Required access policy scopes:
data "grafana_cloud_organization" "current" {
slug = "<your org slug>"
}
resource "grafana_cloud_access_policy" "test" {
region = "us"
name = "my-policy"
display_name = "My Policy"
scopes = ["metrics:read", "logs:read"]
realm {
type = "org"
identifier = data.grafana_cloud_organization.current.id
label_policy {
selector = "{namespace=\"default\"}"
}
}
}
resource "grafana_cloud_access_policy_token" "test" {
region = "us"
access_policy_id = grafana_cloud_access_policy.test.policy_id
name = "my-policy-token"
display_name = "My Policy Token"
expires_at = "2023-01-01T00:00:00Z"
}
access_policy_id
(String) ID of the access policy for which to create a token.name
(String) Name of the access policy token.region
(String) Region of the access policy. Should be set to the same region as the access policy. Use the region list API to get the list of available regions: https://grafana.com/docs/grafana-cloud/developer-resources/api-reference/cloud-api/#list-regions.display_name
(String) Display name of the access policy token. Defaults to the name.expires_at
(String) Expiration date of the access policy token. Does not expire by default.created_at
(String) Creation date of the access policy token.id
(String) The ID of this resource.token
(String, Sensitive)updated_at
(String) Last update date of the access policy token.Import is supported using the following syntax:
terraform import grafana_cloud_access_policy_token.name "{{ region }}:{{ tokenId }}"