Skip to main content
Version: 2.8.8

highbond_role_permissions_assignment (Resource)

Schema

Required

role_idString Unique identifier for the role

Optional

force_updatesBoolean Allows overriding top-level 'create_only' option.
idString The ID of this resource.
permissionsBlock List List of role permission information
Nested Schema for `permissions`

Optional

asset_typeBlock List Object with key of asset type ID and value of a permission mapping. Use key * to associate permissions with all asset types. Can only be on roleType of user
Nested Schema for `permissions.asset_type`

Required

idString The value of Asset Type ID

Optional

create_assetBoolean Create Asset Premission
delete_assetBoolean Delete Asset Permission
read_asset_section_0Boolean Read Asset Section 0 Permission
read_asset_section_1Boolean Read Asset Section 1 Permission
read_asset_section_10Boolean Read Asset Section 10 Permission
read_asset_section_11Boolean Read Asset Section 11 Permission
read_asset_section_12Boolean Read Asset Section 12 Permission
read_asset_section_13Boolean Read Asset Section 13 Permission
read_asset_section_14Boolean Read Asset Section 14 Permission
read_asset_section_15Boolean Read Asset Section 15 Permission
read_asset_section_16Boolean Read Asset Section 16 Permission
read_asset_section_17Boolean Read Asset Section 17 Permission
read_asset_section_18Boolean Read Asset Section 18 Permission
read_asset_section_19Boolean Read Asset Section 19 Permission
read_asset_section_2Boolean Read Asset Section 2 Permission
read_asset_section_3Boolean Read Asset Section 3 Permission
read_asset_section_4Boolean Read Asset Section 4 Permission
read_asset_section_5Boolean Read Asset Section 5 Permission
read_asset_section_6Boolean Read Asset Section 6 Permission
read_asset_section_7Boolean Read Asset Section 7 Permission
read_asset_section_8Boolean Read Asset Section 8 Permission
read_asset_section_9Boolean Read Asset Section 9 Permission
read_audit_trailBoolean Read Audit Trail Permission
read_audit_trail_detailsBoolean Read Audit Trail Details Permission
update_asset_section_0Boolean Update Asset Section 0 Permission
update_asset_section_1Boolean Update Asset Section 1 Permission
update_asset_section_10Boolean Update Asset Section 10 Permission
update_asset_section_11Boolean Update Asset Section 11 Permission
update_asset_section_12Boolean Update Asset Section 12 Permission
update_asset_section_13Boolean Update Asset Section 13 Permission
update_asset_section_14Boolean Update Asset Section 14 Permission
update_asset_section_15Boolean Update Asset Section 15 Permission
update_asset_section_16Boolean Update Asset Section 16 Permission
update_asset_section_17Boolean Update Asset Section 17 Permission
update_asset_section_18Boolean Update Asset Section 18 Permission
update_asset_section_19Boolean Update Asset Section 19 Permission
update_asset_section_2Boolean Update Asset Section 2 Permission
update_asset_section_3Boolean Update Asset Section 3 Permission
update_asset_section_4Boolean Update Asset Section 4 Permission
update_asset_section_5Boolean Update Asset Section 5 Permission
update_asset_section_6Boolean Update Asset Section 6 Permission
update_asset_section_7Boolean Update Asset Section 7 Permission
update_asset_section_8Boolean Update Asset Section 8 Permission
update_asset_section_9Boolean Update Asset Section 9 Permission
organizationBlock List Object with key of organization ID and value of permission mapping. Can only be on roleType of platform
Nested Schema for `permissions.organization`

Required

idString The ID of the organization

Optional

manage_asset_typesBoolean Manage Asset Types Permission
manage_compliance_regulation_locked_field_and_disclaimersBoolean Manage Compliance Regulation Locked Field and Disclaimers Permission
manage_rolesBoolean Manage roles Permission
manage_workflowsBoolean Manage Workflows Permission
read_audit_trailBoolean Read Audit Trail Permission
read_audit_trail_detailsBoolean Read Audit Trail Details Permission
use_bulk_importerBoolean Use Bulk Importer Permission

Read-Only

role_typeString Type of Role, defined on creation, cannot be updated

Example Usage

// Associate permissions to a role. Permissions for an organization
resource "highbond_role_permissions_assignment" "userorganization" {
  role_id       = highbond_role.main.id
  force_updates = true // Create only with force update changes
  permissions {
    organization {
      id                                                        = "1001020"
      use_bulk_importer                                         = false
      manage_asset_types                                        = false
      manage_workflows                                          = false
      manage_roles                                              = false
      read_audit_trail                                          = true
      read_audit_trail_details                                  = true
      manage_compliance_regulation_locked_field_and_disclaimers = true
    }
  }
}

// Associate permissions to a role. Permissions for a single asset type
resource "highbond_role_permissions_assignment" "mai2n" {
  role_id = highbond_role.user.id
  permissions {
    asset_type {
      id                       = highbond_asset_type.main.id
      create_asset             = true
      delete_asset             = true
      read_asset_section_0     = true
      read_asset_section_1     = true
      read_asset_section_2     = true
      read_asset_section_3     = true
      read_asset_section_4     = true
      read_asset_section_5     = true
      read_asset_section_6     = true
      read_asset_section_7     = true
      read_asset_section_8     = true
      read_asset_section_9     = true
      update_asset_section_0   = true
      update_asset_section_1   = true
      update_asset_section_2   = true
      update_asset_section_3   = true
      update_asset_section_4   = true
      update_asset_section_5   = true
      update_asset_section_6   = true
      update_asset_section_7   = true
      update_asset_section_8   = true
      update_asset_section_9   = true
      read_asset_section_10    = true
      read_asset_section_11    = true
      read_asset_section_12    = true
      read_asset_section_13    = true
      read_asset_section_14    = true
      read_asset_section_15    = true
      read_asset_section_16    = true
      read_asset_section_17    = true
      read_asset_section_18    = true
      read_asset_section_19    = true
      update_asset_section_10  = true
      update_asset_section_11  = true
      update_asset_section_12  = true
      update_asset_section_13  = true
      update_asset_section_14  = true
      update_asset_section_15  = true
      update_asset_section_16  = true
      update_asset_section_17  = true
      update_asset_section_18  = true
      update_asset_section_19  = true
      read_audit_trail         = true
      read_audit_trail_details = true
    }
  }
}

// Associate permissions to a role. Permissions for all asset_type. Can be used as *
resource "highbond_role_permissions_assignment" "assetall" {
  role_id = highbond_role.user.id
  permissions {
    asset_type {
      id                       = "*"
      create_asset             = true
      delete_asset             = true
      read_asset_section_0     = true
      read_asset_section_1     = true
      read_asset_section_2     = true
      read_asset_section_3     = true
      read_asset_section_4     = true
      read_asset_section_5     = true
      read_asset_section_6     = true
      read_asset_section_7     = true
      read_asset_section_8     = true
      read_asset_section_9     = true
      update_asset_section_0   = true
      update_asset_section_1   = true
      update_asset_section_2   = true
      update_asset_section_3   = true
      update_asset_section_4   = true
      update_asset_section_5   = true
      update_asset_section_6   = true
      update_asset_section_7   = true
      update_asset_section_8   = true
      update_asset_section_9   = true
      read_asset_section_10    = true
      read_asset_section_11    = true
      read_asset_section_12    = true
      read_asset_section_13    = true
      read_asset_section_14    = true
      read_asset_section_15    = true
      read_asset_section_16    = true
      read_asset_section_17    = true
      read_asset_section_18    = true
      read_asset_section_19    = true
      update_asset_section_10  = true
      update_asset_section_11  = true
      update_asset_section_12  = true
      update_asset_section_13  = true
      update_asset_section_14  = true
      update_asset_section_15  = true
      update_asset_section_16  = true
      update_asset_section_17  = true
      update_asset_section_18  = true
      update_asset_section_19  = true
      read_audit_trail         = true
      read_audit_trail_details = true
    }
  }
}


// Roles with role_type user and asset_type id containing assettypeID and workflowStatusID
resource "highbond_role_permissions_assignment" "assettypeworkflowstatus" {
  role_id = highbond_role.main.id
  permissions {
    asset_type {
      id                       = format("%s%s%s", highbond_asset_type.main2.id, "$", highbond_workflow_status.main.id)
      read_asset_section_0     = true
      read_asset_section_1     = true
      read_asset_section_2     = true
      read_asset_section_3     = true
      read_asset_section_4     = true
      read_asset_section_5     = true
      read_asset_section_6     = true
      read_asset_section_7     = true
      read_asset_section_8     = true
      read_asset_section_9     = true
      update_asset_section_0   = true
      update_asset_section_1   = true
      update_asset_section_2   = true
      update_asset_section_3   = true
      update_asset_section_4   = true
      update_asset_section_5   = true
      update_asset_section_6   = true
      update_asset_section_7   = true
      update_asset_section_8   = true
      update_asset_section_9   = true
      read_asset_section_10    = true
      read_asset_section_11    = true
      read_asset_section_12    = true
      read_asset_section_13    = true
      read_asset_section_14    = true
      read_asset_section_15    = true
      read_asset_section_16    = true
      read_asset_section_17    = true
      read_asset_section_18    = true
      read_asset_section_19    = true
      update_asset_section_10  = true
      update_asset_section_11  = true
      update_asset_section_12  = true
      update_asset_section_13  = true
      update_asset_section_14  = true
      update_asset_section_15  = true
      update_asset_section_16  = true
      update_asset_section_17  = true
      update_asset_section_18  = true
      update_asset_section_19  = true
      read_audit_trail         = true
      read_audit_trail_details = true
    }
  }
}


Contact Us
+1 604 669 4225

REFERENCE

Help Docs API Terms of Use

GUIDES

ACL Guide HCL Guide

COMPANY

About us Careers Partners Newsroom

© 2024 Diligent Corporation

Privacy PolicyTerms of UseDiligent Vulnerability Disclosure Program