- Notifications
You must be signed in to change notification settings - Fork927
Closed
Assignees
Description
There may be cases where a template wants to be aware of the user's groups for infrastructure to provision/tags to add, etc.
The easiest way to do it seems like sending them as an array of strings inhttps://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/workspace
data.coder_workspace.me.owner_groups# ["devops", "platform-engineering", "backstage"]
Use cases
User must be indevops group for this to be provisioned as a part of their workspace:
resource"special_resource""for_devops" {count=contains(data.coder_workspace.me.owner_groups,"devops")?1:0}
Add groups as a tag to an resource:
resource"aws_instance""example" {tags={ Name= data.coder_workspace.me.name OwnerGroups=join(",", data.coder_workspace.me.owner_groups) }}
Look up IAM policy based on groups:
data"aws_iam_policy""dynamic" {count=length(data.coder_workspace.me.owner_groups)arn="arn:aws:iam::aws:policy/${element(data.coder_workspace.me.owner_groups, count.index)}"}
Metadata
Metadata
Assignees
Labels
No labels