alicloud_max_compute_role_Terraform(Terraform)-阿里云帮助中心

Provides a Max Compute Role resource.

For information about Max Compute Role and how to use it, see What is Role.

-> NOTE: Available since v1.242.0.

Example Usage

Basic Usage

variable "name" {
  default = "terraform-example"
}

provider "alicloud" {
  region = "cn-hangzhou"
}

resource "alicloud_maxcompute_project" "default" {
  default_quota = "默认后付费Quota"
  project_name  = var.name
  comment       = var.name
  product_type  = "PayAsYouGo"
}

resource "alicloud_max_compute_role" "default" {
  type         = "admin"
  project_name = alicloud_maxcompute_project.default.id
  policy       = jsonencode({ "Statement" : [{ "Action" : ["odps:*"], "Effect" : "Allow", "Resource" : ["acs:odps:*:projects/project_name/authorization/roles", "acs:odps:*:projects/project_name/authorization/roles/*/*"] }], "Version" : "1" })
  role_name    = "tf_example112"
}

Argument Reference

The following arguments are supported:

policy - (Optional, JsonString) Policy Authorization Refer to Policy-based access control and Authorization practices
project_name - (Required, ForceNew) Project name
role_name - (Required, ForceNew) Role Name

-> NOTE: At the beginning of a letter, it can contain letters and numbers and can be no more than 64 characters in length.

type - (Required) Role type Valid values: admin/resource

-> NOTE: -- management type (admin) role: You can grant management type permissions through Policy. You cannot grant resource permissions to management type roles. You cannot grant management type permissions to management type roles through ACL. -- resource role: you can authorize resource type permissions through Policy or ACL, but cannot authorize management type permissions. For details, see role-planning

Attributes Reference

The following attributes are exported:

id - The ID of the resource supplied above.The value is formulated as <project_name>:<role_name>.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

create - (Defaults to 5 mins) Used when create the Role.
delete - (Defaults to 5 mins) Used when delete the Role.
update - (Defaults to 5 mins) Used when update the Role.

Import

Max Compute Role can be imported using the id, e.g.

$ terraform import alicloud_max_compute_role.example <project_name>:<role_name>