Resource: acl

The ACL resource is a dependent resource. It is optional. The ACL context applies to other Splunk resources. Typically, knowledge objects, such as saved searches or event types, have an app/user context that is the namespace.

Example Usage

resource "splunk_inputs_http_event_collector" "hec-token-01" {
  name       = "hec-token-01"
  index      = "main"
  source     = "new:source"
  sourcetype = "new:sourcetype"
  acl {
    owner   = "user01"
    sharing = "global"
    read    = ["admin"]
    write   = ["admin"]
  }
}

resource "splunk_saved_searches" "new-search" {
  name                      = "new-search-01"
  search                    = "index=user01-index source=http:hec-token-01"
  acl {
    app     = "search"
    owner   = "nobody"
    sharing = "user"
  }

Argument Reference

For latest resource argument reference: https://docs.splunk.com/Documentation/Splunk/latest/RESTUM/RESTusing#Access_Control_List

This resource block supports the following arguments: