organizations

package
v3.0.0-beta.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 2, 2020 License: Apache-2.0 Imports: 4 Imported by: 2

Documentation

Overview

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

nolint: lll

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Folder

type Folder struct {
	pulumi.CustomResourceState

	// Timestamp when the Folder was created. Assigned by the server.
	// A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName pulumi.StringOutput `pulumi:"displayName"`
	// The lifecycle state of the folder such as `ACTIVE` or `DELETE_REQUESTED`.
	LifecycleState pulumi.StringOutput `pulumi:"lifecycleState"`
	// The resource name of the Folder. Its format is folders/{folder_id}.
	Name pulumi.StringOutput `pulumi:"name"`
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent pulumi.StringOutput `pulumi:"parent"`
}

Allows management of a Google Cloud Platform folder. For more information see [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-folders) and [API](https://cloud.google.com/resource-manager/reference/rest/v2/folders).

A folder can contain projects, other folders, or a combination of both. You can use folders to group projects under an organization in a hierarchy. For example, your organization might contain multiple departments, each with its own set of Cloud Platform resources. Folders allows you to group these resources on a per-department basis. Folders are used to group resources that share common IAM policies.

Folders created live inside an Organization. See the [Organization documentation](https://cloud.google.com/resource-manager/docs/quickstarts) for more details.

The service account used to run the provider when creating a `organizations.Folder` resource must have `roles/resourcemanager.folderCreator`. See the [Access Control for Folders Using IAM](https://cloud.google.com/resource-manager/docs/access-control-folders) doc for more information.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_folder.html.markdown.

func GetFolder

func GetFolder(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *FolderState, opts ...pulumi.ResourceOption) (*Folder, error)

GetFolder gets an existing Folder resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFolder

func NewFolder(ctx *pulumi.Context,
	name string, args *FolderArgs, opts ...pulumi.ResourceOption) (*Folder, error)

NewFolder registers a new resource with the given unique name, arguments, and options.

type FolderArgs

type FolderArgs struct {
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName pulumi.StringInput
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent pulumi.StringInput
}

The set of arguments for constructing a Folder resource.

func (FolderArgs) ElementType

func (FolderArgs) ElementType() reflect.Type

type FolderState

type FolderState struct {
	// Timestamp when the Folder was created. Assigned by the server.
	// A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime pulumi.StringPtrInput
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName pulumi.StringPtrInput
	// The lifecycle state of the folder such as `ACTIVE` or `DELETE_REQUESTED`.
	LifecycleState pulumi.StringPtrInput
	// The resource name of the Folder. Its format is folders/{folder_id}.
	Name pulumi.StringPtrInput
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent pulumi.StringPtrInput
}

func (FolderState) ElementType

func (FolderState) ElementType() reflect.Type

type GetActiveFolderArgs

type GetActiveFolderArgs struct {
	// The folder's display name.
	DisplayName string `pulumi:"displayName"`
	// The resource name of the parent Folder or Organization.
	Parent string `pulumi:"parent"`
}

A collection of arguments for invoking getActiveFolder.

type GetActiveFolderResult

type GetActiveFolderResult struct {
	DisplayName string `pulumi:"displayName"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The resource name of the Folder. This uniquely identifies the folder.
	Name   string `pulumi:"name"`
	Parent string `pulumi:"parent"`
}

A collection of values returned by getActiveFolder.

func GetActiveFolder

func GetActiveFolder(ctx *pulumi.Context, args *GetActiveFolderArgs, opts ...pulumi.InvokeOption) (*GetActiveFolderResult, error)

Get an active folder within GCP by `displayName` and `parent`.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/d/google_active_folder.html.markdown.

type GetBillingAccountArgs

type GetBillingAccountArgs struct {
	// The name of the billing account in the form `{billing_account_id}` or `billingAccounts/{billing_account_id}`.
	BillingAccount *string `pulumi:"billingAccount"`
	// The display name of the billing account.
	DisplayName *string `pulumi:"displayName"`
	// `true` if the billing account is open, `false` if the billing account is closed.
	Open *bool `pulumi:"open"`
}

A collection of arguments for invoking getBillingAccount.

type GetBillingAccountResult

type GetBillingAccountResult struct {
	BillingAccount *string `pulumi:"billingAccount"`
	DisplayName    string  `pulumi:"displayName"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The resource name of the billing account in the form `billingAccounts/{billing_account_id}`.
	Name string `pulumi:"name"`
	Open bool   `pulumi:"open"`
	// The IDs of any projects associated with the billing account.
	ProjectIds []string `pulumi:"projectIds"`
}

A collection of values returned by getBillingAccount.

func GetBillingAccount

func GetBillingAccount(ctx *pulumi.Context, args *GetBillingAccountArgs, opts ...pulumi.InvokeOption) (*GetBillingAccountResult, error)

Use this data source to get information about a Google Billing Account.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/d/google_billing_account.html.markdown.

type GetClientConfigResult

type GetClientConfigResult struct {
	// The OAuth2 access token used by the client to authenticate against the Google Cloud API.
	AccessToken string `pulumi:"accessToken"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The ID of the project to apply any resources to.
	Project string `pulumi:"project"`
	// The region to operate under.
	Region string `pulumi:"region"`
	// The zone to operate under.
	Zone string `pulumi:"zone"`
}

A collection of values returned by getClientConfig.

func GetClientConfig

func GetClientConfig(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*GetClientConfigResult, error)

Use this data source to access the configuration of the Google Cloud provider.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/d/datasource_client_config.html.markdown.

type GetClientOpenIdUserInfoResult

type GetClientOpenIdUserInfoResult struct {
	// The email of the account used by the provider to authenticate with GCP.
	Email string `pulumi:"email"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
}

A collection of values returned by getClientOpenIdUserInfo.

func GetClientOpenIdUserInfo

func GetClientOpenIdUserInfo(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*GetClientOpenIdUserInfoResult, error)

Get OpenID userinfo about the credentials used with the Google provider, specifically the email.

This datasource enables you to export the email of the account you've authenticated the provider with; this can be used alongside `data.google_client_config`'s `accessToken` to perform OpenID Connect authentication with GKE and configure an RBAC role for the email used.

> This resource will only work as expected if the provider is configured to use the `https://www.googleapis.com/auth/userinfo.email` scope! You will receive an error otherwise.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/d/datasource_google_client_openid_userinfo.html.markdown.

type GetIAMPolicyAuditConfig

type GetIAMPolicyAuditConfig struct {
	// A nested block that defines the operations you'd like to log.
	AuditLogConfigs []GetIAMPolicyAuditConfigAuditLogConfig `pulumi:"auditLogConfigs"`
	// Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service string `pulumi:"service"`
}

type GetIAMPolicyAuditConfigArgs

type GetIAMPolicyAuditConfigArgs struct {
	// A nested block that defines the operations you'd like to log.
	AuditLogConfigs GetIAMPolicyAuditConfigAuditLogConfigArrayInput `pulumi:"auditLogConfigs"`
	// Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service pulumi.StringInput `pulumi:"service"`
}

func (GetIAMPolicyAuditConfigArgs) ElementType

func (GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutput

func (i GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutput() GetIAMPolicyAuditConfigOutput

func (GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutputWithContext

func (i GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigOutput

type GetIAMPolicyAuditConfigArray

type GetIAMPolicyAuditConfigArray []GetIAMPolicyAuditConfigInput

func (GetIAMPolicyAuditConfigArray) ElementType

func (GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutput

func (i GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutput() GetIAMPolicyAuditConfigArrayOutput

func (GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutputWithContext

func (i GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigArrayOutput

type GetIAMPolicyAuditConfigArrayInput

type GetIAMPolicyAuditConfigArrayInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigArrayOutput() GetIAMPolicyAuditConfigArrayOutput
	ToGetIAMPolicyAuditConfigArrayOutputWithContext(context.Context) GetIAMPolicyAuditConfigArrayOutput
}

type GetIAMPolicyAuditConfigArrayOutput

type GetIAMPolicyAuditConfigArrayOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigArrayOutput) ElementType

func (GetIAMPolicyAuditConfigArrayOutput) Index

func (GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutput

func (o GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutput() GetIAMPolicyAuditConfigArrayOutput

func (GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutputWithContext

func (o GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigArrayOutput

type GetIAMPolicyAuditConfigAuditLogConfig

type GetIAMPolicyAuditConfigAuditLogConfig struct {
	// Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.
	LogType string `pulumi:"logType"`
}

type GetIAMPolicyAuditConfigAuditLogConfigArgs

type GetIAMPolicyAuditConfigAuditLogConfigArgs struct {
	// Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.
	LogType pulumi.StringInput `pulumi:"logType"`
}

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ElementType

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutput

func (i GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutput() GetIAMPolicyAuditConfigAuditLogConfigOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext

func (i GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigOutput

type GetIAMPolicyAuditConfigAuditLogConfigArray

type GetIAMPolicyAuditConfigAuditLogConfigArray []GetIAMPolicyAuditConfigAuditLogConfigInput

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ElementType

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (i GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput() GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext

func (i GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

type GetIAMPolicyAuditConfigAuditLogConfigArrayInput

type GetIAMPolicyAuditConfigAuditLogConfigArrayInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput() GetIAMPolicyAuditConfigAuditLogConfigArrayOutput
	ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext(context.Context) GetIAMPolicyAuditConfigAuditLogConfigArrayOutput
}

type GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

type GetIAMPolicyAuditConfigAuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ElementType

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) Index

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (o GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput() GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext

func (o GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

type GetIAMPolicyAuditConfigAuditLogConfigInput

type GetIAMPolicyAuditConfigAuditLogConfigInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigAuditLogConfigOutput() GetIAMPolicyAuditConfigAuditLogConfigOutput
	ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext(context.Context) GetIAMPolicyAuditConfigAuditLogConfigOutput
}

type GetIAMPolicyAuditConfigAuditLogConfigOutput

type GetIAMPolicyAuditConfigAuditLogConfigOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ElementType

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ExemptedMembers

Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) LogType

Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutput

func (o GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutput() GetIAMPolicyAuditConfigAuditLogConfigOutput

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext

func (o GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigOutput

type GetIAMPolicyAuditConfigInput

type GetIAMPolicyAuditConfigInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigOutput() GetIAMPolicyAuditConfigOutput
	ToGetIAMPolicyAuditConfigOutputWithContext(context.Context) GetIAMPolicyAuditConfigOutput
}

type GetIAMPolicyAuditConfigOutput

type GetIAMPolicyAuditConfigOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigOutput) AuditLogConfigs

A nested block that defines the operations you'd like to log.

func (GetIAMPolicyAuditConfigOutput) ElementType

func (GetIAMPolicyAuditConfigOutput) Service

Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutput

func (o GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutput() GetIAMPolicyAuditConfigOutput

func (GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutputWithContext

func (o GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigOutput

type GetIAMPolicyBinding

type GetIAMPolicyBinding struct {
	Condition *GetIAMPolicyBindingCondition `pulumi:"condition"`
	// An array of identities that will be granted the privilege in the `role`. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. It **can't** be used with the `organizations.Project` resource.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. It **can't** be used with the `organizations.Project` resource.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members []string `pulumi:"members"`
	// The role/permission that will be granted to the members.
	// See the [IAM Roles](https://cloud.google.com/compute/docs/access/iam) documentation for a complete list of roles.
	// Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role string `pulumi:"role"`
}

type GetIAMPolicyBindingArgs

type GetIAMPolicyBindingArgs struct {
	Condition GetIAMPolicyBindingConditionPtrInput `pulumi:"condition"`
	// An array of identities that will be granted the privilege in the `role`. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. It **can't** be used with the `organizations.Project` resource.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. It **can't** be used with the `organizations.Project` resource.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// The role/permission that will be granted to the members.
	// See the [IAM Roles](https://cloud.google.com/compute/docs/access/iam) documentation for a complete list of roles.
	// Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput `pulumi:"role"`
}

func (GetIAMPolicyBindingArgs) ElementType

func (GetIAMPolicyBindingArgs) ElementType() reflect.Type

func (GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutput

func (i GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutput() GetIAMPolicyBindingOutput

func (GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutputWithContext

func (i GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutputWithContext(ctx context.Context) GetIAMPolicyBindingOutput

type GetIAMPolicyBindingArray

type GetIAMPolicyBindingArray []GetIAMPolicyBindingInput

func (GetIAMPolicyBindingArray) ElementType

func (GetIAMPolicyBindingArray) ElementType() reflect.Type

func (GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutput

func (i GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutput() GetIAMPolicyBindingArrayOutput

func (GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutputWithContext

func (i GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutputWithContext(ctx context.Context) GetIAMPolicyBindingArrayOutput

type GetIAMPolicyBindingArrayInput

type GetIAMPolicyBindingArrayInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingArrayOutput() GetIAMPolicyBindingArrayOutput
	ToGetIAMPolicyBindingArrayOutputWithContext(context.Context) GetIAMPolicyBindingArrayOutput
}

type GetIAMPolicyBindingArrayOutput

type GetIAMPolicyBindingArrayOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingArrayOutput) ElementType

func (GetIAMPolicyBindingArrayOutput) Index

func (GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutput

func (o GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutput() GetIAMPolicyBindingArrayOutput

func (GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutputWithContext

func (o GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutputWithContext(ctx context.Context) GetIAMPolicyBindingArrayOutput

type GetIAMPolicyBindingCondition

type GetIAMPolicyBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type GetIAMPolicyBindingConditionArgs

type GetIAMPolicyBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (GetIAMPolicyBindingConditionArgs) ElementType

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutput

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutput() GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutputWithContext

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutput

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutputWithContext

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionPtrOutput

type GetIAMPolicyBindingConditionInput

type GetIAMPolicyBindingConditionInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingConditionOutput() GetIAMPolicyBindingConditionOutput
	ToGetIAMPolicyBindingConditionOutputWithContext(context.Context) GetIAMPolicyBindingConditionOutput
}

type GetIAMPolicyBindingConditionOutput

type GetIAMPolicyBindingConditionOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingConditionOutput) Description

func (GetIAMPolicyBindingConditionOutput) ElementType

func (GetIAMPolicyBindingConditionOutput) Expression

func (GetIAMPolicyBindingConditionOutput) Title

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutput

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutput() GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutputWithContext

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutput

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionPtrOutput

type GetIAMPolicyBindingConditionPtrInput

type GetIAMPolicyBindingConditionPtrInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput
	ToGetIAMPolicyBindingConditionPtrOutputWithContext(context.Context) GetIAMPolicyBindingConditionPtrOutput
}

type GetIAMPolicyBindingConditionPtrOutput

type GetIAMPolicyBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingConditionPtrOutput) Description

func (GetIAMPolicyBindingConditionPtrOutput) Elem

func (GetIAMPolicyBindingConditionPtrOutput) ElementType

func (GetIAMPolicyBindingConditionPtrOutput) Expression

func (GetIAMPolicyBindingConditionPtrOutput) Title

func (GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutput

func (o GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext

func (o GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionPtrOutput

type GetIAMPolicyBindingInput

type GetIAMPolicyBindingInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingOutput() GetIAMPolicyBindingOutput
	ToGetIAMPolicyBindingOutputWithContext(context.Context) GetIAMPolicyBindingOutput
}

type GetIAMPolicyBindingOutput

type GetIAMPolicyBindingOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingOutput) Condition

func (GetIAMPolicyBindingOutput) ElementType

func (GetIAMPolicyBindingOutput) ElementType() reflect.Type

func (GetIAMPolicyBindingOutput) Members

An array of identities that will be granted the privilege in the `role`. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. It **can't** be used with the `organizations.Project` resource. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. It **can't** be used with the `organizations.Project` resource. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (GetIAMPolicyBindingOutput) Role

The role/permission that will be granted to the members. See the [IAM Roles](https://cloud.google.com/compute/docs/access/iam) documentation for a complete list of roles. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutput

func (o GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutput() GetIAMPolicyBindingOutput

func (GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutputWithContext

func (o GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutputWithContext(ctx context.Context) GetIAMPolicyBindingOutput

type GetOrganizationArgs

type GetOrganizationArgs struct {
	// The domain name of the Organization.
	Domain *string `pulumi:"domain"`
	// The name of the Organization in the form `{organization_id}` or `organizations/{organization_id}`.
	Organization *string `pulumi:"organization"`
}

A collection of arguments for invoking getOrganization.

type GetOrganizationResult

type GetOrganizationResult struct {
	// Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime string `pulumi:"createTime"`
	// The Google for Work customer ID of the Organization.
	DirectoryCustomerId string `pulumi:"directoryCustomerId"`
	Domain              string `pulumi:"domain"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The Organization's current lifecycle state.
	LifecycleState string `pulumi:"lifecycleState"`
	// The resource name of the Organization in the form `organizations/{organization_id}`.
	Name string `pulumi:"name"`
	// The Organization ID.
	OrgId        string  `pulumi:"orgId"`
	Organization *string `pulumi:"organization"`
}

A collection of values returned by getOrganization.

func GetOrganization

func GetOrganization(ctx *pulumi.Context, args *GetOrganizationArgs, opts ...pulumi.InvokeOption) (*GetOrganizationResult, error)

Use this data source to get information about a Google Cloud Organization.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/d/google_organization.html.markdown.

type IAMBinding

type IAMBinding struct {
	pulumi.CustomResourceState

	Condition IAMBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Allows creation and management of a single binding within IAM policy for an existing Google Cloud Platform Organization.

> **Note:** This resource __must not__ be used in conjunction with

`organizations.IAMMember` for the __same role__ or they will fight over
what your policy should be.

> **Note:** On create, this resource will overwrite members of any existing roles.

Use `pulumi import` and inspect the `output to ensure
your existing members are preserved.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_organization_iam_binding.html.markdown.

func GetIAMBinding

func GetIAMBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMBindingState, opts ...pulumi.ResourceOption) (*IAMBinding, error)

GetIAMBinding gets an existing IAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMBinding

func NewIAMBinding(ctx *pulumi.Context,
	name string, args *IAMBindingArgs, opts ...pulumi.ResourceOption) (*IAMBinding, error)

NewIAMBinding registers a new resource with the given unique name, arguments, and options.

type IAMBindingArgs

type IAMBindingArgs struct {
	Condition IAMBindingConditionPtrInput
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members pulumi.StringArrayInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringInput
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a IAMBinding resource.

func (IAMBindingArgs) ElementType

func (IAMBindingArgs) ElementType() reflect.Type

type IAMBindingCondition

type IAMBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type IAMBindingConditionArgs

type IAMBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (IAMBindingConditionArgs) ElementType

func (IAMBindingConditionArgs) ElementType() reflect.Type

func (IAMBindingConditionArgs) ToIAMBindingConditionOutput

func (i IAMBindingConditionArgs) ToIAMBindingConditionOutput() IAMBindingConditionOutput

func (IAMBindingConditionArgs) ToIAMBindingConditionOutputWithContext

func (i IAMBindingConditionArgs) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput

func (IAMBindingConditionArgs) ToIAMBindingConditionPtrOutput

func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput

func (IAMBindingConditionArgs) ToIAMBindingConditionPtrOutputWithContext

func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput

type IAMBindingConditionInput

type IAMBindingConditionInput interface {
	pulumi.Input

	ToIAMBindingConditionOutput() IAMBindingConditionOutput
	ToIAMBindingConditionOutputWithContext(context.Context) IAMBindingConditionOutput
}

type IAMBindingConditionOutput

type IAMBindingConditionOutput struct{ *pulumi.OutputState }

func (IAMBindingConditionOutput) Description

func (IAMBindingConditionOutput) ElementType

func (IAMBindingConditionOutput) ElementType() reflect.Type

func (IAMBindingConditionOutput) Expression

func (IAMBindingConditionOutput) Title

func (IAMBindingConditionOutput) ToIAMBindingConditionOutput

func (o IAMBindingConditionOutput) ToIAMBindingConditionOutput() IAMBindingConditionOutput

func (IAMBindingConditionOutput) ToIAMBindingConditionOutputWithContext

func (o IAMBindingConditionOutput) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput

func (IAMBindingConditionOutput) ToIAMBindingConditionPtrOutput

func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput

func (IAMBindingConditionOutput) ToIAMBindingConditionPtrOutputWithContext

func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput

type IAMBindingConditionPtrInput

type IAMBindingConditionPtrInput interface {
	pulumi.Input

	ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
	ToIAMBindingConditionPtrOutputWithContext(context.Context) IAMBindingConditionPtrOutput
}

type IAMBindingConditionPtrOutput

type IAMBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (IAMBindingConditionPtrOutput) Description

func (IAMBindingConditionPtrOutput) Elem

func (IAMBindingConditionPtrOutput) ElementType

func (IAMBindingConditionPtrOutput) Expression

func (IAMBindingConditionPtrOutput) Title

func (IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutput

func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput

func (IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutputWithContext

func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput

type IAMBindingState

type IAMBindingState struct {
	Condition IAMBindingConditionPtrInput
	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringPtrInput
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members pulumi.StringArrayInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (IAMBindingState) ElementType

func (IAMBindingState) ElementType() reflect.Type

type IAMCustomRole

type IAMCustomRole struct {
	pulumi.CustomResourceState

	// (Optional) The current deleted state of the role.
	Deleted pulumi.BoolOutput `pulumi:"deleted"`
	// A human-readable description for the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions pulumi.StringArrayOutput `pulumi:"permissions"`
	// The role id to use for this role.
	RoleId pulumi.StringOutput `pulumi:"roleId"`
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage pulumi.StringPtrOutput `pulumi:"stage"`
	// A human-readable title for the role.
	Title pulumi.StringOutput `pulumi:"title"`
}

Allows management of a customized Cloud IAM organization role. For more information see [the official documentation](https://cloud.google.com/iam/docs/understanding-custom-roles) and [API](https://cloud.google.com/iam/reference/rest/v1/organizations.roles).

> **Warning:** Note that custom roles in GCP have the concept of a soft-delete. There are two issues that may arise

from this and how roles are propagated. 1) creating a role may involve undeleting and then updating a role with the
same name, possibly causing confusing behavior between undelete and update. 2) A deleted role is permanently deleted
after 7 days, but it can take up to 30 more days (i.e. between 7 and 37 days after deletion) before the role name is
made available again. This means a deleted role that has been deleted for more than 7 days cannot be changed at all
by the provider, and new roles cannot share that name.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_organization_iam_custom_role.html.markdown.

func GetIAMCustomRole

func GetIAMCustomRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMCustomRoleState, opts ...pulumi.ResourceOption) (*IAMCustomRole, error)

GetIAMCustomRole gets an existing IAMCustomRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMCustomRole

func NewIAMCustomRole(ctx *pulumi.Context,
	name string, args *IAMCustomRoleArgs, opts ...pulumi.ResourceOption) (*IAMCustomRole, error)

NewIAMCustomRole registers a new resource with the given unique name, arguments, and options.

type IAMCustomRoleArgs

type IAMCustomRoleArgs struct {
	// A human-readable description for the role.
	Description pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringInput
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions pulumi.StringArrayInput
	// The role id to use for this role.
	RoleId pulumi.StringInput
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage pulumi.StringPtrInput
	// A human-readable title for the role.
	Title pulumi.StringInput
}

The set of arguments for constructing a IAMCustomRole resource.

func (IAMCustomRoleArgs) ElementType

func (IAMCustomRoleArgs) ElementType() reflect.Type

type IAMCustomRoleState

type IAMCustomRoleState struct {
	// (Optional) The current deleted state of the role.
	Deleted pulumi.BoolPtrInput
	// A human-readable description for the role.
	Description pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringPtrInput
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions pulumi.StringArrayInput
	// The role id to use for this role.
	RoleId pulumi.StringPtrInput
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage pulumi.StringPtrInput
	// A human-readable title for the role.
	Title pulumi.StringPtrInput
}

func (IAMCustomRoleState) ElementType

func (IAMCustomRoleState) ElementType() reflect.Type

type IAMMember

type IAMMember struct {
	pulumi.CustomResourceState

	Condition IAMMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The user that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Member pulumi.StringOutput `pulumi:"member"`
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The role that should be applied. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Allows creation and management of a single member for a single binding within the IAM policy for an existing Google Cloud Platform Organization.

> **Note:** This resource __must not__ be used in conjunction with

`organizations.IAMBinding` for the __same role__ or they will fight over
what your policy should be.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_organization_iam_member.html.markdown.

func GetIAMMember

func GetIAMMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMMemberState, opts ...pulumi.ResourceOption) (*IAMMember, error)

GetIAMMember gets an existing IAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMMember

func NewIAMMember(ctx *pulumi.Context,
	name string, args *IAMMemberArgs, opts ...pulumi.ResourceOption) (*IAMMember, error)

NewIAMMember registers a new resource with the given unique name, arguments, and options.

type IAMMemberArgs

type IAMMemberArgs struct {
	Condition IAMMemberConditionPtrInput
	// The user that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Member pulumi.StringInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringInput
	// The role that should be applied. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a IAMMember resource.

func (IAMMemberArgs) ElementType

func (IAMMemberArgs) ElementType() reflect.Type

type IAMMemberCondition

type IAMMemberCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type IAMMemberConditionArgs

type IAMMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (IAMMemberConditionArgs) ElementType

func (IAMMemberConditionArgs) ElementType() reflect.Type

func (IAMMemberConditionArgs) ToIAMMemberConditionOutput

func (i IAMMemberConditionArgs) ToIAMMemberConditionOutput() IAMMemberConditionOutput

func (IAMMemberConditionArgs) ToIAMMemberConditionOutputWithContext

func (i IAMMemberConditionArgs) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput

func (IAMMemberConditionArgs) ToIAMMemberConditionPtrOutput

func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput

func (IAMMemberConditionArgs) ToIAMMemberConditionPtrOutputWithContext

func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput

type IAMMemberConditionInput

type IAMMemberConditionInput interface {
	pulumi.Input

	ToIAMMemberConditionOutput() IAMMemberConditionOutput
	ToIAMMemberConditionOutputWithContext(context.Context) IAMMemberConditionOutput
}

type IAMMemberConditionOutput

type IAMMemberConditionOutput struct{ *pulumi.OutputState }

func (IAMMemberConditionOutput) Description

func (IAMMemberConditionOutput) ElementType

func (IAMMemberConditionOutput) ElementType() reflect.Type

func (IAMMemberConditionOutput) Expression

func (IAMMemberConditionOutput) Title

func (IAMMemberConditionOutput) ToIAMMemberConditionOutput

func (o IAMMemberConditionOutput) ToIAMMemberConditionOutput() IAMMemberConditionOutput

func (IAMMemberConditionOutput) ToIAMMemberConditionOutputWithContext

func (o IAMMemberConditionOutput) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput

func (IAMMemberConditionOutput) ToIAMMemberConditionPtrOutput

func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput

func (IAMMemberConditionOutput) ToIAMMemberConditionPtrOutputWithContext

func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput

type IAMMemberConditionPtrInput

type IAMMemberConditionPtrInput interface {
	pulumi.Input

	ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
	ToIAMMemberConditionPtrOutputWithContext(context.Context) IAMMemberConditionPtrOutput
}

type IAMMemberConditionPtrOutput

type IAMMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (IAMMemberConditionPtrOutput) Description

func (IAMMemberConditionPtrOutput) Elem

func (IAMMemberConditionPtrOutput) ElementType

func (IAMMemberConditionPtrOutput) Expression

func (IAMMemberConditionPtrOutput) Title

func (IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutput

func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput

func (IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutputWithContext

func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput

type IAMMemberState

type IAMMemberState struct {
	Condition IAMMemberConditionPtrInput
	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringPtrInput
	// The user that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Member pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringPtrInput
	// The role that should be applied. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (IAMMemberState) ElementType

func (IAMMemberState) ElementType() reflect.Type

type IAMPolicy

type IAMPolicy struct {
	pulumi.CustomResourceState

	Etag pulumi.StringOutput `pulumi:"etag"`
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The `organizations.getIAMPolicy` data source that represents
	// the IAM policy that will be applied to the organization. This policy overrides any existing
	// policy applied to the organization.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
}

Allows management of the entire IAM policy for an existing Google Cloud Platform Organization.

!> **Warning:** New organizations have several default policies which will,

without extreme caution, be **overwritten** by use of this resource.
The safest alternative is to use multiple `organizations.IAMBinding`
resources.  It is easy to use this resource to remove your own access to
an organization, which will require a call to Google Support to have
fixed, and can take multiple days to resolve.  If you do use this resource,
the best way to be sure that you are not making dangerous changes is to start
by importing your existing policy, and examining the diff very closely.

> **Note:** This resource __must not__ be used in conjunction with

`organizations.IAMMember` or `organizations.IAMBinding`
or they will fight over what your policy should be.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_organization_iam_policy.html.markdown.

func GetIAMPolicy

func GetIAMPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMPolicyState, opts ...pulumi.ResourceOption) (*IAMPolicy, error)

GetIAMPolicy gets an existing IAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMPolicy

func NewIAMPolicy(ctx *pulumi.Context,
	name string, args *IAMPolicyArgs, opts ...pulumi.ResourceOption) (*IAMPolicy, error)

NewIAMPolicy registers a new resource with the given unique name, arguments, and options.

type IAMPolicyArgs

type IAMPolicyArgs struct {
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringInput
	// The `organizations.getIAMPolicy` data source that represents
	// the IAM policy that will be applied to the organization. This policy overrides any existing
	// policy applied to the organization.
	PolicyData pulumi.StringInput
}

The set of arguments for constructing a IAMPolicy resource.

func (IAMPolicyArgs) ElementType

func (IAMPolicyArgs) ElementType() reflect.Type

type IAMPolicyState

type IAMPolicyState struct {
	Etag pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringPtrInput
	// The `organizations.getIAMPolicy` data source that represents
	// the IAM policy that will be applied to the organization. This policy overrides any existing
	// policy applied to the organization.
	PolicyData pulumi.StringPtrInput
}

func (IAMPolicyState) ElementType

func (IAMPolicyState) ElementType() reflect.Type

type IamAuditConfig

type IamAuditConfig struct {
	pulumi.CustomResourceState

	// The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
	AuditLogConfigs IamAuditConfigAuditLogConfigArrayOutput `pulumi:"auditLogConfigs"`
	Etag            pulumi.StringOutput                     `pulumi:"etag"`
	// The numeric ID of the organization in which you want to manage the audit logging config.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
	Service pulumi.StringOutput `pulumi:"service"`
}

Allows management of audit logging config for a given service for a Google Cloud Platform Organization.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_organization_iam_audit_config.html.markdown.

func GetIamAuditConfig

func GetIamAuditConfig(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IamAuditConfigState, opts ...pulumi.ResourceOption) (*IamAuditConfig, error)

GetIamAuditConfig gets an existing IamAuditConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIamAuditConfig

func NewIamAuditConfig(ctx *pulumi.Context,
	name string, args *IamAuditConfigArgs, opts ...pulumi.ResourceOption) (*IamAuditConfig, error)

NewIamAuditConfig registers a new resource with the given unique name, arguments, and options.

type IamAuditConfigArgs

type IamAuditConfigArgs struct {
	// The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
	AuditLogConfigs IamAuditConfigAuditLogConfigArrayInput
	// The numeric ID of the organization in which you want to manage the audit logging config.
	OrgId pulumi.StringInput
	// Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
	Service pulumi.StringInput
}

The set of arguments for constructing a IamAuditConfig resource.

func (IamAuditConfigArgs) ElementType

func (IamAuditConfigArgs) ElementType() reflect.Type

type IamAuditConfigAuditLogConfig

type IamAuditConfigAuditLogConfig struct {
	// Identities that do not cause logging for this type of permission.
	// Each entry can have one of the following values:
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// Permission type for which logging is to be configured.  Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`.
	LogType string `pulumi:"logType"`
}

type IamAuditConfigAuditLogConfigArgs

type IamAuditConfigAuditLogConfigArgs struct {
	// Identities that do not cause logging for this type of permission.
	// Each entry can have one of the following values:
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// Permission type for which logging is to be configured.  Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`.
	LogType pulumi.StringInput `pulumi:"logType"`
}

func (IamAuditConfigAuditLogConfigArgs) ElementType

func (IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutput

func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput

func (IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutputWithContext

func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput

type IamAuditConfigAuditLogConfigArray

type IamAuditConfigAuditLogConfigArray []IamAuditConfigAuditLogConfigInput

func (IamAuditConfigAuditLogConfigArray) ElementType

func (IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutput

func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput

func (IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutputWithContext

func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput

type IamAuditConfigAuditLogConfigArrayInput

type IamAuditConfigAuditLogConfigArrayInput interface {
	pulumi.Input

	ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput
	ToIamAuditConfigAuditLogConfigArrayOutputWithContext(context.Context) IamAuditConfigAuditLogConfigArrayOutput
}

type IamAuditConfigAuditLogConfigArrayOutput

type IamAuditConfigAuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (IamAuditConfigAuditLogConfigArrayOutput) ElementType

func (IamAuditConfigAuditLogConfigArrayOutput) Index

func (IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutput

func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput

func (IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutputWithContext

func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput

type IamAuditConfigAuditLogConfigInput

type IamAuditConfigAuditLogConfigInput interface {
	pulumi.Input

	ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput
	ToIamAuditConfigAuditLogConfigOutputWithContext(context.Context) IamAuditConfigAuditLogConfigOutput
}

type IamAuditConfigAuditLogConfigOutput

type IamAuditConfigAuditLogConfigOutput struct{ *pulumi.OutputState }

func (IamAuditConfigAuditLogConfigOutput) ElementType

func (IamAuditConfigAuditLogConfigOutput) ExemptedMembers

Identities that do not cause logging for this type of permission. Each entry can have one of the following values: * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (IamAuditConfigAuditLogConfigOutput) LogType

Permission type for which logging is to be configured. Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`.

func (IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutput

func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput

func (IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutputWithContext

func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput

type IamAuditConfigState

type IamAuditConfigState struct {
	// The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
	AuditLogConfigs IamAuditConfigAuditLogConfigArrayInput
	Etag            pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to manage the audit logging config.
	OrgId pulumi.StringPtrInput
	// Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
	Service pulumi.StringPtrInput
}

func (IamAuditConfigState) ElementType

func (IamAuditConfigState) ElementType() reflect.Type

type LookupFolderArgs

type LookupFolderArgs struct {
	// The name of the Folder in the form `{folder_id}` or `folders/{folder_id}`.
	Folder string `pulumi:"folder"`
	// `true` to find the organization that the folder belongs, `false` to avoid the lookup. It searches up the tree. (defaults to `false`)
	LookupOrganization *bool `pulumi:"lookupOrganization"`
}

A collection of arguments for invoking getFolder.

type LookupFolderResult

type LookupFolderResult struct {
	// Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime string `pulumi:"createTime"`
	// The folder's display name.
	DisplayName string `pulumi:"displayName"`
	Folder      string `pulumi:"folder"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The Folder's current lifecycle state.
	LifecycleState     string `pulumi:"lifecycleState"`
	LookupOrganization *bool  `pulumi:"lookupOrganization"`
	// The resource name of the Folder in the form `folders/{folder_id}`.
	Name string `pulumi:"name"`
	// If `lookupOrganization` is enable, the resource name of the Organization that the folder belongs.
	Organization string `pulumi:"organization"`
	// The resource name of the parent Folder or Organization.
	Parent string `pulumi:"parent"`
}

A collection of values returned by getFolder.

func LookupFolder

func LookupFolder(ctx *pulumi.Context, args *LookupFolderArgs, opts ...pulumi.InvokeOption) (*LookupFolderResult, error)

Use this data source to get information about a Google Cloud Folder.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/d/google_folder.html.markdown.

type LookupIAMPolicyArgs

type LookupIAMPolicyArgs struct {
	// A nested configuration block that defines logging additional configuration for your project.
	AuditConfigs []GetIAMPolicyAuditConfig `pulumi:"auditConfigs"`
	// A nested configuration block (described below)
	// defining a binding to be included in the policy document. Multiple
	// `binding` arguments are supported.
	Bindings []GetIAMPolicyBinding `pulumi:"bindings"`
}

A collection of arguments for invoking getIAMPolicy.

type LookupIAMPolicyResult

type LookupIAMPolicyResult struct {
	AuditConfigs []GetIAMPolicyAuditConfig `pulumi:"auditConfigs"`
	Bindings     []GetIAMPolicyBinding     `pulumi:"bindings"`
	// id is the provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The above bindings serialized in a format suitable for
	// referencing from a resource that supports IAM.
	PolicyData string `pulumi:"policyData"`
}

A collection of values returned by getIAMPolicy.

func LookupIAMPolicy

func LookupIAMPolicy(ctx *pulumi.Context, args *LookupIAMPolicyArgs, opts ...pulumi.InvokeOption) (*LookupIAMPolicyResult, error)

Generates an IAM policy document that may be referenced by and applied to other Google Cloud Platform resources, such as the `organizations.Project` resource.

**Note:** Several restrictions apply when setting IAM policies through this API. See the [setIamPolicy docs](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy) for a list of these restrictions.

This data source is used to define IAM policies to apply to other resources. Currently, defining a policy through a datasource and referencing that policy from another resource is the only way to apply an IAM policy to a resource.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/d/google_iam_policy.html.markdown.

type LookupProjectArgs

type LookupProjectArgs struct {
	// The project ID. If it is not provided, the provider project is used.
	ProjectId *string `pulumi:"projectId"`
}

A collection of arguments for invoking getProject.

type LookupProjectResult

type LookupProjectResult struct {
	AutoCreateNetwork bool   `pulumi:"autoCreateNetwork"`
	BillingAccount    string `pulumi:"billingAccount"`
	FolderId          string `pulumi:"folderId"`
	// id is the provider-assigned unique ID for this managed resource.
	Id         string            `pulumi:"id"`
	Labels     map[string]string `pulumi:"labels"`
	Name       string            `pulumi:"name"`
	Number     string            `pulumi:"number"`
	OrgId      string            `pulumi:"orgId"`
	ProjectId  *string           `pulumi:"projectId"`
	SkipDelete bool              `pulumi:"skipDelete"`
}

A collection of values returned by getProject.

type Policy

type Policy struct {
	pulumi.CustomResourceState

	// A boolean policy is a constraint that is either enforced or not. Structure is documented below.
	BooleanPolicy PolicyBooleanPolicyPtrOutput `pulumi:"booleanPolicy"`
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	Constraint pulumi.StringOutput `pulumi:"constraint"`
	// (Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy PolicyListPolicyPtrOutput `pulumi:"listPolicy"`
	// The numeric ID of the organization to set the policy for.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	RestorePolicy PolicyRestorePolicyPtrOutput `pulumi:"restorePolicy"`
	// (Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// Version of the Policy. Default version is 0.
	Version pulumi.IntOutput `pulumi:"version"`
}

Allows management of Organization policies for a Google Organization. For more information see [the official documentation](https://cloud.google.com/resource-manager/docs/organization-policy/overview) and [API](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/setOrgPolicy).

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_organization_policy.html.markdown.

func GetPolicy

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

type PolicyArgs

type PolicyArgs struct {
	// A boolean policy is a constraint that is either enforced or not. Structure is documented below.
	BooleanPolicy PolicyBooleanPolicyPtrInput
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	Constraint pulumi.StringInput
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy PolicyListPolicyPtrInput
	// The numeric ID of the organization to set the policy for.
	OrgId pulumi.StringInput
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	RestorePolicy PolicyRestorePolicyPtrInput
	// Version of the Policy. Default version is 0.
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType

func (PolicyArgs) ElementType() reflect.Type

type PolicyBooleanPolicy

type PolicyBooleanPolicy struct {
	// If true, then the Policy is enforced. If false, then any configuration is acceptable.
	Enforced bool `pulumi:"enforced"`
}

type PolicyBooleanPolicyArgs

type PolicyBooleanPolicyArgs struct {
	// If true, then the Policy is enforced. If false, then any configuration is acceptable.
	Enforced pulumi.BoolInput `pulumi:"enforced"`
}

func (PolicyBooleanPolicyArgs) ElementType

func (PolicyBooleanPolicyArgs) ElementType() reflect.Type

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutput

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutput() PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutputWithContext

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutputWithContext(ctx context.Context) PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutput

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutputWithContext

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) PolicyBooleanPolicyPtrOutput

type PolicyBooleanPolicyInput

type PolicyBooleanPolicyInput interface {
	pulumi.Input

	ToPolicyBooleanPolicyOutput() PolicyBooleanPolicyOutput
	ToPolicyBooleanPolicyOutputWithContext(context.Context) PolicyBooleanPolicyOutput
}

type PolicyBooleanPolicyOutput

type PolicyBooleanPolicyOutput struct{ *pulumi.OutputState }

func (PolicyBooleanPolicyOutput) ElementType

func (PolicyBooleanPolicyOutput) ElementType() reflect.Type

func (PolicyBooleanPolicyOutput) Enforced

If true, then the Policy is enforced. If false, then any configuration is acceptable.

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutput

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutput() PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutputWithContext

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutputWithContext(ctx context.Context) PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutput

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutputWithContext

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) PolicyBooleanPolicyPtrOutput

type PolicyBooleanPolicyPtrInput

type PolicyBooleanPolicyPtrInput interface {
	pulumi.Input

	ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput
	ToPolicyBooleanPolicyPtrOutputWithContext(context.Context) PolicyBooleanPolicyPtrOutput
}

type PolicyBooleanPolicyPtrOutput

type PolicyBooleanPolicyPtrOutput struct{ *pulumi.OutputState }

func (PolicyBooleanPolicyPtrOutput) Elem

func (PolicyBooleanPolicyPtrOutput) ElementType

func (PolicyBooleanPolicyPtrOutput) Enforced

If true, then the Policy is enforced. If false, then any configuration is acceptable.

func (PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutput

func (o PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput

func (PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutputWithContext

func (o PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) PolicyBooleanPolicyPtrOutput

type PolicyListPolicy

type PolicyListPolicy struct {
	Allow *PolicyListPolicyAllow `pulumi:"allow"`
	Deny  *PolicyListPolicyDeny  `pulumi:"deny"`
	// If set to true, the values from the effective Policy of the parent resource
	// are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
	InheritFromParent *bool `pulumi:"inheritFromParent"`
	// The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
	SuggestedValue *string `pulumi:"suggestedValue"`
}

type PolicyListPolicyAllow

type PolicyListPolicyAllow struct {
	// The policy allows or denies all values.
	All *bool `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values []string `pulumi:"values"`
}

type PolicyListPolicyAllowArgs

type PolicyListPolicyAllowArgs struct {
	// The policy allows or denies all values.
	All pulumi.BoolPtrInput `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values pulumi.StringArrayInput `pulumi:"values"`
}

func (PolicyListPolicyAllowArgs) ElementType

func (PolicyListPolicyAllowArgs) ElementType() reflect.Type

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutput

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutput() PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutputWithContext

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutputWithContext(ctx context.Context) PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutput

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutputWithContext

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) PolicyListPolicyAllowPtrOutput

type PolicyListPolicyAllowInput

type PolicyListPolicyAllowInput interface {
	pulumi.Input

	ToPolicyListPolicyAllowOutput() PolicyListPolicyAllowOutput
	ToPolicyListPolicyAllowOutputWithContext(context.Context) PolicyListPolicyAllowOutput
}

type PolicyListPolicyAllowOutput

type PolicyListPolicyAllowOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyAllowOutput) All

The policy allows or denies all values.

func (PolicyListPolicyAllowOutput) ElementType

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutput

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutput() PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutputWithContext

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutputWithContext(ctx context.Context) PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutput

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutputWithContext

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowOutput) Values

The policy can define specific values that are allowed or denied.

type PolicyListPolicyAllowPtrInput

type PolicyListPolicyAllowPtrInput interface {
	pulumi.Input

	ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput
	ToPolicyListPolicyAllowPtrOutputWithContext(context.Context) PolicyListPolicyAllowPtrOutput
}

type PolicyListPolicyAllowPtrOutput

type PolicyListPolicyAllowPtrOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyAllowPtrOutput) All

The policy allows or denies all values.

func (PolicyListPolicyAllowPtrOutput) Elem

func (PolicyListPolicyAllowPtrOutput) ElementType

func (PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutput

func (o PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutputWithContext

func (o PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowPtrOutput) Values

The policy can define specific values that are allowed or denied.

type PolicyListPolicyArgs

type PolicyListPolicyArgs struct {
	Allow PolicyListPolicyAllowPtrInput `pulumi:"allow"`
	Deny  PolicyListPolicyDenyPtrInput  `pulumi:"deny"`
	// If set to true, the values from the effective Policy of the parent resource
	// are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
	InheritFromParent pulumi.BoolPtrInput `pulumi:"inheritFromParent"`
	// The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
	SuggestedValue pulumi.StringPtrInput `pulumi:"suggestedValue"`
}

func (PolicyListPolicyArgs) ElementType

func (PolicyListPolicyArgs) ElementType() reflect.Type

func (PolicyListPolicyArgs) ToPolicyListPolicyOutput

func (i PolicyListPolicyArgs) ToPolicyListPolicyOutput() PolicyListPolicyOutput

func (PolicyListPolicyArgs) ToPolicyListPolicyOutputWithContext

func (i PolicyListPolicyArgs) ToPolicyListPolicyOutputWithContext(ctx context.Context) PolicyListPolicyOutput

func (PolicyListPolicyArgs) ToPolicyListPolicyPtrOutput

func (i PolicyListPolicyArgs) ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput

func (PolicyListPolicyArgs) ToPolicyListPolicyPtrOutputWithContext

func (i PolicyListPolicyArgs) ToPolicyListPolicyPtrOutputWithContext(ctx context.Context) PolicyListPolicyPtrOutput

type PolicyListPolicyDeny

type PolicyListPolicyDeny struct {
	// The policy allows or denies all values.
	All *bool `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values []string `pulumi:"values"`
}

type PolicyListPolicyDenyArgs

type PolicyListPolicyDenyArgs struct {
	// The policy allows or denies all values.
	All pulumi.BoolPtrInput `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values pulumi.StringArrayInput `pulumi:"values"`
}

func (PolicyListPolicyDenyArgs) ElementType

func (PolicyListPolicyDenyArgs) ElementType() reflect.Type

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutput

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutput() PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutputWithContext

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutputWithContext(ctx context.Context) PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutput

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutputWithContext

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) PolicyListPolicyDenyPtrOutput

type PolicyListPolicyDenyInput

type PolicyListPolicyDenyInput interface {
	pulumi.Input

	ToPolicyListPolicyDenyOutput() PolicyListPolicyDenyOutput
	ToPolicyListPolicyDenyOutputWithContext(context.Context) PolicyListPolicyDenyOutput
}

type PolicyListPolicyDenyOutput

type PolicyListPolicyDenyOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyDenyOutput) All

The policy allows or denies all values.

func (PolicyListPolicyDenyOutput) ElementType

func (PolicyListPolicyDenyOutput) ElementType() reflect.Type

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutput

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutput() PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutputWithContext

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutputWithContext(ctx context.Context) PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutput

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutputWithContext

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyOutput) Values

The policy can define specific values that are allowed or denied.

type PolicyListPolicyDenyPtrInput

type PolicyListPolicyDenyPtrInput interface {
	pulumi.Input

	ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput
	ToPolicyListPolicyDenyPtrOutputWithContext(context.Context) PolicyListPolicyDenyPtrOutput
}

type PolicyListPolicyDenyPtrOutput

type PolicyListPolicyDenyPtrOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyDenyPtrOutput) All

The policy allows or denies all values.

func (PolicyListPolicyDenyPtrOutput) Elem

func (PolicyListPolicyDenyPtrOutput) ElementType

func (PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutput

func (o PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutputWithContext

func (o PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyPtrOutput) Values

The policy can define specific values that are allowed or denied.

type PolicyListPolicyInput

type PolicyListPolicyInput interface {
	pulumi.Input

	ToPolicyListPolicyOutput() PolicyListPolicyOutput
	ToPolicyListPolicyOutputWithContext(context.Context) PolicyListPolicyOutput
}

type PolicyListPolicyOutput

type PolicyListPolicyOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyOutput) Allow

func (PolicyListPolicyOutput) Deny

func (PolicyListPolicyOutput) ElementType

func (PolicyListPolicyOutput) ElementType() reflect.Type

func (PolicyListPolicyOutput) InheritFromParent

func (o PolicyListPolicyOutput) InheritFromParent() pulumi.BoolPtrOutput

If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.

func (PolicyListPolicyOutput) SuggestedValue

func (o PolicyListPolicyOutput) SuggestedValue() pulumi.StringPtrOutput

The Google Cloud Console will try to default to a configuration that matches the value specified in this field.

func (PolicyListPolicyOutput) ToPolicyListPolicyOutput

func (o PolicyListPolicyOutput) ToPolicyListPolicyOutput() PolicyListPolicyOutput

func (PolicyListPolicyOutput) ToPolicyListPolicyOutputWithContext

func (o PolicyListPolicyOutput) ToPolicyListPolicyOutputWithContext(ctx context.Context) PolicyListPolicyOutput

func (PolicyListPolicyOutput) ToPolicyListPolicyPtrOutput

func (o PolicyListPolicyOutput) ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput

func (PolicyListPolicyOutput) ToPolicyListPolicyPtrOutputWithContext

func (o PolicyListPolicyOutput) ToPolicyListPolicyPtrOutputWithContext(ctx context.Context) PolicyListPolicyPtrOutput

type PolicyListPolicyPtrInput

type PolicyListPolicyPtrInput interface {
	pulumi.Input

	ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput
	ToPolicyListPolicyPtrOutputWithContext(context.Context) PolicyListPolicyPtrOutput
}

type PolicyListPolicyPtrOutput

type PolicyListPolicyPtrOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyPtrOutput) Allow

func (PolicyListPolicyPtrOutput) Deny

func (PolicyListPolicyPtrOutput) Elem

func (PolicyListPolicyPtrOutput) ElementType

func (PolicyListPolicyPtrOutput) ElementType() reflect.Type

func (PolicyListPolicyPtrOutput) InheritFromParent

func (o PolicyListPolicyPtrOutput) InheritFromParent() pulumi.BoolPtrOutput

If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.

func (PolicyListPolicyPtrOutput) SuggestedValue

The Google Cloud Console will try to default to a configuration that matches the value specified in this field.

func (PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutput

func (o PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput

func (PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutputWithContext

func (o PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutputWithContext(ctx context.Context) PolicyListPolicyPtrOutput

type PolicyRestorePolicy

type PolicyRestorePolicy struct {
	// May only be set to true. If set, then the default Policy is restored.
	Default bool `pulumi:"default"`
}

type PolicyRestorePolicyArgs

type PolicyRestorePolicyArgs struct {
	// May only be set to true. If set, then the default Policy is restored.
	Default pulumi.BoolInput `pulumi:"default"`
}

func (PolicyRestorePolicyArgs) ElementType

func (PolicyRestorePolicyArgs) ElementType() reflect.Type

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutput

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutput() PolicyRestorePolicyOutput

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutputWithContext

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutputWithContext(ctx context.Context) PolicyRestorePolicyOutput

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutput

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutputWithContext

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) PolicyRestorePolicyPtrOutput

type PolicyRestorePolicyInput

type PolicyRestorePolicyInput interface {
	pulumi.Input

	ToPolicyRestorePolicyOutput() PolicyRestorePolicyOutput
	ToPolicyRestorePolicyOutputWithContext(context.Context) PolicyRestorePolicyOutput
}

type PolicyRestorePolicyOutput

type PolicyRestorePolicyOutput struct{ *pulumi.OutputState }

func (PolicyRestorePolicyOutput) Default

May only be set to true. If set, then the default Policy is restored.

func (PolicyRestorePolicyOutput) ElementType

func (PolicyRestorePolicyOutput) ElementType() reflect.Type

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutput

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutput() PolicyRestorePolicyOutput

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutputWithContext

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutputWithContext(ctx context.Context) PolicyRestorePolicyOutput

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutput

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutputWithContext

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) PolicyRestorePolicyPtrOutput

type PolicyRestorePolicyPtrInput

type PolicyRestorePolicyPtrInput interface {
	pulumi.Input

	ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput
	ToPolicyRestorePolicyPtrOutputWithContext(context.Context) PolicyRestorePolicyPtrOutput
}

type PolicyRestorePolicyPtrOutput

type PolicyRestorePolicyPtrOutput struct{ *pulumi.OutputState }

func (PolicyRestorePolicyPtrOutput) Default

May only be set to true. If set, then the default Policy is restored.

func (PolicyRestorePolicyPtrOutput) Elem

func (PolicyRestorePolicyPtrOutput) ElementType

func (PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutput

func (o PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput

func (PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutputWithContext

func (o PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) PolicyRestorePolicyPtrOutput

type PolicyState

type PolicyState struct {
	// A boolean policy is a constraint that is either enforced or not. Structure is documented below.
	BooleanPolicy PolicyBooleanPolicyPtrInput
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	Constraint pulumi.StringPtrInput
	// (Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
	Etag pulumi.StringPtrInput
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy PolicyListPolicyPtrInput
	// The numeric ID of the organization to set the policy for.
	OrgId pulumi.StringPtrInput
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	RestorePolicy PolicyRestorePolicyPtrInput
	// (Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".
	UpdateTime pulumi.StringPtrInput
	// Version of the Policy. Default version is 0.
	Version pulumi.IntPtrInput
}

func (PolicyState) ElementType

func (PolicyState) ElementType() reflect.Type

type Project

type Project struct {
	pulumi.CustomResourceState

	// Create the 'default' network automatically.  Default `true`.
	// If set to `false`, the default network will be deleted.  Note that, for quota purposes, you
	// will still need to have 1 network slot available to create the project successfully, even if
	// you set `autoCreateNetwork` to `false`, since the network will exist momentarily.
	AutoCreateNetwork pulumi.BoolPtrOutput `pulumi:"autoCreateNetwork"`
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with the provider
	// must have Billing Account Administrator privileges (`roles/billing.admin`) in
	// the organization. See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/v1/how-tos/access-control)
	// for more details.
	BillingAccount pulumi.StringPtrOutput `pulumi:"billingAccount"`
	// The numeric ID of the folder this project should be
	// created under. Only one of `orgId` or `folderId` may be
	// specified. If the `folderId` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId pulumi.StringOutput `pulumi:"folderId"`
	// A set of key/value label pairs to assign to the project.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The display name of the project.
	Name pulumi.StringOutput `pulumi:"name"`
	// The numeric identifier of the project.
	Number pulumi.StringOutput `pulumi:"number"`
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `orgId` or `folderId` may be specified. If the `orgId` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The project ID. Changing this forces a new project to be created.
	ProjectId pulumi.StringOutput `pulumi:"projectId"`
	// If true, the resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete pulumi.BoolOutput `pulumi:"skipDelete"`
}

Allows creation and management of a Google Cloud Platform project.

Projects created with this resource must be associated with an Organization. See the [Organization documentation](https://cloud.google.com/resource-manager/docs/quickstarts) for more details.

The service account used to run this provider when creating a `organizations.Project` resource must have `roles/resourcemanager.projectCreator`. See the [Access Control for Organizations Using IAM](https://cloud.google.com/resource-manager/docs/access-control-org) doc for more information.

> This content is derived from https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/google_project.html.markdown.

func GetProject

func GetProject(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ProjectState, opts ...pulumi.ResourceOption) (*Project, error)

GetProject gets an existing Project resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewProject

func NewProject(ctx *pulumi.Context,
	name string, args *ProjectArgs, opts ...pulumi.ResourceOption) (*Project, error)

NewProject registers a new resource with the given unique name, arguments, and options.

type ProjectArgs

type ProjectArgs struct {
	// Create the 'default' network automatically.  Default `true`.
	// If set to `false`, the default network will be deleted.  Note that, for quota purposes, you
	// will still need to have 1 network slot available to create the project successfully, even if
	// you set `autoCreateNetwork` to `false`, since the network will exist momentarily.
	AutoCreateNetwork pulumi.BoolPtrInput
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with the provider
	// must have Billing Account Administrator privileges (`roles/billing.admin`) in
	// the organization. See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/v1/how-tos/access-control)
	// for more details.
	BillingAccount pulumi.StringPtrInput
	// The numeric ID of the folder this project should be
	// created under. Only one of `orgId` or `folderId` may be
	// specified. If the `folderId` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId pulumi.StringPtrInput
	// A set of key/value label pairs to assign to the project.
	Labels pulumi.StringMapInput
	// The display name of the project.
	Name pulumi.StringPtrInput
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `orgId` or `folderId` may be specified. If the `orgId` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId pulumi.StringPtrInput
	// The project ID. Changing this forces a new project to be created.
	ProjectId pulumi.StringInput
	// If true, the resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete pulumi.BoolPtrInput
}

The set of arguments for constructing a Project resource.

func (ProjectArgs) ElementType

func (ProjectArgs) ElementType() reflect.Type

type ProjectState

type ProjectState struct {
	// Create the 'default' network automatically.  Default `true`.
	// If set to `false`, the default network will be deleted.  Note that, for quota purposes, you
	// will still need to have 1 network slot available to create the project successfully, even if
	// you set `autoCreateNetwork` to `false`, since the network will exist momentarily.
	AutoCreateNetwork pulumi.BoolPtrInput
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with the provider
	// must have Billing Account Administrator privileges (`roles/billing.admin`) in
	// the organization. See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/v1/how-tos/access-control)
	// for more details.
	BillingAccount pulumi.StringPtrInput
	// The numeric ID of the folder this project should be
	// created under. Only one of `orgId` or `folderId` may be
	// specified. If the `folderId` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId pulumi.StringPtrInput
	// A set of key/value label pairs to assign to the project.
	Labels pulumi.StringMapInput
	// The display name of the project.
	Name pulumi.StringPtrInput
	// The numeric identifier of the project.
	Number pulumi.StringPtrInput
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `orgId` or `folderId` may be specified. If the `orgId` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId pulumi.StringPtrInput
	// The project ID. Changing this forces a new project to be created.
	ProjectId pulumi.StringPtrInput
	// If true, the resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete pulumi.BoolPtrInput
}

func (ProjectState) ElementType

func (ProjectState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL