temporalio · swgillespie · Sep 23, 2024 · jlacefie · Sep 24, 2024 · swgillespie
@@ -59,7 +59,7 @@ resource "temporalcloud_user" "namespace_admin" {
 
 ### Optional
 
-- `namespace_accesses` (Attributes List) The list of namespace accesses. (see [below for nested schema](#nestedatt--namespace_accesses))
+- `namespace_accesses` (Attributes List, Deprecated) The list of namespace accesses. (see [below for nested schema](#nestedatt--namespace_accesses))
 - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
 
 ### Read-Only

@@ -0,0 +1,100 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "temporalcloud_user_namespace_access Resource - terraform-provider-temporalcloud"
+subcategory: ""
+description: |-
+
+---
+
+# temporalcloud_user_namespace_access (Resource)
+
+
+
+## Example Usage
+
+```terraform
+terraform {
+  required_providers {
+    temporalcloud = {
+      source = "temporalio/temporalcloud"
+    }
+  }
+}
+
+provider "temporalcloud" {
+}
+
+resource "temporalcloud_namespace" "terraform" {
+  name               = "terraform-users"
+  regions            = ["aws-us-east-1"]
+  accepted_client_ca = base64encode(file("${path.module}/ca.pem"))
+  retention_days     = 14
+}
+
+resource "temporalcloud_namespace" "second_ns" {
+  name               = "terraform-users-2"
+  regions            = ["aws-us-east-1"]
+  accepted_client_ca = base64encode(file("${path.module}/ca.pem"))
+  retention_days     = 14
+}
+
+resource "temporalcloud_user" "namespace_admin" {
+  email          = "[email protected]"
+  account_access = "developer"
+}
+
+resource "temporalcloud_user" "namespace_write" {
+  email          = "[email protected]"
+  account_access = "developer"
+}
+
+resource "temporalcloud_user" "namespace_read" {
+  email          = "[email protected]"
+  account_access = "developer"
+}
+
+resource "temporalcloud_user_namespace_access" "admin" {
+  user_id      = temporalcloud_user.namespace_admin.id
+  namespace_id = temporalcloud_namespace.terraform.id
+  permission   = "admin"
+}
+
+resource "temporalcloud_user_namespace_access" "write" {
+  user_id      = temporalcloud_user.namespace_write.id
+  namespace_id = temporalcloud_namespace.terraform.id
+  permission   = "write"
+}
+
+resource "temporalcloud_user_namespace_access" "read" {
+  user_id      = temporalcloud_user.namespace_read.id
+  namespace_id = temporalcloud_namespace.terraform.id
+  permission   = "read"
+}
+
+resource "temporalcloud_user_namespace_access" "read_second_ns" {
+  user_id      = temporalcloud_user.namespace_read.id
+  namespace_id = temporalcloud_namespace.second_ns.id
+  permission   = "read"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `namespace_id` (String) The ID of the namespace to which this user should be given the requested role
+- `permission` (String) The permission to grant the user in the namespace
+- `user_id` (String) The ID of the user to which this namespace access should be granted
+
+### Read-Only
+
+- `id` (String) The unique identifier for the user namespace access.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import temporalcloud_user_namespace_access myuserid/terraform.badf00d
+```
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBxjCCAU2gAwIBAgIRAlyZ5KUmunPLeFAupDwGL8AwCgYIKoZIzj0EAwMwEjEQ
+MA4GA1UEChMHdGVzdGluZzAeFw0yNDA4MTMyMzQ2NThaFw0yNTA4MTMyMzQ3NTha
+MBIxEDAOBgNVBAoTB3Rlc3RpbmcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARG+EuL
+uKRsNWs7Rbz6ciaJQB7QINTRLmTgGGE8H/wAs+KjvctjPdDdqFPZrxShRY3PUdk2
+pgQKRugMTe3N52pxBx4Iablz8felfdv4kyLQbdsJzY9XmCYX3D68/9Hxsl2jZzBl
+MA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSYC5/u
+K78bK1M8Fv1M6ELMjF2ZMDAjBgNVHREEHDAaghhjbGllbnQucm9vdC50ZXN0aW5n
+LjBycDUwCgYIKoZIzj0EAwMDZwAwZAIwSycjxxmYTgV5eSJbaGMINr5LQgyKQUHQ
+ryBKSGLKASa/e2ntyhsqRhj77gJ8DmkZAjAIlpDacF+Sq1kpZ5tMV7ZLElcujzj4
+US8pEmNuIiCguEGwi+pb5CWfabETEHApxmo=
+-----END CERTIFICATE-----
@@ -0,0 +1 @@
+terraform import temporalcloud_user_namespace_access myuserid/terraform.badf00d
@@ -0,0 +1,63 @@
+terraform {
+  required_providers {
+    temporalcloud = {
+      source = "temporalio/temporalcloud"
+    }
+  }
+}
+
+provider "temporalcloud" {
+}
+
+resource "temporalcloud_namespace" "terraform" {
+  name               = "terraform-users"
+  regions            = ["aws-us-east-1"]
+  accepted_client_ca = base64encode(file("${path.module}/ca.pem"))
+  retention_days     = 14
+}
+
+resource "temporalcloud_namespace" "second_ns" {
+  name               = "terraform-users-2"
+  regions            = ["aws-us-east-1"]
+  accepted_client_ca = base64encode(file("${path.module}/ca.pem"))
+  retention_days     = 14
+}
+
+resource "temporalcloud_user" "namespace_admin" {
+  email          = "[email protected]"
+  account_access = "developer"
+}
+
+resource "temporalcloud_user" "namespace_write" {
+  email          = "[email protected]"
+  account_access = "developer"
+}
+
+resource "temporalcloud_user" "namespace_read" {
+  email          = "[email protected]"
+  account_access = "developer"
+}
+
+resource "temporalcloud_user_namespace_access" "admin" {
+  user_id      = temporalcloud_user.namespace_admin.id
+  namespace_id = temporalcloud_namespace.terraform.id
+  permission   = "admin"
+}
+
+resource "temporalcloud_user_namespace_access" "write" {
+  user_id      = temporalcloud_user.namespace_write.id
+  namespace_id = temporalcloud_namespace.terraform.id
+  permission   = "write"
+}
+
+resource "temporalcloud_user_namespace_access" "read" {
+  user_id      = temporalcloud_user.namespace_read.id
+  namespace_id = temporalcloud_namespace.terraform.id
+  permission   = "read"
+}
+
+resource "temporalcloud_user_namespace_access" "read_second_ns" {
+  user_id      = temporalcloud_user.namespace_read.id
+  namespace_id = temporalcloud_namespace.second_ns.id
+  permission   = "read"
+}
@@ -138,6 +138,7 @@ func (p *TerraformCloudProvider) Resources(ctx context.Context) []func() resourc
 		NewNamespaceResource,
 		NewNamespaceSearchAttributeResource,
 		NewUserResource,
+		NewUserNamespaceAccessResource,
 	}
 }