spanner

package
v4.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 8, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Database 

type Database struct {
	pulumi.CustomResourceState

	// An optional list of DDL statements to run inside the newly created
	// database. Statements can create tables, indexes, etc. These statements
	// execute atomically with the creation of the database: if there is an
	// error in any statement, the database is not created.
	Ddls               pulumi.StringArrayOutput `pulumi:"ddls"`
	DeletionProtection pulumi.BoolPtrOutput     `pulumi:"deletionProtection"`
	// The instance to create the database on.
	Instance pulumi.StringOutput `pulumi:"instance"`
	// A unique identifier for the database, which cannot be changed after
	// the instance is created. Values are of the form [a-z][-a-z0-9]*[a-z0-9].
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// An explanation of the status of the database.
	State pulumi.StringOutput `pulumi:"state"`
}

A Cloud Spanner Database which is hosted on a Spanner instance.

To get more information about Database, see:

* [API documentation](https://cloud.google.com/spanner/docs/reference/rest/v1/projects.instances.databases) * How-to Guides

> **Warning:** It is strongly recommended to set `lifecycle { preventDestroy = true }` on databases in order to prevent accidental data loss.

## Example Usage ### Spanner Database Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		main, err := spanner.NewInstance(ctx, "main", &spanner.InstanceArgs{
			Config:      pulumi.String("regional-europe-west1"),
			DisplayName: pulumi.String("main-instance"),
		})
		if err != nil {
			return err
		}
		_, err = spanner.NewDatabase(ctx, "database", &spanner.DatabaseArgs{
			Instance: main.Name,
			Ddls: pulumi.StringArray{
				pulumi.String("CREATE TABLE t1 (t1 INT64 NOT NULL,) PRIMARY KEY(t1)"),
				pulumi.String("CREATE TABLE t2 (t2 INT64 NOT NULL,) PRIMARY KEY(t2)"),
			},
			DeletionProtection: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Database can be imported using any of these accepted formats

```sh 

$ pulumi import gcp:spanner/database:Database default projects/{{project}}/instances/{{instance}}/databases/{{name}}

```

```sh 

$ pulumi import gcp:spanner/database:Database default instances/{{instance}}/databases/{{name}}

```

```sh 

$ pulumi import gcp:spanner/database:Database default {{project}}/{{instance}}/{{name}}

```

```sh 

$ pulumi import gcp:spanner/database:Database default {{instance}}/{{name}}

```

func GetDatabase 

func GetDatabase(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DatabaseState, opts ...pulumi.ResourceOption) (*Database, error)

GetDatabase gets an existing Database resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDatabase 

func NewDatabase(ctx *pulumi.Context,
	name string, args *DatabaseArgs, opts ...pulumi.ResourceOption) (*Database, error)

NewDatabase registers a new resource with the given unique name, arguments, and options.

func (Database) ElementType added in v4.4.0 

func (Database) ElementType() reflect.Type

func (Database) ToDatabaseOutput added in v4.4.0 

func (i Database) ToDatabaseOutput() DatabaseOutput

func (Database) ToDatabaseOutputWithContext added in v4.4.0 

func (i Database) ToDatabaseOutputWithContext(ctx context.Context) DatabaseOutput

type DatabaseArgs 

type DatabaseArgs struct {
	// An optional list of DDL statements to run inside the newly created
	// database. Statements can create tables, indexes, etc. These statements
	// execute atomically with the creation of the database: if there is an
	// error in any statement, the database is not created.
	Ddls               pulumi.StringArrayInput
	DeletionProtection pulumi.BoolPtrInput
	// The instance to create the database on.
	Instance pulumi.StringInput
	// A unique identifier for the database, which cannot be changed after
	// the instance is created. Values are of the form [a-z][-a-z0-9]*[a-z0-9].
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a Database resource.

func (DatabaseArgs) ElementType 

func (DatabaseArgs) ElementType() reflect.Type

type DatabaseIAMBinding 

type DatabaseIAMBinding struct {
	pulumi.CustomResourceState

	Condition DatabaseIAMBindingConditionPtrOutput `pulumi:"condition"`
	// The name of the Spanner database.
	Database pulumi.StringOutput `pulumi:"database"`
	// (Computed) The etag of the database's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringOutput      `pulumi:"instance"`
	Members  pulumi.StringArrayOutput `pulumi:"members"`
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `spanner.DatabaseIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for a Spanner database. Each of these resources serves a different use case:

* `spanner.DatabaseIAMPolicy`: Authoritative. Sets the IAM policy for the database and replaces any existing policy already attached.

> **Warning:** It's entirely possibly to lock yourself out of your database using `spanner.DatabaseIAMPolicy`. Any permissions granted by default will be removed unless you include them in your config.

* `spanner.DatabaseIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the database are preserved. * `spanner.DatabaseIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the database are preserved.

> **Note:** `spanner.DatabaseIAMPolicy` **cannot** be used in conjunction with `spanner.DatabaseIAMBinding` and `spanner.DatabaseIAMMember` or they will fight over what your policy should be.

> **Note:** `spanner.DatabaseIAMBinding` resources **can be** used in conjunction with `spanner.DatabaseIAMMember` resources **only if** they do not grant privilege to the same role.

## google\_spanner\_database\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				organizations.GetIAMPolicyBinding{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = spanner.NewDatabaseIAMPolicy(ctx, "database", &spanner.DatabaseIAMPolicyArgs{
			Instance:   pulumi.String("your-instance-name"),
			Database:   pulumi.String("your-database-name"),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_database\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewDatabaseIAMBinding(ctx, "database", &spanner.DatabaseIAMBindingArgs{
			Database: pulumi.String("your-database-name"),
			Instance: pulumi.String("your-instance-name"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Role: pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_database\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewDatabaseIAMMember(ctx, "database", &spanner.DatabaseIAMMemberArgs{
			Database: pulumi.String("your-database-name"),
			Instance: pulumi.String("your-instance-name"),
			Member:   pulumi.String("user:jane@example.com"),
			Role:     pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* {{project}}/{{instance}}/{{database}} * {{instance}}/{{database}} (project is taken from provider project) IAM member imports use space-delimited identifiers; the resource in question, the role, and the member identity, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMBinding:DatabaseIAMBinding database "project-name/instance-name/database-name roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMBinding:DatabaseIAMBinding database "project-name/instance-name/database-name roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMBinding:DatabaseIAMBinding database project-name/instance-name/database-name

``` 

-> **Custom Roles:** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetDatabaseIAMBinding 

func GetDatabaseIAMBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DatabaseIAMBindingState, opts ...pulumi.ResourceOption) (*DatabaseIAMBinding, error)

GetDatabaseIAMBinding gets an existing DatabaseIAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDatabaseIAMBinding 

func NewDatabaseIAMBinding(ctx *pulumi.Context,
	name string, args *DatabaseIAMBindingArgs, opts ...pulumi.ResourceOption) (*DatabaseIAMBinding, error)

NewDatabaseIAMBinding registers a new resource with the given unique name, arguments, and options.

func (DatabaseIAMBinding) ElementType added in v4.4.0 

func (DatabaseIAMBinding) ElementType() reflect.Type

func (DatabaseIAMBinding) ToDatabaseIAMBindingOutput added in v4.4.0 

func (i DatabaseIAMBinding) ToDatabaseIAMBindingOutput() DatabaseIAMBindingOutput

func (DatabaseIAMBinding) ToDatabaseIAMBindingOutputWithContext added in v4.4.0 

func (i DatabaseIAMBinding) ToDatabaseIAMBindingOutputWithContext(ctx context.Context) DatabaseIAMBindingOutput

type DatabaseIAMBindingArgs 

type DatabaseIAMBindingArgs struct {
	Condition DatabaseIAMBindingConditionPtrInput
	// The name of the Spanner database.
	Database pulumi.StringInput
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringInput
	Members  pulumi.StringArrayInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.DatabaseIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a DatabaseIAMBinding resource.

func (DatabaseIAMBindingArgs) ElementType 

func (DatabaseIAMBindingArgs) ElementType() reflect.Type

type DatabaseIAMBindingCondition 

type DatabaseIAMBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type DatabaseIAMBindingConditionArgs 

type DatabaseIAMBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (DatabaseIAMBindingConditionArgs) ElementType 

func (DatabaseIAMBindingConditionArgs) ElementType() reflect.Type

func (DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionOutput 

func (i DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionOutput() DatabaseIAMBindingConditionOutput

func (DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionOutputWithContext 

func (i DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionOutputWithContext(ctx context.Context) DatabaseIAMBindingConditionOutput

func (DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionPtrOutput 

func (i DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionPtrOutput() DatabaseIAMBindingConditionPtrOutput

func (DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionPtrOutputWithContext 

func (i DatabaseIAMBindingConditionArgs) ToDatabaseIAMBindingConditionPtrOutputWithContext(ctx context.Context) DatabaseIAMBindingConditionPtrOutput

type DatabaseIAMBindingConditionInput 

type DatabaseIAMBindingConditionInput interface {
	pulumi.Input

	ToDatabaseIAMBindingConditionOutput() DatabaseIAMBindingConditionOutput
	ToDatabaseIAMBindingConditionOutputWithContext(context.Context) DatabaseIAMBindingConditionOutput
}

DatabaseIAMBindingConditionInput is an input type that accepts DatabaseIAMBindingConditionArgs and DatabaseIAMBindingConditionOutput values. You can construct a concrete instance of `DatabaseIAMBindingConditionInput` via: 

DatabaseIAMBindingConditionArgs{...}

type DatabaseIAMBindingConditionOutput 

type DatabaseIAMBindingConditionOutput struct{ *pulumi.OutputState }

func (DatabaseIAMBindingConditionOutput) Description 

func (o DatabaseIAMBindingConditionOutput) Description() pulumi.StringPtrOutput

func (DatabaseIAMBindingConditionOutput) ElementType 

func (DatabaseIAMBindingConditionOutput) ElementType() reflect.Type

func (DatabaseIAMBindingConditionOutput) Expression 

func (o DatabaseIAMBindingConditionOutput) Expression() pulumi.StringOutput

func (DatabaseIAMBindingConditionOutput) Title 

func (o DatabaseIAMBindingConditionOutput) Title() pulumi.StringOutput

func (DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionOutput 

func (o DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionOutput() DatabaseIAMBindingConditionOutput

func (DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionOutputWithContext 

func (o DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionOutputWithContext(ctx context.Context) DatabaseIAMBindingConditionOutput

func (DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionPtrOutput 

func (o DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionPtrOutput() DatabaseIAMBindingConditionPtrOutput

func (DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionPtrOutputWithContext 

func (o DatabaseIAMBindingConditionOutput) ToDatabaseIAMBindingConditionPtrOutputWithContext(ctx context.Context) DatabaseIAMBindingConditionPtrOutput

type DatabaseIAMBindingConditionPtrInput 

type DatabaseIAMBindingConditionPtrInput interface {
	pulumi.Input

	ToDatabaseIAMBindingConditionPtrOutput() DatabaseIAMBindingConditionPtrOutput
	ToDatabaseIAMBindingConditionPtrOutputWithContext(context.Context) DatabaseIAMBindingConditionPtrOutput
}

DatabaseIAMBindingConditionPtrInput is an input type that accepts DatabaseIAMBindingConditionArgs, DatabaseIAMBindingConditionPtr and DatabaseIAMBindingConditionPtrOutput values. You can construct a concrete instance of `DatabaseIAMBindingConditionPtrInput` via: 

        DatabaseIAMBindingConditionArgs{...}

or:

        nil

func DatabaseIAMBindingConditionPtr 

func DatabaseIAMBindingConditionPtr(v *DatabaseIAMBindingConditionArgs) DatabaseIAMBindingConditionPtrInput

type DatabaseIAMBindingConditionPtrOutput 

type DatabaseIAMBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (DatabaseIAMBindingConditionPtrOutput) Description 

func (o DatabaseIAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput

func (DatabaseIAMBindingConditionPtrOutput) Elem 

func (o DatabaseIAMBindingConditionPtrOutput) Elem() DatabaseIAMBindingConditionOutput

func (DatabaseIAMBindingConditionPtrOutput) ElementType 

func (DatabaseIAMBindingConditionPtrOutput) ElementType() reflect.Type

func (DatabaseIAMBindingConditionPtrOutput) Expression 

func (o DatabaseIAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (DatabaseIAMBindingConditionPtrOutput) Title 

func (o DatabaseIAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput

func (DatabaseIAMBindingConditionPtrOutput) ToDatabaseIAMBindingConditionPtrOutput 

func (o DatabaseIAMBindingConditionPtrOutput) ToDatabaseIAMBindingConditionPtrOutput() DatabaseIAMBindingConditionPtrOutput

func (DatabaseIAMBindingConditionPtrOutput) ToDatabaseIAMBindingConditionPtrOutputWithContext 

func (o DatabaseIAMBindingConditionPtrOutput) ToDatabaseIAMBindingConditionPtrOutputWithContext(ctx context.Context) DatabaseIAMBindingConditionPtrOutput

type DatabaseIAMBindingInput added in v4.4.0 

type DatabaseIAMBindingInput interface {
	pulumi.Input

	ToDatabaseIAMBindingOutput() DatabaseIAMBindingOutput
	ToDatabaseIAMBindingOutputWithContext(ctx context.Context) DatabaseIAMBindingOutput
}

type DatabaseIAMBindingOutput added in v4.4.0 

type DatabaseIAMBindingOutput struct {
	*pulumi.OutputState
}

func (DatabaseIAMBindingOutput) ElementType added in v4.4.0 

func (DatabaseIAMBindingOutput) ElementType() reflect.Type

func (DatabaseIAMBindingOutput) ToDatabaseIAMBindingOutput added in v4.4.0 

func (o DatabaseIAMBindingOutput) ToDatabaseIAMBindingOutput() DatabaseIAMBindingOutput

func (DatabaseIAMBindingOutput) ToDatabaseIAMBindingOutputWithContext added in v4.4.0 

func (o DatabaseIAMBindingOutput) ToDatabaseIAMBindingOutputWithContext(ctx context.Context) DatabaseIAMBindingOutput

type DatabaseIAMBindingState 

type DatabaseIAMBindingState struct {
	Condition DatabaseIAMBindingConditionPtrInput
	// The name of the Spanner database.
	Database pulumi.StringPtrInput
	// (Computed) The etag of the database's IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringPtrInput
	Members  pulumi.StringArrayInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.DatabaseIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (DatabaseIAMBindingState) ElementType 

func (DatabaseIAMBindingState) ElementType() reflect.Type

type DatabaseIAMMember 

type DatabaseIAMMember struct {
	pulumi.CustomResourceState

	Condition DatabaseIAMMemberConditionPtrOutput `pulumi:"condition"`
	// The name of the Spanner database.
	Database pulumi.StringOutput `pulumi:"database"`
	// (Computed) The etag of the database's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringOutput `pulumi:"instance"`
	Member   pulumi.StringOutput `pulumi:"member"`
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `spanner.DatabaseIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for a Spanner database. Each of these resources serves a different use case:

* `spanner.DatabaseIAMPolicy`: Authoritative. Sets the IAM policy for the database and replaces any existing policy already attached.

> **Warning:** It's entirely possibly to lock yourself out of your database using `spanner.DatabaseIAMPolicy`. Any permissions granted by default will be removed unless you include them in your config.

* `spanner.DatabaseIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the database are preserved. * `spanner.DatabaseIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the database are preserved.

> **Note:** `spanner.DatabaseIAMPolicy` **cannot** be used in conjunction with `spanner.DatabaseIAMBinding` and `spanner.DatabaseIAMMember` or they will fight over what your policy should be.

> **Note:** `spanner.DatabaseIAMBinding` resources **can be** used in conjunction with `spanner.DatabaseIAMMember` resources **only if** they do not grant privilege to the same role.

## google\_spanner\_database\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				organizations.GetIAMPolicyBinding{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = spanner.NewDatabaseIAMPolicy(ctx, "database", &spanner.DatabaseIAMPolicyArgs{
			Instance:   pulumi.String("your-instance-name"),
			Database:   pulumi.String("your-database-name"),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_database\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewDatabaseIAMBinding(ctx, "database", &spanner.DatabaseIAMBindingArgs{
			Database: pulumi.String("your-database-name"),
			Instance: pulumi.String("your-instance-name"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Role: pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_database\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewDatabaseIAMMember(ctx, "database", &spanner.DatabaseIAMMemberArgs{
			Database: pulumi.String("your-database-name"),
			Instance: pulumi.String("your-instance-name"),
			Member:   pulumi.String("user:jane@example.com"),
			Role:     pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* {{project}}/{{instance}}/{{database}} * {{instance}}/{{database}} (project is taken from provider project) IAM member imports use space-delimited identifiers; the resource in question, the role, and the member identity, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMMember:DatabaseIAMMember database "project-name/instance-name/database-name roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMMember:DatabaseIAMMember database "project-name/instance-name/database-name roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMMember:DatabaseIAMMember database project-name/instance-name/database-name

``` 

-> **Custom Roles:** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetDatabaseIAMMember 

func GetDatabaseIAMMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DatabaseIAMMemberState, opts ...pulumi.ResourceOption) (*DatabaseIAMMember, error)

GetDatabaseIAMMember gets an existing DatabaseIAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDatabaseIAMMember 

func NewDatabaseIAMMember(ctx *pulumi.Context,
	name string, args *DatabaseIAMMemberArgs, opts ...pulumi.ResourceOption) (*DatabaseIAMMember, error)

NewDatabaseIAMMember registers a new resource with the given unique name, arguments, and options.

func (DatabaseIAMMember) ElementType added in v4.4.0 

func (DatabaseIAMMember) ElementType() reflect.Type

func (DatabaseIAMMember) ToDatabaseIAMMemberOutput added in v4.4.0 

func (i DatabaseIAMMember) ToDatabaseIAMMemberOutput() DatabaseIAMMemberOutput

func (DatabaseIAMMember) ToDatabaseIAMMemberOutputWithContext added in v4.4.0 

func (i DatabaseIAMMember) ToDatabaseIAMMemberOutputWithContext(ctx context.Context) DatabaseIAMMemberOutput

type DatabaseIAMMemberArgs 

type DatabaseIAMMemberArgs struct {
	Condition DatabaseIAMMemberConditionPtrInput
	// The name of the Spanner database.
	Database pulumi.StringInput
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringInput
	Member   pulumi.StringInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.DatabaseIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a DatabaseIAMMember resource.

func (DatabaseIAMMemberArgs) ElementType 

func (DatabaseIAMMemberArgs) ElementType() reflect.Type

type DatabaseIAMMemberCondition 

type DatabaseIAMMemberCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type DatabaseIAMMemberConditionArgs 

type DatabaseIAMMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (DatabaseIAMMemberConditionArgs) ElementType 

func (DatabaseIAMMemberConditionArgs) ElementType() reflect.Type

func (DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionOutput 

func (i DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionOutput() DatabaseIAMMemberConditionOutput

func (DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionOutputWithContext 

func (i DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionOutputWithContext(ctx context.Context) DatabaseIAMMemberConditionOutput

func (DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionPtrOutput 

func (i DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionPtrOutput() DatabaseIAMMemberConditionPtrOutput

func (DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionPtrOutputWithContext 

func (i DatabaseIAMMemberConditionArgs) ToDatabaseIAMMemberConditionPtrOutputWithContext(ctx context.Context) DatabaseIAMMemberConditionPtrOutput

type DatabaseIAMMemberConditionInput 

type DatabaseIAMMemberConditionInput interface {
	pulumi.Input

	ToDatabaseIAMMemberConditionOutput() DatabaseIAMMemberConditionOutput
	ToDatabaseIAMMemberConditionOutputWithContext(context.Context) DatabaseIAMMemberConditionOutput
}

DatabaseIAMMemberConditionInput is an input type that accepts DatabaseIAMMemberConditionArgs and DatabaseIAMMemberConditionOutput values. You can construct a concrete instance of `DatabaseIAMMemberConditionInput` via: 

DatabaseIAMMemberConditionArgs{...}

type DatabaseIAMMemberConditionOutput 

type DatabaseIAMMemberConditionOutput struct{ *pulumi.OutputState }

func (DatabaseIAMMemberConditionOutput) Description 

func (o DatabaseIAMMemberConditionOutput) Description() pulumi.StringPtrOutput

func (DatabaseIAMMemberConditionOutput) ElementType 

func (DatabaseIAMMemberConditionOutput) ElementType() reflect.Type

func (DatabaseIAMMemberConditionOutput) Expression 

func (o DatabaseIAMMemberConditionOutput) Expression() pulumi.StringOutput

func (DatabaseIAMMemberConditionOutput) Title 

func (o DatabaseIAMMemberConditionOutput) Title() pulumi.StringOutput

func (DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionOutput 

func (o DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionOutput() DatabaseIAMMemberConditionOutput

func (DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionOutputWithContext 

func (o DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionOutputWithContext(ctx context.Context) DatabaseIAMMemberConditionOutput

func (DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionPtrOutput 

func (o DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionPtrOutput() DatabaseIAMMemberConditionPtrOutput

func (DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionPtrOutputWithContext 

func (o DatabaseIAMMemberConditionOutput) ToDatabaseIAMMemberConditionPtrOutputWithContext(ctx context.Context) DatabaseIAMMemberConditionPtrOutput

type DatabaseIAMMemberConditionPtrInput 

type DatabaseIAMMemberConditionPtrInput interface {
	pulumi.Input

	ToDatabaseIAMMemberConditionPtrOutput() DatabaseIAMMemberConditionPtrOutput
	ToDatabaseIAMMemberConditionPtrOutputWithContext(context.Context) DatabaseIAMMemberConditionPtrOutput
}

DatabaseIAMMemberConditionPtrInput is an input type that accepts DatabaseIAMMemberConditionArgs, DatabaseIAMMemberConditionPtr and DatabaseIAMMemberConditionPtrOutput values. You can construct a concrete instance of `DatabaseIAMMemberConditionPtrInput` via: 

        DatabaseIAMMemberConditionArgs{...}

or:

        nil

func DatabaseIAMMemberConditionPtr 

func DatabaseIAMMemberConditionPtr(v *DatabaseIAMMemberConditionArgs) DatabaseIAMMemberConditionPtrInput

type DatabaseIAMMemberConditionPtrOutput 

type DatabaseIAMMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (DatabaseIAMMemberConditionPtrOutput) Description 

func (o DatabaseIAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput

func (DatabaseIAMMemberConditionPtrOutput) Elem 

func (o DatabaseIAMMemberConditionPtrOutput) Elem() DatabaseIAMMemberConditionOutput

func (DatabaseIAMMemberConditionPtrOutput) ElementType 

func (DatabaseIAMMemberConditionPtrOutput) ElementType() reflect.Type

func (DatabaseIAMMemberConditionPtrOutput) Expression 

func (o DatabaseIAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (DatabaseIAMMemberConditionPtrOutput) Title 

func (o DatabaseIAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput

func (DatabaseIAMMemberConditionPtrOutput) ToDatabaseIAMMemberConditionPtrOutput 

func (o DatabaseIAMMemberConditionPtrOutput) ToDatabaseIAMMemberConditionPtrOutput() DatabaseIAMMemberConditionPtrOutput

func (DatabaseIAMMemberConditionPtrOutput) ToDatabaseIAMMemberConditionPtrOutputWithContext 

func (o DatabaseIAMMemberConditionPtrOutput) ToDatabaseIAMMemberConditionPtrOutputWithContext(ctx context.Context) DatabaseIAMMemberConditionPtrOutput

type DatabaseIAMMemberInput added in v4.4.0 

type DatabaseIAMMemberInput interface {
	pulumi.Input

	ToDatabaseIAMMemberOutput() DatabaseIAMMemberOutput
	ToDatabaseIAMMemberOutputWithContext(ctx context.Context) DatabaseIAMMemberOutput
}

type DatabaseIAMMemberOutput added in v4.4.0 

type DatabaseIAMMemberOutput struct {
	*pulumi.OutputState
}

func (DatabaseIAMMemberOutput) ElementType added in v4.4.0 

func (DatabaseIAMMemberOutput) ElementType() reflect.Type

func (DatabaseIAMMemberOutput) ToDatabaseIAMMemberOutput added in v4.4.0 

func (o DatabaseIAMMemberOutput) ToDatabaseIAMMemberOutput() DatabaseIAMMemberOutput

func (DatabaseIAMMemberOutput) ToDatabaseIAMMemberOutputWithContext added in v4.4.0 

func (o DatabaseIAMMemberOutput) ToDatabaseIAMMemberOutputWithContext(ctx context.Context) DatabaseIAMMemberOutput

type DatabaseIAMMemberState 

type DatabaseIAMMemberState struct {
	Condition DatabaseIAMMemberConditionPtrInput
	// The name of the Spanner database.
	Database pulumi.StringPtrInput
	// (Computed) The etag of the database's IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringPtrInput
	Member   pulumi.StringPtrInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.DatabaseIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (DatabaseIAMMemberState) ElementType 

func (DatabaseIAMMemberState) ElementType() reflect.Type

type DatabaseIAMPolicy 

type DatabaseIAMPolicy struct {
	pulumi.CustomResourceState

	// The name of the Spanner database.
	Database pulumi.StringOutput `pulumi:"database"`
	// (Computed) The etag of the database's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringOutput `pulumi:"instance"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
}

Three different resources help you manage your IAM policy for a Spanner database. Each of these resources serves a different use case:

* `spanner.DatabaseIAMPolicy`: Authoritative. Sets the IAM policy for the database and replaces any existing policy already attached.

> **Warning:** It's entirely possibly to lock yourself out of your database using `spanner.DatabaseIAMPolicy`. Any permissions granted by default will be removed unless you include them in your config.

* `spanner.DatabaseIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the database are preserved. * `spanner.DatabaseIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the database are preserved.

> **Note:** `spanner.DatabaseIAMPolicy` **cannot** be used in conjunction with `spanner.DatabaseIAMBinding` and `spanner.DatabaseIAMMember` or they will fight over what your policy should be.

> **Note:** `spanner.DatabaseIAMBinding` resources **can be** used in conjunction with `spanner.DatabaseIAMMember` resources **only if** they do not grant privilege to the same role.

## google\_spanner\_database\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				organizations.GetIAMPolicyBinding{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = spanner.NewDatabaseIAMPolicy(ctx, "database", &spanner.DatabaseIAMPolicyArgs{
			Instance:   pulumi.String("your-instance-name"),
			Database:   pulumi.String("your-database-name"),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_database\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewDatabaseIAMBinding(ctx, "database", &spanner.DatabaseIAMBindingArgs{
			Database: pulumi.String("your-database-name"),
			Instance: pulumi.String("your-instance-name"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Role: pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_database\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewDatabaseIAMMember(ctx, "database", &spanner.DatabaseIAMMemberArgs{
			Database: pulumi.String("your-database-name"),
			Instance: pulumi.String("your-instance-name"),
			Member:   pulumi.String("user:jane@example.com"),
			Role:     pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* {{project}}/{{instance}}/{{database}} * {{instance}}/{{database}} (project is taken from provider project) IAM member imports use space-delimited identifiers; the resource in question, the role, and the member identity, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMPolicy:DatabaseIAMPolicy database "project-name/instance-name/database-name roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMPolicy:DatabaseIAMPolicy database "project-name/instance-name/database-name roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:spanner/databaseIAMPolicy:DatabaseIAMPolicy database project-name/instance-name/database-name

``` 

-> **Custom Roles:** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetDatabaseIAMPolicy 

func GetDatabaseIAMPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DatabaseIAMPolicyState, opts ...pulumi.ResourceOption) (*DatabaseIAMPolicy, error)

GetDatabaseIAMPolicy gets an existing DatabaseIAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDatabaseIAMPolicy 

func NewDatabaseIAMPolicy(ctx *pulumi.Context,
	name string, args *DatabaseIAMPolicyArgs, opts ...pulumi.ResourceOption) (*DatabaseIAMPolicy, error)

NewDatabaseIAMPolicy registers a new resource with the given unique name, arguments, and options.

func (DatabaseIAMPolicy) ElementType added in v4.4.0 

func (DatabaseIAMPolicy) ElementType() reflect.Type

func (DatabaseIAMPolicy) ToDatabaseIAMPolicyOutput added in v4.4.0 

func (i DatabaseIAMPolicy) ToDatabaseIAMPolicyOutput() DatabaseIAMPolicyOutput

func (DatabaseIAMPolicy) ToDatabaseIAMPolicyOutputWithContext added in v4.4.0 

func (i DatabaseIAMPolicy) ToDatabaseIAMPolicyOutputWithContext(ctx context.Context) DatabaseIAMPolicyOutput

type DatabaseIAMPolicyArgs 

type DatabaseIAMPolicyArgs struct {
	// The name of the Spanner database.
	Database pulumi.StringInput
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a DatabaseIAMPolicy resource.

func (DatabaseIAMPolicyArgs) ElementType 

func (DatabaseIAMPolicyArgs) ElementType() reflect.Type

type DatabaseIAMPolicyInput added in v4.4.0 

type DatabaseIAMPolicyInput interface {
	pulumi.Input

	ToDatabaseIAMPolicyOutput() DatabaseIAMPolicyOutput
	ToDatabaseIAMPolicyOutputWithContext(ctx context.Context) DatabaseIAMPolicyOutput
}

type DatabaseIAMPolicyOutput added in v4.4.0 

type DatabaseIAMPolicyOutput struct {
	*pulumi.OutputState
}

func (DatabaseIAMPolicyOutput) ElementType added in v4.4.0 

func (DatabaseIAMPolicyOutput) ElementType() reflect.Type

func (DatabaseIAMPolicyOutput) ToDatabaseIAMPolicyOutput added in v4.4.0 

func (o DatabaseIAMPolicyOutput) ToDatabaseIAMPolicyOutput() DatabaseIAMPolicyOutput

func (DatabaseIAMPolicyOutput) ToDatabaseIAMPolicyOutputWithContext added in v4.4.0 

func (o DatabaseIAMPolicyOutput) ToDatabaseIAMPolicyOutputWithContext(ctx context.Context) DatabaseIAMPolicyOutput

type DatabaseIAMPolicyState 

type DatabaseIAMPolicyState struct {
	// The name of the Spanner database.
	Database pulumi.StringPtrInput
	// (Computed) The etag of the database's IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the Spanner instance the database belongs to.
	Instance pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

func (DatabaseIAMPolicyState) ElementType 

func (DatabaseIAMPolicyState) ElementType() reflect.Type

type DatabaseInput added in v4.4.0 

type DatabaseInput interface {
	pulumi.Input

	ToDatabaseOutput() DatabaseOutput
	ToDatabaseOutputWithContext(ctx context.Context) DatabaseOutput
}

type DatabaseOutput added in v4.4.0 

type DatabaseOutput struct {
	*pulumi.OutputState
}

func (DatabaseOutput) ElementType added in v4.4.0 

func (DatabaseOutput) ElementType() reflect.Type

func (DatabaseOutput) ToDatabaseOutput added in v4.4.0 

func (o DatabaseOutput) ToDatabaseOutput() DatabaseOutput

func (DatabaseOutput) ToDatabaseOutputWithContext added in v4.4.0 

func (o DatabaseOutput) ToDatabaseOutputWithContext(ctx context.Context) DatabaseOutput

type DatabaseState 

type DatabaseState struct {
	// An optional list of DDL statements to run inside the newly created
	// database. Statements can create tables, indexes, etc. These statements
	// execute atomically with the creation of the database: if there is an
	// error in any statement, the database is not created.
	Ddls               pulumi.StringArrayInput
	DeletionProtection pulumi.BoolPtrInput
	// The instance to create the database on.
	Instance pulumi.StringPtrInput
	// A unique identifier for the database, which cannot be changed after
	// the instance is created. Values are of the form [a-z][-a-z0-9]*[a-z0-9].
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// An explanation of the status of the database.
	State pulumi.StringPtrInput
}

func (DatabaseState) ElementType 

func (DatabaseState) ElementType() reflect.Type

type Instance 

type Instance struct {
	pulumi.CustomResourceState

	// The name of the instance's configuration (similar but not
	// quite the same as a region) which defines defines the geographic placement and
	// replication of your databases in this instance. It determines where your data
	// is stored. Values are typically of the form `regional-europe-west1` , `us-central` etc.
	// In order to obtain a valid list please consult the
	// [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances).
	Config pulumi.StringOutput `pulumi:"config"`
	// The descriptive name for this instance as it appears in UIs. Must be
	// unique per project and between 4 and 30 characters in length.
	DisplayName pulumi.StringOutput `pulumi:"displayName"`
	// An object containing a list of "key": value pairs.
	// Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// A unique identifier for the instance, which cannot be changed after
	// the instance is created. The name must be between 6 and 30 characters
	// in length.
	Name pulumi.StringOutput `pulumi:"name"`
	// The number of nodes allocated to this instance.
	NumNodes pulumi.IntPtrOutput `pulumi:"numNodes"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// Instance status: 'CREATING' or 'READY'.
	State pulumi.StringOutput `pulumi:"state"`
}

An isolated set of Cloud Spanner resources on which databases can be hosted.

To get more information about Instance, see:

* [API documentation](https://cloud.google.com/spanner/docs/reference/rest/v1/projects.instances) * How-to Guides

## Example Usage ### Spanner Instance Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstance(ctx, "example", &spanner.InstanceArgs{
			Config:      pulumi.String("regional-us-central1"),
			DisplayName: pulumi.String("Test Spanner Instance"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			NumNodes: pulumi.Int(2),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Spanner Instance Multi Regional

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstance(ctx, "example", &spanner.InstanceArgs{
			Config:      pulumi.String("nam-eur-asia1"),
			DisplayName: pulumi.String("Multi Regional Instance"),
			Labels: pulumi.StringMap{
				"foo": pulumi.String("bar"),
			},
			NumNodes: pulumi.Int(2),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Instance can be imported using any of these accepted formats

```sh 

$ pulumi import gcp:spanner/instance:Instance default projects/{{project}}/instances/{{name}}

```

```sh 

$ pulumi import gcp:spanner/instance:Instance default {{project}}/{{name}}

```

```sh 

$ pulumi import gcp:spanner/instance:Instance default {{name}}

```

func GetInstance 

func GetInstance(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceState, opts ...pulumi.ResourceOption) (*Instance, error)

GetInstance gets an existing Instance resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstance 

func NewInstance(ctx *pulumi.Context,
	name string, args *InstanceArgs, opts ...pulumi.ResourceOption) (*Instance, error)

NewInstance registers a new resource with the given unique name, arguments, and options.

func (Instance) ElementType added in v4.4.0 

func (Instance) ElementType() reflect.Type

func (Instance) ToInstanceOutput added in v4.4.0 

func (i Instance) ToInstanceOutput() InstanceOutput

func (Instance) ToInstanceOutputWithContext added in v4.4.0 

func (i Instance) ToInstanceOutputWithContext(ctx context.Context) InstanceOutput

type InstanceArgs 

type InstanceArgs struct {
	// The name of the instance's configuration (similar but not
	// quite the same as a region) which defines defines the geographic placement and
	// replication of your databases in this instance. It determines where your data
	// is stored. Values are typically of the form `regional-europe-west1` , `us-central` etc.
	// In order to obtain a valid list please consult the
	// [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances).
	Config pulumi.StringInput
	// The descriptive name for this instance as it appears in UIs. Must be
	// unique per project and between 4 and 30 characters in length.
	DisplayName pulumi.StringInput
	// An object containing a list of "key": value pairs.
	// Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Labels pulumi.StringMapInput
	// A unique identifier for the instance, which cannot be changed after
	// the instance is created. The name must be between 6 and 30 characters
	// in length.
	Name pulumi.StringPtrInput
	// The number of nodes allocated to this instance.
	NumNodes pulumi.IntPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a Instance resource.

func (InstanceArgs) ElementType 

func (InstanceArgs) ElementType() reflect.Type

type InstanceIAMBinding 

type InstanceIAMBinding struct {
	pulumi.CustomResourceState

	Condition InstanceIAMBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the instance's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the instance.
	Instance pulumi.StringOutput      `pulumi:"instance"`
	Members  pulumi.StringArrayOutput `pulumi:"members"`
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `spanner.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for a Spanner instance. Each of these resources serves a different use case:

* `spanner.InstanceIAMPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached.

> **Warning:** It's entirely possibly to lock yourself out of your instance using `spanner.InstanceIAMPolicy`. Any permissions granted by default will be removed unless you include them in your config.

* `spanner.InstanceIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved. * `spanner.InstanceIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved.

> **Note:** `spanner.InstanceIAMPolicy` **cannot** be used in conjunction with `spanner.InstanceIAMBinding` and `spanner.InstanceIAMMember` or they will fight over what your policy should be.

> **Note:** `spanner.InstanceIAMBinding` resources **can be** used in conjunction with `spanner.InstanceIAMMember` resources **only if** they do not grant privilege to the same role.

## google\_spanner\_instance\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				organizations.GetIAMPolicyBinding{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = spanner.NewInstanceIAMPolicy(ctx, "instance", &spanner.InstanceIAMPolicyArgs{
			Instance:   pulumi.String("your-instance-name"),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_instance\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstanceIAMBinding(ctx, "instance", &spanner.InstanceIAMBindingArgs{
			Instance: pulumi.String("your-instance-name"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Role: pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_instance\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstanceIAMMember(ctx, "instance", &spanner.InstanceIAMMemberArgs{
			Instance: pulumi.String("your-instance-name"),
			Member:   pulumi.String("user:jane@example.com"),
			Role:     pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* {{project}}/{{name}} * {{name}} (project is taken from provider project) IAM member imports use space-delimited identifiers; the resource in question, the role, and the account, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMBinding:InstanceIAMBinding instance "project-name/instance-name roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMBinding:InstanceIAMBinding instance "project-name/instance-name roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMBinding:InstanceIAMBinding instance project-name/instance-name

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetInstanceIAMBinding 

func GetInstanceIAMBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceIAMBindingState, opts ...pulumi.ResourceOption) (*InstanceIAMBinding, error)

GetInstanceIAMBinding gets an existing InstanceIAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstanceIAMBinding 

func NewInstanceIAMBinding(ctx *pulumi.Context,
	name string, args *InstanceIAMBindingArgs, opts ...pulumi.ResourceOption) (*InstanceIAMBinding, error)

NewInstanceIAMBinding registers a new resource with the given unique name, arguments, and options.

func (InstanceIAMBinding) ElementType added in v4.4.0 

func (InstanceIAMBinding) ElementType() reflect.Type

func (InstanceIAMBinding) ToInstanceIAMBindingOutput added in v4.4.0 

func (i InstanceIAMBinding) ToInstanceIAMBindingOutput() InstanceIAMBindingOutput

func (InstanceIAMBinding) ToInstanceIAMBindingOutputWithContext added in v4.4.0 

func (i InstanceIAMBinding) ToInstanceIAMBindingOutputWithContext(ctx context.Context) InstanceIAMBindingOutput

type InstanceIAMBindingArgs 

type InstanceIAMBindingArgs struct {
	Condition InstanceIAMBindingConditionPtrInput
	// The name of the instance.
	Instance pulumi.StringInput
	Members  pulumi.StringArrayInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a InstanceIAMBinding resource.

func (InstanceIAMBindingArgs) ElementType 

func (InstanceIAMBindingArgs) ElementType() reflect.Type

type InstanceIAMBindingCondition 

type InstanceIAMBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type InstanceIAMBindingConditionArgs 

type InstanceIAMBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (InstanceIAMBindingConditionArgs) ElementType 

func (InstanceIAMBindingConditionArgs) ElementType() reflect.Type

func (InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionOutput 

func (i InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionOutput() InstanceIAMBindingConditionOutput

func (InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionOutputWithContext 

func (i InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionOutputWithContext(ctx context.Context) InstanceIAMBindingConditionOutput

func (InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionPtrOutput 

func (i InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionPtrOutput() InstanceIAMBindingConditionPtrOutput

func (InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionPtrOutputWithContext 

func (i InstanceIAMBindingConditionArgs) ToInstanceIAMBindingConditionPtrOutputWithContext(ctx context.Context) InstanceIAMBindingConditionPtrOutput

type InstanceIAMBindingConditionInput 

type InstanceIAMBindingConditionInput interface {
	pulumi.Input

	ToInstanceIAMBindingConditionOutput() InstanceIAMBindingConditionOutput
	ToInstanceIAMBindingConditionOutputWithContext(context.Context) InstanceIAMBindingConditionOutput
}

InstanceIAMBindingConditionInput is an input type that accepts InstanceIAMBindingConditionArgs and InstanceIAMBindingConditionOutput values. You can construct a concrete instance of `InstanceIAMBindingConditionInput` via: 

InstanceIAMBindingConditionArgs{...}

type InstanceIAMBindingConditionOutput 

type InstanceIAMBindingConditionOutput struct{ *pulumi.OutputState }

func (InstanceIAMBindingConditionOutput) Description 

func (o InstanceIAMBindingConditionOutput) Description() pulumi.StringPtrOutput

func (InstanceIAMBindingConditionOutput) ElementType 

func (InstanceIAMBindingConditionOutput) ElementType() reflect.Type

func (InstanceIAMBindingConditionOutput) Expression 

func (o InstanceIAMBindingConditionOutput) Expression() pulumi.StringOutput

func (InstanceIAMBindingConditionOutput) Title 

func (o InstanceIAMBindingConditionOutput) Title() pulumi.StringOutput

func (InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionOutput 

func (o InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionOutput() InstanceIAMBindingConditionOutput

func (InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionOutputWithContext 

func (o InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionOutputWithContext(ctx context.Context) InstanceIAMBindingConditionOutput

func (InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionPtrOutput 

func (o InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionPtrOutput() InstanceIAMBindingConditionPtrOutput

func (InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionPtrOutputWithContext 

func (o InstanceIAMBindingConditionOutput) ToInstanceIAMBindingConditionPtrOutputWithContext(ctx context.Context) InstanceIAMBindingConditionPtrOutput

type InstanceIAMBindingConditionPtrInput 

type InstanceIAMBindingConditionPtrInput interface {
	pulumi.Input

	ToInstanceIAMBindingConditionPtrOutput() InstanceIAMBindingConditionPtrOutput
	ToInstanceIAMBindingConditionPtrOutputWithContext(context.Context) InstanceIAMBindingConditionPtrOutput
}

InstanceIAMBindingConditionPtrInput is an input type that accepts InstanceIAMBindingConditionArgs, InstanceIAMBindingConditionPtr and InstanceIAMBindingConditionPtrOutput values. You can construct a concrete instance of `InstanceIAMBindingConditionPtrInput` via: 

        InstanceIAMBindingConditionArgs{...}

or:

        nil

func InstanceIAMBindingConditionPtr 

func InstanceIAMBindingConditionPtr(v *InstanceIAMBindingConditionArgs) InstanceIAMBindingConditionPtrInput

type InstanceIAMBindingConditionPtrOutput 

type InstanceIAMBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (InstanceIAMBindingConditionPtrOutput) Description 

func (o InstanceIAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput

func (InstanceIAMBindingConditionPtrOutput) Elem 

func (o InstanceIAMBindingConditionPtrOutput) Elem() InstanceIAMBindingConditionOutput

func (InstanceIAMBindingConditionPtrOutput) ElementType 

func (InstanceIAMBindingConditionPtrOutput) ElementType() reflect.Type

func (InstanceIAMBindingConditionPtrOutput) Expression 

func (o InstanceIAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (InstanceIAMBindingConditionPtrOutput) Title 

func (o InstanceIAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput

func (InstanceIAMBindingConditionPtrOutput) ToInstanceIAMBindingConditionPtrOutput 

func (o InstanceIAMBindingConditionPtrOutput) ToInstanceIAMBindingConditionPtrOutput() InstanceIAMBindingConditionPtrOutput

func (InstanceIAMBindingConditionPtrOutput) ToInstanceIAMBindingConditionPtrOutputWithContext 

func (o InstanceIAMBindingConditionPtrOutput) ToInstanceIAMBindingConditionPtrOutputWithContext(ctx context.Context) InstanceIAMBindingConditionPtrOutput

type InstanceIAMBindingInput added in v4.4.0 

type InstanceIAMBindingInput interface {
	pulumi.Input

	ToInstanceIAMBindingOutput() InstanceIAMBindingOutput
	ToInstanceIAMBindingOutputWithContext(ctx context.Context) InstanceIAMBindingOutput
}

type InstanceIAMBindingOutput added in v4.4.0 

type InstanceIAMBindingOutput struct {
	*pulumi.OutputState
}

func (InstanceIAMBindingOutput) ElementType added in v4.4.0 

func (InstanceIAMBindingOutput) ElementType() reflect.Type

func (InstanceIAMBindingOutput) ToInstanceIAMBindingOutput added in v4.4.0 

func (o InstanceIAMBindingOutput) ToInstanceIAMBindingOutput() InstanceIAMBindingOutput

func (InstanceIAMBindingOutput) ToInstanceIAMBindingOutputWithContext added in v4.4.0 

func (o InstanceIAMBindingOutput) ToInstanceIAMBindingOutputWithContext(ctx context.Context) InstanceIAMBindingOutput

type InstanceIAMBindingState 

type InstanceIAMBindingState struct {
	Condition InstanceIAMBindingConditionPtrInput
	// (Computed) The etag of the instance's IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the instance.
	Instance pulumi.StringPtrInput
	Members  pulumi.StringArrayInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (InstanceIAMBindingState) ElementType 

func (InstanceIAMBindingState) ElementType() reflect.Type

type InstanceIAMMember 

type InstanceIAMMember struct {
	pulumi.CustomResourceState

	Condition InstanceIAMMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the instance's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the instance.
	Instance pulumi.StringOutput `pulumi:"instance"`
	Member   pulumi.StringOutput `pulumi:"member"`
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `spanner.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for a Spanner instance. Each of these resources serves a different use case:

* `spanner.InstanceIAMPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached.

> **Warning:** It's entirely possibly to lock yourself out of your instance using `spanner.InstanceIAMPolicy`. Any permissions granted by default will be removed unless you include them in your config.

* `spanner.InstanceIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved. * `spanner.InstanceIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved.

> **Note:** `spanner.InstanceIAMPolicy` **cannot** be used in conjunction with `spanner.InstanceIAMBinding` and `spanner.InstanceIAMMember` or they will fight over what your policy should be.

> **Note:** `spanner.InstanceIAMBinding` resources **can be** used in conjunction with `spanner.InstanceIAMMember` resources **only if** they do not grant privilege to the same role.

## google\_spanner\_instance\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				organizations.GetIAMPolicyBinding{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = spanner.NewInstanceIAMPolicy(ctx, "instance", &spanner.InstanceIAMPolicyArgs{
			Instance:   pulumi.String("your-instance-name"),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_instance\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstanceIAMBinding(ctx, "instance", &spanner.InstanceIAMBindingArgs{
			Instance: pulumi.String("your-instance-name"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Role: pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_instance\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstanceIAMMember(ctx, "instance", &spanner.InstanceIAMMemberArgs{
			Instance: pulumi.String("your-instance-name"),
			Member:   pulumi.String("user:jane@example.com"),
			Role:     pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* {{project}}/{{name}} * {{name}} (project is taken from provider project) IAM member imports use space-delimited identifiers; the resource in question, the role, and the account, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMMember:InstanceIAMMember instance "project-name/instance-name roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMMember:InstanceIAMMember instance "project-name/instance-name roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMMember:InstanceIAMMember instance project-name/instance-name

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetInstanceIAMMember 

func GetInstanceIAMMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceIAMMemberState, opts ...pulumi.ResourceOption) (*InstanceIAMMember, error)

GetInstanceIAMMember gets an existing InstanceIAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstanceIAMMember 

func NewInstanceIAMMember(ctx *pulumi.Context,
	name string, args *InstanceIAMMemberArgs, opts ...pulumi.ResourceOption) (*InstanceIAMMember, error)

NewInstanceIAMMember registers a new resource with the given unique name, arguments, and options.

func (InstanceIAMMember) ElementType added in v4.4.0 

func (InstanceIAMMember) ElementType() reflect.Type

func (InstanceIAMMember) ToInstanceIAMMemberOutput added in v4.4.0 

func (i InstanceIAMMember) ToInstanceIAMMemberOutput() InstanceIAMMemberOutput

func (InstanceIAMMember) ToInstanceIAMMemberOutputWithContext added in v4.4.0 

func (i InstanceIAMMember) ToInstanceIAMMemberOutputWithContext(ctx context.Context) InstanceIAMMemberOutput

type InstanceIAMMemberArgs 

type InstanceIAMMemberArgs struct {
	Condition InstanceIAMMemberConditionPtrInput
	// The name of the instance.
	Instance pulumi.StringInput
	Member   pulumi.StringInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a InstanceIAMMember resource.

func (InstanceIAMMemberArgs) ElementType 

func (InstanceIAMMemberArgs) ElementType() reflect.Type

type InstanceIAMMemberCondition 

type InstanceIAMMemberCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type InstanceIAMMemberConditionArgs 

type InstanceIAMMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (InstanceIAMMemberConditionArgs) ElementType 

func (InstanceIAMMemberConditionArgs) ElementType() reflect.Type

func (InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionOutput 

func (i InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionOutput() InstanceIAMMemberConditionOutput

func (InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionOutputWithContext 

func (i InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionOutputWithContext(ctx context.Context) InstanceIAMMemberConditionOutput

func (InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionPtrOutput 

func (i InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionPtrOutput() InstanceIAMMemberConditionPtrOutput

func (InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionPtrOutputWithContext 

func (i InstanceIAMMemberConditionArgs) ToInstanceIAMMemberConditionPtrOutputWithContext(ctx context.Context) InstanceIAMMemberConditionPtrOutput

type InstanceIAMMemberConditionInput 

type InstanceIAMMemberConditionInput interface {
	pulumi.Input

	ToInstanceIAMMemberConditionOutput() InstanceIAMMemberConditionOutput
	ToInstanceIAMMemberConditionOutputWithContext(context.Context) InstanceIAMMemberConditionOutput
}

InstanceIAMMemberConditionInput is an input type that accepts InstanceIAMMemberConditionArgs and InstanceIAMMemberConditionOutput values. You can construct a concrete instance of `InstanceIAMMemberConditionInput` via: 

InstanceIAMMemberConditionArgs{...}

type InstanceIAMMemberConditionOutput 

type InstanceIAMMemberConditionOutput struct{ *pulumi.OutputState }

func (InstanceIAMMemberConditionOutput) Description 

func (o InstanceIAMMemberConditionOutput) Description() pulumi.StringPtrOutput

func (InstanceIAMMemberConditionOutput) ElementType 

func (InstanceIAMMemberConditionOutput) ElementType() reflect.Type

func (InstanceIAMMemberConditionOutput) Expression 

func (o InstanceIAMMemberConditionOutput) Expression() pulumi.StringOutput

func (InstanceIAMMemberConditionOutput) Title 

func (o InstanceIAMMemberConditionOutput) Title() pulumi.StringOutput

func (InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionOutput 

func (o InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionOutput() InstanceIAMMemberConditionOutput

func (InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionOutputWithContext 

func (o InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionOutputWithContext(ctx context.Context) InstanceIAMMemberConditionOutput

func (InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionPtrOutput 

func (o InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionPtrOutput() InstanceIAMMemberConditionPtrOutput

func (InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionPtrOutputWithContext 

func (o InstanceIAMMemberConditionOutput) ToInstanceIAMMemberConditionPtrOutputWithContext(ctx context.Context) InstanceIAMMemberConditionPtrOutput

type InstanceIAMMemberConditionPtrInput 

type InstanceIAMMemberConditionPtrInput interface {
	pulumi.Input

	ToInstanceIAMMemberConditionPtrOutput() InstanceIAMMemberConditionPtrOutput
	ToInstanceIAMMemberConditionPtrOutputWithContext(context.Context) InstanceIAMMemberConditionPtrOutput
}

InstanceIAMMemberConditionPtrInput is an input type that accepts InstanceIAMMemberConditionArgs, InstanceIAMMemberConditionPtr and InstanceIAMMemberConditionPtrOutput values. You can construct a concrete instance of `InstanceIAMMemberConditionPtrInput` via: 

        InstanceIAMMemberConditionArgs{...}

or:

        nil

func InstanceIAMMemberConditionPtr 

func InstanceIAMMemberConditionPtr(v *InstanceIAMMemberConditionArgs) InstanceIAMMemberConditionPtrInput

type InstanceIAMMemberConditionPtrOutput 

type InstanceIAMMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (InstanceIAMMemberConditionPtrOutput) Description 

func (o InstanceIAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput

func (InstanceIAMMemberConditionPtrOutput) Elem 

func (o InstanceIAMMemberConditionPtrOutput) Elem() InstanceIAMMemberConditionOutput

func (InstanceIAMMemberConditionPtrOutput) ElementType 

func (InstanceIAMMemberConditionPtrOutput) ElementType() reflect.Type

func (InstanceIAMMemberConditionPtrOutput) Expression 

func (o InstanceIAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (InstanceIAMMemberConditionPtrOutput) Title 

func (o InstanceIAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput

func (InstanceIAMMemberConditionPtrOutput) ToInstanceIAMMemberConditionPtrOutput 

func (o InstanceIAMMemberConditionPtrOutput) ToInstanceIAMMemberConditionPtrOutput() InstanceIAMMemberConditionPtrOutput

func (InstanceIAMMemberConditionPtrOutput) ToInstanceIAMMemberConditionPtrOutputWithContext 

func (o InstanceIAMMemberConditionPtrOutput) ToInstanceIAMMemberConditionPtrOutputWithContext(ctx context.Context) InstanceIAMMemberConditionPtrOutput

type InstanceIAMMemberInput added in v4.4.0 

type InstanceIAMMemberInput interface {
	pulumi.Input

	ToInstanceIAMMemberOutput() InstanceIAMMemberOutput
	ToInstanceIAMMemberOutputWithContext(ctx context.Context) InstanceIAMMemberOutput
}

type InstanceIAMMemberOutput added in v4.4.0 

type InstanceIAMMemberOutput struct {
	*pulumi.OutputState
}

func (InstanceIAMMemberOutput) ElementType added in v4.4.0 

func (InstanceIAMMemberOutput) ElementType() reflect.Type

func (InstanceIAMMemberOutput) ToInstanceIAMMemberOutput added in v4.4.0 

func (o InstanceIAMMemberOutput) ToInstanceIAMMemberOutput() InstanceIAMMemberOutput

func (InstanceIAMMemberOutput) ToInstanceIAMMemberOutputWithContext added in v4.4.0 

func (o InstanceIAMMemberOutput) ToInstanceIAMMemberOutputWithContext(ctx context.Context) InstanceIAMMemberOutput

type InstanceIAMMemberState 

type InstanceIAMMemberState struct {
	Condition InstanceIAMMemberConditionPtrInput
	// (Computed) The etag of the instance's IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the instance.
	Instance pulumi.StringPtrInput
	Member   pulumi.StringPtrInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `spanner.InstanceIAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (InstanceIAMMemberState) ElementType 

func (InstanceIAMMemberState) ElementType() reflect.Type

type InstanceIAMPolicy 

type InstanceIAMPolicy struct {
	pulumi.CustomResourceState

	// (Computed) The etag of the instance's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the instance.
	Instance pulumi.StringOutput `pulumi:"instance"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
}

Three different resources help you manage your IAM policy for a Spanner instance. Each of these resources serves a different use case:

* `spanner.InstanceIAMPolicy`: Authoritative. Sets the IAM policy for the instance and replaces any existing policy already attached.

> **Warning:** It's entirely possibly to lock yourself out of your instance using `spanner.InstanceIAMPolicy`. Any permissions granted by default will be removed unless you include them in your config.

* `spanner.InstanceIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the instance are preserved. * `spanner.InstanceIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the instance are preserved.

> **Note:** `spanner.InstanceIAMPolicy` **cannot** be used in conjunction with `spanner.InstanceIAMBinding` and `spanner.InstanceIAMMember` or they will fight over what your policy should be.

> **Note:** `spanner.InstanceIAMBinding` resources **can be** used in conjunction with `spanner.InstanceIAMMember` resources **only if** they do not grant privilege to the same role.

## google\_spanner\_instance\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				organizations.GetIAMPolicyBinding{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = spanner.NewInstanceIAMPolicy(ctx, "instance", &spanner.InstanceIAMPolicyArgs{
			Instance:   pulumi.String("your-instance-name"),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_instance\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstanceIAMBinding(ctx, "instance", &spanner.InstanceIAMBindingArgs{
			Instance: pulumi.String("your-instance-name"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Role: pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_spanner\_instance\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.NewInstanceIAMMember(ctx, "instance", &spanner.InstanceIAMMemberArgs{
			Instance: pulumi.String("your-instance-name"),
			Member:   pulumi.String("user:jane@example.com"),
			Role:     pulumi.String("roles/compute.networkUser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* {{project}}/{{name}} * {{name}} (project is taken from provider project) IAM member imports use space-delimited identifiers; the resource in question, the role, and the account, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMPolicy:InstanceIAMPolicy instance "project-name/instance-name roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMPolicy:InstanceIAMPolicy instance "project-name/instance-name roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:spanner/instanceIAMPolicy:InstanceIAMPolicy instance project-name/instance-name

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetInstanceIAMPolicy 

func GetInstanceIAMPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceIAMPolicyState, opts ...pulumi.ResourceOption) (*InstanceIAMPolicy, error)

GetInstanceIAMPolicy gets an existing InstanceIAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstanceIAMPolicy 

func NewInstanceIAMPolicy(ctx *pulumi.Context,
	name string, args *InstanceIAMPolicyArgs, opts ...pulumi.ResourceOption) (*InstanceIAMPolicy, error)

NewInstanceIAMPolicy registers a new resource with the given unique name, arguments, and options.

func (InstanceIAMPolicy) ElementType added in v4.4.0 

func (InstanceIAMPolicy) ElementType() reflect.Type

func (InstanceIAMPolicy) ToInstanceIAMPolicyOutput added in v4.4.0 

func (i InstanceIAMPolicy) ToInstanceIAMPolicyOutput() InstanceIAMPolicyOutput

func (InstanceIAMPolicy) ToInstanceIAMPolicyOutputWithContext added in v4.4.0 

func (i InstanceIAMPolicy) ToInstanceIAMPolicyOutputWithContext(ctx context.Context) InstanceIAMPolicyOutput

type InstanceIAMPolicyArgs 

type InstanceIAMPolicyArgs struct {
	// The name of the instance.
	Instance pulumi.StringInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a InstanceIAMPolicy resource.

func (InstanceIAMPolicyArgs) ElementType 

func (InstanceIAMPolicyArgs) ElementType() reflect.Type

type InstanceIAMPolicyInput added in v4.4.0 

type InstanceIAMPolicyInput interface {
	pulumi.Input

	ToInstanceIAMPolicyOutput() InstanceIAMPolicyOutput
	ToInstanceIAMPolicyOutputWithContext(ctx context.Context) InstanceIAMPolicyOutput
}

type InstanceIAMPolicyOutput added in v4.4.0 

type InstanceIAMPolicyOutput struct {
	*pulumi.OutputState
}

func (InstanceIAMPolicyOutput) ElementType added in v4.4.0 

func (InstanceIAMPolicyOutput) ElementType() reflect.Type

func (InstanceIAMPolicyOutput) ToInstanceIAMPolicyOutput added in v4.4.0 

func (o InstanceIAMPolicyOutput) ToInstanceIAMPolicyOutput() InstanceIAMPolicyOutput

func (InstanceIAMPolicyOutput) ToInstanceIAMPolicyOutputWithContext added in v4.4.0 

func (o InstanceIAMPolicyOutput) ToInstanceIAMPolicyOutputWithContext(ctx context.Context) InstanceIAMPolicyOutput

type InstanceIAMPolicyState 

type InstanceIAMPolicyState struct {
	// (Computed) The etag of the instance's IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the instance.
	Instance pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

func (InstanceIAMPolicyState) ElementType 

func (InstanceIAMPolicyState) ElementType() reflect.Type

type InstanceInput added in v4.4.0 

type InstanceInput interface {
	pulumi.Input

	ToInstanceOutput() InstanceOutput
	ToInstanceOutputWithContext(ctx context.Context) InstanceOutput
}

type InstanceOutput added in v4.4.0 

type InstanceOutput struct {
	*pulumi.OutputState
}

func (InstanceOutput) ElementType added in v4.4.0 

func (InstanceOutput) ElementType() reflect.Type

func (InstanceOutput) ToInstanceOutput added in v4.4.0 

func (o InstanceOutput) ToInstanceOutput() InstanceOutput

func (InstanceOutput) ToInstanceOutputWithContext added in v4.4.0 

func (o InstanceOutput) ToInstanceOutputWithContext(ctx context.Context) InstanceOutput

type InstanceState 

type InstanceState struct {
	// The name of the instance's configuration (similar but not
	// quite the same as a region) which defines defines the geographic placement and
	// replication of your databases in this instance. It determines where your data
	// is stored. Values are typically of the form `regional-europe-west1` , `us-central` etc.
	// In order to obtain a valid list please consult the
	// [Configuration section of the docs](https://cloud.google.com/spanner/docs/instances).
	Config pulumi.StringPtrInput
	// The descriptive name for this instance as it appears in UIs. Must be
	// unique per project and between 4 and 30 characters in length.
	DisplayName pulumi.StringPtrInput
	// An object containing a list of "key": value pairs.
	// Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Labels pulumi.StringMapInput
	// A unique identifier for the instance, which cannot be changed after
	// the instance is created. The name must be between 6 and 30 characters
	// in length.
	Name pulumi.StringPtrInput
	// The number of nodes allocated to this instance.
	NumNodes pulumi.IntPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// Instance status: 'CREATING' or 'READY'.
	State pulumi.StringPtrInput
}

func (InstanceState) ElementType 

func (InstanceState) ElementType() reflect.Type

type LookupInstanceArgs added in v4.1.0 

type LookupInstanceArgs struct {
	Config      *string           `pulumi:"config"`
	DisplayName *string           `pulumi:"displayName"`
	Labels      map[string]string `pulumi:"labels"`
	// The name of the spanner instance.
	Name     string `pulumi:"name"`
	NumNodes *int   `pulumi:"numNodes"`
	// The project in which the resource belongs. If it
	// is not provided, the provider project is used.
	Project *string `pulumi:"project"`
}

A collection of arguments for invoking getInstance.

type LookupInstanceResult added in v4.1.0 

type LookupInstanceResult struct {
	Config      *string `pulumi:"config"`
	DisplayName *string `pulumi:"displayName"`
	// The provider-assigned unique ID for this managed resource.
	Id       string            `pulumi:"id"`
	Labels   map[string]string `pulumi:"labels"`
	Name     string            `pulumi:"name"`
	NumNodes *int              `pulumi:"numNodes"`
	Project  *string           `pulumi:"project"`
	State    string            `pulumi:"state"`
}

A collection of values returned by getInstance.

func LookupInstance added in v4.1.0 

func LookupInstance(ctx *pulumi.Context, args *LookupInstanceArgs, opts ...pulumi.InvokeOption) (*LookupInstanceResult, error)

Get a spanner instance from Google Cloud by its name.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/spanner"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := spanner.LookupInstance(ctx, &spanner.LookupInstanceArgs{
			Name: "bar",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.