terraform-provider-datadog
terraform-provider-datadog copied to clipboard
DataDog
Inability to restrict monitor for team
Datadog Terraform Provider Version
3.58.0
Terraform Version
1.5.7
What resources or data sources are affected?
resource "datadog_monitor" "this" {
for_each = var.monitors
name = lookup(each.value, "name")
type = lookup(each.value, "type")
message = lookup(each.value, "message")
escalation_message = lookup(each.value, "escalation_message", null)
restricted_roles = ["xxxx-xxx-xxxx-xxxx"]
query = lookup(each.value, "query")
monitor_thresholds {
warning = lookup(each.value, "warning", null)
critical = lookup(each.value, "critical")
}
With datadog_monitor you can restrict only roles, not teams.
I tried also
resource "datadog_restriction_policy" "this" {
for_each = var.monitors
resource_id = "monitor:${datadog_monitor.this[each.key].id}"
bindings {
principals = ["team:xxxx-xxx-xxxx-xxxx"]
relation = "editor"
}
}
Which endup with:
│ 400 Bad Request: {"errors":["The restriction policy terraform resource is
│ not supported for the 'monitor' resource type."]}
Am I doing something wrong, or is the teams restriction policy currently not supported via terraform?
Terraform Configuration Files
Relevant debug or panic output
No response
Expected Behavior
No response
Actual Behavior
No response
Steps to Reproduce
No response
Important Factoids
No response
References
No response
The restricted_roles is indeed limited to roles.
The future of ACL for Datadog objects is Granular Access Control. (use datadog_restriction_policy resource to interact with Granular Access Control API)
We are actively working to add support for monitor in Terraform.
