Documentation ¶
Index ¶
- type GetFolderServiceAccountArgs
- type GetFolderServiceAccountOutputArgs
- type GetFolderServiceAccountResult
- type GetFolderServiceAccountResultOutput
- func (o GetFolderServiceAccountResultOutput) AccountEmail() pulumi.StringOutput
- func (GetFolderServiceAccountResultOutput) ElementType() reflect.Type
- func (o GetFolderServiceAccountResultOutput) FolderId() pulumi.StringOutput
- func (o GetFolderServiceAccountResultOutput) Id() pulumi.StringOutput
- func (o GetFolderServiceAccountResultOutput) Name() pulumi.StringOutput
- func (o GetFolderServiceAccountResultOutput) ToGetFolderServiceAccountResultOutput() GetFolderServiceAccountResultOutput
- func (o GetFolderServiceAccountResultOutput) ToGetFolderServiceAccountResultOutputWithContext(ctx context.Context) GetFolderServiceAccountResultOutput
- type GetOrganizationServiceAccountArgs
- type GetOrganizationServiceAccountOutputArgs
- type GetOrganizationServiceAccountResult
- type GetOrganizationServiceAccountResultOutput
- func (o GetOrganizationServiceAccountResultOutput) AccountEmail() pulumi.StringOutput
- func (GetOrganizationServiceAccountResultOutput) ElementType() reflect.Type
- func (o GetOrganizationServiceAccountResultOutput) Id() pulumi.StringOutput
- func (o GetOrganizationServiceAccountResultOutput) Name() pulumi.StringOutput
- func (o GetOrganizationServiceAccountResultOutput) OrganizationId() pulumi.StringOutput
- func (o GetOrganizationServiceAccountResultOutput) ToGetOrganizationServiceAccountResultOutput() GetOrganizationServiceAccountResultOutput
- func (o GetOrganizationServiceAccountResultOutput) ToGetOrganizationServiceAccountResultOutputWithContext(ctx context.Context) GetOrganizationServiceAccountResultOutput
- type GetProjectServiceAccountArgs
- type GetProjectServiceAccountOutputArgs
- type GetProjectServiceAccountResult
- type GetProjectServiceAccountResultOutput
- func (o GetProjectServiceAccountResultOutput) AccountEmail() pulumi.StringOutput
- func (GetProjectServiceAccountResultOutput) ElementType() reflect.Type
- func (o GetProjectServiceAccountResultOutput) Id() pulumi.StringOutput
- func (o GetProjectServiceAccountResultOutput) Name() pulumi.StringOutput
- func (o GetProjectServiceAccountResultOutput) ProjectId() pulumi.StringOutput
- func (o GetProjectServiceAccountResultOutput) ToGetProjectServiceAccountResultOutput() GetProjectServiceAccountResultOutput
- func (o GetProjectServiceAccountResultOutput) ToGetProjectServiceAccountResultOutputWithContext(ctx context.Context) GetProjectServiceAccountResultOutput
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GetFolderServiceAccountArgs ¶
type GetFolderServiceAccountArgs struct { // The folder ID the service account was created for. FolderId string `pulumi:"folderId"` }
A collection of arguments for invoking getFolderServiceAccount.
type GetFolderServiceAccountOutputArgs ¶
type GetFolderServiceAccountOutputArgs struct { // The folder ID the service account was created for. FolderId pulumi.StringInput `pulumi:"folderId"` }
A collection of arguments for invoking getFolderServiceAccount.
func (GetFolderServiceAccountOutputArgs) ElementType ¶
func (GetFolderServiceAccountOutputArgs) ElementType() reflect.Type
type GetFolderServiceAccountResult ¶
type GetFolderServiceAccountResult struct { // The email address of the service account. This value is // often used to refer to the service account in order to grant IAM permissions. AccountEmail string `pulumi:"accountEmail"` FolderId string `pulumi:"folderId"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The Access Approval service account resource name. Format is "folders/{folder_id}/serviceAccount". Name string `pulumi:"name"` }
A collection of values returned by getFolderServiceAccount.
func GetFolderServiceAccount ¶
func GetFolderServiceAccount(ctx *pulumi.Context, args *GetFolderServiceAccountArgs, opts ...pulumi.InvokeOption) (*GetFolderServiceAccountResult, error)
Get the email address of a folder's Access Approval service account.
Each Google Cloud folder has a unique service account used by Access Approval. When using Access Approval with a [custom signing key](https://cloud.google.com/cloud-provider-access-management/access-approval/docs/review-approve-access-requests-custom-keys), this account needs to be granted the `cloudkms.signerVerifier` IAM role on the Cloud KMS key used to sign approvals.
## Example Usage
```go package main
import (
"fmt" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/accessapproval" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { serviceAccount, err := accessapproval.GetFolderServiceAccount(ctx, &accessapproval.GetFolderServiceAccountArgs{ FolderId: "my-folder", }, nil) if err != nil { return err } _, err = kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{ CryptoKeyId: pulumi.Any(cryptoKey.Id), Role: pulumi.String("roles/cloudkms.signerVerifier"), Member: pulumi.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail), }) if err != nil { return err } return nil }) }
```
type GetFolderServiceAccountResultOutput ¶
type GetFolderServiceAccountResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getFolderServiceAccount.
func GetFolderServiceAccountOutput ¶
func GetFolderServiceAccountOutput(ctx *pulumi.Context, args GetFolderServiceAccountOutputArgs, opts ...pulumi.InvokeOption) GetFolderServiceAccountResultOutput
func (GetFolderServiceAccountResultOutput) AccountEmail ¶
func (o GetFolderServiceAccountResultOutput) AccountEmail() pulumi.StringOutput
The email address of the service account. This value is often used to refer to the service account in order to grant IAM permissions.
func (GetFolderServiceAccountResultOutput) ElementType ¶
func (GetFolderServiceAccountResultOutput) ElementType() reflect.Type
func (GetFolderServiceAccountResultOutput) FolderId ¶
func (o GetFolderServiceAccountResultOutput) FolderId() pulumi.StringOutput
func (GetFolderServiceAccountResultOutput) Id ¶
func (o GetFolderServiceAccountResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetFolderServiceAccountResultOutput) Name ¶
func (o GetFolderServiceAccountResultOutput) Name() pulumi.StringOutput
The Access Approval service account resource name. Format is "folders/{folder_id}/serviceAccount".
func (GetFolderServiceAccountResultOutput) ToGetFolderServiceAccountResultOutput ¶
func (o GetFolderServiceAccountResultOutput) ToGetFolderServiceAccountResultOutput() GetFolderServiceAccountResultOutput
func (GetFolderServiceAccountResultOutput) ToGetFolderServiceAccountResultOutputWithContext ¶
func (o GetFolderServiceAccountResultOutput) ToGetFolderServiceAccountResultOutputWithContext(ctx context.Context) GetFolderServiceAccountResultOutput
type GetOrganizationServiceAccountArgs ¶
type GetOrganizationServiceAccountArgs struct { // The organization ID the service account was created for. OrganizationId string `pulumi:"organizationId"` }
A collection of arguments for invoking getOrganizationServiceAccount.
type GetOrganizationServiceAccountOutputArgs ¶
type GetOrganizationServiceAccountOutputArgs struct { // The organization ID the service account was created for. OrganizationId pulumi.StringInput `pulumi:"organizationId"` }
A collection of arguments for invoking getOrganizationServiceAccount.
func (GetOrganizationServiceAccountOutputArgs) ElementType ¶
func (GetOrganizationServiceAccountOutputArgs) ElementType() reflect.Type
type GetOrganizationServiceAccountResult ¶
type GetOrganizationServiceAccountResult struct { // The email address of the service account. This value is // often used to refer to the service account in order to grant IAM permissions. AccountEmail string `pulumi:"accountEmail"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The Access Approval service account resource name. Format is "organizations/{organization_id}/serviceAccount". Name string `pulumi:"name"` OrganizationId string `pulumi:"organizationId"` }
A collection of values returned by getOrganizationServiceAccount.
func GetOrganizationServiceAccount ¶
func GetOrganizationServiceAccount(ctx *pulumi.Context, args *GetOrganizationServiceAccountArgs, opts ...pulumi.InvokeOption) (*GetOrganizationServiceAccountResult, error)
Get the email address of an organization's Access Approval service account.
Each Google Cloud organization has a unique service account used by Access Approval. When using Access Approval with a [custom signing key](https://cloud.google.com/cloud-provider-access-management/access-approval/docs/review-approve-access-requests-custom-keys), this account needs to be granted the `cloudkms.signerVerifier` IAM role on the Cloud KMS key used to sign approvals.
## Example Usage
```go package main
import (
"fmt" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/accessapproval" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { serviceAccount, err := accessapproval.GetOrganizationServiceAccount(ctx, &accessapproval.GetOrganizationServiceAccountArgs{ OrganizationId: "my-organization", }, nil) if err != nil { return err } _, err = kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{ CryptoKeyId: pulumi.Any(cryptoKey.Id), Role: pulumi.String("roles/cloudkms.signerVerifier"), Member: pulumi.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail), }) if err != nil { return err } return nil }) }
```
type GetOrganizationServiceAccountResultOutput ¶
type GetOrganizationServiceAccountResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getOrganizationServiceAccount.
func GetOrganizationServiceAccountOutput ¶
func GetOrganizationServiceAccountOutput(ctx *pulumi.Context, args GetOrganizationServiceAccountOutputArgs, opts ...pulumi.InvokeOption) GetOrganizationServiceAccountResultOutput
func (GetOrganizationServiceAccountResultOutput) AccountEmail ¶
func (o GetOrganizationServiceAccountResultOutput) AccountEmail() pulumi.StringOutput
The email address of the service account. This value is often used to refer to the service account in order to grant IAM permissions.
func (GetOrganizationServiceAccountResultOutput) ElementType ¶
func (GetOrganizationServiceAccountResultOutput) ElementType() reflect.Type
func (GetOrganizationServiceAccountResultOutput) Id ¶
func (o GetOrganizationServiceAccountResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetOrganizationServiceAccountResultOutput) Name ¶
func (o GetOrganizationServiceAccountResultOutput) Name() pulumi.StringOutput
The Access Approval service account resource name. Format is "organizations/{organization_id}/serviceAccount".
func (GetOrganizationServiceAccountResultOutput) OrganizationId ¶
func (o GetOrganizationServiceAccountResultOutput) OrganizationId() pulumi.StringOutput
func (GetOrganizationServiceAccountResultOutput) ToGetOrganizationServiceAccountResultOutput ¶
func (o GetOrganizationServiceAccountResultOutput) ToGetOrganizationServiceAccountResultOutput() GetOrganizationServiceAccountResultOutput
func (GetOrganizationServiceAccountResultOutput) ToGetOrganizationServiceAccountResultOutputWithContext ¶
func (o GetOrganizationServiceAccountResultOutput) ToGetOrganizationServiceAccountResultOutputWithContext(ctx context.Context) GetOrganizationServiceAccountResultOutput
type GetProjectServiceAccountArgs ¶
type GetProjectServiceAccountArgs struct { // The project ID the service account was created for. ProjectId string `pulumi:"projectId"` }
A collection of arguments for invoking getProjectServiceAccount.
type GetProjectServiceAccountOutputArgs ¶
type GetProjectServiceAccountOutputArgs struct { // The project ID the service account was created for. ProjectId pulumi.StringInput `pulumi:"projectId"` }
A collection of arguments for invoking getProjectServiceAccount.
func (GetProjectServiceAccountOutputArgs) ElementType ¶
func (GetProjectServiceAccountOutputArgs) ElementType() reflect.Type
type GetProjectServiceAccountResult ¶
type GetProjectServiceAccountResult struct { // The email address of the service account. This value is // often used to refer to the service account in order to grant IAM permissions. AccountEmail string `pulumi:"accountEmail"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // The Access Approval service account resource name. Format is "projects/{project_id}/serviceAccount". Name string `pulumi:"name"` ProjectId string `pulumi:"projectId"` }
A collection of values returned by getProjectServiceAccount.
func GetProjectServiceAccount ¶
func GetProjectServiceAccount(ctx *pulumi.Context, args *GetProjectServiceAccountArgs, opts ...pulumi.InvokeOption) (*GetProjectServiceAccountResult, error)
Get the email address of a project's Access Approval service account.
Each Google Cloud project has a unique service account used by Access Approval. When using Access Approval with a [custom signing key](https://cloud.google.com/cloud-provider-access-management/access-approval/docs/review-approve-access-requests-custom-keys), this account needs to be granted the `cloudkms.signerVerifier` IAM role on the Cloud KMS key used to sign approvals.
## Example Usage
```go package main
import (
"fmt" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/accessapproval" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { serviceAccount, err := accessapproval.GetProjectServiceAccount(ctx, &accessapproval.GetProjectServiceAccountArgs{ ProjectId: "my-project", }, nil) if err != nil { return err } _, err = kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{ CryptoKeyId: pulumi.Any(cryptoKey.Id), Role: pulumi.String("roles/cloudkms.signerVerifier"), Member: pulumi.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail), }) if err != nil { return err } return nil }) }
```
type GetProjectServiceAccountResultOutput ¶
type GetProjectServiceAccountResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getProjectServiceAccount.
func GetProjectServiceAccountOutput ¶
func GetProjectServiceAccountOutput(ctx *pulumi.Context, args GetProjectServiceAccountOutputArgs, opts ...pulumi.InvokeOption) GetProjectServiceAccountResultOutput
func (GetProjectServiceAccountResultOutput) AccountEmail ¶
func (o GetProjectServiceAccountResultOutput) AccountEmail() pulumi.StringOutput
The email address of the service account. This value is often used to refer to the service account in order to grant IAM permissions.
func (GetProjectServiceAccountResultOutput) ElementType ¶
func (GetProjectServiceAccountResultOutput) ElementType() reflect.Type
func (GetProjectServiceAccountResultOutput) Id ¶
func (o GetProjectServiceAccountResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetProjectServiceAccountResultOutput) Name ¶
func (o GetProjectServiceAccountResultOutput) Name() pulumi.StringOutput
The Access Approval service account resource name. Format is "projects/{project_id}/serviceAccount".
func (GetProjectServiceAccountResultOutput) ProjectId ¶
func (o GetProjectServiceAccountResultOutput) ProjectId() pulumi.StringOutput
func (GetProjectServiceAccountResultOutput) ToGetProjectServiceAccountResultOutput ¶
func (o GetProjectServiceAccountResultOutput) ToGetProjectServiceAccountResultOutput() GetProjectServiceAccountResultOutput
func (GetProjectServiceAccountResultOutput) ToGetProjectServiceAccountResultOutputWithContext ¶
func (o GetProjectServiceAccountResultOutput) ToGetProjectServiceAccountResultOutputWithContext(ctx context.Context) GetProjectServiceAccountResultOutput