organizations

package
v0.18.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 5, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Folder 

type Folder struct {
	// contains filtered or unexported fields
}

Allows management of a Google Cloud Platform folder. For more information see [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-folders) and [API](https://cloud.google.com/resource-manager/reference/rest/v2/folders).

A folder can contain projects, other folders, or a combination of both. You can use folders to group projects under an organization in a hierarchy. For example, your organization might contain multiple departments, each with its own set of Cloud Platform resources. Folders allows you to group these resources on a per-department basis. Folders are used to group resources that share common IAM policies.

Folders created live inside an Organization. See the [Organization documentation](https://cloud.google.com/resource-manager/docs/quickstarts) for more details.

The service account used to run Terraform when creating a `google_folder` resource must have `roles/resourcemanager.folderCreator`. See the [Access Control for Folders Using IAM](https://cloud.google.com/resource-manager/docs/access-control-folders) doc for more information.

func GetFolder 

func GetFolder(ctx *pulumi.Context,
	name string, id pulumi.ID, state *FolderState, opts ...pulumi.ResourceOpt) (*Folder, error)

GetFolder gets an existing Folder resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFolder 

func NewFolder(ctx *pulumi.Context,
	name string, args *FolderArgs, opts ...pulumi.ResourceOpt) (*Folder, error)

NewFolder registers a new resource with the given unique name, arguments, and options.

func (*Folder) CreateTime 

func (r *Folder) CreateTime() *pulumi.StringOutput

Timestamp when the Folder was created. Assigned by the server. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".

func (*Folder) DisplayName 

func (r *Folder) DisplayName() *pulumi.StringOutput

The folder’s display name. A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.

func (*Folder) ID 

func (r *Folder) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Folder) LifecycleState 

func (r *Folder) LifecycleState() *pulumi.StringOutput

The lifecycle state of the folder such as `ACTIVE` or `DELETE_REQUESTED`.

func (*Folder) Name 

func (r *Folder) Name() *pulumi.StringOutput

The resource name of the Folder. Its format is folders/{folder_id}.

func (*Folder) Parent 

func (r *Folder) Parent() *pulumi.StringOutput

The resource name of the parent Folder or Organization. Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.

func (*Folder) URN 

func (r *Folder) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type FolderArgs 

type FolderArgs struct {
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName interface{}
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent interface{}
}

The set of arguments for constructing a Folder resource.

type FolderState 

type FolderState struct {
	// Timestamp when the Folder was created. Assigned by the server.
	// A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime interface{}
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName interface{}
	// The lifecycle state of the folder such as `ACTIVE` or `DELETE_REQUESTED`.
	LifecycleState interface{}
	// The resource name of the Folder. Its format is folders/{folder_id}.
	Name interface{}
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent interface{}
}

Input properties used for looking up and filtering Folder resources.

type GetActiveFolderArgs 

type GetActiveFolderArgs struct {
	// The folder's display name.
	DisplayName interface{}
	// The resource name of the parent Folder or Organization.
	Parent interface{}
}

A collection of arguments for invoking getActiveFolder.

type GetActiveFolderResult 

type GetActiveFolderResult struct {
	// The resource name of the Folder. This uniquely identifies the folder.
	Name interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getActiveFolder.

func LookupActiveFolder 

func LookupActiveFolder(ctx *pulumi.Context, args *GetActiveFolderArgs) (*GetActiveFolderResult, error)

Get an active folder within GCP by `display_name` and `parent`.

type GetBillingAccountArgs 

type GetBillingAccountArgs struct {
	// The name of the billing account in the form `{billing_account_id}` or `billingAccounts/{billing_account_id}`.
	BillingAccount interface{}
	// The display name of the billing account.
	DisplayName interface{}
	// `true` if the billing account is open, `false` if the billing account is closed.
	Open interface{}
}

A collection of arguments for invoking getBillingAccount.

type GetBillingAccountResult 

type GetBillingAccountResult struct {
	DisplayName interface{}
	// The resource name of the billing account in the form `billingAccounts/{billing_account_id}`.
	Name interface{}
	Open interface{}
	// The IDs of any projects associated with the billing account.
	ProjectIds interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getBillingAccount.

func LookupBillingAccount 

func LookupBillingAccount(ctx *pulumi.Context, args *GetBillingAccountArgs) (*GetBillingAccountResult, error)

Use this data source to get information about a Google Billing Account.

type GetClientConfigResult 

type GetClientConfigResult struct {
	// The OAuth2 access token used by the client to authenticate against the Google Cloud API.
	AccessToken interface{}
	// The ID of the project to apply any resources to.
	Project interface{}
	// The region to operate under.
	Region interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getClientConfig.

func LookupClientConfig 

func LookupClientConfig(ctx *pulumi.Context) (*GetClientConfigResult, error)

Use this data source to access the configuration of the Google Cloud provider.

type GetClientOpenIdUserInfoResult added in v0.18.0 

type GetClientOpenIdUserInfoResult struct {
	// The email of the account used by the provider to authenticate with GCP.
	Email interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getClientOpenIdUserInfo.

func LookupClientOpenIdUserInfo added in v0.18.0 

func LookupClientOpenIdUserInfo(ctx *pulumi.Context) (*GetClientOpenIdUserInfoResult, error)

Get OpenID userinfo about the credentials used with the Google provider, specifically the email.

When the `https://www.googleapis.com/auth/userinfo.email` scope is enabled in your provider block, this datasource enables you to export the email of the account you've authenticated the provider with; this can be used alongside `data.google_client_config`'s `access_token` to perform OpenID Connect authentication with GKE and configure an RBAC role for the email used.

> This resource will only work as expected if the provider is configured to use the `https://www.googleapis.com/auth/userinfo.email` scope! You will receive an error otherwise.

type GetFolderArgs added in v0.15.0 

type GetFolderArgs struct {
	// The name of the Folder in the form `{folder_id}` or `folders/{folder_id}`.
	Folder interface{}
	// `true` to find the organization that the folder belongs, `false` to avoid the lookup. It searches up the tree. (defaults to `false`)
	LookupOrganization interface{}
}

A collection of arguments for invoking getFolder.

type GetFolderResult added in v0.15.0 

type GetFolderResult struct {
	// Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime interface{}
	// The folder's display name.
	DisplayName interface{}
	// The Folder's current lifecycle state.
	LifecycleState interface{}
	// The resource name of the Folder in the form `folders/{folder_id}`.
	Name interface{}
	// If `lookup_organization` is enable, the resource name of the Organization that the folder belongs.
	Organization interface{}
	// The resource name of the parent Folder or Organization.
	Parent interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getFolder.

func LookupFolder added in v0.15.0 

func LookupFolder(ctx *pulumi.Context, args *GetFolderArgs) (*GetFolderResult, error)

Use this data source to get information about a Google Cloud Folder.

type GetIAMPolicyArgs 

type GetIAMPolicyArgs struct {
	// A nested configuration block that defines logging additional configuration for your project.
	AuditConfigs interface{}
	// A nested configuration block (described below)
	// defining a binding to be included in the policy document. Multiple
	// `binding` arguments are supported.
	Bindings interface{}
}

A collection of arguments for invoking getIAMPolicy.

type GetIAMPolicyResult 

type GetIAMPolicyResult struct {
	// The above bindings serialized in a format suitable for
	// referencing from a resource that supports IAM.
	PolicyData interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getIAMPolicy.

func LookupIAMPolicy 

func LookupIAMPolicy(ctx *pulumi.Context, args *GetIAMPolicyArgs) (*GetIAMPolicyResult, error)

Generates an IAM policy document that may be referenced by and applied to other Google Cloud Platform resources, such as the `google_project` resource.

This data source is used to define IAM policies to apply to other resources. Currently, defining a policy through a datasource and referencing that policy from another resource is the only way to apply an IAM policy to a resource.

**Note:** Several restrictions apply when setting IAM policies through this API. See the [setIamPolicy docs](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy) for a list of these restrictions.

type GetOrganizationArgs 

type GetOrganizationArgs struct {
	// The domain name of the Organization.
	Domain interface{}
	// The name of the Organization in the form `{organization_id}` or `organizations/{organization_id}`.
	Organization interface{}
}

A collection of arguments for invoking getOrganization.

type GetOrganizationResult 

type GetOrganizationResult struct {
	// Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime interface{}
	// The Google for Work customer ID of the Organization.
	DirectoryCustomerId interface{}
	Domain              interface{}
	// The Organization's current lifecycle state.
	LifecycleState interface{}
	// The resource name of the Organization in the form `organizations/{organization_id}`.
	Name interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getOrganization.

func LookupOrganization 

func LookupOrganization(ctx *pulumi.Context, args *GetOrganizationArgs) (*GetOrganizationResult, error)

Use this data source to get information about a Google Cloud Organization.

type GetProjectArgs 

type GetProjectArgs struct {
	// The project ID. If it is not provided, the provider project is used.
	ProjectId interface{}
}

A collection of arguments for invoking getProject.

type GetProjectResult 

type GetProjectResult struct {
	AppEngines        interface{}
	AutoCreateNetwork interface{}
	BillingAccount    interface{}
	FolderId          interface{}
	Labels            interface{}
	Name              interface{}
	Number            interface{}
	OrgId             interface{}
	PolicyData        interface{}
	PolicyEtag        interface{}
	SkipDelete        interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getProject.

func LookupProject 

func LookupProject(ctx *pulumi.Context, args *GetProjectArgs) (*GetProjectResult, error)

Use this data source to get project details. For more information see [API](https://cloud.google.com/resource-manager/reference/rest/v1/projects#Project)

type GetProjectServicesArgs added in v0.16.0 

type GetProjectServicesArgs struct {
	// The project ID.
	Project interface{}
}

A collection of arguments for invoking getProjectServices.

type GetProjectServicesResult added in v0.16.0 

type GetProjectServicesResult struct {
	DisableOnDestroy interface{}
	Services         interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getProjectServices.

func LookupProjectServices added in v0.16.0 

func LookupProjectServices(ctx *pulumi.Context, args *GetProjectServicesArgs) (*GetProjectServicesResult, error)

Use this data source to get details on the enabled project services.

For a list of services available, visit the [API library page](https://console.cloud.google.com/apis/library) or run `gcloud services list`.

type IAMBinding 

type IAMBinding struct {
	// contains filtered or unexported fields
}

Allows creation and management of a single binding within IAM policy for an existing Google Cloud Platform Organization.

> **Note:** This resource __must not__ be used in conjunction with 

`google_organization_iam_member` for the __same role__ or they will fight over
what your policy should be.

> **Note:** On create, this resource will overwrite members of any existing roles. 

Use `terraform import` and inspect the `terraform plan` output to ensure
your existing members are preserved.

func GetIAMBinding 

func GetIAMBinding(ctx *pulumi.Context,
	name string, id pulumi.ID, state *IAMBindingState, opts ...pulumi.ResourceOpt) (*IAMBinding, error)

GetIAMBinding gets an existing IAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMBinding 

func NewIAMBinding(ctx *pulumi.Context,
	name string, args *IAMBindingArgs, opts ...pulumi.ResourceOpt) (*IAMBinding, error)

NewIAMBinding registers a new resource with the given unique name, arguments, and options.

func (*IAMBinding) Etag 

func (r *IAMBinding) Etag() *pulumi.StringOutput

(Computed) The etag of the organization's IAM policy.

func (*IAMBinding) ID 

func (r *IAMBinding) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*IAMBinding) Members 

func (r *IAMBinding) Members() *pulumi.ArrayOutput

A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding

func (*IAMBinding) OrgId 

func (r *IAMBinding) OrgId() *pulumi.StringOutput

The numeric ID of the organization in which you want to create a custom role.

func (*IAMBinding) Role 

func (r *IAMBinding) Role() *pulumi.StringOutput

The role that should be applied. Only one `google_organization_iam_binding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (*IAMBinding) URN 

func (r *IAMBinding) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type IAMBindingArgs 

type IAMBindingArgs struct {
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members interface{}
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The role that should be applied. Only one
	// `google_organization_iam_binding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

The set of arguments for constructing a IAMBinding resource.

type IAMBindingState 

type IAMBindingState struct {
	// (Computed) The etag of the organization's IAM policy.
	Etag interface{}
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members interface{}
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The role that should be applied. Only one
	// `google_organization_iam_binding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

Input properties used for looking up and filtering IAMBinding resources.

type IAMCustomRole 

type IAMCustomRole struct {
	// contains filtered or unexported fields
}

Allows management of a customized Cloud IAM organization role. For more information see [the official documentation](https://cloud.google.com/iam/docs/understanding-custom-roles) and [API](https://cloud.google.com/iam/reference/rest/v1/organizations.roles).

> **Warning:** Note that custom roles in GCP have the concept of a soft-delete. There are two issues that may arise 

from this and how roles are propagated. 1) creating a role may involve undeleting and then updating a role with the
same name, possibly causing confusing behavior between undelete and update. 2) A deleted role is permanently deleted
after 7 days, but it can take up to 30 more days (i.e. between 7 and 37 days after deletion) before the role name is
made available again. This means a deleted role that has been deleted for more than 7 days cannot be changed at all
by Terraform, and new roles cannot share that name.

func GetIAMCustomRole 

func GetIAMCustomRole(ctx *pulumi.Context,
	name string, id pulumi.ID, state *IAMCustomRoleState, opts ...pulumi.ResourceOpt) (*IAMCustomRole, error)

GetIAMCustomRole gets an existing IAMCustomRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMCustomRole 

func NewIAMCustomRole(ctx *pulumi.Context,
	name string, args *IAMCustomRoleArgs, opts ...pulumi.ResourceOpt) (*IAMCustomRole, error)

NewIAMCustomRole registers a new resource with the given unique name, arguments, and options.

func (*IAMCustomRole) Deleted 

func (r *IAMCustomRole) Deleted() *pulumi.BoolOutput

(Optional) The current deleted state of the role.

func (*IAMCustomRole) Description 

func (r *IAMCustomRole) Description() *pulumi.StringOutput

A human-readable description for the role.

func (*IAMCustomRole) ID 

func (r *IAMCustomRole) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*IAMCustomRole) OrgId 

func (r *IAMCustomRole) OrgId() *pulumi.StringOutput

The numeric ID of the organization in which you want to create a custom role.

func (*IAMCustomRole) Permissions 

func (r *IAMCustomRole) Permissions() *pulumi.ArrayOutput

The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.

func (*IAMCustomRole) RoleId 

func (r *IAMCustomRole) RoleId() *pulumi.StringOutput

The role id to use for this role.

func (*IAMCustomRole) Stage 

func (r *IAMCustomRole) Stage() *pulumi.StringOutput

The current launch stage of the role. Defaults to `GA`. List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).

func (*IAMCustomRole) Title 

func (r *IAMCustomRole) Title() *pulumi.StringOutput

A human-readable title for the role.

func (*IAMCustomRole) URN 

func (r *IAMCustomRole) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type IAMCustomRoleArgs 

type IAMCustomRoleArgs struct {
	// A human-readable description for the role.
	Description interface{}
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions interface{}
	// The role id to use for this role.
	RoleId interface{}
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage interface{}
	// A human-readable title for the role.
	Title interface{}
}

The set of arguments for constructing a IAMCustomRole resource.

type IAMCustomRoleState 

type IAMCustomRoleState struct {
	// (Optional) The current deleted state of the role.
	Deleted interface{}
	// A human-readable description for the role.
	Description interface{}
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions interface{}
	// The role id to use for this role.
	RoleId interface{}
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage interface{}
	// A human-readable title for the role.
	Title interface{}
}

Input properties used for looking up and filtering IAMCustomRole resources.

type IAMMember 

type IAMMember struct {
	// contains filtered or unexported fields
}

Allows creation and management of a single member for a single binding within the IAM policy for an existing Google Cloud Platform Organization.

> **Note:** This resource __must not__ be used in conjunction with 

`google_organization_iam_binding` for the __same role__ or they will fight over
what your policy should be.

func GetIAMMember 

func GetIAMMember(ctx *pulumi.Context,
	name string, id pulumi.ID, state *IAMMemberState, opts ...pulumi.ResourceOpt) (*IAMMember, error)

GetIAMMember gets an existing IAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMMember 

func NewIAMMember(ctx *pulumi.Context,
	name string, args *IAMMemberArgs, opts ...pulumi.ResourceOpt) (*IAMMember, error)

NewIAMMember registers a new resource with the given unique name, arguments, and options.

func (*IAMMember) Etag 

func (r *IAMMember) Etag() *pulumi.StringOutput

(Computed) The etag of the organization's IAM policy.

func (*IAMMember) ID 

func (r *IAMMember) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*IAMMember) Member 

func (r *IAMMember) Member() *pulumi.StringOutput

The user that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding

func (*IAMMember) OrgId 

func (r *IAMMember) OrgId() *pulumi.StringOutput

The numeric ID of the organization in which you want to create a custom role.

func (*IAMMember) Role 

func (r *IAMMember) Role() *pulumi.StringOutput

The role that should be applied. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (*IAMMember) URN 

func (r *IAMMember) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type IAMMemberArgs 

type IAMMemberArgs struct {
	// The user that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Member interface{}
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The role that should be applied. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

The set of arguments for constructing a IAMMember resource.

type IAMMemberState 

type IAMMemberState struct {
	// (Computed) The etag of the organization's IAM policy.
	Etag interface{}
	// The user that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Member interface{}
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The role that should be applied. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role interface{}
}

Input properties used for looking up and filtering IAMMember resources.

type IAMPolicy 

type IAMPolicy struct {
	// contains filtered or unexported fields
}

Allows management of the entire IAM policy for an existing Google Cloud Platform Organization.

> **Warning:** New organizations have several default policies which will, 

without extreme caution, be **overwritten** by use of this resource.
The safest alternative is to use multiple `google_organization_iam_binding`
resources.  It is easy to use this resource to remove your own access to
an organization, which will require a call to Google Support to have
fixed, and can take multiple days to resolve.  If you do use this resource,
the best way to be sure that you are not making dangerous changes is to start
by importing your existing policy, and examining the diff very closely.

> **Note:** This resource __must not__ be used in conjunction with 

`google_organization_iam_member` or `google_organization_iam_binding`
or they will fight over what your policy should be.

func GetIAMPolicy 

func GetIAMPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *IAMPolicyState, opts ...pulumi.ResourceOpt) (*IAMPolicy, error)

GetIAMPolicy gets an existing IAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMPolicy 

func NewIAMPolicy(ctx *pulumi.Context,
	name string, args *IAMPolicyArgs, opts ...pulumi.ResourceOpt) (*IAMPolicy, error)

NewIAMPolicy registers a new resource with the given unique name, arguments, and options.

func (*IAMPolicy) Etag 

func (r *IAMPolicy) Etag() *pulumi.StringOutput

func (*IAMPolicy) ID 

func (r *IAMPolicy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*IAMPolicy) OrgId 

func (r *IAMPolicy) OrgId() *pulumi.StringOutput

The numeric ID of the organization in which you want to create a custom role.

func (*IAMPolicy) PolicyData 

func (r *IAMPolicy) PolicyData() *pulumi.StringOutput

The `google_iam_policy` data source that represents the IAM policy that will be applied to the organization. This policy overrides any existing policy applied to the organization.

func (*IAMPolicy) URN 

func (r *IAMPolicy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type IAMPolicyArgs 

type IAMPolicyArgs struct {
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The `google_iam_policy` data source that represents
	// the IAM policy that will be applied to the organization. This policy overrides any existing
	// policy applied to the organization.
	PolicyData interface{}
}

The set of arguments for constructing a IAMPolicy resource.

type IAMPolicyState 

type IAMPolicyState struct {
	Etag interface{}
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId interface{}
	// The `google_iam_policy` data source that represents
	// the IAM policy that will be applied to the organization. This policy overrides any existing
	// policy applied to the organization.
	PolicyData interface{}
}

Input properties used for looking up and filtering IAMPolicy resources.

type Policy 

type Policy struct {
	// contains filtered or unexported fields
}

Allows management of Organization policies for a Google Organization. For more information see [the official documentation](https://cloud.google.com/resource-manager/docs/organization-policy/overview) and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/setOrgPolicy).

func GetPolicy 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *PolicyState, opts ...pulumi.ResourceOpt) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOpt) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) BooleanPolicy 

func (r *Policy) BooleanPolicy() *pulumi.Output

A boolean policy is a constraint that is either enforced or not. Structure is documented below.

func (*Policy) Constraint 

func (r *Policy) Constraint() *pulumi.StringOutput

The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).

func (*Policy) Etag 

func (r *Policy) Etag() *pulumi.StringOutput

(Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

func (*Policy) ID 

func (r *Policy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Policy) ListPolicy 

func (r *Policy) ListPolicy() *pulumi.Output

A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.

func (*Policy) OrgId 

func (r *Policy) OrgId() *pulumi.StringOutput

The numeric ID of the organization to set the policy for.

func (*Policy) RestorePolicy added in v0.15.0 

func (r *Policy) RestorePolicy() *pulumi.Output

A restore policy is a constraint to restore the default policy. Structure is documented below.

func (*Policy) URN 

func (r *Policy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*Policy) UpdateTime 

func (r *Policy) UpdateTime() *pulumi.StringOutput

(Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".

func (*Policy) Version 

func (r *Policy) Version() *pulumi.IntOutput

Version of the Policy. Default version is 0.

type PolicyArgs 

type PolicyArgs struct {
	// A boolean policy is a constraint that is either enforced or not. Structure is documented below.
	BooleanPolicy interface{}
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	Constraint interface{}
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy interface{}
	// The numeric ID of the organization to set the policy for.
	OrgId interface{}
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	RestorePolicy interface{}
	// Version of the Policy. Default version is 0.
	Version interface{}
}

The set of arguments for constructing a Policy resource.

type PolicyState 

type PolicyState struct {
	// A boolean policy is a constraint that is either enforced or not. Structure is documented below.
	BooleanPolicy interface{}
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	Constraint interface{}
	// (Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
	Etag interface{}
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy interface{}
	// The numeric ID of the organization to set the policy for.
	OrgId interface{}
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	RestorePolicy interface{}
	// (Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".
	UpdateTime interface{}
	// Version of the Policy. Default version is 0.
	Version interface{}
}

Input properties used for looking up and filtering Policy resources.

type Project 

type Project struct {
	// contains filtered or unexported fields
}

Allows creation and management of a Google Cloud Platform project.

Projects created with this resource must be associated with an Organization. See the [Organization documentation](https://cloud.google.com/resource-manager/docs/quickstarts) for more details.

The service account used to run Terraform when creating a `google_project` resource must have `roles/resourcemanager.projectCreator`. See the [Access Control for Organizations Using IAM](https://cloud.google.com/resource-manager/docs/access-control-org) doc for more information.

Note that prior to 0.8.5, `google_project` functioned like a data source, meaning any project referenced by it had to be created and managed outside Terraform. As of 0.8.5, `google_project` functions like any other Terraform resource, with Terraform creating and managing the project. To replicate the old behavior, either:

> It's important to note that any project resources that were added to your Terraform config prior to 0.8.5 will continue to function as they always have, and will not be managed by Terraform. Only newly added projects are affected.

func GetProject 

func GetProject(ctx *pulumi.Context,
	name string, id pulumi.ID, state *ProjectState, opts ...pulumi.ResourceOpt) (*Project, error)

GetProject gets an existing Project resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewProject 

func NewProject(ctx *pulumi.Context,
	name string, args *ProjectArgs, opts ...pulumi.ResourceOpt) (*Project, error)

NewProject registers a new resource with the given unique name, arguments, and options.

func (*Project) AutoCreateNetwork 

func (r *Project) AutoCreateNetwork() *pulumi.BoolOutput

Create the 'default' network automatically. Default `true`. If set to `false`, the default network will be deleted. Note that, for quota purposes, you will still need to have 1 network slot available to create the project succesfully, even if you set `auto_create_network` to `false`, since the network will exist momentarily.

func (*Project) BillingAccount 

func (r *Project) BillingAccount() *pulumi.StringOutput

The alphanumeric ID of the billing account this project belongs to. The user or service account performing this operation with Terraform must have Billing Account Administrator privileges (`roles/billing.admin`) in the organization. See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/v1/how-tos/access-control) for more details.

func (*Project) FolderId 

func (r *Project) FolderId() *pulumi.StringOutput

The numeric ID of the folder this project should be created under. Only one of `org_id` or `folder_id` may be specified. If the `folder_id` is specified, then the project is created under the specified folder. Changing this forces the project to be migrated to the newly specified folder.

func (*Project) ID 

func (r *Project) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Project) Labels 

func (r *Project) Labels() *pulumi.MapOutput

A set of key/value label pairs to assign to the project.

func (*Project) Name 

func (r *Project) Name() *pulumi.StringOutput

The display name of the project.

func (*Project) Number 

func (r *Project) Number() *pulumi.StringOutput

The numeric identifier of the project.

func (*Project) OrgId 

func (r *Project) OrgId() *pulumi.StringOutput

The numeric ID of the organization this project belongs to. Changing this forces a new project to be created. Only one of `org_id` or `folder_id` may be specified. If the `org_id` is specified then the project is created at the top level. Changing this forces the project to be migrated to the newly specified organization.

func (*Project) ProjectId 

func (r *Project) ProjectId() *pulumi.StringOutput

The project ID. Changing this forces a new project to be created.

func (*Project) SkipDelete 

func (r *Project) SkipDelete() *pulumi.BoolOutput

If true, the Terraform resource can be deleted without deleting the Project via the Google API.

func (*Project) URN 

func (r *Project) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type ProjectArgs 

type ProjectArgs struct {
	// Create the 'default' network automatically.  Default `true`.
	// If set to `false`, the default network will be deleted.  Note that, for quota purposes, you
	// will still need to have 1 network slot available to create the project succesfully, even if
	// you set `auto_create_network` to `false`, since the network will exist momentarily.
	AutoCreateNetwork interface{}
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with Terraform
	// must have Billing Account Administrator privileges (`roles/billing.admin`) in
	// the organization. See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/v1/how-tos/access-control)
	// for more details.
	BillingAccount interface{}
	// The numeric ID of the folder this project should be
	// created under. Only one of `org_id` or `folder_id` may be
	// specified. If the `folder_id` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId interface{}
	// A set of key/value label pairs to assign to the project.
	Labels interface{}
	// The display name of the project.
	Name interface{}
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `org_id` or `folder_id` may be specified. If the `org_id` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId interface{}
	// The project ID. Changing this forces a new project to be created.
	ProjectId interface{}
	// If true, the Terraform resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete interface{}
}

The set of arguments for constructing a Project resource.

type ProjectState 

type ProjectState struct {
	// Create the 'default' network automatically.  Default `true`.
	// If set to `false`, the default network will be deleted.  Note that, for quota purposes, you
	// will still need to have 1 network slot available to create the project succesfully, even if
	// you set `auto_create_network` to `false`, since the network will exist momentarily.
	AutoCreateNetwork interface{}
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with Terraform
	// must have Billing Account Administrator privileges (`roles/billing.admin`) in
	// the organization. See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/v1/how-tos/access-control)
	// for more details.
	BillingAccount interface{}
	// The numeric ID of the folder this project should be
	// created under. Only one of `org_id` or `folder_id` may be
	// specified. If the `folder_id` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId interface{}
	// A set of key/value label pairs to assign to the project.
	Labels interface{}
	// The display name of the project.
	Name interface{}
	// The numeric identifier of the project.
	Number interface{}
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `org_id` or `folder_id` may be specified. If the `org_id` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId interface{}
	// The project ID. Changing this forces a new project to be created.
	ProjectId interface{}
	// If true, the Terraform resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete interface{}
}

Input properties used for looking up and filtering Project resources.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.