yandex_compute_snapshot_schedule_iam_binding (Resource)

Allows creation and management of a single binding within IAM policy for an existing Snapshot Schedule.

Example usageExample usage

//
// Create a new Compute Snapshot Schedule and new IAM Binding for it.
//
resource "yandex_compute_snapshot_schedule" "schedule1" {
  schedule_policy {
    expression = "0 0 * * *"
  }

  retention_period = "12h"

  snapshot_spec {
    description = "retention-snapshot"
  }

  disk_ids = ["test_disk_id", "another_test_disk_id"]
}

resource "yandex_compute_snapshot_schedule_iam_binding" "editor" {
  snapshot_schedule_id = data.yandex_compute_snapshot_schedule.schedule1.id

  role = "editor"

  members = [
    "userAccount:some_user_id",
  ]
}

SchemaSchema

RequiredRequired

• members (Set of String) An array of identities that will be granted the privilege in the role. Each entry can have one of the following values:

• userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
• serviceAccount:{service_account_id}: A unique service account ID.
• federatedUser:{federated_user_id}: A unique federated user ID.
• federatedUser:{federated_user_id}:: A unique SAML federation user account ID.
• group:{group_id}: A unique group ID.
• system:group:federation:{federation_id}:users: All users in federation.
• system:group:organization:{organization_id}:users: All users in organization.
• system:allAuthenticatedUsers: All authenticated users.
• system:allUsers: All users, including unauthenticated ones.

~> for more information about system groups, see Cloud Documentation.

• role (String) The role that should be assigned. Only one yandex_compute_snapshot_schedule_iam_binding can be used per role.
• snapshot_schedule_id (String) The ID of the compute Snapshot Schedule to attach the policy to.

ImportImport

~> Import for this resource is not implemented yet.