Support for ACL grants in acl policy
theexiile1305 opened this issue · 0 comments
theexiile1305 commented
Is your feature request related to a problem? Please describe.
It's apparently not possible to create acl grants aka the object grants object in the acl policy.
Describe the solution you'd like
A way to create the grants obejct in the tailscale_acl ressource.
Additional context
In the following example, terraform validate and terrraform plan return the error json: unknown field "grants". (This error may be caused by a new ACL function that is not yet supported by this terraform provider. If you are using a valid ACL field, please raise an issue (https://github.com/tailscale/terraform-provider-tailscale/issues/new/choose)
resource "tailscale_acl" "acl" {
acl = jsonencode({
grants : [{
"src" : ["group:my-team"],
"dst" : ["tag:k8s-operator"],
"app" : {
"tailscale.com/cap/kubernetes" : [{
"impersonate" : {
"groups" : ["system:fancy-users"],
},
}],
},
}
]
})