanzu_permissions = []
4747
48-
rule {
49-
resources = ["deployments"]
50-
verbs = ["get", "list"]
51-
api_groups = ["*"]
52-
}
48+
kubernetes_permissions {
49+
rule {
50+
resources = ["deployments"]
51+
verbs = ["get", "list"]
52+
api_groups = ["*"]
53+
}
5354
54-
rule {
55-
verbs = ["get", "list"]
56-
api_groups = ["*"]
57-
url_paths = ["/healthz"]
55+
rule {
56+
verbs = ["get", "list"]
57+
api_groups = ["*"]
58+
url_paths = ["/healthz"]
59+
}
5860
}
5961
}
6062
}
@@ -81,31 +83,16 @@ resource "tanzu-mission-control_custom_iam_role" "demo-role" {
8183

8284
Required:
8385

84-
- `resources` (List of String) The resources for the iam role.
86+
- `allowed_scopes` (List of String) The allowed scopes for the iam role.
8587
Valid values are (ORGANIZATION, MANAGEMENT_CLUSTER, PROVISIONER, CLUSTER_GROUP, CLUSTER, WORKSPACE, NAMESPACE)
86-
- `rule` (Block List, Min: 1) Kubernetes rules. (see [below for nested schema](#nestedblock--spec--rule))
8788

8889
Optional:
8990

9091
- `aggregation_rule` (Block List, Max: 1) Aggregation rules for the iam role. (see [below for nested schema](#nestedblock--spec--aggregation_rule))
9192
- `is_deprecated` (Boolean) Flag representing whether role is deprecated.
93+
- `kubernetes_permissions` (Block List, Max: 1) Kubernetes permissions for the iam role. (see [below for nested schema](#nestedblock--spec--kubernetes_permissions))
9294
- `tanzu_permissions` (List of String) Tanzu-specific permissions for the role.
9395

94-
<a id="nestedblock--spec--rule"></a>
95-
### Nested Schema for `spec.rule`
96-
97-
Required:
98-
99-
- `verbs` (List of String) Verbs.
100-
101-
Optional:
102-
103-
- `api_groups` (List of String) API groups.
104-
- `resource_names` (List of String) Restricts the rule to resources by name.
105-
- `resources` (List of String) Resources for the role.
106-
- `url_paths` (List of String) Non-resource urls for the role.
107-
108-
10996
<a id="nestedblock--spec--aggregation_rule"></a>
11097
### Nested Schema for `spec.aggregation_rule`
11198

@@ -143,6 +130,29 @@ This array is replaced during a strategic merge patch.
143130

144131

145132

133+
<a id="nestedblock--spec--kubernetes_permissions"></a>
134+
### Nested Schema for `spec.kubernetes_permissions`
135+
136+
Required:
137+
138+
- `rule` (Block List, Min: 1) Kubernetes rules. (see [below for nested schema](#nestedblock--spec--kubernetes_permissions--rule))
139+
140+
<a id="nestedblock--spec--kubernetes_permissions--rule"></a>
141+
### Nested Schema for `spec.kubernetes_permissions.rule`
142+
143+
Required:
144+
145+
- `verbs` (List of String) Verbs.
146+
147+
Optional:
148+
149+
- `api_groups` (List of String) API groups.
150+
- `resource_names` (List of String) Restricts the rule to resources by name.
151+
- `resources` (List of String) Resources for the role.
152+
- `url_paths` (List of String) Non-resource urls for the role.
153+
154+
155+
146156

147157
<a id="nestedblock--meta"></a>
148158
### Nested Schema for `meta`

0 commit comments

Comments
 (0)