boundary_scope
The scope resource allows you to configure a Boundary scope.
Creating the global scope:
resource "boundary_scope" "global" {
global_scope = true
scope_id = "global"
}
Creating an organization scope within global:
resource "boundary_scope" "org" {
name = "organization_one"
description = "My first scope!"
scope_id = boundary_scope.global.id
auto_create_admin_role = true
auto_create_default_role = true
}
Creating an project scope within an organization:
resource "boundary_scope" "project" {
name = "project_one"
description = "My first scope!"
scope_id = boundary_scope.org.id
auto_create_admin_role = true
}
Creating an organization scope with a managed role for administration (auto create role set false):
resource "boundary_scope" "org" {
name = "organization_one"
description = "My first scope!"
scope_id = boundary_scope.global.id
}
resource "boundary_role" "org_admin" {
scope_id = boundary_scope.global.id
grant_scope_ids = [boundary_scope.org.id]
grant_strings = ["ids=*;type=*;actions=*"]
principal_ids = ["u_auth"]
}
scope_id
(String) The scope ID containing the sub scope resource.auto_create_admin_role
(Boolean) If set, when a new scope is created, the provider will not disable the functionality that automatically creates a role in the new scope and gives permissions to manage the scope to the provider's user. Marking this true makes for simpler HCL but results in role resources that are unmanaged by Terraform.auto_create_default_role
(Boolean) Only relevant when creating an org scope. If set, when a new scope is created, the provider will not disable the functionality that automatically creates a role in the new scope and gives listing of scopes and auth methods and the ability to authenticate to the anonymous user. Marking this true makes for simpler HCL but results in role resources that are unmanaged by Terraform.description
(String) The scope description.global_scope
(Boolean) Indicates that the scope containing this value is the global scope, which triggers some specialized behavior to allow it to be imported and managed.name
(String) The scope name. Defaults to the resource name.id
(String) The ID of the scope.Import is supported using the following syntax:
terraform import boundary_scope.foo <my-id>