From 1fffce0b7b23c0aa15c8a17584c7957d34b8b05e Mon Sep 17 00:00:00 2001 From: Fede Barcelona Date: Fri, 6 Mar 2026 10:19:14 +0100 Subject: [PATCH 1/3] feat(platform): add `sysdig_default_role` data source Add a read-only data source to retrieve the permissions of default (OOTB) roles such as View Only, Standard User, Advanced User, and Team Manager via the `GET /platform/v1/default-roles/{name}` API. --- sysdig/data_source_sysdig_default_role.go | 75 +++++++++++++++++++ .../data_source_sysdig_default_role_test.go | 35 +++++++++ sysdig/internal/client/v2/default_role.go | 43 +++++++++++ sysdig/internal/client/v2/model.go | 6 ++ sysdig/internal/client/v2/sysdig.go | 1 + sysdig/provider.go | 1 + website/docs/d/default_role.md | 35 +++++++++ 7 files changed, 196 insertions(+) create mode 100644 sysdig/data_source_sysdig_default_role.go create mode 100644 sysdig/data_source_sysdig_default_role_test.go create mode 100644 sysdig/internal/client/v2/default_role.go create mode 100644 website/docs/d/default_role.md diff --git a/sysdig/data_source_sysdig_default_role.go b/sysdig/data_source_sysdig_default_role.go new file mode 100644 index 00000000..40715960 --- /dev/null +++ b/sysdig/data_source_sysdig_default_role.go @@ -0,0 +1,75 @@ +package sysdig + +import ( + "context" + "time" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" +) + +func dataSourceSysdigDefaultRole() *schema.Resource { + timeout := 5 * time.Minute + + return &schema.Resource{ + ReadContext: dataSourceSysdigDefaultRoleRead, + + Timeouts: &schema.ResourceTimeout{ + Read: schema.DefaultTimeout(timeout), + }, + + Schema: map[string]*schema.Schema{ + SchemaNameKey: { + Type: schema.TypeString, + Required: true, + }, + SchemaMonitorPermKey: { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + SchemaSecurePermKey: { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + } +} + +func dataSourceSysdigDefaultRoleRead(ctx context.Context, d *schema.ResourceData, m any) diag.Diagnostics { + client, err := m.(SysdigClients).sysdigCommonClientV2() + if err != nil { + return diag.FromErr(err) + } + + name := d.Get(SchemaNameKey).(string) + + defaultRole, err := client.GetDefaultRole(ctx, name) + if err != nil { + return diag.FromErr(err) + } + + d.SetId(name) + + err = d.Set(SchemaNameKey, defaultRole.Name) + if err != nil { + return diag.FromErr(err) + } + + err = d.Set(SchemaMonitorPermKey, defaultRole.MonitorPermissions) + if err != nil { + return diag.FromErr(err) + } + + err = d.Set(SchemaSecurePermKey, defaultRole.SecurePermissions) + if err != nil { + return diag.FromErr(err) + } + + return nil +} diff --git a/sysdig/data_source_sysdig_default_role_test.go b/sysdig/data_source_sysdig_default_role_test.go new file mode 100644 index 00000000..d7f0b3a4 --- /dev/null +++ b/sysdig/data_source_sysdig_default_role_test.go @@ -0,0 +1,35 @@ +//go:build tf_acc_sysdig_monitor || tf_acc_sysdig_secure || tf_acc_onprem_monitor || tf_acc_onprem_secure + +package sysdig_test + +import ( + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + + "github.com/draios/terraform-provider-sysdig/sysdig" +) + +func TestAccDataSourceSysdigDefaultRole(t *testing.T) { + resource.ParallelTest(t, resource.TestCase{ + PreCheck: preCheckAnyEnv(t, SysdigMonitorApiTokenEnv, SysdigSecureApiTokenEnv), + ProviderFactories: map[string]func() (*schema.Provider, error){ + "sysdig": func() (*schema.Provider, error) { + return sysdig.Provider(), nil + }, + }, + Steps: []resource.TestStep{ + { + Config: `data "sysdig_default_role" "advanced" { + name = "Advanced User" +}`, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("data.sysdig_default_role.advanced", "name", "Advanced User"), + resource.TestCheckResourceAttrSet("data.sysdig_default_role.advanced", "monitor_permissions.#"), + resource.TestCheckResourceAttrSet("data.sysdig_default_role.advanced", "secure_permissions.#"), + ), + }, + }, + }) +} diff --git a/sysdig/internal/client/v2/default_role.go b/sysdig/internal/client/v2/default_role.go new file mode 100644 index 00000000..669c54d7 --- /dev/null +++ b/sysdig/internal/client/v2/default_role.go @@ -0,0 +1,43 @@ +package v2 + +import ( + "context" + "errors" + "fmt" + "net/http" + "net/url" +) + +var ErrDefaultRoleNotFound = errors.New("default role not found") + +const defaultRolePath = "%s/platform/v1/default-roles/%s" + +type DefaultRoleInterface interface { + Base + GetDefaultRole(ctx context.Context, name string) (*DefaultRole, error) +} + +func (c *Client) GetDefaultRole(ctx context.Context, name string) (defaultRole *DefaultRole, err error) { + response, err := c.requester.Request(ctx, http.MethodGet, c.getDefaultRoleURL(name), nil) + if err != nil { + return nil, err + } + defer func() { + if dErr := response.Body.Close(); dErr != nil { + err = fmt.Errorf("unable to close response body: %w", dErr) + } + }() + + if response.StatusCode != http.StatusOK { + if response.StatusCode == http.StatusNotFound { + return nil, ErrDefaultRoleNotFound + } + return nil, c.ErrorFromResponse(response) + } + + return Unmarshal[*DefaultRole](response.Body) +} + +func (c *Client) getDefaultRoleURL(name string) string { + return fmt.Sprintf(defaultRolePath, c.config.url, url.PathEscape(name)) +} diff --git a/sysdig/internal/client/v2/model.go b/sysdig/internal/client/v2/model.go index fb796aee..b8f36364 100644 --- a/sysdig/internal/client/v2/model.go +++ b/sysdig/internal/client/v2/model.go @@ -55,6 +55,12 @@ type CustomRole struct { MonitorPermissions []string `json:"monitorPermissions,omitempty"` SecurePermissions []string `json:"securePermissions,omitempty"` } + +type DefaultRole struct { + Name string `json:"name"` + MonitorPermissions []string `json:"monitorPermissions,omitempty"` + SecurePermissions []string `json:"securePermissions,omitempty"` +} type customRoleListWrapper struct { Roles []CustomRole `json:"roles"` } diff --git a/sysdig/internal/client/v2/sysdig.go b/sysdig/internal/client/v2/sysdig.go index 24428f28..58f5c44b 100644 --- a/sysdig/internal/client/v2/sysdig.go +++ b/sysdig/internal/client/v2/sysdig.go @@ -21,6 +21,7 @@ type SysdigCommon interface { CustomRoleInterface CustomRolePermissionInterface + DefaultRoleInterface GroupMappingConfigInterface GroupMappingInterface IPFilteringSettingsInterface diff --git a/sysdig/provider.go b/sysdig/provider.go index 93464333..56c10a07 100644 --- a/sysdig/provider.go +++ b/sysdig/provider.go @@ -200,6 +200,7 @@ func (p *SysdigProvider) Provider() *schema.Provider { "sysdig_agent_access_key": dataSourceSysdigAgentAccessKey(), "sysdig_current_user": dataSourceSysdigCurrentUser(), "sysdig_custom_role": dataSourceSysdigCustomRole(), + "sysdig_default_role": dataSourceSysdigDefaultRole(), "sysdig_fargate_workload_agent": dataSourceSysdigFargateWorkloadAgent(), "sysdig_user": dataSourceSysdigUser(), diff --git a/website/docs/d/default_role.md b/website/docs/d/default_role.md new file mode 100644 index 00000000..28a945e0 --- /dev/null +++ b/website/docs/d/default_role.md @@ -0,0 +1,35 @@ +--- +subcategory: "Sysdig Platform" +layout: "sysdig" +page_title: "Sysdig: sysdig_default_role" +description: |- + Retrieves information about a default (OOTB) role from the name. +--- + +# Data Source: sysdig_default_role + +Retrieves information about a default (out-of-the-box) role from the name. + +Default roles are the built-in roles provided by Sysdig: View Only, Standard User, Advanced User, and Team Manager. + +-> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository. + +## Example Usage + +```terraform +data "sysdig_default_role" "advanced_user" { + name = "Advanced User" +} +``` + +## Argument Reference + +* `name` - (Required) The name of the default role. Valid values are: `View Only`, `Standard User`, `Advanced User`, `Team Manager`. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `monitor_permissions` - The default role's monitor permissions. + +* `secure_permissions` - The default role's secure permissions. From 956672f0bde2ebd34531f08e3d308e28cca39f19 Mon Sep 17 00:00:00 2001 From: Fede Barcelona Date: Fri, 6 Mar 2026 10:22:32 +0100 Subject: [PATCH 2/3] test(platform): check specific permissions in default role test Verify that well-known monitor and secure permissions (alerts.read, dashboards.read, token.view, scanning.read, secure.policy.read, policies.read) are present in the Advanced User default role response. --- sysdig/data_source_sysdig_default_role_test.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/sysdig/data_source_sysdig_default_role_test.go b/sysdig/data_source_sysdig_default_role_test.go index d7f0b3a4..71bed602 100644 --- a/sysdig/data_source_sysdig_default_role_test.go +++ b/sysdig/data_source_sysdig_default_role_test.go @@ -26,8 +26,17 @@ func TestAccDataSourceSysdigDefaultRole(t *testing.T) { }`, Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("data.sysdig_default_role.advanced", "name", "Advanced User"), + // Verify both permission sets are non-empty resource.TestCheckResourceAttrSet("data.sysdig_default_role.advanced", "monitor_permissions.#"), resource.TestCheckResourceAttrSet("data.sysdig_default_role.advanced", "secure_permissions.#"), + // Verify well-known monitor permissions are present + resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "monitor_permissions.*", "alerts.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "monitor_permissions.*", "dashboards.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "monitor_permissions.*", "token.view"), + // Verify well-known secure permissions are present + resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "secure_permissions.*", "scanning.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "secure_permissions.*", "secure.policy.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "secure_permissions.*", "policies.read"), ), }, }, From 3ff1ff68616eb8f03049f276b2f66ae683ceef10 Mon Sep 17 00:00:00 2001 From: Fede Barcelona Date: Fri, 6 Mar 2026 10:44:29 +0100 Subject: [PATCH 3/3] refactor(platform): rename data source to sysdig_builtin_role Rename from sysdig_default_role to sysdig_builtin_role to avoid ambiguity with "default" in Terraform context. The API path (/platform/v1/default-roles) remains unchanged. --- ....go => data_source_sysdig_builtin_role.go} | 14 +++--- ...> data_source_sysdig_builtin_role_test.go} | 22 +++++----- sysdig/internal/client/v2/builtin_role.go | 43 +++++++++++++++++++ sysdig/internal/client/v2/default_role.go | 43 ------------------- sysdig/internal/client/v2/model.go | 2 +- sysdig/internal/client/v2/sysdig.go | 2 +- sysdig/provider.go | 2 +- .../d/{default_role.md => builtin_role.md} | 18 ++++---- 8 files changed, 73 insertions(+), 73 deletions(-) rename sysdig/{data_source_sysdig_default_role.go => data_source_sysdig_builtin_role.go} (74%) rename sysdig/{data_source_sysdig_default_role_test.go => data_source_sysdig_builtin_role_test.go} (66%) create mode 100644 sysdig/internal/client/v2/builtin_role.go delete mode 100644 sysdig/internal/client/v2/default_role.go rename website/docs/d/{default_role.md => builtin_role.md} (50%) diff --git a/sysdig/data_source_sysdig_default_role.go b/sysdig/data_source_sysdig_builtin_role.go similarity index 74% rename from sysdig/data_source_sysdig_default_role.go rename to sysdig/data_source_sysdig_builtin_role.go index 40715960..82a9da30 100644 --- a/sysdig/data_source_sysdig_default_role.go +++ b/sysdig/data_source_sysdig_builtin_role.go @@ -8,11 +8,11 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" ) -func dataSourceSysdigDefaultRole() *schema.Resource { +func dataSourceSysdigBuiltinRole() *schema.Resource { timeout := 5 * time.Minute return &schema.Resource{ - ReadContext: dataSourceSysdigDefaultRoleRead, + ReadContext: dataSourceSysdigBuiltinRoleRead, Timeouts: &schema.ResourceTimeout{ Read: schema.DefaultTimeout(timeout), @@ -41,7 +41,7 @@ func dataSourceSysdigDefaultRole() *schema.Resource { } } -func dataSourceSysdigDefaultRoleRead(ctx context.Context, d *schema.ResourceData, m any) diag.Diagnostics { +func dataSourceSysdigBuiltinRoleRead(ctx context.Context, d *schema.ResourceData, m any) diag.Diagnostics { client, err := m.(SysdigClients).sysdigCommonClientV2() if err != nil { return diag.FromErr(err) @@ -49,24 +49,24 @@ func dataSourceSysdigDefaultRoleRead(ctx context.Context, d *schema.ResourceData name := d.Get(SchemaNameKey).(string) - defaultRole, err := client.GetDefaultRole(ctx, name) + builtinRole, err := client.GetBuiltinRole(ctx, name) if err != nil { return diag.FromErr(err) } d.SetId(name) - err = d.Set(SchemaNameKey, defaultRole.Name) + err = d.Set(SchemaNameKey, builtinRole.Name) if err != nil { return diag.FromErr(err) } - err = d.Set(SchemaMonitorPermKey, defaultRole.MonitorPermissions) + err = d.Set(SchemaMonitorPermKey, builtinRole.MonitorPermissions) if err != nil { return diag.FromErr(err) } - err = d.Set(SchemaSecurePermKey, defaultRole.SecurePermissions) + err = d.Set(SchemaSecurePermKey, builtinRole.SecurePermissions) if err != nil { return diag.FromErr(err) } diff --git a/sysdig/data_source_sysdig_default_role_test.go b/sysdig/data_source_sysdig_builtin_role_test.go similarity index 66% rename from sysdig/data_source_sysdig_default_role_test.go rename to sysdig/data_source_sysdig_builtin_role_test.go index 71bed602..b3480fc5 100644 --- a/sysdig/data_source_sysdig_default_role_test.go +++ b/sysdig/data_source_sysdig_builtin_role_test.go @@ -11,7 +11,7 @@ import ( "github.com/draios/terraform-provider-sysdig/sysdig" ) -func TestAccDataSourceSysdigDefaultRole(t *testing.T) { +func TestAccDataSourceSysdigBuiltinRole(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: preCheckAnyEnv(t, SysdigMonitorApiTokenEnv, SysdigSecureApiTokenEnv), ProviderFactories: map[string]func() (*schema.Provider, error){ @@ -21,22 +21,22 @@ func TestAccDataSourceSysdigDefaultRole(t *testing.T) { }, Steps: []resource.TestStep{ { - Config: `data "sysdig_default_role" "advanced" { + Config: `data "sysdig_builtin_role" "advanced" { name = "Advanced User" }`, Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.sysdig_default_role.advanced", "name", "Advanced User"), + resource.TestCheckResourceAttr("data.sysdig_builtin_role.advanced", "name", "Advanced User"), // Verify both permission sets are non-empty - resource.TestCheckResourceAttrSet("data.sysdig_default_role.advanced", "monitor_permissions.#"), - resource.TestCheckResourceAttrSet("data.sysdig_default_role.advanced", "secure_permissions.#"), + resource.TestCheckResourceAttrSet("data.sysdig_builtin_role.advanced", "monitor_permissions.#"), + resource.TestCheckResourceAttrSet("data.sysdig_builtin_role.advanced", "secure_permissions.#"), // Verify well-known monitor permissions are present - resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "monitor_permissions.*", "alerts.read"), - resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "monitor_permissions.*", "dashboards.read"), - resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "monitor_permissions.*", "token.view"), + resource.TestCheckTypeSetElemAttr("data.sysdig_builtin_role.advanced", "monitor_permissions.*", "alerts.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_builtin_role.advanced", "monitor_permissions.*", "dashboards.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_builtin_role.advanced", "monitor_permissions.*", "token.view"), // Verify well-known secure permissions are present - resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "secure_permissions.*", "scanning.read"), - resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "secure_permissions.*", "secure.policy.read"), - resource.TestCheckTypeSetElemAttr("data.sysdig_default_role.advanced", "secure_permissions.*", "policies.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_builtin_role.advanced", "secure_permissions.*", "scanning.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_builtin_role.advanced", "secure_permissions.*", "secure.policy.read"), + resource.TestCheckTypeSetElemAttr("data.sysdig_builtin_role.advanced", "secure_permissions.*", "policies.read"), ), }, }, diff --git a/sysdig/internal/client/v2/builtin_role.go b/sysdig/internal/client/v2/builtin_role.go new file mode 100644 index 00000000..cfe398d7 --- /dev/null +++ b/sysdig/internal/client/v2/builtin_role.go @@ -0,0 +1,43 @@ +package v2 + +import ( + "context" + "errors" + "fmt" + "net/http" + "net/url" +) + +var ErrBuiltinRoleNotFound = errors.New("builtin role not found") + +const builtinRolePath = "%s/platform/v1/default-roles/%s" + +type BuiltinRoleInterface interface { + Base + GetBuiltinRole(ctx context.Context, name string) (*BuiltinRole, error) +} + +func (c *Client) GetBuiltinRole(ctx context.Context, name string) (builtinRole *BuiltinRole, err error) { + response, err := c.requester.Request(ctx, http.MethodGet, c.getBuiltinRoleURL(name), nil) + if err != nil { + return nil, err + } + defer func() { + if dErr := response.Body.Close(); dErr != nil { + err = fmt.Errorf("unable to close response body: %w", dErr) + } + }() + + if response.StatusCode != http.StatusOK { + if response.StatusCode == http.StatusNotFound { + return nil, ErrBuiltinRoleNotFound + } + return nil, c.ErrorFromResponse(response) + } + + return Unmarshal[*BuiltinRole](response.Body) +} + +func (c *Client) getBuiltinRoleURL(name string) string { + return fmt.Sprintf(builtinRolePath, c.config.url, url.PathEscape(name)) +} diff --git a/sysdig/internal/client/v2/default_role.go b/sysdig/internal/client/v2/default_role.go deleted file mode 100644 index 669c54d7..00000000 --- a/sysdig/internal/client/v2/default_role.go +++ /dev/null @@ -1,43 +0,0 @@ -package v2 - -import ( - "context" - "errors" - "fmt" - "net/http" - "net/url" -) - -var ErrDefaultRoleNotFound = errors.New("default role not found") - -const defaultRolePath = "%s/platform/v1/default-roles/%s" - -type DefaultRoleInterface interface { - Base - GetDefaultRole(ctx context.Context, name string) (*DefaultRole, error) -} - -func (c *Client) GetDefaultRole(ctx context.Context, name string) (defaultRole *DefaultRole, err error) { - response, err := c.requester.Request(ctx, http.MethodGet, c.getDefaultRoleURL(name), nil) - if err != nil { - return nil, err - } - defer func() { - if dErr := response.Body.Close(); dErr != nil { - err = fmt.Errorf("unable to close response body: %w", dErr) - } - }() - - if response.StatusCode != http.StatusOK { - if response.StatusCode == http.StatusNotFound { - return nil, ErrDefaultRoleNotFound - } - return nil, c.ErrorFromResponse(response) - } - - return Unmarshal[*DefaultRole](response.Body) -} - -func (c *Client) getDefaultRoleURL(name string) string { - return fmt.Sprintf(defaultRolePath, c.config.url, url.PathEscape(name)) -} diff --git a/sysdig/internal/client/v2/model.go b/sysdig/internal/client/v2/model.go index b8f36364..399b3794 100644 --- a/sysdig/internal/client/v2/model.go +++ b/sysdig/internal/client/v2/model.go @@ -56,7 +56,7 @@ type CustomRole struct { SecurePermissions []string `json:"securePermissions,omitempty"` } -type DefaultRole struct { +type BuiltinRole struct { Name string `json:"name"` MonitorPermissions []string `json:"monitorPermissions,omitempty"` SecurePermissions []string `json:"securePermissions,omitempty"` diff --git a/sysdig/internal/client/v2/sysdig.go b/sysdig/internal/client/v2/sysdig.go index 58f5c44b..4ca08c6c 100644 --- a/sysdig/internal/client/v2/sysdig.go +++ b/sysdig/internal/client/v2/sysdig.go @@ -21,7 +21,7 @@ type SysdigCommon interface { CustomRoleInterface CustomRolePermissionInterface - DefaultRoleInterface + BuiltinRoleInterface GroupMappingConfigInterface GroupMappingInterface IPFilteringSettingsInterface diff --git a/sysdig/provider.go b/sysdig/provider.go index 56c10a07..df2a83c3 100644 --- a/sysdig/provider.go +++ b/sysdig/provider.go @@ -200,7 +200,7 @@ func (p *SysdigProvider) Provider() *schema.Provider { "sysdig_agent_access_key": dataSourceSysdigAgentAccessKey(), "sysdig_current_user": dataSourceSysdigCurrentUser(), "sysdig_custom_role": dataSourceSysdigCustomRole(), - "sysdig_default_role": dataSourceSysdigDefaultRole(), + "sysdig_builtin_role": dataSourceSysdigBuiltinRole(), "sysdig_fargate_workload_agent": dataSourceSysdigFargateWorkloadAgent(), "sysdig_user": dataSourceSysdigUser(), diff --git a/website/docs/d/default_role.md b/website/docs/d/builtin_role.md similarity index 50% rename from website/docs/d/default_role.md rename to website/docs/d/builtin_role.md index 28a945e0..101a4f99 100644 --- a/website/docs/d/default_role.md +++ b/website/docs/d/builtin_role.md @@ -1,35 +1,35 @@ --- subcategory: "Sysdig Platform" layout: "sysdig" -page_title: "Sysdig: sysdig_default_role" +page_title: "Sysdig: sysdig_builtin_role" description: |- - Retrieves information about a default (OOTB) role from the name. + Retrieves information about a built-in (OOTB) role from the name. --- -# Data Source: sysdig_default_role +# Data Source: sysdig_builtin_role -Retrieves information about a default (out-of-the-box) role from the name. +Retrieves information about a built-in (out-of-the-box) role from the name. -Default roles are the built-in roles provided by Sysdig: View Only, Standard User, Advanced User, and Team Manager. +Built-in roles are the roles provided by Sysdig: View Only, Standard User, Advanced User, and Team Manager. -> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository. ## Example Usage ```terraform -data "sysdig_default_role" "advanced_user" { +data "sysdig_builtin_role" "advanced_user" { name = "Advanced User" } ``` ## Argument Reference -* `name` - (Required) The name of the default role. Valid values are: `View Only`, `Standard User`, `Advanced User`, `Team Manager`. +* `name` - (Required) The name of the built-in role. Valid values are: `View Only`, `Standard User`, `Advanced User`, `Team Manager`. ## Attributes Reference In addition to all arguments above, the following attributes are exported: -* `monitor_permissions` - The default role's monitor permissions. +* `monitor_permissions` - The built-in role's monitor permissions. -* `secure_permissions` - The default role's secure permissions. +* `secure_permissions` - The built-in role's secure permissions.