How to use Terraform to restrict the editing of a dashboard
Previously when you wanted to restrict editing of dashboards created and managed by Terraform, you would use the
is_read_only attribute to define that editing the dashboard is restricted to the creator or users with the Privileged Access (Admin) permission in your organization. With the introduction of
restricted_roles, you can list specific roles that can edit this dashboard within your organization.
Restricting a dashboard
If you’re already using
is_read_only in your definition, this continues to work while your organizational users see and use the role list. To properly synchronize your Terraform definitions and the experience the Datadog application, complete the following steps:
Update your Datadog Terraform provider to version 3.1.0 or above.
Find the UUID of the roles that you want to restrict by either retrieving the UUID from the Roles APIs or Roles UI, or referring to role ID as defined in Terraform for Terraform managed Roles.
Where you’re using
is_read_only in Dashboard definitions, replace them with
is_read_only is still enabled for my dashboard
This configuration still works. Every Terraform run detects any changes to roles or read only and notify you if
is_read_only is being changed.
Terraform is warning that
is_read_only has been removed
This is because your browser converts the old permission flag to the newer and more advanced permissions scheme. If you update terraform to 3.1.0 or above, the new restricted roles fields is available.
This change is an aesthetic change only, and doesn’t change any functionality or security settings of the dashboard. When you re-apply your Terraform configuration, it replaces the change with the original