Manages permissions for tagging
Permissions for tagging within Azure DevOps can be applied only on Organizational and Project level.
The project level is reflected by specifying the argument project_id
, otherwise the permissions are set on the organizational level.
resource "azuredevops_project" "example" {
name = "Example Project"
work_item_template = "Agile"
version_control = "Git"
visibility = "private"
description = "Managed by Terraform"
}
data "azuredevops_group" "example-readers" {
project_id = azuredevops_project.example.id
name = "Readers"
}
resource "azuredevops_tagging_permissions" "example-permissions" {
project_id = azuredevops_project.example.id
principal = data.azuredevops_group.example-readers.id
permissions = {
Enumerate = "allow"
Create = "allow"
Update = "allow"
Delete = "allow"
}
}
The following arguments are supported:
project_id
- (Optional) The ID of the project to assign the permissions. If omitted, organization wide permissions for tagging are managed.principal
- (Required) The group or user principal to assign the permissions.permissions
- (Required) the permissions to assign. The following permissions are available.replace
- (Optional) Replace (true
) or merge (false
) the permissions. Default: true
Name | Permission Description |
---|---|
Enumerate | Enumerate tag definitions |
Create | Create tag definition |
Update | Update tag definition |
Delete | Delete tag definition |
The resource does not support import.