Related to: The Spacelift Terraform provider
Request: Could stacks in child spaces be allowed to read and reference available roles via data source, for use with spacelift_role_attachment?
Issue: The administrative flag is being deprecated in favor of role attachments. However, there is no way for non-root stacks to programmatically look up and reference available roles to use with the spacelift_role_attachment.
Workaround: Can use the UI to look up the ID for existing roles and hard-code it into spacelift_role_attachment resource.
Example steps:
Create a new child space
Create a new Terraform stack in the child space via the UI, and grant it the Space Admin role
Use the Terraform stack to create another new stack, which should be assigned an existing role (e.g., the default Space Writer role, or a custom role)
The programmatic approach would be to use a data source to reference the role, most likely using the known human-friendly slug ( e.g., space-writer ).
However, stacks in a child space are currently not allowed to see that info, so the alternative is a manual step and use the UI to lookup the role ID and add it directly to the code.
(Also: appreciate yβall, thank you!)
Please authenticate to join the conversation.
π In Review
π Feedback
1 day ago
Get notified by email when there are changes.
π In Review
π Feedback
1 day ago
Get notified by email when there are changes.