Skip to content

Resource: proxmox_virtual_environment_acl

Warning

Deprecated: Use proxmox_acl instead. This resource will be removed in v1.0.

Manages ACLs on the Proxmox cluster.

ACLs are used to control access to resources in the Proxmox cluster. Each ACL consists of a path, a user, group or token, a role, and a flag to allow propagation of permissions.

Example Usage

resource "proxmox_virtual_environment_user" "operations_automation" {
  comment  = "Managed by Terraform"
  password = "a-strong-password"
  user_id  = "operations-automation@pve"
}

resource "proxmox_virtual_environment_role" "operations_monitoring" {
  role_id = "operations-monitoring"

  privileges = [
    "VM.GuestAgent.Audit",
  ]
}

resource "proxmox_virtual_environment_acl" "operations_automation_monitoring" {
  user_id = proxmox_virtual_environment_user.operations_automation.user_id
  role_id = proxmox_virtual_environment_role.operations_monitoring.role_id

  path      = "/vms/1234"
  propagate = true
}

Schema

Required

  • path (String) Access control path
  • role_id (String) The role to apply

Optional

  • group_id (String) The group the ACL should apply to (mutually exclusive with token_id and user_id)
  • propagate (Boolean) Allow to propagate (inherit) permissions.
  • token_id (String) The token the ACL should apply to (mutually exclusive with group_id and user_id)
  • user_id (String) The user the ACL should apply to (mutually exclusive with group_id and token_id)

Read-Only

  • id (String) The unique identifier of this resource.

Import

Import is supported using the following syntax:

#!/usr/bin/env sh
# ACL can be imported using its unique identifier, e.g.: {path}?{group|user@realm|user@realm!token}?{role}
terraform import proxmox_virtual_environment_acl.operations_automation_monitoring /?monitor@pve?operations-monitoring