restriction_policies
Creates, updates, deletes, gets or lists a restriction_policies resource.
Overview
| Name | restriction_policies |
| Type | Resource |
| Id | datadog.organization.restriction_policies |
Fields
The following fields are returned by SELECT queries:
- get_restriction_policy
| Name | Datatype | Description |
|---|---|---|
id | string | The identifier, always equivalent to the value specified in the resource_id path parameter. (example: dashboard:abc-def-ghi) |
attributes | object | Restriction policy attributes. |
type | string | Restriction policy type. (default: restriction_policy, example: restriction_policy) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_restriction_policy | select | resource_id, region | Retrieves the restriction policy associated with a specified resource. | |
update_restriction_policy | replace | resource_id, region, data__data | allow_self_lockout | Updates the restriction policy associated with a resource. #### Supported resources Restriction policies can be applied to the following resources: - Dashboards: dashboard- Integration Services: integration-service- Integration Webhooks: integration-webhook- Notebooks: notebook- Powerpacks: powerpack- Reference Tables: reference-table- Security Rules: security-rule- Service Level Objectives: slo- Synthetic Global Variables: synthetics-global-variable- Synthetic Tests: synthetics-test- Synthetic Private Locations: synthetics-private-location- Monitors: monitor- Workflows: workflow- App Builder Apps: app-builder-app- Connections: connection- Connection Groups: connection-group- RUM Applications: rum-application- Cross Org Connections: cross-org-connection- Spreadsheets: spreadsheet- On-Call Schedules: on-call-schedule- On-Call Escalation Policies: on-call-escalation-policy- On-Call Team Routing Rules: on-call-team-routing-rules#### Supported relations for resources Resource Type | Supported Relations ----------------------------|-------------------------- Dashboards | viewer, editorIntegration Services | viewer, editorIntegration Webhooks | viewer, editorNotebooks | viewer, editorPowerpacks | viewer, editorSecurity Rules | viewer, editorService Level Objectives | viewer, editorSynthetic Global Variables | viewer, editorSynthetic Tests | viewer, editorSynthetic Private Locations | viewer, editorMonitors | viewer, editorReference Tables | viewer, editorWorkflows | viewer, runner, editorApp Builder Apps | viewer, editorConnections | viewer, resolver, editorConnection Groups | viewer, editorRUM Application | viewer, editorCross Org Connections | viewer, editorSpreadsheets | viewer, editorOn-Call Schedules | viewer, overrider, editorOn-Call Escalation Policies | viewer, editorOn-Call Team Routing Rules | viewer, editor |
delete_restriction_policy | delete | resource_id, region | Deletes the restriction policy associated with a specified resource. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
region | string | (default: datadoghq.com) |
resource_id | string | Identifier, formatted as type:id. Supported types: dashboard, integration-service, integration-webhook, notebook, reference-table, security-rule, slo, workflow, app-builder-app, connection, connection-group, rum-application, cross-org-connection, spreadsheet, on-call-schedule, on-call-escalation-policy, `on-call-team-routing-rules. (example: dashboard:abc-def-ghi) |
allow_self_lockout | boolean | Allows admins (users with the user_access_manage permission) to remove their own access from the resource if set to true. By default, this is set to false, preventing admins from locking themselves out. |
SELECT examples
- get_restriction_policy
Retrieves the restriction policy associated with a specified resource.
SELECT
id,
attributes,
type
FROM datadog.organization.restriction_policies
WHERE resource_id = '{{ resource_id }}' -- required
AND region = '{{ region }}' -- required
;
REPLACE examples
- update_restriction_policy
Updates the restriction policy associated with a resource.
#### Supported resources
Restriction policies can be applied to the following resources:
- Dashboards: dashboard
- Integration Services: integration-service
- Integration Webhooks: integration-webhook
- Notebooks: notebook
- Powerpacks: powerpack
- Reference Tables: reference-table
- Security Rules: security-rule
- Service Level Objectives: slo
- Synthetic Global Variables: synthetics-global-variable
- Synthetic Tests: synthetics-test
- Synthetic Private Locations: synthetics-private-location
- Monitors: monitor
- Workflows: workflow
- App Builder Apps: app-builder-app
- Connections: connection
- Connection Groups: connection-group
- RUM Applications: rum-application
- Cross Org Connections: cross-org-connection
- Spreadsheets: spreadsheet
- On-Call Schedules: on-call-schedule
- On-Call Escalation Policies: on-call-escalation-policy
- On-Call Team Routing Rules: on-call-team-routing-rules
#### Supported relations for resources
Resource Type | Supported Relations
----------------------------|--------------------------
Dashboards | viewer, editor
Integration Services | viewer, editor
Integration Webhooks | viewer, editor
Notebooks | viewer, editor
Powerpacks | viewer, editor
Security Rules | viewer, editor
Service Level Objectives | viewer, editor
Synthetic Global Variables | viewer, editor
Synthetic Tests | viewer, editor
Synthetic Private Locations | viewer, editor
Monitors | viewer, editor
Reference Tables | viewer, editor
Workflows | viewer, runner, editor
App Builder Apps | viewer, editor
Connections | viewer, resolver, editor
Connection Groups | viewer, editor
RUM Application | viewer, editor
Cross Org Connections | viewer, editor
Spreadsheets | viewer, editor
On-Call Schedules | viewer, overrider, editor
On-Call Escalation Policies | viewer, editor
On-Call Team Routing Rules | viewer, editor
REPLACE datadog.organization.restriction_policies
SET
data__data = '{{ data }}'
WHERE
resource_id = '{{ resource_id }}' --required
AND region = '{{ region }}' --required
AND data__data = '{{ data }}' --required
AND allow_self_lockout = {{ allow_self_lockout}}
RETURNING
data;
DELETE examples
- delete_restriction_policy
Deletes the restriction policy associated with a specified resource.
DELETE FROM datadog.organization.restriction_policies
WHERE resource_id = '{{ resource_id }}' --required
AND region = '{{ region }}' --required
;