confluent_group_mapping
provides a Group Mapping resource that enables creating, editing, and deleting group mappings on Confluent Cloud.
resource "confluent_group_mapping" "application-developers" {
display_name = "Application Developers"
description = "Admin access to production environment for Engineering"
filter = "\"engineering\" in groups"
}
resource "confluent_role_binding" "envadmin" {
principal = "User:${confluent_group_mapping.application-developers.id}"
role_name = "EnvironmentAdmin"
crn_pattern = data.confluent_environment.prod.resource_name
}
The following arguments are supported:
display_name
- (Required String) The name of the Group Mapping.filter
- (Required String) A single group identifier or a condition based on supported CEL operators that defines which groups are included.description
- (Optional String) A description explaining the purpose and use of the group mapping.In addition to the preceding arguments, the following attributes are exported:
id
- (Required String) The ID of the Group Mapping (for example, group-abc123
).You can import a Group Mapping by using Group Mapping ID, for example:
$ export CONFLUENT_CLOUD_API_KEY="<cloud_api_key>"
$ export CONFLUENT_CLOUD_API_SECRET="<cloud_api_secret>"
$ terraform import confluent_group_mapping.application-developers group-abc123