Creating Roles with Terraform

Vernon_Van_Dam · April 19, 2023, 3:54am

Hi Team

I'm trying to get Terraform to deploy a new Role. I'm using the code:

resource "genesyscloud_auth_role" "agent_role" {
  name        = "Terraform Agent Role"
  description = "Custom Terraform Role for Agents"
  permissions = ["group_creation", "employee"]
  permission_policies {
            domain      = "conversation"
            entity_name = "call"
            action_set  = ["accept", "add", "record"]
    }
}

This works fine and creates the Role with only the 3 permissions set. How do I increase the permission_policies to list various permissions that need to assigned to this role?

I'm using a JSON export of the users role as example and it contains multiple permission_policies but somehow that doesnt translate to a tf file.

Sample JSON I'm using:

"User": {
        "default_role_id": "engage",
        "description": "Role for basic agent functions",
        "name": "User",
        "permission_policies": [
          {
            "action_set": [
              "accept",
              "add",
              "record"
            ],
            "conditions": null,
            "domain": "conversation",
            "entity_name": "call"
          },
          {
            "action_set": [
              "accept",
              "create",
              "forward"
            ],
            "conditions": null,
            "domain": "conversation",
            "entity_name": "email"
          },

Thanx
V

Hemanth · April 19, 2023, 10:45am

If you want to have more entities to be added to specfic permissions. You can add a new permission_policies describing the entity and actions for that enitity

resource "genesyscloud_auth_role" "agent_role" {
name = "Terraform Agent Role"
description = "Custom Terraform Role for Agents"
permissions = ["group_creation", "employee"]
permission_policies {
domain = "conversation"
entity_name = "call"
action_set = ["accept", "add", "record"]
}
permission_policies {
domain = "conversation"
entity_name = "email"
action_set = ["accept", "add", "record"]
}
}

Vernon_Van_Dam · April 19, 2023, 10:56pm

Thanx Hemanth, that worked. My final code looks like this:

resource "genesyscloud_auth_role" "agent_role" {

name = "Terraform Agent Role"
description = "Custom Terraform Role for Agents"
permissions = ["group_creation", "employee"]
permission_policies {
domain = "conversation"
entity_name = "call"
action_set = ["accept", "add", "record"]
}
permission_policies {
domain = "conversation"
entity_name = "email"
action_set = ["accept", "create", "forward"]
}
}

Is there an easier way to convert the JSON export to a Terraform resource format or is this a manual process?