Docs Home
Dynatrace v0.27.0 published on Friday, Mar 21, 2025 by Pulumiverse
dynatrace.getIamPolicies
Explore with Pulumi AI
Dynatrace SaaS only
To utilize this resource, please define the environment variables
DT_CLIENT_ID,DT_CLIENT_SECRET,DT_ACCOUNT_IDwith an OAuth client including the following permissions: Allow IAM policy configuration for environments (iam-policies-management) and View environments (account-env-read).
You can use the attributes environments, accounts and globals to refine which policies you want to query for.
- The attribute
globalindicates whether the results should also contain global (Dynatrace defined) policies - The attribute
environmentis an array of environment IDs. - The results won’t contain any environment specific policies if the attribute
environmentshas been omitted - The results will contain policies for all environments reachable via the given credentials if
environmentsis set to["*"] - The attribute
accountsis an array of accounts UUIDs. Set this to["*"]if you want to receive account specific policies. - The results won’t contain any account specific policies if the attribute
accountshas been omitted
Example Usage
The following example queries for polices of all environments reachable via the given credentials, all accounts and all global policies.
import * as pulumi from "@pulumi/pulumi";
import * as dynatrace from "@pulumi/dynatrace";
const all = dynatrace.getIamPolicies({
accounts: ["*"],
environments: ["*"],
global: true,
});
import pulumi
import pulumi_dynatrace as dynatrace
all = dynatrace.get_iam_policies(accounts=["*"],
environments=["*"],
global_=True)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
Accounts: []string{
"*",
},
Environments: []string{
"*",
},
Global: pulumi.BoolRef(true),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dynatrace = Pulumi.Dynatrace;
return await Deployment.RunAsync(() =>
{
var all = Dynatrace.GetIamPolicies.Invoke(new()
{
Accounts = new[]
{
"*",
},
Environments = new[]
{
"*",
},
Global = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dynatrace.DynatraceFunctions;
import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
.accounts("*")
.environments("*")
.global(true)
.build());
}
}
variables:
all:
fn::invoke:
function: dynatrace:getIamPolicies
arguments:
accounts:
- '*'
environments:
- '*'
global: true
The following example queries for policies that are defined for the environment with the id abce234. No account specific or global policies will be included.
import * as pulumi from "@pulumi/pulumi";
import * as dynatrace from "@pulumi/dynatrace";
const all = dynatrace.getIamPolicies({
environments: ["abce234"],
global: false,
});
import pulumi
import pulumi_dynatrace as dynatrace
all = dynatrace.get_iam_policies(environments=["abce234"],
global_=False)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
Environments: []string{
"abce234",
},
Global: pulumi.BoolRef(false),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dynatrace = Pulumi.Dynatrace;
return await Deployment.RunAsync(() =>
{
var all = Dynatrace.GetIamPolicies.Invoke(new()
{
Environments = new[]
{
"abce234",
},
Global = false,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dynatrace.DynatraceFunctions;
import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
.environments("abce234")
.global(false)
.build());
}
}
variables:
all:
fn::invoke:
function: dynatrace:getIamPolicies
arguments:
environments:
- abce234
global: false
Example Output
import * as pulumi from "@pulumi/pulumi";
import * as dynatrace from "@pulumi/dynatrace";
const all = dynatrace.getIamPolicies({
environments: ["*"],
accounts: ["*"],
global: true,
});
export const policies = all.then(all => all.policies);
import pulumi
import pulumi_dynatrace as dynatrace
all = dynatrace.get_iam_policies(environments=["*"],
accounts=["*"],
global_=True)
pulumi.export("policies", all.policies)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-dynatrace/sdk/go/dynatrace"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
all, err := dynatrace.GetIamPolicies(ctx, &dynatrace.GetIamPoliciesArgs{
Environments: []string{
"*",
},
Accounts: []string{
"*",
},
Global: pulumi.BoolRef(true),
}, nil)
if err != nil {
return err
}
ctx.Export("policies", all.Policies)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dynatrace = Pulumi.Dynatrace;
return await Deployment.RunAsync(() =>
{
var all = Dynatrace.GetIamPolicies.Invoke(new()
{
Environments = new[]
{
"*",
},
Accounts = new[]
{
"*",
},
Global = true,
});
return new Dictionary<string, object?>
{
["policies"] = all.Apply(getIamPoliciesResult => getIamPoliciesResult.Policies),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dynatrace.DynatraceFunctions;
import com.pulumi.dynatrace.inputs.GetIamPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = DynatraceFunctions.getIamPolicies(GetIamPoliciesArgs.builder()
.environments("*")
.accounts("*")
.global(true)
.build());
ctx.export("policies", all.applyValue(getIamPoliciesResult -> getIamPoliciesResult.policies()));
}
}
variables:
all:
fn::invoke:
function: dynatrace:getIamPolicies
arguments:
environments:
- '*'
accounts:
- '*'
global: true
outputs:
policies: ${all.policies}
Changes to Outputs:
+ policies = [
+ {
+ account = "########-86d8-####-88bd-############"
+ environment = ""
+ global = false
+ id = "########-7a6a-####-a43e-#############-#account#-#########-86d8-####-88bd-############"
+ name = "storage:bucket-definitions:delete"
+ uuid = "########-7a6a-####-a43e-############"
},
...
+ {
+ account = ""
+ environment = "#######"
+ global = false
+ id = "########-c7d6-####-878c-#############-#environment#-########"
+ name = "some-policy"
+ uuid = "########-c7d6-####-878c-############"
},
...
+ {
+ account = ""
+ environment = ""
+ global = true
+ id = "########-6852-####-9d1b-#############-#global#-#global"
+ name = "Storage Events Read"
+ uuid = "########-6852-####-9d1b-############"
},
]
Using getIamPolicies
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getIamPolicies(args: GetIamPoliciesArgs, opts?: InvokeOptions): Promise<GetIamPoliciesResult>
function getIamPoliciesOutput(args: GetIamPoliciesOutputArgs, opts?: InvokeOptions): Output<GetIamPoliciesResult>def get_iam_policies(accounts: Optional[Sequence[str]] = None,
environments: Optional[Sequence[str]] = None,
global_: Optional[bool] = None,
groups: Optional[Sequence[str]] = None,
opts: Optional[InvokeOptions] = None) -> GetIamPoliciesResult
def get_iam_policies_output(accounts: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
environments: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
global_: Optional[pulumi.Input[bool]] = None,
groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetIamPoliciesResult]func GetIamPolicies(ctx *Context, args *GetIamPoliciesArgs, opts ...InvokeOption) (*GetIamPoliciesResult, error)
func GetIamPoliciesOutput(ctx *Context, args *GetIamPoliciesOutputArgs, opts ...InvokeOption) GetIamPoliciesResultOutput> Note: This function is named GetIamPolicies in the Go SDK.
public static class GetIamPolicies
{
public static Task<GetIamPoliciesResult> InvokeAsync(GetIamPoliciesArgs args, InvokeOptions? opts = null)
public static Output<GetIamPoliciesResult> Invoke(GetIamPoliciesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetIamPoliciesResult> getIamPolicies(GetIamPoliciesArgs args, InvokeOptions options)
public static Output<GetIamPoliciesResult> getIamPolicies(GetIamPoliciesArgs args, InvokeOptions options)
fn::invoke:
function: dynatrace:index/getIamPolicies:getIamPolicies
arguments:
# arguments dictionaryThe following arguments are supported:
- Accounts List<string>
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - Environments List<string>
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - Global bool
- If
truethe results will contain global policies - Groups List<string>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- Accounts []string
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - Environments []string
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - Global bool
- If
truethe results will contain global policies - Groups []string
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global Boolean
- If
truethe results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts string[]
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments string[]
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global boolean
- If
truethe results will contain global policies - groups string[]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts Sequence[str]
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments Sequence[str]
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global_ bool
- If
truethe results will contain global policies - groups Sequence[str]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global Boolean
- If
truethe results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
getIamPolicies Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
List<Pulumiverse.
Dynatrace. Outputs. Get Iam Policies Policy> - Accounts List<string>
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - Environments List<string>
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - Global bool
- If
truethe results will contain global policies - Groups List<string>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- Id string
- The provider-assigned unique ID for this managed resource.
- Policies
[]Get
Iam Policies Policy - Accounts []string
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - Environments []string
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - Global bool
- If
truethe results will contain global policies - Groups []string
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id String
- The provider-assigned unique ID for this managed resource.
- policies
List<Get
Iam Policies Policy> - accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global Boolean
- If
truethe results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id string
- The provider-assigned unique ID for this managed resource.
- policies
Get
Iam Policies Policy[] - accounts string[]
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments string[]
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global boolean
- If
truethe results will contain global policies - groups string[]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id str
- The provider-assigned unique ID for this managed resource.
- policies
Sequence[Get
Iam Policies Policy] - accounts Sequence[str]
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments Sequence[str]
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global_ bool
- If
truethe results will contain global policies - groups Sequence[str]
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
- id String
- The provider-assigned unique ID for this managed resource.
- policies List<Property Map>
- accounts List<String>
- The results will contain policies defined for the given accountID. If one of the entries contains
*the results will contain policies for all accounts - environments List<String>
- The results will contain policies defined for the given environments. If one of the entries contains
*the results will contain policies for all environments - global Boolean
- If
truethe results will contain global policies - groups List<String>
- The results will only contain policies that are bound to the specified groups. Omit this attribute if you want to retrieve all policies
Supporting Types
GetIamPoliciesPolicy
- Id
This property is required. string - Name
This property is required. string - The name of the policy
- Uuid
This property is required. string - The UUID of the policy
- Account string
- The account UUID the policy is defined for
- Environment string
- The environment ID the policy is defined for
- Global bool
trueif this is a global policy`
- Id
This property is required. string - Name
This property is required. string - The name of the policy
- Uuid
This property is required. string - The UUID of the policy
- Account string
- The account UUID the policy is defined for
- Environment string
- The environment ID the policy is defined for
- Global bool
trueif this is a global policy`
- id
This property is required. String - name
This property is required. String - The name of the policy
- uuid
This property is required. String - The UUID of the policy
- account String
- The account UUID the policy is defined for
- environment String
- The environment ID the policy is defined for
- global Boolean
trueif this is a global policy`
- id
This property is required. string - name
This property is required. string - The name of the policy
- uuid
This property is required. string - The UUID of the policy
- account string
- The account UUID the policy is defined for
- environment string
- The environment ID the policy is defined for
- global boolean
trueif this is a global policy`
- id
This property is required. str - name
This property is required. str - The name of the policy
- uuid
This property is required. str - The UUID of the policy
- account str
- The account UUID the policy is defined for
- environment str
- The environment ID the policy is defined for
- global_ bool
trueif this is a global policy`
- id
This property is required. String - name
This property is required. String - The name of the policy
- uuid
This property is required. String - The UUID of the policy
- account String
- The account UUID the policy is defined for
- environment String
- The environment ID the policy is defined for
- global Boolean
trueif this is a global policy`
Package Details
- Repository
- dynatrace pulumiverse/pulumi-dynatrace
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
dynatraceTerraform Provider.