Documentation ¶
Index ¶
- type AccessApprovalSettings
- type AccessApprovalSettingsArgs
- type AccessApprovalSettingsArray
- func (AccessApprovalSettingsArray) ElementType() reflect.Type
- func (i AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput
- func (i AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsArrayOutput
- type AccessApprovalSettingsArrayInput
- type AccessApprovalSettingsArrayOutput
- func (AccessApprovalSettingsArrayOutput) ElementType() reflect.Type
- func (o AccessApprovalSettingsArrayOutput) Index(i pulumi.IntInput) AccessApprovalSettingsOutput
- func (o AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput
- func (o AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsArrayOutput
- type AccessApprovalSettingsEnrolledService
- type AccessApprovalSettingsEnrolledServiceArgs
- func (AccessApprovalSettingsEnrolledServiceArgs) ElementType() reflect.Type
- func (i AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput
- func (i AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceOutput
- type AccessApprovalSettingsEnrolledServiceArray
- func (AccessApprovalSettingsEnrolledServiceArray) ElementType() reflect.Type
- func (i AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput
- func (i AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput
- type AccessApprovalSettingsEnrolledServiceArrayInput
- type AccessApprovalSettingsEnrolledServiceArrayOutput
- func (AccessApprovalSettingsEnrolledServiceArrayOutput) ElementType() reflect.Type
- func (o AccessApprovalSettingsEnrolledServiceArrayOutput) Index(i pulumi.IntInput) AccessApprovalSettingsEnrolledServiceOutput
- func (o AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput
- func (o AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput
- type AccessApprovalSettingsEnrolledServiceInput
- type AccessApprovalSettingsEnrolledServiceOutput
- func (o AccessApprovalSettingsEnrolledServiceOutput) CloudProduct() pulumi.StringOutput
- func (AccessApprovalSettingsEnrolledServiceOutput) ElementType() reflect.Type
- func (o AccessApprovalSettingsEnrolledServiceOutput) EnrollmentLevel() pulumi.StringPtrOutput
- func (o AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput
- func (o AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceOutput
- type AccessApprovalSettingsInput
- type AccessApprovalSettingsMap
- type AccessApprovalSettingsMapInput
- type AccessApprovalSettingsMapOutput
- func (AccessApprovalSettingsMapOutput) ElementType() reflect.Type
- func (o AccessApprovalSettingsMapOutput) MapIndex(k pulumi.StringInput) AccessApprovalSettingsOutput
- func (o AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutput() AccessApprovalSettingsMapOutput
- func (o AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutputWithContext(ctx context.Context) AccessApprovalSettingsMapOutput
- type AccessApprovalSettingsOutput
- func (o AccessApprovalSettingsOutput) ActiveKeyVersion() pulumi.StringPtrOutput
- func (o AccessApprovalSettingsOutput) AncestorHasActiveKeyVersion() pulumi.BoolOutput
- func (AccessApprovalSettingsOutput) ElementType() reflect.Type
- func (o AccessApprovalSettingsOutput) EnrolledAncestor() pulumi.BoolOutput
- func (o AccessApprovalSettingsOutput) EnrolledServices() AccessApprovalSettingsEnrolledServiceArrayOutput
- func (o AccessApprovalSettingsOutput) FolderId() pulumi.StringOutput
- func (o AccessApprovalSettingsOutput) InvalidKeyVersion() pulumi.BoolOutput
- func (o AccessApprovalSettingsOutput) Name() pulumi.StringOutput
- func (o AccessApprovalSettingsOutput) NotificationEmails() pulumi.StringArrayOutput
- func (o AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutput() AccessApprovalSettingsOutput
- func (o AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutputWithContext(ctx context.Context) AccessApprovalSettingsOutput
- type AccessApprovalSettingsState
- type GetIamPolicyArgs
- type GetIamPolicyOutputArgs
- type GetIamPolicyResult
- type GetIamPolicyResultOutput
- func (GetIamPolicyResultOutput) ElementType() reflect.Type
- func (o GetIamPolicyResultOutput) Etag() pulumi.StringOutput
- func (o GetIamPolicyResultOutput) Folder() pulumi.StringOutput
- func (o GetIamPolicyResultOutput) Id() pulumi.StringOutput
- func (o GetIamPolicyResultOutput) PolicyData() pulumi.StringOutput
- func (o GetIamPolicyResultOutput) ToGetIamPolicyResultOutput() GetIamPolicyResultOutput
- func (o GetIamPolicyResultOutput) ToGetIamPolicyResultOutputWithContext(ctx context.Context) GetIamPolicyResultOutput
- type GetOrganizationPolicyBooleanPolicy
- type GetOrganizationPolicyBooleanPolicyArgs
- func (GetOrganizationPolicyBooleanPolicyArgs) ElementType() reflect.Type
- func (i GetOrganizationPolicyBooleanPolicyArgs) ToGetOrganizationPolicyBooleanPolicyOutput() GetOrganizationPolicyBooleanPolicyOutput
- func (i GetOrganizationPolicyBooleanPolicyArgs) ToGetOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyOutput
- type GetOrganizationPolicyBooleanPolicyArray
- func (GetOrganizationPolicyBooleanPolicyArray) ElementType() reflect.Type
- func (i GetOrganizationPolicyBooleanPolicyArray) ToGetOrganizationPolicyBooleanPolicyArrayOutput() GetOrganizationPolicyBooleanPolicyArrayOutput
- func (i GetOrganizationPolicyBooleanPolicyArray) ToGetOrganizationPolicyBooleanPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyArrayOutput
- type GetOrganizationPolicyBooleanPolicyArrayInput
- type GetOrganizationPolicyBooleanPolicyArrayOutput
- func (GetOrganizationPolicyBooleanPolicyArrayOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyBooleanPolicyArrayOutput) Index(i pulumi.IntInput) GetOrganizationPolicyBooleanPolicyOutput
- func (o GetOrganizationPolicyBooleanPolicyArrayOutput) ToGetOrganizationPolicyBooleanPolicyArrayOutput() GetOrganizationPolicyBooleanPolicyArrayOutput
- func (o GetOrganizationPolicyBooleanPolicyArrayOutput) ToGetOrganizationPolicyBooleanPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyArrayOutput
- type GetOrganizationPolicyBooleanPolicyInput
- type GetOrganizationPolicyBooleanPolicyOutput
- func (GetOrganizationPolicyBooleanPolicyOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyBooleanPolicyOutput) Enforced() pulumi.BoolOutput
- func (o GetOrganizationPolicyBooleanPolicyOutput) ToGetOrganizationPolicyBooleanPolicyOutput() GetOrganizationPolicyBooleanPolicyOutput
- func (o GetOrganizationPolicyBooleanPolicyOutput) ToGetOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyOutput
- type GetOrganizationPolicyListPolicy
- type GetOrganizationPolicyListPolicyAllow
- type GetOrganizationPolicyListPolicyAllowArgs
- func (GetOrganizationPolicyListPolicyAllowArgs) ElementType() reflect.Type
- func (i GetOrganizationPolicyListPolicyAllowArgs) ToGetOrganizationPolicyListPolicyAllowOutput() GetOrganizationPolicyListPolicyAllowOutput
- func (i GetOrganizationPolicyListPolicyAllowArgs) ToGetOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowOutput
- type GetOrganizationPolicyListPolicyAllowArray
- func (GetOrganizationPolicyListPolicyAllowArray) ElementType() reflect.Type
- func (i GetOrganizationPolicyListPolicyAllowArray) ToGetOrganizationPolicyListPolicyAllowArrayOutput() GetOrganizationPolicyListPolicyAllowArrayOutput
- func (i GetOrganizationPolicyListPolicyAllowArray) ToGetOrganizationPolicyListPolicyAllowArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowArrayOutput
- type GetOrganizationPolicyListPolicyAllowArrayInput
- type GetOrganizationPolicyListPolicyAllowArrayOutput
- func (GetOrganizationPolicyListPolicyAllowArrayOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyListPolicyAllowArrayOutput) Index(i pulumi.IntInput) GetOrganizationPolicyListPolicyAllowOutput
- func (o GetOrganizationPolicyListPolicyAllowArrayOutput) ToGetOrganizationPolicyListPolicyAllowArrayOutput() GetOrganizationPolicyListPolicyAllowArrayOutput
- func (o GetOrganizationPolicyListPolicyAllowArrayOutput) ToGetOrganizationPolicyListPolicyAllowArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowArrayOutput
- type GetOrganizationPolicyListPolicyAllowInput
- type GetOrganizationPolicyListPolicyAllowOutput
- func (o GetOrganizationPolicyListPolicyAllowOutput) All() pulumi.BoolOutput
- func (GetOrganizationPolicyListPolicyAllowOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyListPolicyAllowOutput) ToGetOrganizationPolicyListPolicyAllowOutput() GetOrganizationPolicyListPolicyAllowOutput
- func (o GetOrganizationPolicyListPolicyAllowOutput) ToGetOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowOutput
- func (o GetOrganizationPolicyListPolicyAllowOutput) Values() pulumi.StringArrayOutput
- type GetOrganizationPolicyListPolicyArgs
- func (GetOrganizationPolicyListPolicyArgs) ElementType() reflect.Type
- func (i GetOrganizationPolicyListPolicyArgs) ToGetOrganizationPolicyListPolicyOutput() GetOrganizationPolicyListPolicyOutput
- func (i GetOrganizationPolicyListPolicyArgs) ToGetOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyOutput
- type GetOrganizationPolicyListPolicyArray
- func (GetOrganizationPolicyListPolicyArray) ElementType() reflect.Type
- func (i GetOrganizationPolicyListPolicyArray) ToGetOrganizationPolicyListPolicyArrayOutput() GetOrganizationPolicyListPolicyArrayOutput
- func (i GetOrganizationPolicyListPolicyArray) ToGetOrganizationPolicyListPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyArrayOutput
- type GetOrganizationPolicyListPolicyArrayInput
- type GetOrganizationPolicyListPolicyArrayOutput
- func (GetOrganizationPolicyListPolicyArrayOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyListPolicyArrayOutput) Index(i pulumi.IntInput) GetOrganizationPolicyListPolicyOutput
- func (o GetOrganizationPolicyListPolicyArrayOutput) ToGetOrganizationPolicyListPolicyArrayOutput() GetOrganizationPolicyListPolicyArrayOutput
- func (o GetOrganizationPolicyListPolicyArrayOutput) ToGetOrganizationPolicyListPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyArrayOutput
- type GetOrganizationPolicyListPolicyDeny
- type GetOrganizationPolicyListPolicyDenyArgs
- func (GetOrganizationPolicyListPolicyDenyArgs) ElementType() reflect.Type
- func (i GetOrganizationPolicyListPolicyDenyArgs) ToGetOrganizationPolicyListPolicyDenyOutput() GetOrganizationPolicyListPolicyDenyOutput
- func (i GetOrganizationPolicyListPolicyDenyArgs) ToGetOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyOutput
- type GetOrganizationPolicyListPolicyDenyArray
- func (GetOrganizationPolicyListPolicyDenyArray) ElementType() reflect.Type
- func (i GetOrganizationPolicyListPolicyDenyArray) ToGetOrganizationPolicyListPolicyDenyArrayOutput() GetOrganizationPolicyListPolicyDenyArrayOutput
- func (i GetOrganizationPolicyListPolicyDenyArray) ToGetOrganizationPolicyListPolicyDenyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyArrayOutput
- type GetOrganizationPolicyListPolicyDenyArrayInput
- type GetOrganizationPolicyListPolicyDenyArrayOutput
- func (GetOrganizationPolicyListPolicyDenyArrayOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyListPolicyDenyArrayOutput) Index(i pulumi.IntInput) GetOrganizationPolicyListPolicyDenyOutput
- func (o GetOrganizationPolicyListPolicyDenyArrayOutput) ToGetOrganizationPolicyListPolicyDenyArrayOutput() GetOrganizationPolicyListPolicyDenyArrayOutput
- func (o GetOrganizationPolicyListPolicyDenyArrayOutput) ToGetOrganizationPolicyListPolicyDenyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyArrayOutput
- type GetOrganizationPolicyListPolicyDenyInput
- type GetOrganizationPolicyListPolicyDenyOutput
- func (o GetOrganizationPolicyListPolicyDenyOutput) All() pulumi.BoolOutput
- func (GetOrganizationPolicyListPolicyDenyOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyListPolicyDenyOutput) ToGetOrganizationPolicyListPolicyDenyOutput() GetOrganizationPolicyListPolicyDenyOutput
- func (o GetOrganizationPolicyListPolicyDenyOutput) ToGetOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyOutput
- func (o GetOrganizationPolicyListPolicyDenyOutput) Values() pulumi.StringArrayOutput
- type GetOrganizationPolicyListPolicyInput
- type GetOrganizationPolicyListPolicyOutput
- func (o GetOrganizationPolicyListPolicyOutput) Allows() GetOrganizationPolicyListPolicyAllowArrayOutput
- func (o GetOrganizationPolicyListPolicyOutput) Denies() GetOrganizationPolicyListPolicyDenyArrayOutput
- func (GetOrganizationPolicyListPolicyOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyListPolicyOutput) InheritFromParent() pulumi.BoolOutput
- func (o GetOrganizationPolicyListPolicyOutput) SuggestedValue() pulumi.StringOutput
- func (o GetOrganizationPolicyListPolicyOutput) ToGetOrganizationPolicyListPolicyOutput() GetOrganizationPolicyListPolicyOutput
- func (o GetOrganizationPolicyListPolicyOutput) ToGetOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyOutput
- type GetOrganizationPolicyRestorePolicy
- type GetOrganizationPolicyRestorePolicyArgs
- func (GetOrganizationPolicyRestorePolicyArgs) ElementType() reflect.Type
- func (i GetOrganizationPolicyRestorePolicyArgs) ToGetOrganizationPolicyRestorePolicyOutput() GetOrganizationPolicyRestorePolicyOutput
- func (i GetOrganizationPolicyRestorePolicyArgs) ToGetOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyOutput
- type GetOrganizationPolicyRestorePolicyArray
- func (GetOrganizationPolicyRestorePolicyArray) ElementType() reflect.Type
- func (i GetOrganizationPolicyRestorePolicyArray) ToGetOrganizationPolicyRestorePolicyArrayOutput() GetOrganizationPolicyRestorePolicyArrayOutput
- func (i GetOrganizationPolicyRestorePolicyArray) ToGetOrganizationPolicyRestorePolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyArrayOutput
- type GetOrganizationPolicyRestorePolicyArrayInput
- type GetOrganizationPolicyRestorePolicyArrayOutput
- func (GetOrganizationPolicyRestorePolicyArrayOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyRestorePolicyArrayOutput) Index(i pulumi.IntInput) GetOrganizationPolicyRestorePolicyOutput
- func (o GetOrganizationPolicyRestorePolicyArrayOutput) ToGetOrganizationPolicyRestorePolicyArrayOutput() GetOrganizationPolicyRestorePolicyArrayOutput
- func (o GetOrganizationPolicyRestorePolicyArrayOutput) ToGetOrganizationPolicyRestorePolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyArrayOutput
- type GetOrganizationPolicyRestorePolicyInput
- type GetOrganizationPolicyRestorePolicyOutput
- func (o GetOrganizationPolicyRestorePolicyOutput) Default() pulumi.BoolOutput
- func (GetOrganizationPolicyRestorePolicyOutput) ElementType() reflect.Type
- func (o GetOrganizationPolicyRestorePolicyOutput) ToGetOrganizationPolicyRestorePolicyOutput() GetOrganizationPolicyRestorePolicyOutput
- func (o GetOrganizationPolicyRestorePolicyOutput) ToGetOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyOutput
- type IAMBinding
- type IAMBindingArgs
- type IAMBindingArray
- type IAMBindingArrayInput
- type IAMBindingArrayOutput
- func (IAMBindingArrayOutput) ElementType() reflect.Type
- func (o IAMBindingArrayOutput) Index(i pulumi.IntInput) IAMBindingOutput
- func (o IAMBindingArrayOutput) ToIAMBindingArrayOutput() IAMBindingArrayOutput
- func (o IAMBindingArrayOutput) ToIAMBindingArrayOutputWithContext(ctx context.Context) IAMBindingArrayOutput
- type IAMBindingCondition
- type IAMBindingConditionArgs
- func (IAMBindingConditionArgs) ElementType() reflect.Type
- func (i IAMBindingConditionArgs) ToIAMBindingConditionOutput() IAMBindingConditionOutput
- func (i IAMBindingConditionArgs) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput
- func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
- func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput
- type IAMBindingConditionInput
- type IAMBindingConditionOutput
- func (o IAMBindingConditionOutput) Description() pulumi.StringPtrOutput
- func (IAMBindingConditionOutput) ElementType() reflect.Type
- func (o IAMBindingConditionOutput) Expression() pulumi.StringOutput
- func (o IAMBindingConditionOutput) Title() pulumi.StringOutput
- func (o IAMBindingConditionOutput) ToIAMBindingConditionOutput() IAMBindingConditionOutput
- func (o IAMBindingConditionOutput) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput
- func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
- func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput
- type IAMBindingConditionPtrInput
- type IAMBindingConditionPtrOutput
- func (o IAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput
- func (o IAMBindingConditionPtrOutput) Elem() IAMBindingConditionOutput
- func (IAMBindingConditionPtrOutput) ElementType() reflect.Type
- func (o IAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput
- func (o IAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput
- func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
- func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput
- type IAMBindingInput
- type IAMBindingMap
- type IAMBindingMapInput
- type IAMBindingMapOutput
- func (IAMBindingMapOutput) ElementType() reflect.Type
- func (o IAMBindingMapOutput) MapIndex(k pulumi.StringInput) IAMBindingOutput
- func (o IAMBindingMapOutput) ToIAMBindingMapOutput() IAMBindingMapOutput
- func (o IAMBindingMapOutput) ToIAMBindingMapOutputWithContext(ctx context.Context) IAMBindingMapOutput
- type IAMBindingOutput
- func (o IAMBindingOutput) Condition() IAMBindingConditionPtrOutput
- func (IAMBindingOutput) ElementType() reflect.Type
- func (o IAMBindingOutput) Etag() pulumi.StringOutput
- func (o IAMBindingOutput) Folder() pulumi.StringOutput
- func (o IAMBindingOutput) Members() pulumi.StringArrayOutput
- func (o IAMBindingOutput) Role() pulumi.StringOutput
- func (o IAMBindingOutput) ToIAMBindingOutput() IAMBindingOutput
- func (o IAMBindingOutput) ToIAMBindingOutputWithContext(ctx context.Context) IAMBindingOutput
- type IAMBindingState
- type IAMMember
- type IAMMemberArgs
- type IAMMemberArray
- type IAMMemberArrayInput
- type IAMMemberArrayOutput
- func (IAMMemberArrayOutput) ElementType() reflect.Type
- func (o IAMMemberArrayOutput) Index(i pulumi.IntInput) IAMMemberOutput
- func (o IAMMemberArrayOutput) ToIAMMemberArrayOutput() IAMMemberArrayOutput
- func (o IAMMemberArrayOutput) ToIAMMemberArrayOutputWithContext(ctx context.Context) IAMMemberArrayOutput
- type IAMMemberCondition
- type IAMMemberConditionArgs
- func (IAMMemberConditionArgs) ElementType() reflect.Type
- func (i IAMMemberConditionArgs) ToIAMMemberConditionOutput() IAMMemberConditionOutput
- func (i IAMMemberConditionArgs) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput
- func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
- func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput
- type IAMMemberConditionInput
- type IAMMemberConditionOutput
- func (o IAMMemberConditionOutput) Description() pulumi.StringPtrOutput
- func (IAMMemberConditionOutput) ElementType() reflect.Type
- func (o IAMMemberConditionOutput) Expression() pulumi.StringOutput
- func (o IAMMemberConditionOutput) Title() pulumi.StringOutput
- func (o IAMMemberConditionOutput) ToIAMMemberConditionOutput() IAMMemberConditionOutput
- func (o IAMMemberConditionOutput) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput
- func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
- func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput
- type IAMMemberConditionPtrInput
- type IAMMemberConditionPtrOutput
- func (o IAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput
- func (o IAMMemberConditionPtrOutput) Elem() IAMMemberConditionOutput
- func (IAMMemberConditionPtrOutput) ElementType() reflect.Type
- func (o IAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput
- func (o IAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput
- func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
- func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput
- type IAMMemberInput
- type IAMMemberMap
- type IAMMemberMapInput
- type IAMMemberMapOutput
- type IAMMemberOutput
- func (o IAMMemberOutput) Condition() IAMMemberConditionPtrOutput
- func (IAMMemberOutput) ElementType() reflect.Type
- func (o IAMMemberOutput) Etag() pulumi.StringOutput
- func (o IAMMemberOutput) Folder() pulumi.StringOutput
- func (o IAMMemberOutput) Member() pulumi.StringOutput
- func (o IAMMemberOutput) Role() pulumi.StringOutput
- func (o IAMMemberOutput) ToIAMMemberOutput() IAMMemberOutput
- func (o IAMMemberOutput) ToIAMMemberOutputWithContext(ctx context.Context) IAMMemberOutput
- type IAMMemberState
- type IAMPolicy
- type IAMPolicyArgs
- type IAMPolicyArray
- type IAMPolicyArrayInput
- type IAMPolicyArrayOutput
- func (IAMPolicyArrayOutput) ElementType() reflect.Type
- func (o IAMPolicyArrayOutput) Index(i pulumi.IntInput) IAMPolicyOutput
- func (o IAMPolicyArrayOutput) ToIAMPolicyArrayOutput() IAMPolicyArrayOutput
- func (o IAMPolicyArrayOutput) ToIAMPolicyArrayOutputWithContext(ctx context.Context) IAMPolicyArrayOutput
- type IAMPolicyInput
- type IAMPolicyMap
- type IAMPolicyMapInput
- type IAMPolicyMapOutput
- type IAMPolicyOutput
- func (IAMPolicyOutput) ElementType() reflect.Type
- func (o IAMPolicyOutput) Etag() pulumi.StringOutput
- func (o IAMPolicyOutput) Folder() pulumi.StringOutput
- func (o IAMPolicyOutput) PolicyData() pulumi.StringOutput
- func (o IAMPolicyOutput) ToIAMPolicyOutput() IAMPolicyOutput
- func (o IAMPolicyOutput) ToIAMPolicyOutputWithContext(ctx context.Context) IAMPolicyOutput
- type IAMPolicyState
- type IamAuditConfig
- type IamAuditConfigArgs
- type IamAuditConfigArray
- type IamAuditConfigArrayInput
- type IamAuditConfigArrayOutput
- func (IamAuditConfigArrayOutput) ElementType() reflect.Type
- func (o IamAuditConfigArrayOutput) Index(i pulumi.IntInput) IamAuditConfigOutput
- func (o IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutput() IamAuditConfigArrayOutput
- func (o IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigArrayOutput
- type IamAuditConfigAuditLogConfig
- type IamAuditConfigAuditLogConfigArgs
- func (IamAuditConfigAuditLogConfigArgs) ElementType() reflect.Type
- func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput
- func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput
- type IamAuditConfigAuditLogConfigArray
- func (IamAuditConfigAuditLogConfigArray) ElementType() reflect.Type
- func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput
- func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput
- type IamAuditConfigAuditLogConfigArrayInput
- type IamAuditConfigAuditLogConfigArrayOutput
- func (IamAuditConfigAuditLogConfigArrayOutput) ElementType() reflect.Type
- func (o IamAuditConfigAuditLogConfigArrayOutput) Index(i pulumi.IntInput) IamAuditConfigAuditLogConfigOutput
- func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput
- func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput
- type IamAuditConfigAuditLogConfigInput
- type IamAuditConfigAuditLogConfigOutput
- func (IamAuditConfigAuditLogConfigOutput) ElementType() reflect.Type
- func (o IamAuditConfigAuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput
- func (o IamAuditConfigAuditLogConfigOutput) LogType() pulumi.StringOutput
- func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput
- func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput
- type IamAuditConfigInput
- type IamAuditConfigMap
- type IamAuditConfigMapInput
- type IamAuditConfigMapOutput
- func (IamAuditConfigMapOutput) ElementType() reflect.Type
- func (o IamAuditConfigMapOutput) MapIndex(k pulumi.StringInput) IamAuditConfigOutput
- func (o IamAuditConfigMapOutput) ToIamAuditConfigMapOutput() IamAuditConfigMapOutput
- func (o IamAuditConfigMapOutput) ToIamAuditConfigMapOutputWithContext(ctx context.Context) IamAuditConfigMapOutput
- type IamAuditConfigOutput
- func (o IamAuditConfigOutput) AuditLogConfigs() IamAuditConfigAuditLogConfigArrayOutput
- func (IamAuditConfigOutput) ElementType() reflect.Type
- func (o IamAuditConfigOutput) Etag() pulumi.StringOutput
- func (o IamAuditConfigOutput) Folder() pulumi.StringOutput
- func (o IamAuditConfigOutput) Service() pulumi.StringOutput
- func (o IamAuditConfigOutput) ToIamAuditConfigOutput() IamAuditConfigOutput
- func (o IamAuditConfigOutput) ToIamAuditConfigOutputWithContext(ctx context.Context) IamAuditConfigOutput
- type IamAuditConfigState
- type LookupOrganizationPolicyArgs
- type LookupOrganizationPolicyOutputArgs
- type LookupOrganizationPolicyResult
- type LookupOrganizationPolicyResultOutput
- func (o LookupOrganizationPolicyResultOutput) BooleanPolicies() GetOrganizationPolicyBooleanPolicyArrayOutput
- func (o LookupOrganizationPolicyResultOutput) Constraint() pulumi.StringOutput
- func (LookupOrganizationPolicyResultOutput) ElementType() reflect.Type
- func (o LookupOrganizationPolicyResultOutput) Etag() pulumi.StringOutput
- func (o LookupOrganizationPolicyResultOutput) Folder() pulumi.StringOutput
- func (o LookupOrganizationPolicyResultOutput) Id() pulumi.StringOutput
- func (o LookupOrganizationPolicyResultOutput) ListPolicies() GetOrganizationPolicyListPolicyArrayOutput
- func (o LookupOrganizationPolicyResultOutput) RestorePolicies() GetOrganizationPolicyRestorePolicyArrayOutput
- func (o LookupOrganizationPolicyResultOutput) ToLookupOrganizationPolicyResultOutput() LookupOrganizationPolicyResultOutput
- func (o LookupOrganizationPolicyResultOutput) ToLookupOrganizationPolicyResultOutputWithContext(ctx context.Context) LookupOrganizationPolicyResultOutput
- func (o LookupOrganizationPolicyResultOutput) UpdateTime() pulumi.StringOutput
- func (o LookupOrganizationPolicyResultOutput) Version() pulumi.IntOutput
- type OrganizationPolicy
- type OrganizationPolicyArgs
- type OrganizationPolicyArray
- type OrganizationPolicyArrayInput
- type OrganizationPolicyArrayOutput
- func (OrganizationPolicyArrayOutput) ElementType() reflect.Type
- func (o OrganizationPolicyArrayOutput) Index(i pulumi.IntInput) OrganizationPolicyOutput
- func (o OrganizationPolicyArrayOutput) ToOrganizationPolicyArrayOutput() OrganizationPolicyArrayOutput
- func (o OrganizationPolicyArrayOutput) ToOrganizationPolicyArrayOutputWithContext(ctx context.Context) OrganizationPolicyArrayOutput
- type OrganizationPolicyBooleanPolicy
- type OrganizationPolicyBooleanPolicyArgs
- func (OrganizationPolicyBooleanPolicyArgs) ElementType() reflect.Type
- func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyOutput() OrganizationPolicyBooleanPolicyOutput
- func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyOutput
- func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyPtrOutput() OrganizationPolicyBooleanPolicyPtrOutput
- func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyPtrOutput
- type OrganizationPolicyBooleanPolicyInput
- type OrganizationPolicyBooleanPolicyOutput
- func (OrganizationPolicyBooleanPolicyOutput) ElementType() reflect.Type
- func (o OrganizationPolicyBooleanPolicyOutput) Enforced() pulumi.BoolOutput
- func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyOutput() OrganizationPolicyBooleanPolicyOutput
- func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyOutput
- func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyPtrOutput() OrganizationPolicyBooleanPolicyPtrOutput
- func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyPtrOutput
- type OrganizationPolicyBooleanPolicyPtrInput
- type OrganizationPolicyBooleanPolicyPtrOutput
- func (o OrganizationPolicyBooleanPolicyPtrOutput) Elem() OrganizationPolicyBooleanPolicyOutput
- func (OrganizationPolicyBooleanPolicyPtrOutput) ElementType() reflect.Type
- func (o OrganizationPolicyBooleanPolicyPtrOutput) Enforced() pulumi.BoolPtrOutput
- func (o OrganizationPolicyBooleanPolicyPtrOutput) ToOrganizationPolicyBooleanPolicyPtrOutput() OrganizationPolicyBooleanPolicyPtrOutput
- func (o OrganizationPolicyBooleanPolicyPtrOutput) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyPtrOutput
- type OrganizationPolicyInput
- type OrganizationPolicyListPolicy
- type OrganizationPolicyListPolicyAllow
- type OrganizationPolicyListPolicyAllowArgs
- func (OrganizationPolicyListPolicyAllowArgs) ElementType() reflect.Type
- func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowOutput() OrganizationPolicyListPolicyAllowOutput
- func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowOutput
- func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowPtrOutput() OrganizationPolicyListPolicyAllowPtrOutput
- func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowPtrOutput
- type OrganizationPolicyListPolicyAllowInput
- type OrganizationPolicyListPolicyAllowOutput
- func (o OrganizationPolicyListPolicyAllowOutput) All() pulumi.BoolPtrOutput
- func (OrganizationPolicyListPolicyAllowOutput) ElementType() reflect.Type
- func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowOutput() OrganizationPolicyListPolicyAllowOutput
- func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowOutput
- func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowPtrOutput() OrganizationPolicyListPolicyAllowPtrOutput
- func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowPtrOutput
- func (o OrganizationPolicyListPolicyAllowOutput) Values() pulumi.StringArrayOutput
- type OrganizationPolicyListPolicyAllowPtrInput
- type OrganizationPolicyListPolicyAllowPtrOutput
- func (o OrganizationPolicyListPolicyAllowPtrOutput) All() pulumi.BoolPtrOutput
- func (o OrganizationPolicyListPolicyAllowPtrOutput) Elem() OrganizationPolicyListPolicyAllowOutput
- func (OrganizationPolicyListPolicyAllowPtrOutput) ElementType() reflect.Type
- func (o OrganizationPolicyListPolicyAllowPtrOutput) ToOrganizationPolicyListPolicyAllowPtrOutput() OrganizationPolicyListPolicyAllowPtrOutput
- func (o OrganizationPolicyListPolicyAllowPtrOutput) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowPtrOutput
- func (o OrganizationPolicyListPolicyAllowPtrOutput) Values() pulumi.StringArrayOutput
- type OrganizationPolicyListPolicyArgs
- func (OrganizationPolicyListPolicyArgs) ElementType() reflect.Type
- func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyOutput() OrganizationPolicyListPolicyOutput
- func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyOutput
- func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyPtrOutput() OrganizationPolicyListPolicyPtrOutput
- func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyPtrOutput
- type OrganizationPolicyListPolicyDeny
- type OrganizationPolicyListPolicyDenyArgs
- func (OrganizationPolicyListPolicyDenyArgs) ElementType() reflect.Type
- func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyOutput() OrganizationPolicyListPolicyDenyOutput
- func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyOutput
- func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyPtrOutput() OrganizationPolicyListPolicyDenyPtrOutput
- func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyPtrOutput
- type OrganizationPolicyListPolicyDenyInput
- type OrganizationPolicyListPolicyDenyOutput
- func (o OrganizationPolicyListPolicyDenyOutput) All() pulumi.BoolPtrOutput
- func (OrganizationPolicyListPolicyDenyOutput) ElementType() reflect.Type
- func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyOutput() OrganizationPolicyListPolicyDenyOutput
- func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyOutput
- func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyPtrOutput() OrganizationPolicyListPolicyDenyPtrOutput
- func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyPtrOutput
- func (o OrganizationPolicyListPolicyDenyOutput) Values() pulumi.StringArrayOutput
- type OrganizationPolicyListPolicyDenyPtrInput
- type OrganizationPolicyListPolicyDenyPtrOutput
- func (o OrganizationPolicyListPolicyDenyPtrOutput) All() pulumi.BoolPtrOutput
- func (o OrganizationPolicyListPolicyDenyPtrOutput) Elem() OrganizationPolicyListPolicyDenyOutput
- func (OrganizationPolicyListPolicyDenyPtrOutput) ElementType() reflect.Type
- func (o OrganizationPolicyListPolicyDenyPtrOutput) ToOrganizationPolicyListPolicyDenyPtrOutput() OrganizationPolicyListPolicyDenyPtrOutput
- func (o OrganizationPolicyListPolicyDenyPtrOutput) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyPtrOutput
- func (o OrganizationPolicyListPolicyDenyPtrOutput) Values() pulumi.StringArrayOutput
- type OrganizationPolicyListPolicyInput
- type OrganizationPolicyListPolicyOutput
- func (o OrganizationPolicyListPolicyOutput) Allow() OrganizationPolicyListPolicyAllowPtrOutput
- func (o OrganizationPolicyListPolicyOutput) Deny() OrganizationPolicyListPolicyDenyPtrOutput
- func (OrganizationPolicyListPolicyOutput) ElementType() reflect.Type
- func (o OrganizationPolicyListPolicyOutput) InheritFromParent() pulumi.BoolPtrOutput
- func (o OrganizationPolicyListPolicyOutput) SuggestedValue() pulumi.StringPtrOutput
- func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyOutput() OrganizationPolicyListPolicyOutput
- func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyOutput
- func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyPtrOutput() OrganizationPolicyListPolicyPtrOutput
- func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyPtrOutput
- type OrganizationPolicyListPolicyPtrInput
- type OrganizationPolicyListPolicyPtrOutput
- func (o OrganizationPolicyListPolicyPtrOutput) Allow() OrganizationPolicyListPolicyAllowPtrOutput
- func (o OrganizationPolicyListPolicyPtrOutput) Deny() OrganizationPolicyListPolicyDenyPtrOutput
- func (o OrganizationPolicyListPolicyPtrOutput) Elem() OrganizationPolicyListPolicyOutput
- func (OrganizationPolicyListPolicyPtrOutput) ElementType() reflect.Type
- func (o OrganizationPolicyListPolicyPtrOutput) InheritFromParent() pulumi.BoolPtrOutput
- func (o OrganizationPolicyListPolicyPtrOutput) SuggestedValue() pulumi.StringPtrOutput
- func (o OrganizationPolicyListPolicyPtrOutput) ToOrganizationPolicyListPolicyPtrOutput() OrganizationPolicyListPolicyPtrOutput
- func (o OrganizationPolicyListPolicyPtrOutput) ToOrganizationPolicyListPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyPtrOutput
- type OrganizationPolicyMap
- type OrganizationPolicyMapInput
- type OrganizationPolicyMapOutput
- func (OrganizationPolicyMapOutput) ElementType() reflect.Type
- func (o OrganizationPolicyMapOutput) MapIndex(k pulumi.StringInput) OrganizationPolicyOutput
- func (o OrganizationPolicyMapOutput) ToOrganizationPolicyMapOutput() OrganizationPolicyMapOutput
- func (o OrganizationPolicyMapOutput) ToOrganizationPolicyMapOutputWithContext(ctx context.Context) OrganizationPolicyMapOutput
- type OrganizationPolicyOutput
- func (o OrganizationPolicyOutput) BooleanPolicy() OrganizationPolicyBooleanPolicyPtrOutput
- func (o OrganizationPolicyOutput) Constraint() pulumi.StringOutput
- func (OrganizationPolicyOutput) ElementType() reflect.Type
- func (o OrganizationPolicyOutput) Etag() pulumi.StringOutput
- func (o OrganizationPolicyOutput) Folder() pulumi.StringOutput
- func (o OrganizationPolicyOutput) ListPolicy() OrganizationPolicyListPolicyPtrOutput
- func (o OrganizationPolicyOutput) RestorePolicy() OrganizationPolicyRestorePolicyPtrOutput
- func (o OrganizationPolicyOutput) ToOrganizationPolicyOutput() OrganizationPolicyOutput
- func (o OrganizationPolicyOutput) ToOrganizationPolicyOutputWithContext(ctx context.Context) OrganizationPolicyOutput
- func (o OrganizationPolicyOutput) UpdateTime() pulumi.StringOutput
- func (o OrganizationPolicyOutput) Version() pulumi.IntOutput
- type OrganizationPolicyRestorePolicy
- type OrganizationPolicyRestorePolicyArgs
- func (OrganizationPolicyRestorePolicyArgs) ElementType() reflect.Type
- func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyOutput() OrganizationPolicyRestorePolicyOutput
- func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyOutput
- func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyPtrOutput() OrganizationPolicyRestorePolicyPtrOutput
- func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyPtrOutput
- type OrganizationPolicyRestorePolicyInput
- type OrganizationPolicyRestorePolicyOutput
- func (o OrganizationPolicyRestorePolicyOutput) Default() pulumi.BoolOutput
- func (OrganizationPolicyRestorePolicyOutput) ElementType() reflect.Type
- func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyOutput() OrganizationPolicyRestorePolicyOutput
- func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyOutput
- func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyPtrOutput() OrganizationPolicyRestorePolicyPtrOutput
- func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyPtrOutput
- type OrganizationPolicyRestorePolicyPtrInput
- type OrganizationPolicyRestorePolicyPtrOutput
- func (o OrganizationPolicyRestorePolicyPtrOutput) Default() pulumi.BoolPtrOutput
- func (o OrganizationPolicyRestorePolicyPtrOutput) Elem() OrganizationPolicyRestorePolicyOutput
- func (OrganizationPolicyRestorePolicyPtrOutput) ElementType() reflect.Type
- func (o OrganizationPolicyRestorePolicyPtrOutput) ToOrganizationPolicyRestorePolicyPtrOutput() OrganizationPolicyRestorePolicyPtrOutput
- func (o OrganizationPolicyRestorePolicyPtrOutput) ToOrganizationPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyPtrOutput
- type OrganizationPolicyState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessApprovalSettings ¶
type AccessApprovalSettings struct { pulumi.CustomResourceState // The asymmetric crypto key version to use for signing approval requests. Empty activeKeyVersion indicates that a // Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and // new non-empty values may not be set. ActiveKeyVersion pulumi.StringPtrOutput `pulumi:"activeKeyVersion"` // If the field is true, that indicates that an ancestor of this Folder has set active_key_version. AncestorHasActiveKeyVersion pulumi.BoolOutput `pulumi:"ancestorHasActiveKeyVersion"` // If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. EnrolledAncestor pulumi.BoolOutput `pulumi:"enrolledAncestor"` // A list of Google Cloud Services for which the given resource has Access Approval enrolled. // Access requests for the resource given by name against any of these services contained here will be required // to have explicit approval. Enrollment can only be done on an all or nothing basis. // A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. // Structure is documented below. EnrolledServices AccessApprovalSettingsEnrolledServiceArrayOutput `pulumi:"enrolledServices"` // ID of the folder of the access approval settings. FolderId pulumi.StringOutput `pulumi:"folderId"` // If the field is true, that indicates that there is some configuration issue with the activeKeyVersion // configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the // correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, // as key versions are inherited top-down. InvalidKeyVersion pulumi.BoolOutput `pulumi:"invalidKeyVersion"` // The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" Name pulumi.StringOutput `pulumi:"name"` // A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to // a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email // addresses are allowed. NotificationEmails pulumi.StringArrayOutput `pulumi:"notificationEmails"` }
Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content.
To get more information about FolderSettings, see:
* [API documentation](https://cloud.google.com/access-approval/docs/reference/rest/v1/folders)
## Example Usage
### Folder Access Approval Full
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { myFolder, err := organizations.NewFolder(ctx, "my_folder", &organizations.FolderArgs{ DisplayName: pulumi.String("my-folder"), Parent: pulumi.String("organizations/123456789"), DeletionProtection: pulumi.Bool(false), }) if err != nil { return err } _, err = folder.NewAccessApprovalSettings(ctx, "folder_access_approval", &folder.AccessApprovalSettingsArgs{ FolderId: myFolder.FolderId, NotificationEmails: pulumi.StringArray{ pulumi.String("testuser@example.com"), pulumi.String("example.user@example.com"), }, EnrolledServices: folder.AccessApprovalSettingsEnrolledServiceArray{ &folder.AccessApprovalSettingsEnrolledServiceArgs{ CloudProduct: pulumi.String("all"), }, }, }) if err != nil { return err } return nil }) }
``` ### Folder Access Approval Active Key Version
```go package main
import (
"fmt" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/accessapproval" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { myFolder, err := organizations.NewFolder(ctx, "my_folder", &organizations.FolderArgs{ DisplayName: pulumi.String("my-folder"), Parent: pulumi.String("organizations/123456789"), DeletionProtection: pulumi.Bool(false), }) if err != nil { return err } myProject, err := organizations.NewProject(ctx, "my_project", &organizations.ProjectArgs{ Name: pulumi.String("My Project"), ProjectId: pulumi.String("your-project-id"), FolderId: myFolder.Name, DeletionPolicy: pulumi.String("DELETE"), }) if err != nil { return err } keyRing, err := kms.NewKeyRing(ctx, "key_ring", &kms.KeyRingArgs{ Name: pulumi.String("key-ring"), Location: pulumi.String("global"), Project: myProject.ProjectId, }) if err != nil { return err } cryptoKey, err := kms.NewCryptoKey(ctx, "crypto_key", &kms.CryptoKeyArgs{ Name: pulumi.String("crypto-key"), KeyRing: keyRing.ID(), Purpose: pulumi.String("ASYMMETRIC_SIGN"), VersionTemplate: &kms.CryptoKeyVersionTemplateArgs{ Algorithm: pulumi.String("EC_SIGN_P384_SHA384"), }, }) if err != nil { return err } serviceAccount := accessapproval.GetFolderServiceAccountOutput(ctx, accessapproval.GetFolderServiceAccountOutputArgs{ FolderId: myFolder.FolderId, }, nil) iam, err := kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{ CryptoKeyId: cryptoKey.ID(), Role: pulumi.String("roles/cloudkms.signerVerifier"), Member: serviceAccount.ApplyT(func(serviceAccount accessapproval.GetFolderServiceAccountResult) (string, error) { return fmt.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail), nil }).(pulumi.StringOutput), }) if err != nil { return err } cryptoKeyVersion := kms.GetKMSCryptoKeyVersionOutput(ctx, kms.GetKMSCryptoKeyVersionOutputArgs{ CryptoKey: cryptoKey.ID(), }, nil) _, err = folder.NewAccessApprovalSettings(ctx, "folder_access_approval", &folder.AccessApprovalSettingsArgs{ FolderId: myFolder.FolderId, ActiveKeyVersion: pulumi.String(cryptoKeyVersion.ApplyT(func(cryptoKeyVersion kms.GetKMSCryptoKeyVersionResult) (*string, error) { return &cryptoKeyVersion.Name, nil }).(pulumi.StringPtrOutput)), EnrolledServices: folder.AccessApprovalSettingsEnrolledServiceArray{ &folder.AccessApprovalSettingsEnrolledServiceArgs{ CloudProduct: pulumi.String("all"), }, }, }, pulumi.DependsOn([]pulumi.Resource{ iam, })) if err != nil { return err } return nil }) }
```
## Import
FolderSettings can be imported using any of these accepted formats:
* `folders/{{folder_id}}/accessApprovalSettings`
* `{{folder_id}}`
When using the `pulumi import` command, FolderSettings can be imported using one of the formats above. For example:
```sh $ pulumi import gcp:folder/accessApprovalSettings:AccessApprovalSettings default folders/{{folder_id}}/accessApprovalSettings ```
```sh $ pulumi import gcp:folder/accessApprovalSettings:AccessApprovalSettings default {{folder_id}} ```
func GetAccessApprovalSettings ¶
func GetAccessApprovalSettings(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AccessApprovalSettingsState, opts ...pulumi.ResourceOption) (*AccessApprovalSettings, error)
GetAccessApprovalSettings gets an existing AccessApprovalSettings resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAccessApprovalSettings ¶
func NewAccessApprovalSettings(ctx *pulumi.Context, name string, args *AccessApprovalSettingsArgs, opts ...pulumi.ResourceOption) (*AccessApprovalSettings, error)
NewAccessApprovalSettings registers a new resource with the given unique name, arguments, and options.
func (*AccessApprovalSettings) ElementType ¶
func (*AccessApprovalSettings) ElementType() reflect.Type
func (*AccessApprovalSettings) ToAccessApprovalSettingsOutput ¶
func (i *AccessApprovalSettings) ToAccessApprovalSettingsOutput() AccessApprovalSettingsOutput
func (*AccessApprovalSettings) ToAccessApprovalSettingsOutputWithContext ¶
func (i *AccessApprovalSettings) ToAccessApprovalSettingsOutputWithContext(ctx context.Context) AccessApprovalSettingsOutput
type AccessApprovalSettingsArgs ¶
type AccessApprovalSettingsArgs struct { // The asymmetric crypto key version to use for signing approval requests. Empty activeKeyVersion indicates that a // Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and // new non-empty values may not be set. ActiveKeyVersion pulumi.StringPtrInput // A list of Google Cloud Services for which the given resource has Access Approval enrolled. // Access requests for the resource given by name against any of these services contained here will be required // to have explicit approval. Enrollment can only be done on an all or nothing basis. // A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. // Structure is documented below. EnrolledServices AccessApprovalSettingsEnrolledServiceArrayInput // ID of the folder of the access approval settings. FolderId pulumi.StringInput // A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to // a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email // addresses are allowed. NotificationEmails pulumi.StringArrayInput }
The set of arguments for constructing a AccessApprovalSettings resource.
func (AccessApprovalSettingsArgs) ElementType ¶
func (AccessApprovalSettingsArgs) ElementType() reflect.Type
type AccessApprovalSettingsArray ¶
type AccessApprovalSettingsArray []AccessApprovalSettingsInput
func (AccessApprovalSettingsArray) ElementType ¶
func (AccessApprovalSettingsArray) ElementType() reflect.Type
func (AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutput ¶
func (i AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput
func (AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutputWithContext ¶
func (i AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsArrayOutput
type AccessApprovalSettingsArrayInput ¶
type AccessApprovalSettingsArrayInput interface { pulumi.Input ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput ToAccessApprovalSettingsArrayOutputWithContext(context.Context) AccessApprovalSettingsArrayOutput }
AccessApprovalSettingsArrayInput is an input type that accepts AccessApprovalSettingsArray and AccessApprovalSettingsArrayOutput values. You can construct a concrete instance of `AccessApprovalSettingsArrayInput` via:
AccessApprovalSettingsArray{ AccessApprovalSettingsArgs{...} }
type AccessApprovalSettingsArrayOutput ¶
type AccessApprovalSettingsArrayOutput struct{ *pulumi.OutputState }
func (AccessApprovalSettingsArrayOutput) ElementType ¶
func (AccessApprovalSettingsArrayOutput) ElementType() reflect.Type
func (AccessApprovalSettingsArrayOutput) Index ¶
func (o AccessApprovalSettingsArrayOutput) Index(i pulumi.IntInput) AccessApprovalSettingsOutput
func (AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutput ¶
func (o AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput
func (AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutputWithContext ¶
func (o AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsArrayOutput
type AccessApprovalSettingsEnrolledService ¶
type AccessApprovalSettingsEnrolledService struct { // The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): // * all // * App Engine // * BigQuery // * Cloud Bigtable // * Cloud Key Management Service // * Compute Engine // * Cloud Dataflow // * Cloud Identity and Access Management // * Cloud Pub/Sub // * Cloud Storage // * Persistent Disk // Note: These values are supported as input, but considered a legacy format: // * all // * appengine.googleapis.com // * bigquery.googleapis.com // * bigtable.googleapis.com // * cloudkms.googleapis.com // * compute.googleapis.com // * dataflow.googleapis.com // * iam.googleapis.com // * pubsub.googleapis.com // * storage.googleapis.com CloudProduct string `pulumi:"cloudProduct"` // The enrollment level of the service. // Default value is `BLOCK_ALL`. // Possible values are: `BLOCK_ALL`. // // *** EnrollmentLevel *string `pulumi:"enrollmentLevel"` }
type AccessApprovalSettingsEnrolledServiceArgs ¶
type AccessApprovalSettingsEnrolledServiceArgs struct { // The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): // * all // * App Engine // * BigQuery // * Cloud Bigtable // * Cloud Key Management Service // * Compute Engine // * Cloud Dataflow // * Cloud Identity and Access Management // * Cloud Pub/Sub // * Cloud Storage // * Persistent Disk // Note: These values are supported as input, but considered a legacy format: // * all // * appengine.googleapis.com // * bigquery.googleapis.com // * bigtable.googleapis.com // * cloudkms.googleapis.com // * compute.googleapis.com // * dataflow.googleapis.com // * iam.googleapis.com // * pubsub.googleapis.com // * storage.googleapis.com CloudProduct pulumi.StringInput `pulumi:"cloudProduct"` // The enrollment level of the service. // Default value is `BLOCK_ALL`. // Possible values are: `BLOCK_ALL`. // // *** EnrollmentLevel pulumi.StringPtrInput `pulumi:"enrollmentLevel"` }
func (AccessApprovalSettingsEnrolledServiceArgs) ElementType ¶
func (AccessApprovalSettingsEnrolledServiceArgs) ElementType() reflect.Type
func (AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutput ¶
func (i AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput
func (AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutputWithContext ¶
func (i AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceOutput
type AccessApprovalSettingsEnrolledServiceArray ¶
type AccessApprovalSettingsEnrolledServiceArray []AccessApprovalSettingsEnrolledServiceInput
func (AccessApprovalSettingsEnrolledServiceArray) ElementType ¶
func (AccessApprovalSettingsEnrolledServiceArray) ElementType() reflect.Type
func (AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutput ¶
func (i AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput
func (AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext ¶
func (i AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput
type AccessApprovalSettingsEnrolledServiceArrayInput ¶
type AccessApprovalSettingsEnrolledServiceArrayInput interface { pulumi.Input ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput }
AccessApprovalSettingsEnrolledServiceArrayInput is an input type that accepts AccessApprovalSettingsEnrolledServiceArray and AccessApprovalSettingsEnrolledServiceArrayOutput values. You can construct a concrete instance of `AccessApprovalSettingsEnrolledServiceArrayInput` via:
AccessApprovalSettingsEnrolledServiceArray{ AccessApprovalSettingsEnrolledServiceArgs{...} }
type AccessApprovalSettingsEnrolledServiceArrayOutput ¶
type AccessApprovalSettingsEnrolledServiceArrayOutput struct{ *pulumi.OutputState }
func (AccessApprovalSettingsEnrolledServiceArrayOutput) ElementType ¶
func (AccessApprovalSettingsEnrolledServiceArrayOutput) ElementType() reflect.Type
func (AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutput ¶
func (o AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput
func (AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext ¶
func (o AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput
type AccessApprovalSettingsEnrolledServiceInput ¶
type AccessApprovalSettingsEnrolledServiceInput interface { pulumi.Input ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput ToAccessApprovalSettingsEnrolledServiceOutputWithContext(context.Context) AccessApprovalSettingsEnrolledServiceOutput }
AccessApprovalSettingsEnrolledServiceInput is an input type that accepts AccessApprovalSettingsEnrolledServiceArgs and AccessApprovalSettingsEnrolledServiceOutput values. You can construct a concrete instance of `AccessApprovalSettingsEnrolledServiceInput` via:
AccessApprovalSettingsEnrolledServiceArgs{...}
type AccessApprovalSettingsEnrolledServiceOutput ¶
type AccessApprovalSettingsEnrolledServiceOutput struct{ *pulumi.OutputState }
func (AccessApprovalSettingsEnrolledServiceOutput) CloudProduct ¶
func (o AccessApprovalSettingsEnrolledServiceOutput) CloudProduct() pulumi.StringOutput
The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive):
- all
- App Engine
- BigQuery
- Cloud Bigtable
- Cloud Key Management Service
- Compute Engine
- Cloud Dataflow
- Cloud Identity and Access Management
- Cloud Pub/Sub
- Cloud Storage
- Persistent Disk Note: These values are supported as input, but considered a legacy format:
- all
- appengine.googleapis.com
- bigquery.googleapis.com
- bigtable.googleapis.com
- cloudkms.googleapis.com
- compute.googleapis.com
- dataflow.googleapis.com
- iam.googleapis.com
- pubsub.googleapis.com
- storage.googleapis.com
func (AccessApprovalSettingsEnrolledServiceOutput) ElementType ¶
func (AccessApprovalSettingsEnrolledServiceOutput) ElementType() reflect.Type
func (AccessApprovalSettingsEnrolledServiceOutput) EnrollmentLevel ¶
func (o AccessApprovalSettingsEnrolledServiceOutput) EnrollmentLevel() pulumi.StringPtrOutput
The enrollment level of the service. Default value is `BLOCK_ALL`. Possible values are: `BLOCK_ALL`.
***
func (AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutput ¶
func (o AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput
func (AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutputWithContext ¶
func (o AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceOutput
type AccessApprovalSettingsInput ¶
type AccessApprovalSettingsInput interface { pulumi.Input ToAccessApprovalSettingsOutput() AccessApprovalSettingsOutput ToAccessApprovalSettingsOutputWithContext(ctx context.Context) AccessApprovalSettingsOutput }
type AccessApprovalSettingsMap ¶
type AccessApprovalSettingsMap map[string]AccessApprovalSettingsInput
func (AccessApprovalSettingsMap) ElementType ¶
func (AccessApprovalSettingsMap) ElementType() reflect.Type
func (AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutput ¶
func (i AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutput() AccessApprovalSettingsMapOutput
func (AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutputWithContext ¶
func (i AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutputWithContext(ctx context.Context) AccessApprovalSettingsMapOutput
type AccessApprovalSettingsMapInput ¶
type AccessApprovalSettingsMapInput interface { pulumi.Input ToAccessApprovalSettingsMapOutput() AccessApprovalSettingsMapOutput ToAccessApprovalSettingsMapOutputWithContext(context.Context) AccessApprovalSettingsMapOutput }
AccessApprovalSettingsMapInput is an input type that accepts AccessApprovalSettingsMap and AccessApprovalSettingsMapOutput values. You can construct a concrete instance of `AccessApprovalSettingsMapInput` via:
AccessApprovalSettingsMap{ "key": AccessApprovalSettingsArgs{...} }
type AccessApprovalSettingsMapOutput ¶
type AccessApprovalSettingsMapOutput struct{ *pulumi.OutputState }
func (AccessApprovalSettingsMapOutput) ElementType ¶
func (AccessApprovalSettingsMapOutput) ElementType() reflect.Type
func (AccessApprovalSettingsMapOutput) MapIndex ¶
func (o AccessApprovalSettingsMapOutput) MapIndex(k pulumi.StringInput) AccessApprovalSettingsOutput
func (AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutput ¶
func (o AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutput() AccessApprovalSettingsMapOutput
func (AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutputWithContext ¶
func (o AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutputWithContext(ctx context.Context) AccessApprovalSettingsMapOutput
type AccessApprovalSettingsOutput ¶
type AccessApprovalSettingsOutput struct{ *pulumi.OutputState }
func (AccessApprovalSettingsOutput) ActiveKeyVersion ¶
func (o AccessApprovalSettingsOutput) ActiveKeyVersion() pulumi.StringPtrOutput
The asymmetric crypto key version to use for signing approval requests. Empty activeKeyVersion indicates that a Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and new non-empty values may not be set.
func (AccessApprovalSettingsOutput) AncestorHasActiveKeyVersion ¶
func (o AccessApprovalSettingsOutput) AncestorHasActiveKeyVersion() pulumi.BoolOutput
If the field is true, that indicates that an ancestor of this Folder has set active_key_version.
func (AccessApprovalSettingsOutput) ElementType ¶
func (AccessApprovalSettingsOutput) ElementType() reflect.Type
func (AccessApprovalSettingsOutput) EnrolledAncestor ¶
func (o AccessApprovalSettingsOutput) EnrolledAncestor() pulumi.BoolOutput
If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder.
func (AccessApprovalSettingsOutput) EnrolledServices ¶
func (o AccessApprovalSettingsOutput) EnrolledServices() AccessApprovalSettingsEnrolledServiceArrayOutput
A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required to have explicit approval. Enrollment can only be done on an all or nothing basis. A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. Structure is documented below.
func (AccessApprovalSettingsOutput) FolderId ¶
func (o AccessApprovalSettingsOutput) FolderId() pulumi.StringOutput
ID of the folder of the access approval settings.
func (AccessApprovalSettingsOutput) InvalidKeyVersion ¶
func (o AccessApprovalSettingsOutput) InvalidKeyVersion() pulumi.BoolOutput
If the field is true, that indicates that there is some configuration issue with the activeKeyVersion configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, as key versions are inherited top-down.
func (AccessApprovalSettingsOutput) Name ¶
func (o AccessApprovalSettingsOutput) Name() pulumi.StringOutput
The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings"
func (AccessApprovalSettingsOutput) NotificationEmails ¶
func (o AccessApprovalSettingsOutput) NotificationEmails() pulumi.StringArrayOutput
A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed.
func (AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutput ¶
func (o AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutput() AccessApprovalSettingsOutput
func (AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutputWithContext ¶
func (o AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutputWithContext(ctx context.Context) AccessApprovalSettingsOutput
type AccessApprovalSettingsState ¶
type AccessApprovalSettingsState struct { // The asymmetric crypto key version to use for signing approval requests. Empty activeKeyVersion indicates that a // Google-managed key should be used for signing. This property will be ignored if set by an ancestor of the resource, and // new non-empty values may not be set. ActiveKeyVersion pulumi.StringPtrInput // If the field is true, that indicates that an ancestor of this Folder has set active_key_version. AncestorHasActiveKeyVersion pulumi.BoolPtrInput // If the field is true, that indicates that at least one service is enrolled for Access Approval in one or more ancestors of the Folder. EnrolledAncestor pulumi.BoolPtrInput // A list of Google Cloud Services for which the given resource has Access Approval enrolled. // Access requests for the resource given by name against any of these services contained here will be required // to have explicit approval. Enrollment can only be done on an all or nothing basis. // A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. // Structure is documented below. EnrolledServices AccessApprovalSettingsEnrolledServiceArrayInput // ID of the folder of the access approval settings. FolderId pulumi.StringPtrInput // If the field is true, that indicates that there is some configuration issue with the activeKeyVersion // configured on this Folder (e.g. it doesn't exist or the Access Approval service account doesn't have the // correct permissions on it, etc.) This key version is not necessarily the effective key version at this level, // as key versions are inherited top-down. InvalidKeyVersion pulumi.BoolPtrInput // The resource name of the settings. Format is "folders/{folder_id}/accessApprovalSettings" Name pulumi.StringPtrInput // A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to // a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email // addresses are allowed. NotificationEmails pulumi.StringArrayInput }
func (AccessApprovalSettingsState) ElementType ¶
func (AccessApprovalSettingsState) ElementType() reflect.Type
type GetIamPolicyArgs ¶
type GetIamPolicyArgs struct { // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder string `pulumi:"folder"` }
A collection of arguments for invoking getIamPolicy.
type GetIamPolicyOutputArgs ¶
type GetIamPolicyOutputArgs struct { // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringInput `pulumi:"folder"` }
A collection of arguments for invoking getIamPolicy.
func (GetIamPolicyOutputArgs) ElementType ¶
func (GetIamPolicyOutputArgs) ElementType() reflect.Type
type GetIamPolicyResult ¶
type GetIamPolicyResult struct { // (Computed) The etag of the IAM policy. Etag string `pulumi:"etag"` Folder string `pulumi:"folder"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // (Computed) The policy data PolicyData string `pulumi:"policyData"` }
A collection of values returned by getIamPolicy.
func GetIamPolicy ¶
func GetIamPolicy(ctx *pulumi.Context, args *GetIamPolicyArgs, opts ...pulumi.InvokeOption) (*GetIamPolicyResult, error)
Retrieves the current IAM policy data for a folder.
## example
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.GetIamPolicy(ctx, &folder.GetIamPolicyArgs{ Folder: permissiontest.Name, }, nil) if err != nil { return err } return nil }) }
```
type GetIamPolicyResultOutput ¶
type GetIamPolicyResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getIamPolicy.
func GetIamPolicyOutput ¶
func GetIamPolicyOutput(ctx *pulumi.Context, args GetIamPolicyOutputArgs, opts ...pulumi.InvokeOption) GetIamPolicyResultOutput
func (GetIamPolicyResultOutput) ElementType ¶
func (GetIamPolicyResultOutput) ElementType() reflect.Type
func (GetIamPolicyResultOutput) Etag ¶
func (o GetIamPolicyResultOutput) Etag() pulumi.StringOutput
(Computed) The etag of the IAM policy.
func (GetIamPolicyResultOutput) Folder ¶
func (o GetIamPolicyResultOutput) Folder() pulumi.StringOutput
func (GetIamPolicyResultOutput) Id ¶
func (o GetIamPolicyResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetIamPolicyResultOutput) PolicyData ¶
func (o GetIamPolicyResultOutput) PolicyData() pulumi.StringOutput
(Computed) The policy data
func (GetIamPolicyResultOutput) ToGetIamPolicyResultOutput ¶
func (o GetIamPolicyResultOutput) ToGetIamPolicyResultOutput() GetIamPolicyResultOutput
func (GetIamPolicyResultOutput) ToGetIamPolicyResultOutputWithContext ¶
func (o GetIamPolicyResultOutput) ToGetIamPolicyResultOutputWithContext(ctx context.Context) GetIamPolicyResultOutput
type GetOrganizationPolicyBooleanPolicy ¶
type GetOrganizationPolicyBooleanPolicy struct { // If true, then the Policy is enforced. If false, then any configuration is acceptable. Enforced bool `pulumi:"enforced"` }
type GetOrganizationPolicyBooleanPolicyArgs ¶
type GetOrganizationPolicyBooleanPolicyArgs struct { // If true, then the Policy is enforced. If false, then any configuration is acceptable. Enforced pulumi.BoolInput `pulumi:"enforced"` }
func (GetOrganizationPolicyBooleanPolicyArgs) ElementType ¶
func (GetOrganizationPolicyBooleanPolicyArgs) ElementType() reflect.Type
func (GetOrganizationPolicyBooleanPolicyArgs) ToGetOrganizationPolicyBooleanPolicyOutput ¶
func (i GetOrganizationPolicyBooleanPolicyArgs) ToGetOrganizationPolicyBooleanPolicyOutput() GetOrganizationPolicyBooleanPolicyOutput
func (GetOrganizationPolicyBooleanPolicyArgs) ToGetOrganizationPolicyBooleanPolicyOutputWithContext ¶
func (i GetOrganizationPolicyBooleanPolicyArgs) ToGetOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyOutput
type GetOrganizationPolicyBooleanPolicyArray ¶
type GetOrganizationPolicyBooleanPolicyArray []GetOrganizationPolicyBooleanPolicyInput
func (GetOrganizationPolicyBooleanPolicyArray) ElementType ¶
func (GetOrganizationPolicyBooleanPolicyArray) ElementType() reflect.Type
func (GetOrganizationPolicyBooleanPolicyArray) ToGetOrganizationPolicyBooleanPolicyArrayOutput ¶
func (i GetOrganizationPolicyBooleanPolicyArray) ToGetOrganizationPolicyBooleanPolicyArrayOutput() GetOrganizationPolicyBooleanPolicyArrayOutput
func (GetOrganizationPolicyBooleanPolicyArray) ToGetOrganizationPolicyBooleanPolicyArrayOutputWithContext ¶
func (i GetOrganizationPolicyBooleanPolicyArray) ToGetOrganizationPolicyBooleanPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyArrayOutput
type GetOrganizationPolicyBooleanPolicyArrayInput ¶
type GetOrganizationPolicyBooleanPolicyArrayInput interface { pulumi.Input ToGetOrganizationPolicyBooleanPolicyArrayOutput() GetOrganizationPolicyBooleanPolicyArrayOutput ToGetOrganizationPolicyBooleanPolicyArrayOutputWithContext(context.Context) GetOrganizationPolicyBooleanPolicyArrayOutput }
GetOrganizationPolicyBooleanPolicyArrayInput is an input type that accepts GetOrganizationPolicyBooleanPolicyArray and GetOrganizationPolicyBooleanPolicyArrayOutput values. You can construct a concrete instance of `GetOrganizationPolicyBooleanPolicyArrayInput` via:
GetOrganizationPolicyBooleanPolicyArray{ GetOrganizationPolicyBooleanPolicyArgs{...} }
type GetOrganizationPolicyBooleanPolicyArrayOutput ¶
type GetOrganizationPolicyBooleanPolicyArrayOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyBooleanPolicyArrayOutput) ElementType ¶
func (GetOrganizationPolicyBooleanPolicyArrayOutput) ElementType() reflect.Type
func (GetOrganizationPolicyBooleanPolicyArrayOutput) ToGetOrganizationPolicyBooleanPolicyArrayOutput ¶
func (o GetOrganizationPolicyBooleanPolicyArrayOutput) ToGetOrganizationPolicyBooleanPolicyArrayOutput() GetOrganizationPolicyBooleanPolicyArrayOutput
func (GetOrganizationPolicyBooleanPolicyArrayOutput) ToGetOrganizationPolicyBooleanPolicyArrayOutputWithContext ¶
func (o GetOrganizationPolicyBooleanPolicyArrayOutput) ToGetOrganizationPolicyBooleanPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyArrayOutput
type GetOrganizationPolicyBooleanPolicyInput ¶
type GetOrganizationPolicyBooleanPolicyInput interface { pulumi.Input ToGetOrganizationPolicyBooleanPolicyOutput() GetOrganizationPolicyBooleanPolicyOutput ToGetOrganizationPolicyBooleanPolicyOutputWithContext(context.Context) GetOrganizationPolicyBooleanPolicyOutput }
GetOrganizationPolicyBooleanPolicyInput is an input type that accepts GetOrganizationPolicyBooleanPolicyArgs and GetOrganizationPolicyBooleanPolicyOutput values. You can construct a concrete instance of `GetOrganizationPolicyBooleanPolicyInput` via:
GetOrganizationPolicyBooleanPolicyArgs{...}
type GetOrganizationPolicyBooleanPolicyOutput ¶
type GetOrganizationPolicyBooleanPolicyOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyBooleanPolicyOutput) ElementType ¶
func (GetOrganizationPolicyBooleanPolicyOutput) ElementType() reflect.Type
func (GetOrganizationPolicyBooleanPolicyOutput) Enforced ¶
func (o GetOrganizationPolicyBooleanPolicyOutput) Enforced() pulumi.BoolOutput
If true, then the Policy is enforced. If false, then any configuration is acceptable.
func (GetOrganizationPolicyBooleanPolicyOutput) ToGetOrganizationPolicyBooleanPolicyOutput ¶
func (o GetOrganizationPolicyBooleanPolicyOutput) ToGetOrganizationPolicyBooleanPolicyOutput() GetOrganizationPolicyBooleanPolicyOutput
func (GetOrganizationPolicyBooleanPolicyOutput) ToGetOrganizationPolicyBooleanPolicyOutputWithContext ¶
func (o GetOrganizationPolicyBooleanPolicyOutput) ToGetOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyBooleanPolicyOutput
type GetOrganizationPolicyListPolicy ¶
type GetOrganizationPolicyListPolicy struct { // One or the other must be set. Allows []GetOrganizationPolicyListPolicyAllow `pulumi:"allows"` // One or the other must be set. Denies []GetOrganizationPolicyListPolicyDeny `pulumi:"denies"` // If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. InheritFromParent bool `pulumi:"inheritFromParent"` // The Google Cloud Console will try to default to a configuration that matches the value specified in this field. SuggestedValue string `pulumi:"suggestedValue"` }
type GetOrganizationPolicyListPolicyAllowArgs ¶
type GetOrganizationPolicyListPolicyAllowArgs struct { // The policy allows or denies all values. All pulumi.BoolInput `pulumi:"all"` // The policy can define specific values that are allowed or denied. Values pulumi.StringArrayInput `pulumi:"values"` }
func (GetOrganizationPolicyListPolicyAllowArgs) ElementType ¶
func (GetOrganizationPolicyListPolicyAllowArgs) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyAllowArgs) ToGetOrganizationPolicyListPolicyAllowOutput ¶
func (i GetOrganizationPolicyListPolicyAllowArgs) ToGetOrganizationPolicyListPolicyAllowOutput() GetOrganizationPolicyListPolicyAllowOutput
func (GetOrganizationPolicyListPolicyAllowArgs) ToGetOrganizationPolicyListPolicyAllowOutputWithContext ¶
func (i GetOrganizationPolicyListPolicyAllowArgs) ToGetOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowOutput
type GetOrganizationPolicyListPolicyAllowArray ¶
type GetOrganizationPolicyListPolicyAllowArray []GetOrganizationPolicyListPolicyAllowInput
func (GetOrganizationPolicyListPolicyAllowArray) ElementType ¶
func (GetOrganizationPolicyListPolicyAllowArray) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyAllowArray) ToGetOrganizationPolicyListPolicyAllowArrayOutput ¶
func (i GetOrganizationPolicyListPolicyAllowArray) ToGetOrganizationPolicyListPolicyAllowArrayOutput() GetOrganizationPolicyListPolicyAllowArrayOutput
func (GetOrganizationPolicyListPolicyAllowArray) ToGetOrganizationPolicyListPolicyAllowArrayOutputWithContext ¶
func (i GetOrganizationPolicyListPolicyAllowArray) ToGetOrganizationPolicyListPolicyAllowArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowArrayOutput
type GetOrganizationPolicyListPolicyAllowArrayInput ¶
type GetOrganizationPolicyListPolicyAllowArrayInput interface { pulumi.Input ToGetOrganizationPolicyListPolicyAllowArrayOutput() GetOrganizationPolicyListPolicyAllowArrayOutput ToGetOrganizationPolicyListPolicyAllowArrayOutputWithContext(context.Context) GetOrganizationPolicyListPolicyAllowArrayOutput }
GetOrganizationPolicyListPolicyAllowArrayInput is an input type that accepts GetOrganizationPolicyListPolicyAllowArray and GetOrganizationPolicyListPolicyAllowArrayOutput values. You can construct a concrete instance of `GetOrganizationPolicyListPolicyAllowArrayInput` via:
GetOrganizationPolicyListPolicyAllowArray{ GetOrganizationPolicyListPolicyAllowArgs{...} }
type GetOrganizationPolicyListPolicyAllowArrayOutput ¶
type GetOrganizationPolicyListPolicyAllowArrayOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyListPolicyAllowArrayOutput) ElementType ¶
func (GetOrganizationPolicyListPolicyAllowArrayOutput) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyAllowArrayOutput) ToGetOrganizationPolicyListPolicyAllowArrayOutput ¶
func (o GetOrganizationPolicyListPolicyAllowArrayOutput) ToGetOrganizationPolicyListPolicyAllowArrayOutput() GetOrganizationPolicyListPolicyAllowArrayOutput
func (GetOrganizationPolicyListPolicyAllowArrayOutput) ToGetOrganizationPolicyListPolicyAllowArrayOutputWithContext ¶
func (o GetOrganizationPolicyListPolicyAllowArrayOutput) ToGetOrganizationPolicyListPolicyAllowArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowArrayOutput
type GetOrganizationPolicyListPolicyAllowInput ¶
type GetOrganizationPolicyListPolicyAllowInput interface { pulumi.Input ToGetOrganizationPolicyListPolicyAllowOutput() GetOrganizationPolicyListPolicyAllowOutput ToGetOrganizationPolicyListPolicyAllowOutputWithContext(context.Context) GetOrganizationPolicyListPolicyAllowOutput }
GetOrganizationPolicyListPolicyAllowInput is an input type that accepts GetOrganizationPolicyListPolicyAllowArgs and GetOrganizationPolicyListPolicyAllowOutput values. You can construct a concrete instance of `GetOrganizationPolicyListPolicyAllowInput` via:
GetOrganizationPolicyListPolicyAllowArgs{...}
type GetOrganizationPolicyListPolicyAllowOutput ¶
type GetOrganizationPolicyListPolicyAllowOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyListPolicyAllowOutput) All ¶
func (o GetOrganizationPolicyListPolicyAllowOutput) All() pulumi.BoolOutput
The policy allows or denies all values.
func (GetOrganizationPolicyListPolicyAllowOutput) ElementType ¶
func (GetOrganizationPolicyListPolicyAllowOutput) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyAllowOutput) ToGetOrganizationPolicyListPolicyAllowOutput ¶
func (o GetOrganizationPolicyListPolicyAllowOutput) ToGetOrganizationPolicyListPolicyAllowOutput() GetOrganizationPolicyListPolicyAllowOutput
func (GetOrganizationPolicyListPolicyAllowOutput) ToGetOrganizationPolicyListPolicyAllowOutputWithContext ¶
func (o GetOrganizationPolicyListPolicyAllowOutput) ToGetOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyAllowOutput
func (GetOrganizationPolicyListPolicyAllowOutput) Values ¶
func (o GetOrganizationPolicyListPolicyAllowOutput) Values() pulumi.StringArrayOutput
The policy can define specific values that are allowed or denied.
type GetOrganizationPolicyListPolicyArgs ¶
type GetOrganizationPolicyListPolicyArgs struct { // One or the other must be set. Allows GetOrganizationPolicyListPolicyAllowArrayInput `pulumi:"allows"` // One or the other must be set. Denies GetOrganizationPolicyListPolicyDenyArrayInput `pulumi:"denies"` // If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. InheritFromParent pulumi.BoolInput `pulumi:"inheritFromParent"` // The Google Cloud Console will try to default to a configuration that matches the value specified in this field. SuggestedValue pulumi.StringInput `pulumi:"suggestedValue"` }
func (GetOrganizationPolicyListPolicyArgs) ElementType ¶
func (GetOrganizationPolicyListPolicyArgs) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyArgs) ToGetOrganizationPolicyListPolicyOutput ¶
func (i GetOrganizationPolicyListPolicyArgs) ToGetOrganizationPolicyListPolicyOutput() GetOrganizationPolicyListPolicyOutput
func (GetOrganizationPolicyListPolicyArgs) ToGetOrganizationPolicyListPolicyOutputWithContext ¶
func (i GetOrganizationPolicyListPolicyArgs) ToGetOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyOutput
type GetOrganizationPolicyListPolicyArray ¶
type GetOrganizationPolicyListPolicyArray []GetOrganizationPolicyListPolicyInput
func (GetOrganizationPolicyListPolicyArray) ElementType ¶
func (GetOrganizationPolicyListPolicyArray) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyArray) ToGetOrganizationPolicyListPolicyArrayOutput ¶
func (i GetOrganizationPolicyListPolicyArray) ToGetOrganizationPolicyListPolicyArrayOutput() GetOrganizationPolicyListPolicyArrayOutput
func (GetOrganizationPolicyListPolicyArray) ToGetOrganizationPolicyListPolicyArrayOutputWithContext ¶
func (i GetOrganizationPolicyListPolicyArray) ToGetOrganizationPolicyListPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyArrayOutput
type GetOrganizationPolicyListPolicyArrayInput ¶
type GetOrganizationPolicyListPolicyArrayInput interface { pulumi.Input ToGetOrganizationPolicyListPolicyArrayOutput() GetOrganizationPolicyListPolicyArrayOutput ToGetOrganizationPolicyListPolicyArrayOutputWithContext(context.Context) GetOrganizationPolicyListPolicyArrayOutput }
GetOrganizationPolicyListPolicyArrayInput is an input type that accepts GetOrganizationPolicyListPolicyArray and GetOrganizationPolicyListPolicyArrayOutput values. You can construct a concrete instance of `GetOrganizationPolicyListPolicyArrayInput` via:
GetOrganizationPolicyListPolicyArray{ GetOrganizationPolicyListPolicyArgs{...} }
type GetOrganizationPolicyListPolicyArrayOutput ¶
type GetOrganizationPolicyListPolicyArrayOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyListPolicyArrayOutput) ElementType ¶
func (GetOrganizationPolicyListPolicyArrayOutput) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyArrayOutput) ToGetOrganizationPolicyListPolicyArrayOutput ¶
func (o GetOrganizationPolicyListPolicyArrayOutput) ToGetOrganizationPolicyListPolicyArrayOutput() GetOrganizationPolicyListPolicyArrayOutput
func (GetOrganizationPolicyListPolicyArrayOutput) ToGetOrganizationPolicyListPolicyArrayOutputWithContext ¶
func (o GetOrganizationPolicyListPolicyArrayOutput) ToGetOrganizationPolicyListPolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyArrayOutput
type GetOrganizationPolicyListPolicyDenyArgs ¶
type GetOrganizationPolicyListPolicyDenyArgs struct { // The policy allows or denies all values. All pulumi.BoolInput `pulumi:"all"` // The policy can define specific values that are allowed or denied. Values pulumi.StringArrayInput `pulumi:"values"` }
func (GetOrganizationPolicyListPolicyDenyArgs) ElementType ¶
func (GetOrganizationPolicyListPolicyDenyArgs) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyDenyArgs) ToGetOrganizationPolicyListPolicyDenyOutput ¶
func (i GetOrganizationPolicyListPolicyDenyArgs) ToGetOrganizationPolicyListPolicyDenyOutput() GetOrganizationPolicyListPolicyDenyOutput
func (GetOrganizationPolicyListPolicyDenyArgs) ToGetOrganizationPolicyListPolicyDenyOutputWithContext ¶
func (i GetOrganizationPolicyListPolicyDenyArgs) ToGetOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyOutput
type GetOrganizationPolicyListPolicyDenyArray ¶
type GetOrganizationPolicyListPolicyDenyArray []GetOrganizationPolicyListPolicyDenyInput
func (GetOrganizationPolicyListPolicyDenyArray) ElementType ¶
func (GetOrganizationPolicyListPolicyDenyArray) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyDenyArray) ToGetOrganizationPolicyListPolicyDenyArrayOutput ¶
func (i GetOrganizationPolicyListPolicyDenyArray) ToGetOrganizationPolicyListPolicyDenyArrayOutput() GetOrganizationPolicyListPolicyDenyArrayOutput
func (GetOrganizationPolicyListPolicyDenyArray) ToGetOrganizationPolicyListPolicyDenyArrayOutputWithContext ¶
func (i GetOrganizationPolicyListPolicyDenyArray) ToGetOrganizationPolicyListPolicyDenyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyArrayOutput
type GetOrganizationPolicyListPolicyDenyArrayInput ¶
type GetOrganizationPolicyListPolicyDenyArrayInput interface { pulumi.Input ToGetOrganizationPolicyListPolicyDenyArrayOutput() GetOrganizationPolicyListPolicyDenyArrayOutput ToGetOrganizationPolicyListPolicyDenyArrayOutputWithContext(context.Context) GetOrganizationPolicyListPolicyDenyArrayOutput }
GetOrganizationPolicyListPolicyDenyArrayInput is an input type that accepts GetOrganizationPolicyListPolicyDenyArray and GetOrganizationPolicyListPolicyDenyArrayOutput values. You can construct a concrete instance of `GetOrganizationPolicyListPolicyDenyArrayInput` via:
GetOrganizationPolicyListPolicyDenyArray{ GetOrganizationPolicyListPolicyDenyArgs{...} }
type GetOrganizationPolicyListPolicyDenyArrayOutput ¶
type GetOrganizationPolicyListPolicyDenyArrayOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyListPolicyDenyArrayOutput) ElementType ¶
func (GetOrganizationPolicyListPolicyDenyArrayOutput) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyDenyArrayOutput) ToGetOrganizationPolicyListPolicyDenyArrayOutput ¶
func (o GetOrganizationPolicyListPolicyDenyArrayOutput) ToGetOrganizationPolicyListPolicyDenyArrayOutput() GetOrganizationPolicyListPolicyDenyArrayOutput
func (GetOrganizationPolicyListPolicyDenyArrayOutput) ToGetOrganizationPolicyListPolicyDenyArrayOutputWithContext ¶
func (o GetOrganizationPolicyListPolicyDenyArrayOutput) ToGetOrganizationPolicyListPolicyDenyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyArrayOutput
type GetOrganizationPolicyListPolicyDenyInput ¶
type GetOrganizationPolicyListPolicyDenyInput interface { pulumi.Input ToGetOrganizationPolicyListPolicyDenyOutput() GetOrganizationPolicyListPolicyDenyOutput ToGetOrganizationPolicyListPolicyDenyOutputWithContext(context.Context) GetOrganizationPolicyListPolicyDenyOutput }
GetOrganizationPolicyListPolicyDenyInput is an input type that accepts GetOrganizationPolicyListPolicyDenyArgs and GetOrganizationPolicyListPolicyDenyOutput values. You can construct a concrete instance of `GetOrganizationPolicyListPolicyDenyInput` via:
GetOrganizationPolicyListPolicyDenyArgs{...}
type GetOrganizationPolicyListPolicyDenyOutput ¶
type GetOrganizationPolicyListPolicyDenyOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyListPolicyDenyOutput) All ¶
func (o GetOrganizationPolicyListPolicyDenyOutput) All() pulumi.BoolOutput
The policy allows or denies all values.
func (GetOrganizationPolicyListPolicyDenyOutput) ElementType ¶
func (GetOrganizationPolicyListPolicyDenyOutput) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyDenyOutput) ToGetOrganizationPolicyListPolicyDenyOutput ¶
func (o GetOrganizationPolicyListPolicyDenyOutput) ToGetOrganizationPolicyListPolicyDenyOutput() GetOrganizationPolicyListPolicyDenyOutput
func (GetOrganizationPolicyListPolicyDenyOutput) ToGetOrganizationPolicyListPolicyDenyOutputWithContext ¶
func (o GetOrganizationPolicyListPolicyDenyOutput) ToGetOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyDenyOutput
func (GetOrganizationPolicyListPolicyDenyOutput) Values ¶
func (o GetOrganizationPolicyListPolicyDenyOutput) Values() pulumi.StringArrayOutput
The policy can define specific values that are allowed or denied.
type GetOrganizationPolicyListPolicyInput ¶
type GetOrganizationPolicyListPolicyInput interface { pulumi.Input ToGetOrganizationPolicyListPolicyOutput() GetOrganizationPolicyListPolicyOutput ToGetOrganizationPolicyListPolicyOutputWithContext(context.Context) GetOrganizationPolicyListPolicyOutput }
GetOrganizationPolicyListPolicyInput is an input type that accepts GetOrganizationPolicyListPolicyArgs and GetOrganizationPolicyListPolicyOutput values. You can construct a concrete instance of `GetOrganizationPolicyListPolicyInput` via:
GetOrganizationPolicyListPolicyArgs{...}
type GetOrganizationPolicyListPolicyOutput ¶
type GetOrganizationPolicyListPolicyOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyListPolicyOutput) Allows ¶
func (o GetOrganizationPolicyListPolicyOutput) Allows() GetOrganizationPolicyListPolicyAllowArrayOutput
One or the other must be set.
func (GetOrganizationPolicyListPolicyOutput) Denies ¶
func (o GetOrganizationPolicyListPolicyOutput) Denies() GetOrganizationPolicyListPolicyDenyArrayOutput
One or the other must be set.
func (GetOrganizationPolicyListPolicyOutput) ElementType ¶
func (GetOrganizationPolicyListPolicyOutput) ElementType() reflect.Type
func (GetOrganizationPolicyListPolicyOutput) InheritFromParent ¶
func (o GetOrganizationPolicyListPolicyOutput) InheritFromParent() pulumi.BoolOutput
If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
func (GetOrganizationPolicyListPolicyOutput) SuggestedValue ¶
func (o GetOrganizationPolicyListPolicyOutput) SuggestedValue() pulumi.StringOutput
The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
func (GetOrganizationPolicyListPolicyOutput) ToGetOrganizationPolicyListPolicyOutput ¶
func (o GetOrganizationPolicyListPolicyOutput) ToGetOrganizationPolicyListPolicyOutput() GetOrganizationPolicyListPolicyOutput
func (GetOrganizationPolicyListPolicyOutput) ToGetOrganizationPolicyListPolicyOutputWithContext ¶
func (o GetOrganizationPolicyListPolicyOutput) ToGetOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyListPolicyOutput
type GetOrganizationPolicyRestorePolicy ¶
type GetOrganizationPolicyRestorePolicy struct { // May only be set to true. If set, then the default Policy is restored. Default bool `pulumi:"default"` }
type GetOrganizationPolicyRestorePolicyArgs ¶
type GetOrganizationPolicyRestorePolicyArgs struct { // May only be set to true. If set, then the default Policy is restored. Default pulumi.BoolInput `pulumi:"default"` }
func (GetOrganizationPolicyRestorePolicyArgs) ElementType ¶
func (GetOrganizationPolicyRestorePolicyArgs) ElementType() reflect.Type
func (GetOrganizationPolicyRestorePolicyArgs) ToGetOrganizationPolicyRestorePolicyOutput ¶
func (i GetOrganizationPolicyRestorePolicyArgs) ToGetOrganizationPolicyRestorePolicyOutput() GetOrganizationPolicyRestorePolicyOutput
func (GetOrganizationPolicyRestorePolicyArgs) ToGetOrganizationPolicyRestorePolicyOutputWithContext ¶
func (i GetOrganizationPolicyRestorePolicyArgs) ToGetOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyOutput
type GetOrganizationPolicyRestorePolicyArray ¶
type GetOrganizationPolicyRestorePolicyArray []GetOrganizationPolicyRestorePolicyInput
func (GetOrganizationPolicyRestorePolicyArray) ElementType ¶
func (GetOrganizationPolicyRestorePolicyArray) ElementType() reflect.Type
func (GetOrganizationPolicyRestorePolicyArray) ToGetOrganizationPolicyRestorePolicyArrayOutput ¶
func (i GetOrganizationPolicyRestorePolicyArray) ToGetOrganizationPolicyRestorePolicyArrayOutput() GetOrganizationPolicyRestorePolicyArrayOutput
func (GetOrganizationPolicyRestorePolicyArray) ToGetOrganizationPolicyRestorePolicyArrayOutputWithContext ¶
func (i GetOrganizationPolicyRestorePolicyArray) ToGetOrganizationPolicyRestorePolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyArrayOutput
type GetOrganizationPolicyRestorePolicyArrayInput ¶
type GetOrganizationPolicyRestorePolicyArrayInput interface { pulumi.Input ToGetOrganizationPolicyRestorePolicyArrayOutput() GetOrganizationPolicyRestorePolicyArrayOutput ToGetOrganizationPolicyRestorePolicyArrayOutputWithContext(context.Context) GetOrganizationPolicyRestorePolicyArrayOutput }
GetOrganizationPolicyRestorePolicyArrayInput is an input type that accepts GetOrganizationPolicyRestorePolicyArray and GetOrganizationPolicyRestorePolicyArrayOutput values. You can construct a concrete instance of `GetOrganizationPolicyRestorePolicyArrayInput` via:
GetOrganizationPolicyRestorePolicyArray{ GetOrganizationPolicyRestorePolicyArgs{...} }
type GetOrganizationPolicyRestorePolicyArrayOutput ¶
type GetOrganizationPolicyRestorePolicyArrayOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyRestorePolicyArrayOutput) ElementType ¶
func (GetOrganizationPolicyRestorePolicyArrayOutput) ElementType() reflect.Type
func (GetOrganizationPolicyRestorePolicyArrayOutput) ToGetOrganizationPolicyRestorePolicyArrayOutput ¶
func (o GetOrganizationPolicyRestorePolicyArrayOutput) ToGetOrganizationPolicyRestorePolicyArrayOutput() GetOrganizationPolicyRestorePolicyArrayOutput
func (GetOrganizationPolicyRestorePolicyArrayOutput) ToGetOrganizationPolicyRestorePolicyArrayOutputWithContext ¶
func (o GetOrganizationPolicyRestorePolicyArrayOutput) ToGetOrganizationPolicyRestorePolicyArrayOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyArrayOutput
type GetOrganizationPolicyRestorePolicyInput ¶
type GetOrganizationPolicyRestorePolicyInput interface { pulumi.Input ToGetOrganizationPolicyRestorePolicyOutput() GetOrganizationPolicyRestorePolicyOutput ToGetOrganizationPolicyRestorePolicyOutputWithContext(context.Context) GetOrganizationPolicyRestorePolicyOutput }
GetOrganizationPolicyRestorePolicyInput is an input type that accepts GetOrganizationPolicyRestorePolicyArgs and GetOrganizationPolicyRestorePolicyOutput values. You can construct a concrete instance of `GetOrganizationPolicyRestorePolicyInput` via:
GetOrganizationPolicyRestorePolicyArgs{...}
type GetOrganizationPolicyRestorePolicyOutput ¶
type GetOrganizationPolicyRestorePolicyOutput struct{ *pulumi.OutputState }
func (GetOrganizationPolicyRestorePolicyOutput) Default ¶
func (o GetOrganizationPolicyRestorePolicyOutput) Default() pulumi.BoolOutput
May only be set to true. If set, then the default Policy is restored.
func (GetOrganizationPolicyRestorePolicyOutput) ElementType ¶
func (GetOrganizationPolicyRestorePolicyOutput) ElementType() reflect.Type
func (GetOrganizationPolicyRestorePolicyOutput) ToGetOrganizationPolicyRestorePolicyOutput ¶
func (o GetOrganizationPolicyRestorePolicyOutput) ToGetOrganizationPolicyRestorePolicyOutput() GetOrganizationPolicyRestorePolicyOutput
func (GetOrganizationPolicyRestorePolicyOutput) ToGetOrganizationPolicyRestorePolicyOutputWithContext ¶
func (o GetOrganizationPolicyRestorePolicyOutput) ToGetOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) GetOrganizationPolicyRestorePolicyOutput
type IAMBinding ¶
type IAMBinding struct { pulumi.CustomResourceState Condition IAMBindingConditionPtrOutput `pulumi:"condition"` // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringOutput `pulumi:"etag"` // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringOutput `pulumi:"folder"` // An array of identities that will be granted the privilege in the `role`. // Each entry can have one of the following values: // * **user:{emailid}**: An email address that is associated with a specific Google account. For example, alice@gmail.com. // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. // * For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding Members pulumi.StringArrayOutput `pulumi:"members"` // The role that should be applied. Only one // `folder.IAMBinding` can be used per role. Note that custom roles must be of the format // `[projects|organizations]/{parent-name}/roles/{role-name}`. Role pulumi.StringOutput `pulumi:"role"` }
Allows creation and management of a single binding within IAM policy for an existing Google Cloud Platform folder.
> **Note:** This resource _must not_ be used in conjunction with
`folder.IAMPolicy` or they will fight over what your policy should be.
> **Note:** On create, this resource will overwrite members of any existing roles.
Use `pulumi import` and inspect the output to ensure your existing members are preserved.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { department1, err := organizations.NewFolder(ctx, "department1", &organizations.FolderArgs{ DisplayName: pulumi.String("Department 1"), Parent: pulumi.String("organizations/1234567"), }) if err != nil { return err } _, err = folder.NewIAMBinding(ctx, "admin", &folder.IAMBindingArgs{ Folder: department1.Name, Role: pulumi.String("roles/editor"), Members: pulumi.StringArray{ pulumi.String("user:alice@gmail.com"), }, }) if err != nil { return err } return nil }) }
```
## Import
IAM binding imports use space-delimited identifiers; first the resource in question and then the role. These bindings can be imported using the `folder` and role, e.g.
```sh $ pulumi import gcp:folder/iAMBinding:IAMBinding viewer "folder-name roles/viewer" ```
-> **Custom Roles**: If you're importing a IAM binding with a custom role, make sure to use the
full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
func GetIAMBinding ¶
func GetIAMBinding(ctx *pulumi.Context, name string, id pulumi.IDInput, state *IAMBindingState, opts ...pulumi.ResourceOption) (*IAMBinding, error)
GetIAMBinding gets an existing IAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewIAMBinding ¶
func NewIAMBinding(ctx *pulumi.Context, name string, args *IAMBindingArgs, opts ...pulumi.ResourceOption) (*IAMBinding, error)
NewIAMBinding registers a new resource with the given unique name, arguments, and options.
func (*IAMBinding) ElementType ¶
func (*IAMBinding) ElementType() reflect.Type
func (*IAMBinding) ToIAMBindingOutput ¶
func (i *IAMBinding) ToIAMBindingOutput() IAMBindingOutput
func (*IAMBinding) ToIAMBindingOutputWithContext ¶
func (i *IAMBinding) ToIAMBindingOutputWithContext(ctx context.Context) IAMBindingOutput
type IAMBindingArgs ¶
type IAMBindingArgs struct { Condition IAMBindingConditionPtrInput // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringInput // An array of identities that will be granted the privilege in the `role`. // Each entry can have one of the following values: // * **user:{emailid}**: An email address that is associated with a specific Google account. For example, alice@gmail.com. // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. // * For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding Members pulumi.StringArrayInput // The role that should be applied. Only one // `folder.IAMBinding` can be used per role. Note that custom roles must be of the format // `[projects|organizations]/{parent-name}/roles/{role-name}`. Role pulumi.StringInput }
The set of arguments for constructing a IAMBinding resource.
func (IAMBindingArgs) ElementType ¶
func (IAMBindingArgs) ElementType() reflect.Type
type IAMBindingArray ¶
type IAMBindingArray []IAMBindingInput
func (IAMBindingArray) ElementType ¶
func (IAMBindingArray) ElementType() reflect.Type
func (IAMBindingArray) ToIAMBindingArrayOutput ¶
func (i IAMBindingArray) ToIAMBindingArrayOutput() IAMBindingArrayOutput
func (IAMBindingArray) ToIAMBindingArrayOutputWithContext ¶
func (i IAMBindingArray) ToIAMBindingArrayOutputWithContext(ctx context.Context) IAMBindingArrayOutput
type IAMBindingArrayInput ¶
type IAMBindingArrayInput interface { pulumi.Input ToIAMBindingArrayOutput() IAMBindingArrayOutput ToIAMBindingArrayOutputWithContext(context.Context) IAMBindingArrayOutput }
IAMBindingArrayInput is an input type that accepts IAMBindingArray and IAMBindingArrayOutput values. You can construct a concrete instance of `IAMBindingArrayInput` via:
IAMBindingArray{ IAMBindingArgs{...} }
type IAMBindingArrayOutput ¶
type IAMBindingArrayOutput struct{ *pulumi.OutputState }
func (IAMBindingArrayOutput) ElementType ¶
func (IAMBindingArrayOutput) ElementType() reflect.Type
func (IAMBindingArrayOutput) Index ¶
func (o IAMBindingArrayOutput) Index(i pulumi.IntInput) IAMBindingOutput
func (IAMBindingArrayOutput) ToIAMBindingArrayOutput ¶
func (o IAMBindingArrayOutput) ToIAMBindingArrayOutput() IAMBindingArrayOutput
func (IAMBindingArrayOutput) ToIAMBindingArrayOutputWithContext ¶
func (o IAMBindingArrayOutput) ToIAMBindingArrayOutputWithContext(ctx context.Context) IAMBindingArrayOutput
type IAMBindingCondition ¶
type IAMBindingConditionArgs ¶
type IAMBindingConditionArgs struct { Description pulumi.StringPtrInput `pulumi:"description"` Expression pulumi.StringInput `pulumi:"expression"` Title pulumi.StringInput `pulumi:"title"` }
func (IAMBindingConditionArgs) ElementType ¶
func (IAMBindingConditionArgs) ElementType() reflect.Type
func (IAMBindingConditionArgs) ToIAMBindingConditionOutput ¶
func (i IAMBindingConditionArgs) ToIAMBindingConditionOutput() IAMBindingConditionOutput
func (IAMBindingConditionArgs) ToIAMBindingConditionOutputWithContext ¶
func (i IAMBindingConditionArgs) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput
func (IAMBindingConditionArgs) ToIAMBindingConditionPtrOutput ¶
func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
func (IAMBindingConditionArgs) ToIAMBindingConditionPtrOutputWithContext ¶
func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput
type IAMBindingConditionInput ¶
type IAMBindingConditionInput interface { pulumi.Input ToIAMBindingConditionOutput() IAMBindingConditionOutput ToIAMBindingConditionOutputWithContext(context.Context) IAMBindingConditionOutput }
IAMBindingConditionInput is an input type that accepts IAMBindingConditionArgs and IAMBindingConditionOutput values. You can construct a concrete instance of `IAMBindingConditionInput` via:
IAMBindingConditionArgs{...}
type IAMBindingConditionOutput ¶
type IAMBindingConditionOutput struct{ *pulumi.OutputState }
func (IAMBindingConditionOutput) Description ¶
func (o IAMBindingConditionOutput) Description() pulumi.StringPtrOutput
func (IAMBindingConditionOutput) ElementType ¶
func (IAMBindingConditionOutput) ElementType() reflect.Type
func (IAMBindingConditionOutput) Expression ¶
func (o IAMBindingConditionOutput) Expression() pulumi.StringOutput
func (IAMBindingConditionOutput) Title ¶
func (o IAMBindingConditionOutput) Title() pulumi.StringOutput
func (IAMBindingConditionOutput) ToIAMBindingConditionOutput ¶
func (o IAMBindingConditionOutput) ToIAMBindingConditionOutput() IAMBindingConditionOutput
func (IAMBindingConditionOutput) ToIAMBindingConditionOutputWithContext ¶
func (o IAMBindingConditionOutput) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput
func (IAMBindingConditionOutput) ToIAMBindingConditionPtrOutput ¶
func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
func (IAMBindingConditionOutput) ToIAMBindingConditionPtrOutputWithContext ¶
func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput
type IAMBindingConditionPtrInput ¶
type IAMBindingConditionPtrInput interface { pulumi.Input ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput ToIAMBindingConditionPtrOutputWithContext(context.Context) IAMBindingConditionPtrOutput }
IAMBindingConditionPtrInput is an input type that accepts IAMBindingConditionArgs, IAMBindingConditionPtr and IAMBindingConditionPtrOutput values. You can construct a concrete instance of `IAMBindingConditionPtrInput` via:
IAMBindingConditionArgs{...} or: nil
func IAMBindingConditionPtr ¶
func IAMBindingConditionPtr(v *IAMBindingConditionArgs) IAMBindingConditionPtrInput
type IAMBindingConditionPtrOutput ¶
type IAMBindingConditionPtrOutput struct{ *pulumi.OutputState }
func (IAMBindingConditionPtrOutput) Description ¶
func (o IAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput
func (IAMBindingConditionPtrOutput) Elem ¶
func (o IAMBindingConditionPtrOutput) Elem() IAMBindingConditionOutput
func (IAMBindingConditionPtrOutput) ElementType ¶
func (IAMBindingConditionPtrOutput) ElementType() reflect.Type
func (IAMBindingConditionPtrOutput) Expression ¶
func (o IAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput
func (IAMBindingConditionPtrOutput) Title ¶
func (o IAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput
func (IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutput ¶
func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
func (IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutputWithContext ¶
func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput
type IAMBindingInput ¶
type IAMBindingInput interface { pulumi.Input ToIAMBindingOutput() IAMBindingOutput ToIAMBindingOutputWithContext(ctx context.Context) IAMBindingOutput }
type IAMBindingMap ¶
type IAMBindingMap map[string]IAMBindingInput
func (IAMBindingMap) ElementType ¶
func (IAMBindingMap) ElementType() reflect.Type
func (IAMBindingMap) ToIAMBindingMapOutput ¶
func (i IAMBindingMap) ToIAMBindingMapOutput() IAMBindingMapOutput
func (IAMBindingMap) ToIAMBindingMapOutputWithContext ¶
func (i IAMBindingMap) ToIAMBindingMapOutputWithContext(ctx context.Context) IAMBindingMapOutput
type IAMBindingMapInput ¶
type IAMBindingMapInput interface { pulumi.Input ToIAMBindingMapOutput() IAMBindingMapOutput ToIAMBindingMapOutputWithContext(context.Context) IAMBindingMapOutput }
IAMBindingMapInput is an input type that accepts IAMBindingMap and IAMBindingMapOutput values. You can construct a concrete instance of `IAMBindingMapInput` via:
IAMBindingMap{ "key": IAMBindingArgs{...} }
type IAMBindingMapOutput ¶
type IAMBindingMapOutput struct{ *pulumi.OutputState }
func (IAMBindingMapOutput) ElementType ¶
func (IAMBindingMapOutput) ElementType() reflect.Type
func (IAMBindingMapOutput) MapIndex ¶
func (o IAMBindingMapOutput) MapIndex(k pulumi.StringInput) IAMBindingOutput
func (IAMBindingMapOutput) ToIAMBindingMapOutput ¶
func (o IAMBindingMapOutput) ToIAMBindingMapOutput() IAMBindingMapOutput
func (IAMBindingMapOutput) ToIAMBindingMapOutputWithContext ¶
func (o IAMBindingMapOutput) ToIAMBindingMapOutputWithContext(ctx context.Context) IAMBindingMapOutput
type IAMBindingOutput ¶
type IAMBindingOutput struct{ *pulumi.OutputState }
func (IAMBindingOutput) Condition ¶
func (o IAMBindingOutput) Condition() IAMBindingConditionPtrOutput
func (IAMBindingOutput) ElementType ¶
func (IAMBindingOutput) ElementType() reflect.Type
func (IAMBindingOutput) Etag ¶
func (o IAMBindingOutput) Etag() pulumi.StringOutput
(Computed) The etag of the folder's IAM policy.
func (IAMBindingOutput) Folder ¶
func (o IAMBindingOutput) Folder() pulumi.StringOutput
The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
func (IAMBindingOutput) Members ¶
func (o IAMBindingOutput) Members() pulumi.StringArrayOutput
An array of identities that will be granted the privilege in the `role`. Each entry can have one of the following values: * **user:{emailid}**: An email address that is associated with a specific Google account. For example, alice@gmail.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
func (IAMBindingOutput) Role ¶
func (o IAMBindingOutput) Role() pulumi.StringOutput
The role that should be applied. Only one `folder.IAMBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.
func (IAMBindingOutput) ToIAMBindingOutput ¶
func (o IAMBindingOutput) ToIAMBindingOutput() IAMBindingOutput
func (IAMBindingOutput) ToIAMBindingOutputWithContext ¶
func (o IAMBindingOutput) ToIAMBindingOutputWithContext(ctx context.Context) IAMBindingOutput
type IAMBindingState ¶
type IAMBindingState struct { Condition IAMBindingConditionPtrInput // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringPtrInput // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringPtrInput // An array of identities that will be granted the privilege in the `role`. // Each entry can have one of the following values: // * **user:{emailid}**: An email address that is associated with a specific Google account. For example, alice@gmail.com. // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. // * For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding Members pulumi.StringArrayInput // The role that should be applied. Only one // `folder.IAMBinding` can be used per role. Note that custom roles must be of the format // `[projects|organizations]/{parent-name}/roles/{role-name}`. Role pulumi.StringPtrInput }
func (IAMBindingState) ElementType ¶
func (IAMBindingState) ElementType() reflect.Type
type IAMMember ¶
type IAMMember struct { pulumi.CustomResourceState // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. // Structure is documented below. Condition IAMMemberConditionPtrOutput `pulumi:"condition"` // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringOutput `pulumi:"etag"` // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringOutput `pulumi:"folder"` // Identities that will be granted the privilege in `role`. // Each entry can have one of the following values: // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. Member pulumi.StringOutput `pulumi:"member"` // The role that should be applied. Only one // `folder.IAMBinding` can be used per role. Note that custom roles must be of the format // `organizations/{{org_id}}/roles/{{role_id}}`. Role pulumi.StringOutput `pulumi:"role"` }
Four different resources help you manage your IAM policy for a folder. Each of these resources serves a different use case:
* `folder.IAMPolicy`: Authoritative. Sets the IAM policy for the folder and replaces any existing policy already attached. * `folder.IAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the folder are preserved. * `folder.IAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the folder are preserved. * `folder.IamAuditConfig`: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.
> **Note:** `folder.IAMPolicy` **cannot** be used in conjunction with `folder.IAMBinding`, `folder.IAMMember`, or `folder.IamAuditConfig` or they will fight over what your policy should be.
> **Note:** `folder.IAMBinding` resources **can be** used in conjunction with `folder.IAMMember` resources **only if** they do not grant privilege to the same role.
> **Note:** The underlying API method `projects.setIamPolicy` has constraints which are documented [here](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy). In addition to these constraints,
IAM Conditions cannot be used with Basic Roles such as Owner. Violating these constraints will result in the API returning a 400 error code so please review these if you encounter errors with this resource.
## folder.IAMPolicy
!> **Be careful!** You can accidentally lock yourself out of your folder
using this resource. Deleting a `folder.IAMPolicy` removes access from anyone without permissions on its parent folder/organization. Proceed with caution. It's not recommended to use `folder.IAMPolicy` with your provider folder to avoid locking yourself out, and it should generally only be used with folders fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before applying the change.
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ Bindings: []organizations.GetIAMPolicyBinding{ { Role: "roles/editor", Members: []string{ "user:jane@example.com", }, }, }, }, nil) if err != nil { return err } _, err = folder.NewIAMPolicy(ctx, "folder", &folder.IAMPolicyArgs{ Folder: pulumi.String("folders/1234567"), PolicyData: pulumi.String(admin.PolicyData), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ Bindings: []organizations.GetIAMPolicyBinding{ { Role: "roles/compute.admin", Members: []string{ "user:jane@example.com", }, Condition: { Title: "expires_after_2019_12_31", Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }, }, }, nil) if err != nil { return err } _, err = folder.NewIAMPolicy(ctx, "folder", &folder.IAMPolicyArgs{ Folder: pulumi.String("folders/1234567"), PolicyData: pulumi.String(admin.PolicyData), }) if err != nil { return err } return nil }) }
```
## folder.IAMBinding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/container.admin"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, Condition: &folder.IAMBindingConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IAMMember
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Member: pulumi.String("user:jane@example.com"), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/firebase.admin"), Member: pulumi.String("user:jane@example.com"), Condition: &folder.IAMMemberConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IamAuditConfig
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIamAuditConfig(ctx, "folder", &folder.IamAuditConfigArgs{ Folder: pulumi.String("folders/1234567"), Service: pulumi.String("allServices"), AuditLogConfigs: folder.IamAuditConfigAuditLogConfigArray{ &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("ADMIN_READ"), }, &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("DATA_READ"), ExemptedMembers: pulumi.StringArray{ pulumi.String("user:joebloggs@example.com"), }, }, }, }) if err != nil { return err } return nil }) }
```
## folder.IAMBinding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/container.admin"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, Condition: &folder.IAMBindingConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IAMMember
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Member: pulumi.String("user:jane@example.com"), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/firebase.admin"), Member: pulumi.String("user:jane@example.com"), Condition: &folder.IAMMemberConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IamAuditConfig
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIamAuditConfig(ctx, "folder", &folder.IamAuditConfigArgs{ Folder: pulumi.String("folders/1234567"), Service: pulumi.String("allServices"), AuditLogConfigs: folder.IamAuditConfigAuditLogConfigArray{ &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("ADMIN_READ"), }, &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("DATA_READ"), ExemptedMembers: pulumi.StringArray{ pulumi.String("user:joebloggs@example.com"), }, }, }, }) if err != nil { return err } return nil }) }
```
## Import
### Importing Audit Configs
An audit config can be imported into a `google_folder_iam_audit_config` resource using the resource's `folder_id` and the `service`, e.g:
* `"folder/{{folder_id}} foo.googleapis.com"`
An `import` block (Terraform v1.5.0 and later) can be used to import audit configs:
tf
import {
id = "folder/{{folder_id}} foo.googleapis.com" to = google_folder_iam_audit_config.default
}
The `pulumi import` command can also be used:
```sh $ pulumi import gcp:folder/iAMMember:IAMMember default "folder/{{folder_id}} foo.googleapis.com" ```
func GetIAMMember ¶
func GetIAMMember(ctx *pulumi.Context, name string, id pulumi.IDInput, state *IAMMemberState, opts ...pulumi.ResourceOption) (*IAMMember, error)
GetIAMMember gets an existing IAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewIAMMember ¶
func NewIAMMember(ctx *pulumi.Context, name string, args *IAMMemberArgs, opts ...pulumi.ResourceOption) (*IAMMember, error)
NewIAMMember registers a new resource with the given unique name, arguments, and options.
func (*IAMMember) ElementType ¶
func (*IAMMember) ToIAMMemberOutput ¶
func (i *IAMMember) ToIAMMemberOutput() IAMMemberOutput
func (*IAMMember) ToIAMMemberOutputWithContext ¶
func (i *IAMMember) ToIAMMemberOutputWithContext(ctx context.Context) IAMMemberOutput
type IAMMemberArgs ¶
type IAMMemberArgs struct { // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. // Structure is documented below. Condition IAMMemberConditionPtrInput // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringInput // Identities that will be granted the privilege in `role`. // Each entry can have one of the following values: // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. Member pulumi.StringInput // The role that should be applied. Only one // `folder.IAMBinding` can be used per role. Note that custom roles must be of the format // `organizations/{{org_id}}/roles/{{role_id}}`. Role pulumi.StringInput }
The set of arguments for constructing a IAMMember resource.
func (IAMMemberArgs) ElementType ¶
func (IAMMemberArgs) ElementType() reflect.Type
type IAMMemberArray ¶
type IAMMemberArray []IAMMemberInput
func (IAMMemberArray) ElementType ¶
func (IAMMemberArray) ElementType() reflect.Type
func (IAMMemberArray) ToIAMMemberArrayOutput ¶
func (i IAMMemberArray) ToIAMMemberArrayOutput() IAMMemberArrayOutput
func (IAMMemberArray) ToIAMMemberArrayOutputWithContext ¶
func (i IAMMemberArray) ToIAMMemberArrayOutputWithContext(ctx context.Context) IAMMemberArrayOutput
type IAMMemberArrayInput ¶
type IAMMemberArrayInput interface { pulumi.Input ToIAMMemberArrayOutput() IAMMemberArrayOutput ToIAMMemberArrayOutputWithContext(context.Context) IAMMemberArrayOutput }
IAMMemberArrayInput is an input type that accepts IAMMemberArray and IAMMemberArrayOutput values. You can construct a concrete instance of `IAMMemberArrayInput` via:
IAMMemberArray{ IAMMemberArgs{...} }
type IAMMemberArrayOutput ¶
type IAMMemberArrayOutput struct{ *pulumi.OutputState }
func (IAMMemberArrayOutput) ElementType ¶
func (IAMMemberArrayOutput) ElementType() reflect.Type
func (IAMMemberArrayOutput) Index ¶
func (o IAMMemberArrayOutput) Index(i pulumi.IntInput) IAMMemberOutput
func (IAMMemberArrayOutput) ToIAMMemberArrayOutput ¶
func (o IAMMemberArrayOutput) ToIAMMemberArrayOutput() IAMMemberArrayOutput
func (IAMMemberArrayOutput) ToIAMMemberArrayOutputWithContext ¶
func (o IAMMemberArrayOutput) ToIAMMemberArrayOutputWithContext(ctx context.Context) IAMMemberArrayOutput
type IAMMemberCondition ¶
type IAMMemberCondition struct { // An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. // // > **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the // identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will // consider it to be an entirely different resource and will treat it as such. Description *string `pulumi:"description"` // Textual representation of an expression in Common Expression Language syntax. Expression string `pulumi:"expression"` // A title for the expression, i.e. a short string describing its purpose. Title string `pulumi:"title"` }
type IAMMemberConditionArgs ¶
type IAMMemberConditionArgs struct { // An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. // // > **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the // identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will // consider it to be an entirely different resource and will treat it as such. Description pulumi.StringPtrInput `pulumi:"description"` // Textual representation of an expression in Common Expression Language syntax. Expression pulumi.StringInput `pulumi:"expression"` // A title for the expression, i.e. a short string describing its purpose. Title pulumi.StringInput `pulumi:"title"` }
func (IAMMemberConditionArgs) ElementType ¶
func (IAMMemberConditionArgs) ElementType() reflect.Type
func (IAMMemberConditionArgs) ToIAMMemberConditionOutput ¶
func (i IAMMemberConditionArgs) ToIAMMemberConditionOutput() IAMMemberConditionOutput
func (IAMMemberConditionArgs) ToIAMMemberConditionOutputWithContext ¶
func (i IAMMemberConditionArgs) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput
func (IAMMemberConditionArgs) ToIAMMemberConditionPtrOutput ¶
func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
func (IAMMemberConditionArgs) ToIAMMemberConditionPtrOutputWithContext ¶
func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput
type IAMMemberConditionInput ¶
type IAMMemberConditionInput interface { pulumi.Input ToIAMMemberConditionOutput() IAMMemberConditionOutput ToIAMMemberConditionOutputWithContext(context.Context) IAMMemberConditionOutput }
IAMMemberConditionInput is an input type that accepts IAMMemberConditionArgs and IAMMemberConditionOutput values. You can construct a concrete instance of `IAMMemberConditionInput` via:
IAMMemberConditionArgs{...}
type IAMMemberConditionOutput ¶
type IAMMemberConditionOutput struct{ *pulumi.OutputState }
func (IAMMemberConditionOutput) Description ¶
func (o IAMMemberConditionOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
> **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will consider it to be an entirely different resource and will treat it as such.
func (IAMMemberConditionOutput) ElementType ¶
func (IAMMemberConditionOutput) ElementType() reflect.Type
func (IAMMemberConditionOutput) Expression ¶
func (o IAMMemberConditionOutput) Expression() pulumi.StringOutput
Textual representation of an expression in Common Expression Language syntax.
func (IAMMemberConditionOutput) Title ¶
func (o IAMMemberConditionOutput) Title() pulumi.StringOutput
A title for the expression, i.e. a short string describing its purpose.
func (IAMMemberConditionOutput) ToIAMMemberConditionOutput ¶
func (o IAMMemberConditionOutput) ToIAMMemberConditionOutput() IAMMemberConditionOutput
func (IAMMemberConditionOutput) ToIAMMemberConditionOutputWithContext ¶
func (o IAMMemberConditionOutput) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput
func (IAMMemberConditionOutput) ToIAMMemberConditionPtrOutput ¶
func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
func (IAMMemberConditionOutput) ToIAMMemberConditionPtrOutputWithContext ¶
func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput
type IAMMemberConditionPtrInput ¶
type IAMMemberConditionPtrInput interface { pulumi.Input ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput ToIAMMemberConditionPtrOutputWithContext(context.Context) IAMMemberConditionPtrOutput }
IAMMemberConditionPtrInput is an input type that accepts IAMMemberConditionArgs, IAMMemberConditionPtr and IAMMemberConditionPtrOutput values. You can construct a concrete instance of `IAMMemberConditionPtrInput` via:
IAMMemberConditionArgs{...} or: nil
func IAMMemberConditionPtr ¶
func IAMMemberConditionPtr(v *IAMMemberConditionArgs) IAMMemberConditionPtrInput
type IAMMemberConditionPtrOutput ¶
type IAMMemberConditionPtrOutput struct{ *pulumi.OutputState }
func (IAMMemberConditionPtrOutput) Description ¶
func (o IAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
> **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will consider it to be an entirely different resource and will treat it as such.
func (IAMMemberConditionPtrOutput) Elem ¶
func (o IAMMemberConditionPtrOutput) Elem() IAMMemberConditionOutput
func (IAMMemberConditionPtrOutput) ElementType ¶
func (IAMMemberConditionPtrOutput) ElementType() reflect.Type
func (IAMMemberConditionPtrOutput) Expression ¶
func (o IAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput
Textual representation of an expression in Common Expression Language syntax.
func (IAMMemberConditionPtrOutput) Title ¶
func (o IAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput
A title for the expression, i.e. a short string describing its purpose.
func (IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutput ¶
func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
func (IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutputWithContext ¶
func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput
type IAMMemberInput ¶
type IAMMemberInput interface { pulumi.Input ToIAMMemberOutput() IAMMemberOutput ToIAMMemberOutputWithContext(ctx context.Context) IAMMemberOutput }
type IAMMemberMap ¶
type IAMMemberMap map[string]IAMMemberInput
func (IAMMemberMap) ElementType ¶
func (IAMMemberMap) ElementType() reflect.Type
func (IAMMemberMap) ToIAMMemberMapOutput ¶
func (i IAMMemberMap) ToIAMMemberMapOutput() IAMMemberMapOutput
func (IAMMemberMap) ToIAMMemberMapOutputWithContext ¶
func (i IAMMemberMap) ToIAMMemberMapOutputWithContext(ctx context.Context) IAMMemberMapOutput
type IAMMemberMapInput ¶
type IAMMemberMapInput interface { pulumi.Input ToIAMMemberMapOutput() IAMMemberMapOutput ToIAMMemberMapOutputWithContext(context.Context) IAMMemberMapOutput }
IAMMemberMapInput is an input type that accepts IAMMemberMap and IAMMemberMapOutput values. You can construct a concrete instance of `IAMMemberMapInput` via:
IAMMemberMap{ "key": IAMMemberArgs{...} }
type IAMMemberMapOutput ¶
type IAMMemberMapOutput struct{ *pulumi.OutputState }
func (IAMMemberMapOutput) ElementType ¶
func (IAMMemberMapOutput) ElementType() reflect.Type
func (IAMMemberMapOutput) MapIndex ¶
func (o IAMMemberMapOutput) MapIndex(k pulumi.StringInput) IAMMemberOutput
func (IAMMemberMapOutput) ToIAMMemberMapOutput ¶
func (o IAMMemberMapOutput) ToIAMMemberMapOutput() IAMMemberMapOutput
func (IAMMemberMapOutput) ToIAMMemberMapOutputWithContext ¶
func (o IAMMemberMapOutput) ToIAMMemberMapOutputWithContext(ctx context.Context) IAMMemberMapOutput
type IAMMemberOutput ¶
type IAMMemberOutput struct{ *pulumi.OutputState }
func (IAMMemberOutput) Condition ¶
func (o IAMMemberOutput) Condition() IAMMemberConditionPtrOutput
An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.
func (IAMMemberOutput) ElementType ¶
func (IAMMemberOutput) ElementType() reflect.Type
func (IAMMemberOutput) Etag ¶
func (o IAMMemberOutput) Etag() pulumi.StringOutput
(Computed) The etag of the folder's IAM policy.
func (IAMMemberOutput) Folder ¶
func (o IAMMemberOutput) Folder() pulumi.StringOutput
The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
func (IAMMemberOutput) Member ¶
func (o IAMMemberOutput) Member() pulumi.StringOutput
Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
func (IAMMemberOutput) Role ¶
func (o IAMMemberOutput) Role() pulumi.StringOutput
The role that should be applied. Only one `folder.IAMBinding` can be used per role. Note that custom roles must be of the format `organizations/{{org_id}}/roles/{{role_id}}`.
func (IAMMemberOutput) ToIAMMemberOutput ¶
func (o IAMMemberOutput) ToIAMMemberOutput() IAMMemberOutput
func (IAMMemberOutput) ToIAMMemberOutputWithContext ¶
func (o IAMMemberOutput) ToIAMMemberOutputWithContext(ctx context.Context) IAMMemberOutput
type IAMMemberState ¶
type IAMMemberState struct { // An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. // Structure is documented below. Condition IAMMemberConditionPtrInput // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringPtrInput // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringPtrInput // Identities that will be granted the privilege in `role`. // Each entry can have one of the following values: // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. Member pulumi.StringPtrInput // The role that should be applied. Only one // `folder.IAMBinding` can be used per role. Note that custom roles must be of the format // `organizations/{{org_id}}/roles/{{role_id}}`. Role pulumi.StringPtrInput }
func (IAMMemberState) ElementType ¶
func (IAMMemberState) ElementType() reflect.Type
type IAMPolicy ¶
type IAMPolicy struct { pulumi.CustomResourceState // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringOutput `pulumi:"etag"` // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringOutput `pulumi:"folder"` // The `organizations.getIAMPolicy` data source that represents // the IAM policy that will be applied to the folder. The policy will be // merged with any existing policy applied to the folder. // // Changing this updates the policy. // // Deleting this removes all policies from the folder, locking out users without // folder-level access. PolicyData pulumi.StringOutput `pulumi:"policyData"` }
Four different resources help you manage your IAM policy for a folder. Each of these resources serves a different use case:
* `folder.IAMPolicy`: Authoritative. Sets the IAM policy for the folder and replaces any existing policy already attached. * `folder.IAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the folder are preserved. * `folder.IAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the folder are preserved. * `folder.IamAuditConfig`: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.
> **Note:** `folder.IAMPolicy` **cannot** be used in conjunction with `folder.IAMBinding`, `folder.IAMMember`, or `folder.IamAuditConfig` or they will fight over what your policy should be.
> **Note:** `folder.IAMBinding` resources **can be** used in conjunction with `folder.IAMMember` resources **only if** they do not grant privilege to the same role.
> **Note:** The underlying API method `projects.setIamPolicy` has constraints which are documented [here](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy). In addition to these constraints,
IAM Conditions cannot be used with Basic Roles such as Owner. Violating these constraints will result in the API returning a 400 error code so please review these if you encounter errors with this resource.
## folder.IAMPolicy
!> **Be careful!** You can accidentally lock yourself out of your folder
using this resource. Deleting a `folder.IAMPolicy` removes access from anyone without permissions on its parent folder/organization. Proceed with caution. It's not recommended to use `folder.IAMPolicy` with your provider folder to avoid locking yourself out, and it should generally only be used with folders fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before applying the change.
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ Bindings: []organizations.GetIAMPolicyBinding{ { Role: "roles/editor", Members: []string{ "user:jane@example.com", }, }, }, }, nil) if err != nil { return err } _, err = folder.NewIAMPolicy(ctx, "folder", &folder.IAMPolicyArgs{ Folder: pulumi.String("folders/1234567"), PolicyData: pulumi.String(admin.PolicyData), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ Bindings: []organizations.GetIAMPolicyBinding{ { Role: "roles/compute.admin", Members: []string{ "user:jane@example.com", }, Condition: { Title: "expires_after_2019_12_31", Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }, }, }, nil) if err != nil { return err } _, err = folder.NewIAMPolicy(ctx, "folder", &folder.IAMPolicyArgs{ Folder: pulumi.String("folders/1234567"), PolicyData: pulumi.String(admin.PolicyData), }) if err != nil { return err } return nil }) }
```
## folder.IAMBinding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/container.admin"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, Condition: &folder.IAMBindingConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IAMMember
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Member: pulumi.String("user:jane@example.com"), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/firebase.admin"), Member: pulumi.String("user:jane@example.com"), Condition: &folder.IAMMemberConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IamAuditConfig
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIamAuditConfig(ctx, "folder", &folder.IamAuditConfigArgs{ Folder: pulumi.String("folders/1234567"), Service: pulumi.String("allServices"), AuditLogConfigs: folder.IamAuditConfigAuditLogConfigArray{ &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("ADMIN_READ"), }, &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("DATA_READ"), ExemptedMembers: pulumi.StringArray{ pulumi.String("user:joebloggs@example.com"), }, }, }, }) if err != nil { return err } return nil }) }
```
## folder.IAMBinding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/container.admin"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, Condition: &folder.IAMBindingConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IAMMember
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Member: pulumi.String("user:jane@example.com"), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/firebase.admin"), Member: pulumi.String("user:jane@example.com"), Condition: &folder.IAMMemberConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IamAuditConfig
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIamAuditConfig(ctx, "folder", &folder.IamAuditConfigArgs{ Folder: pulumi.String("folders/1234567"), Service: pulumi.String("allServices"), AuditLogConfigs: folder.IamAuditConfigAuditLogConfigArray{ &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("ADMIN_READ"), }, &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("DATA_READ"), ExemptedMembers: pulumi.StringArray{ pulumi.String("user:joebloggs@example.com"), }, }, }, }) if err != nil { return err } return nil }) }
```
## Import
### Importing Audit Configs
An audit config can be imported into a `google_folder_iam_audit_config` resource using the resource's `folder_id` and the `service`, e.g:
* `"folder/{{folder_id}} foo.googleapis.com"`
An `import` block (Terraform v1.5.0 and later) can be used to import audit configs:
tf
import {
id = "folder/{{folder_id}} foo.googleapis.com" to = google_folder_iam_audit_config.default
}
The `pulumi import` command can also be used:
```sh $ pulumi import gcp:folder/iAMPolicy:IAMPolicy default "folder/{{folder_id}} foo.googleapis.com" ```
func GetIAMPolicy ¶
func GetIAMPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *IAMPolicyState, opts ...pulumi.ResourceOption) (*IAMPolicy, error)
GetIAMPolicy gets an existing IAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewIAMPolicy ¶
func NewIAMPolicy(ctx *pulumi.Context, name string, args *IAMPolicyArgs, opts ...pulumi.ResourceOption) (*IAMPolicy, error)
NewIAMPolicy registers a new resource with the given unique name, arguments, and options.
func (*IAMPolicy) ElementType ¶
func (*IAMPolicy) ToIAMPolicyOutput ¶
func (i *IAMPolicy) ToIAMPolicyOutput() IAMPolicyOutput
func (*IAMPolicy) ToIAMPolicyOutputWithContext ¶
func (i *IAMPolicy) ToIAMPolicyOutputWithContext(ctx context.Context) IAMPolicyOutput
type IAMPolicyArgs ¶
type IAMPolicyArgs struct { // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringInput // The `organizations.getIAMPolicy` data source that represents // the IAM policy that will be applied to the folder. The policy will be // merged with any existing policy applied to the folder. // // Changing this updates the policy. // // Deleting this removes all policies from the folder, locking out users without // folder-level access. PolicyData pulumi.StringInput }
The set of arguments for constructing a IAMPolicy resource.
func (IAMPolicyArgs) ElementType ¶
func (IAMPolicyArgs) ElementType() reflect.Type
type IAMPolicyArray ¶
type IAMPolicyArray []IAMPolicyInput
func (IAMPolicyArray) ElementType ¶
func (IAMPolicyArray) ElementType() reflect.Type
func (IAMPolicyArray) ToIAMPolicyArrayOutput ¶
func (i IAMPolicyArray) ToIAMPolicyArrayOutput() IAMPolicyArrayOutput
func (IAMPolicyArray) ToIAMPolicyArrayOutputWithContext ¶
func (i IAMPolicyArray) ToIAMPolicyArrayOutputWithContext(ctx context.Context) IAMPolicyArrayOutput
type IAMPolicyArrayInput ¶
type IAMPolicyArrayInput interface { pulumi.Input ToIAMPolicyArrayOutput() IAMPolicyArrayOutput ToIAMPolicyArrayOutputWithContext(context.Context) IAMPolicyArrayOutput }
IAMPolicyArrayInput is an input type that accepts IAMPolicyArray and IAMPolicyArrayOutput values. You can construct a concrete instance of `IAMPolicyArrayInput` via:
IAMPolicyArray{ IAMPolicyArgs{...} }
type IAMPolicyArrayOutput ¶
type IAMPolicyArrayOutput struct{ *pulumi.OutputState }
func (IAMPolicyArrayOutput) ElementType ¶
func (IAMPolicyArrayOutput) ElementType() reflect.Type
func (IAMPolicyArrayOutput) Index ¶
func (o IAMPolicyArrayOutput) Index(i pulumi.IntInput) IAMPolicyOutput
func (IAMPolicyArrayOutput) ToIAMPolicyArrayOutput ¶
func (o IAMPolicyArrayOutput) ToIAMPolicyArrayOutput() IAMPolicyArrayOutput
func (IAMPolicyArrayOutput) ToIAMPolicyArrayOutputWithContext ¶
func (o IAMPolicyArrayOutput) ToIAMPolicyArrayOutputWithContext(ctx context.Context) IAMPolicyArrayOutput
type IAMPolicyInput ¶
type IAMPolicyInput interface { pulumi.Input ToIAMPolicyOutput() IAMPolicyOutput ToIAMPolicyOutputWithContext(ctx context.Context) IAMPolicyOutput }
type IAMPolicyMap ¶
type IAMPolicyMap map[string]IAMPolicyInput
func (IAMPolicyMap) ElementType ¶
func (IAMPolicyMap) ElementType() reflect.Type
func (IAMPolicyMap) ToIAMPolicyMapOutput ¶
func (i IAMPolicyMap) ToIAMPolicyMapOutput() IAMPolicyMapOutput
func (IAMPolicyMap) ToIAMPolicyMapOutputWithContext ¶
func (i IAMPolicyMap) ToIAMPolicyMapOutputWithContext(ctx context.Context) IAMPolicyMapOutput
type IAMPolicyMapInput ¶
type IAMPolicyMapInput interface { pulumi.Input ToIAMPolicyMapOutput() IAMPolicyMapOutput ToIAMPolicyMapOutputWithContext(context.Context) IAMPolicyMapOutput }
IAMPolicyMapInput is an input type that accepts IAMPolicyMap and IAMPolicyMapOutput values. You can construct a concrete instance of `IAMPolicyMapInput` via:
IAMPolicyMap{ "key": IAMPolicyArgs{...} }
type IAMPolicyMapOutput ¶
type IAMPolicyMapOutput struct{ *pulumi.OutputState }
func (IAMPolicyMapOutput) ElementType ¶
func (IAMPolicyMapOutput) ElementType() reflect.Type
func (IAMPolicyMapOutput) MapIndex ¶
func (o IAMPolicyMapOutput) MapIndex(k pulumi.StringInput) IAMPolicyOutput
func (IAMPolicyMapOutput) ToIAMPolicyMapOutput ¶
func (o IAMPolicyMapOutput) ToIAMPolicyMapOutput() IAMPolicyMapOutput
func (IAMPolicyMapOutput) ToIAMPolicyMapOutputWithContext ¶
func (o IAMPolicyMapOutput) ToIAMPolicyMapOutputWithContext(ctx context.Context) IAMPolicyMapOutput
type IAMPolicyOutput ¶
type IAMPolicyOutput struct{ *pulumi.OutputState }
func (IAMPolicyOutput) ElementType ¶
func (IAMPolicyOutput) ElementType() reflect.Type
func (IAMPolicyOutput) Etag ¶
func (o IAMPolicyOutput) Etag() pulumi.StringOutput
(Computed) The etag of the folder's IAM policy.
func (IAMPolicyOutput) Folder ¶
func (o IAMPolicyOutput) Folder() pulumi.StringOutput
The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
func (IAMPolicyOutput) PolicyData ¶
func (o IAMPolicyOutput) PolicyData() pulumi.StringOutput
The `organizations.getIAMPolicy` data source that represents the IAM policy that will be applied to the folder. The policy will be merged with any existing policy applied to the folder.
Changing this updates the policy.
Deleting this removes all policies from the folder, locking out users without folder-level access.
func (IAMPolicyOutput) ToIAMPolicyOutput ¶
func (o IAMPolicyOutput) ToIAMPolicyOutput() IAMPolicyOutput
func (IAMPolicyOutput) ToIAMPolicyOutputWithContext ¶
func (o IAMPolicyOutput) ToIAMPolicyOutputWithContext(ctx context.Context) IAMPolicyOutput
type IAMPolicyState ¶
type IAMPolicyState struct { // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringPtrInput // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringPtrInput // The `organizations.getIAMPolicy` data source that represents // the IAM policy that will be applied to the folder. The policy will be // merged with any existing policy applied to the folder. // // Changing this updates the policy. // // Deleting this removes all policies from the folder, locking out users without // folder-level access. PolicyData pulumi.StringPtrInput }
func (IAMPolicyState) ElementType ¶
func (IAMPolicyState) ElementType() reflect.Type
type IamAuditConfig ¶
type IamAuditConfig struct { pulumi.CustomResourceState // The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below. AuditLogConfigs IamAuditConfigAuditLogConfigArrayOutput `pulumi:"auditLogConfigs"` // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringOutput `pulumi:"etag"` // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringOutput `pulumi:"folder"` // Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are folder.IamAuditConfig resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted. Service pulumi.StringOutput `pulumi:"service"` }
Four different resources help you manage your IAM policy for a folder. Each of these resources serves a different use case:
* `folder.IAMPolicy`: Authoritative. Sets the IAM policy for the folder and replaces any existing policy already attached. * `folder.IAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the folder are preserved. * `folder.IAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the folder are preserved. * `folder.IamAuditConfig`: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.
> **Note:** `folder.IAMPolicy` **cannot** be used in conjunction with `folder.IAMBinding`, `folder.IAMMember`, or `folder.IamAuditConfig` or they will fight over what your policy should be.
> **Note:** `folder.IAMBinding` resources **can be** used in conjunction with `folder.IAMMember` resources **only if** they do not grant privilege to the same role.
> **Note:** The underlying API method `projects.setIamPolicy` has constraints which are documented [here](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy). In addition to these constraints,
IAM Conditions cannot be used with Basic Roles such as Owner. Violating these constraints will result in the API returning a 400 error code so please review these if you encounter errors with this resource.
## folder.IAMPolicy
!> **Be careful!** You can accidentally lock yourself out of your folder
using this resource. Deleting a `folder.IAMPolicy` removes access from anyone without permissions on its parent folder/organization. Proceed with caution. It's not recommended to use `folder.IAMPolicy` with your provider folder to avoid locking yourself out, and it should generally only be used with folders fully managed by this provider. If you do use this resource, it is recommended to **import** the policy before applying the change.
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ Bindings: []organizations.GetIAMPolicyBinding{ { Role: "roles/editor", Members: []string{ "user:jane@example.com", }, }, }, }, nil) if err != nil { return err } _, err = folder.NewIAMPolicy(ctx, "folder", &folder.IAMPolicyArgs{ Folder: pulumi.String("folders/1234567"), PolicyData: pulumi.String(admin.PolicyData), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ Bindings: []organizations.GetIAMPolicyBinding{ { Role: "roles/compute.admin", Members: []string{ "user:jane@example.com", }, Condition: { Title: "expires_after_2019_12_31", Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"), Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")", }, }, }, }, nil) if err != nil { return err } _, err = folder.NewIAMPolicy(ctx, "folder", &folder.IAMPolicyArgs{ Folder: pulumi.String("folders/1234567"), PolicyData: pulumi.String(admin.PolicyData), }) if err != nil { return err } return nil }) }
```
## folder.IAMBinding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/container.admin"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, Condition: &folder.IAMBindingConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IAMMember
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Member: pulumi.String("user:jane@example.com"), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/firebase.admin"), Member: pulumi.String("user:jane@example.com"), Condition: &folder.IAMMemberConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IamAuditConfig
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIamAuditConfig(ctx, "folder", &folder.IamAuditConfigArgs{ Folder: pulumi.String("folders/1234567"), Service: pulumi.String("allServices"), AuditLogConfigs: folder.IamAuditConfigAuditLogConfigArray{ &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("ADMIN_READ"), }, &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("DATA_READ"), ExemptedMembers: pulumi.StringArray{ pulumi.String("user:joebloggs@example.com"), }, }, }, }) if err != nil { return err } return nil }) }
```
## folder.IAMBinding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMBinding(ctx, "folder", &folder.IAMBindingArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/container.admin"), Members: pulumi.StringArray{ pulumi.String("user:jane@example.com"), }, Condition: &folder.IAMBindingConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IAMMember
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/editor"), Member: pulumi.String("user:jane@example.com"), }) if err != nil { return err } return nil }) }
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIAMMember(ctx, "folder", &folder.IAMMemberArgs{ Folder: pulumi.String("folders/1234567"), Role: pulumi.String("roles/firebase.admin"), Member: pulumi.String("user:jane@example.com"), Condition: &folder.IAMMemberConditionArgs{ Title: pulumi.String("expires_after_2019_12_31"), Description: pulumi.String("Expiring at midnight of 2019-12-31"), Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"), }, }) if err != nil { return err } return nil }) }
```
## folder.IamAuditConfig
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewIamAuditConfig(ctx, "folder", &folder.IamAuditConfigArgs{ Folder: pulumi.String("folders/1234567"), Service: pulumi.String("allServices"), AuditLogConfigs: folder.IamAuditConfigAuditLogConfigArray{ &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("ADMIN_READ"), }, &folder.IamAuditConfigAuditLogConfigArgs{ LogType: pulumi.String("DATA_READ"), ExemptedMembers: pulumi.StringArray{ pulumi.String("user:joebloggs@example.com"), }, }, }, }) if err != nil { return err } return nil }) }
```
## Import
### Importing Audit Configs
An audit config can be imported into a `google_folder_iam_audit_config` resource using the resource's `folder_id` and the `service`, e.g:
* `"folder/{{folder_id}} foo.googleapis.com"`
An `import` block (Terraform v1.5.0 and later) can be used to import audit configs:
tf
import {
id = "folder/{{folder_id}} foo.googleapis.com" to = google_folder_iam_audit_config.default
}
The `pulumi import` command can also be used:
```sh $ pulumi import gcp:folder/iamAuditConfig:IamAuditConfig default "folder/{{folder_id}} foo.googleapis.com" ```
func GetIamAuditConfig ¶
func GetIamAuditConfig(ctx *pulumi.Context, name string, id pulumi.IDInput, state *IamAuditConfigState, opts ...pulumi.ResourceOption) (*IamAuditConfig, error)
GetIamAuditConfig gets an existing IamAuditConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewIamAuditConfig ¶
func NewIamAuditConfig(ctx *pulumi.Context, name string, args *IamAuditConfigArgs, opts ...pulumi.ResourceOption) (*IamAuditConfig, error)
NewIamAuditConfig registers a new resource with the given unique name, arguments, and options.
func (*IamAuditConfig) ElementType ¶
func (*IamAuditConfig) ElementType() reflect.Type
func (*IamAuditConfig) ToIamAuditConfigOutput ¶
func (i *IamAuditConfig) ToIamAuditConfigOutput() IamAuditConfigOutput
func (*IamAuditConfig) ToIamAuditConfigOutputWithContext ¶
func (i *IamAuditConfig) ToIamAuditConfigOutputWithContext(ctx context.Context) IamAuditConfigOutput
type IamAuditConfigArgs ¶
type IamAuditConfigArgs struct { // The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below. AuditLogConfigs IamAuditConfigAuditLogConfigArrayInput // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringInput // Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are folder.IamAuditConfig resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted. Service pulumi.StringInput }
The set of arguments for constructing a IamAuditConfig resource.
func (IamAuditConfigArgs) ElementType ¶
func (IamAuditConfigArgs) ElementType() reflect.Type
type IamAuditConfigArray ¶
type IamAuditConfigArray []IamAuditConfigInput
func (IamAuditConfigArray) ElementType ¶
func (IamAuditConfigArray) ElementType() reflect.Type
func (IamAuditConfigArray) ToIamAuditConfigArrayOutput ¶
func (i IamAuditConfigArray) ToIamAuditConfigArrayOutput() IamAuditConfigArrayOutput
func (IamAuditConfigArray) ToIamAuditConfigArrayOutputWithContext ¶
func (i IamAuditConfigArray) ToIamAuditConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigArrayOutput
type IamAuditConfigArrayInput ¶
type IamAuditConfigArrayInput interface { pulumi.Input ToIamAuditConfigArrayOutput() IamAuditConfigArrayOutput ToIamAuditConfigArrayOutputWithContext(context.Context) IamAuditConfigArrayOutput }
IamAuditConfigArrayInput is an input type that accepts IamAuditConfigArray and IamAuditConfigArrayOutput values. You can construct a concrete instance of `IamAuditConfigArrayInput` via:
IamAuditConfigArray{ IamAuditConfigArgs{...} }
type IamAuditConfigArrayOutput ¶
type IamAuditConfigArrayOutput struct{ *pulumi.OutputState }
func (IamAuditConfigArrayOutput) ElementType ¶
func (IamAuditConfigArrayOutput) ElementType() reflect.Type
func (IamAuditConfigArrayOutput) Index ¶
func (o IamAuditConfigArrayOutput) Index(i pulumi.IntInput) IamAuditConfigOutput
func (IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutput ¶
func (o IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutput() IamAuditConfigArrayOutput
func (IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutputWithContext ¶
func (o IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigArrayOutput
type IamAuditConfigAuditLogConfig ¶
type IamAuditConfigAuditLogConfig struct { // Identities that do not cause logging for this type of permission. The format is the same as that for `members`. ExemptedMembers []string `pulumi:"exemptedMembers"` // Permission type for which logging is to be configured. Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`. LogType string `pulumi:"logType"` }
type IamAuditConfigAuditLogConfigArgs ¶
type IamAuditConfigAuditLogConfigArgs struct { // Identities that do not cause logging for this type of permission. The format is the same as that for `members`. ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"` // Permission type for which logging is to be configured. Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`. LogType pulumi.StringInput `pulumi:"logType"` }
func (IamAuditConfigAuditLogConfigArgs) ElementType ¶
func (IamAuditConfigAuditLogConfigArgs) ElementType() reflect.Type
func (IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutput ¶
func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput
func (IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutputWithContext ¶
func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput
type IamAuditConfigAuditLogConfigArray ¶
type IamAuditConfigAuditLogConfigArray []IamAuditConfigAuditLogConfigInput
func (IamAuditConfigAuditLogConfigArray) ElementType ¶
func (IamAuditConfigAuditLogConfigArray) ElementType() reflect.Type
func (IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutput ¶
func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput
func (IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutputWithContext ¶
func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput
type IamAuditConfigAuditLogConfigArrayInput ¶
type IamAuditConfigAuditLogConfigArrayInput interface { pulumi.Input ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput ToIamAuditConfigAuditLogConfigArrayOutputWithContext(context.Context) IamAuditConfigAuditLogConfigArrayOutput }
IamAuditConfigAuditLogConfigArrayInput is an input type that accepts IamAuditConfigAuditLogConfigArray and IamAuditConfigAuditLogConfigArrayOutput values. You can construct a concrete instance of `IamAuditConfigAuditLogConfigArrayInput` via:
IamAuditConfigAuditLogConfigArray{ IamAuditConfigAuditLogConfigArgs{...} }
type IamAuditConfigAuditLogConfigArrayOutput ¶
type IamAuditConfigAuditLogConfigArrayOutput struct{ *pulumi.OutputState }
func (IamAuditConfigAuditLogConfigArrayOutput) ElementType ¶
func (IamAuditConfigAuditLogConfigArrayOutput) ElementType() reflect.Type
func (IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutput ¶
func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput
func (IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutputWithContext ¶
func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput
type IamAuditConfigAuditLogConfigInput ¶
type IamAuditConfigAuditLogConfigInput interface { pulumi.Input ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput ToIamAuditConfigAuditLogConfigOutputWithContext(context.Context) IamAuditConfigAuditLogConfigOutput }
IamAuditConfigAuditLogConfigInput is an input type that accepts IamAuditConfigAuditLogConfigArgs and IamAuditConfigAuditLogConfigOutput values. You can construct a concrete instance of `IamAuditConfigAuditLogConfigInput` via:
IamAuditConfigAuditLogConfigArgs{...}
type IamAuditConfigAuditLogConfigOutput ¶
type IamAuditConfigAuditLogConfigOutput struct{ *pulumi.OutputState }
func (IamAuditConfigAuditLogConfigOutput) ElementType ¶
func (IamAuditConfigAuditLogConfigOutput) ElementType() reflect.Type
func (IamAuditConfigAuditLogConfigOutput) ExemptedMembers ¶
func (o IamAuditConfigAuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput
Identities that do not cause logging for this type of permission. The format is the same as that for `members`.
func (IamAuditConfigAuditLogConfigOutput) LogType ¶
func (o IamAuditConfigAuditLogConfigOutput) LogType() pulumi.StringOutput
Permission type for which logging is to be configured. Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`.
func (IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutput ¶
func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput
func (IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutputWithContext ¶
func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput
type IamAuditConfigInput ¶
type IamAuditConfigInput interface { pulumi.Input ToIamAuditConfigOutput() IamAuditConfigOutput ToIamAuditConfigOutputWithContext(ctx context.Context) IamAuditConfigOutput }
type IamAuditConfigMap ¶
type IamAuditConfigMap map[string]IamAuditConfigInput
func (IamAuditConfigMap) ElementType ¶
func (IamAuditConfigMap) ElementType() reflect.Type
func (IamAuditConfigMap) ToIamAuditConfigMapOutput ¶
func (i IamAuditConfigMap) ToIamAuditConfigMapOutput() IamAuditConfigMapOutput
func (IamAuditConfigMap) ToIamAuditConfigMapOutputWithContext ¶
func (i IamAuditConfigMap) ToIamAuditConfigMapOutputWithContext(ctx context.Context) IamAuditConfigMapOutput
type IamAuditConfigMapInput ¶
type IamAuditConfigMapInput interface { pulumi.Input ToIamAuditConfigMapOutput() IamAuditConfigMapOutput ToIamAuditConfigMapOutputWithContext(context.Context) IamAuditConfigMapOutput }
IamAuditConfigMapInput is an input type that accepts IamAuditConfigMap and IamAuditConfigMapOutput values. You can construct a concrete instance of `IamAuditConfigMapInput` via:
IamAuditConfigMap{ "key": IamAuditConfigArgs{...} }
type IamAuditConfigMapOutput ¶
type IamAuditConfigMapOutput struct{ *pulumi.OutputState }
func (IamAuditConfigMapOutput) ElementType ¶
func (IamAuditConfigMapOutput) ElementType() reflect.Type
func (IamAuditConfigMapOutput) MapIndex ¶
func (o IamAuditConfigMapOutput) MapIndex(k pulumi.StringInput) IamAuditConfigOutput
func (IamAuditConfigMapOutput) ToIamAuditConfigMapOutput ¶
func (o IamAuditConfigMapOutput) ToIamAuditConfigMapOutput() IamAuditConfigMapOutput
func (IamAuditConfigMapOutput) ToIamAuditConfigMapOutputWithContext ¶
func (o IamAuditConfigMapOutput) ToIamAuditConfigMapOutputWithContext(ctx context.Context) IamAuditConfigMapOutput
type IamAuditConfigOutput ¶
type IamAuditConfigOutput struct{ *pulumi.OutputState }
func (IamAuditConfigOutput) AuditLogConfigs ¶
func (o IamAuditConfigOutput) AuditLogConfigs() IamAuditConfigAuditLogConfigArrayOutput
The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below.
func (IamAuditConfigOutput) ElementType ¶
func (IamAuditConfigOutput) ElementType() reflect.Type
func (IamAuditConfigOutput) Etag ¶
func (o IamAuditConfigOutput) Etag() pulumi.StringOutput
(Computed) The etag of the folder's IAM policy.
func (IamAuditConfigOutput) Folder ¶
func (o IamAuditConfigOutput) Folder() pulumi.StringOutput
The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
func (IamAuditConfigOutput) Service ¶
func (o IamAuditConfigOutput) Service() pulumi.StringOutput
Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are folder.IamAuditConfig resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
func (IamAuditConfigOutput) ToIamAuditConfigOutput ¶
func (o IamAuditConfigOutput) ToIamAuditConfigOutput() IamAuditConfigOutput
func (IamAuditConfigOutput) ToIamAuditConfigOutputWithContext ¶
func (o IamAuditConfigOutput) ToIamAuditConfigOutputWithContext(ctx context.Context) IamAuditConfigOutput
type IamAuditConfigState ¶
type IamAuditConfigState struct { // The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below. AuditLogConfigs IamAuditConfigAuditLogConfigArrayInput // (Computed) The etag of the folder's IAM policy. Etag pulumi.StringPtrInput // The resource name of the folder the policy is attached to. Its format is folders/{folder_id}. Folder pulumi.StringPtrInput // Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are folder.IamAuditConfig resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted. Service pulumi.StringPtrInput }
func (IamAuditConfigState) ElementType ¶
func (IamAuditConfigState) ElementType() reflect.Type
type LookupOrganizationPolicyArgs ¶
type LookupOrganizationPolicyArgs struct { // (Required) The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints). Constraint string `pulumi:"constraint"` // The resource name of the folder to set the policy for. Its format is folders/{folder_id}. Folder string `pulumi:"folder"` }
A collection of arguments for invoking getOrganizationPolicy.
type LookupOrganizationPolicyOutputArgs ¶
type LookupOrganizationPolicyOutputArgs struct { // (Required) The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints). Constraint pulumi.StringInput `pulumi:"constraint"` // The resource name of the folder to set the policy for. Its format is folders/{folder_id}. Folder pulumi.StringInput `pulumi:"folder"` }
A collection of arguments for invoking getOrganizationPolicy.
func (LookupOrganizationPolicyOutputArgs) ElementType ¶
func (LookupOrganizationPolicyOutputArgs) ElementType() reflect.Type
type LookupOrganizationPolicyResult ¶
type LookupOrganizationPolicyResult struct { BooleanPolicies []GetOrganizationPolicyBooleanPolicy `pulumi:"booleanPolicies"` Constraint string `pulumi:"constraint"` Etag string `pulumi:"etag"` Folder string `pulumi:"folder"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` ListPolicies []GetOrganizationPolicyListPolicy `pulumi:"listPolicies"` RestorePolicies []GetOrganizationPolicyRestorePolicy `pulumi:"restorePolicies"` UpdateTime string `pulumi:"updateTime"` Version int `pulumi:"version"` }
A collection of values returned by getOrganizationPolicy.
func LookupOrganizationPolicy ¶
func LookupOrganizationPolicy(ctx *pulumi.Context, args *LookupOrganizationPolicyArgs, opts ...pulumi.InvokeOption) (*LookupOrganizationPolicyResult, error)
Allows management of Organization policies for a Google Folder. For more information see [the official documentation](https://cloud.google.com/resource-manager/docs/organization-policy/overview)
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { policy, err := folder.LookupOrganizationPolicy(ctx, &folder.LookupOrganizationPolicyArgs{ Folder: "folders/folderid", Constraint: "constraints/compute.trustedImageProjects", }, nil) if err != nil { return err } ctx.Export("version", policy.Version) return nil }) }
```
type LookupOrganizationPolicyResultOutput ¶
type LookupOrganizationPolicyResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getOrganizationPolicy.
func LookupOrganizationPolicyOutput ¶
func LookupOrganizationPolicyOutput(ctx *pulumi.Context, args LookupOrganizationPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupOrganizationPolicyResultOutput
func (LookupOrganizationPolicyResultOutput) BooleanPolicies ¶
func (o LookupOrganizationPolicyResultOutput) BooleanPolicies() GetOrganizationPolicyBooleanPolicyArrayOutput
func (LookupOrganizationPolicyResultOutput) Constraint ¶
func (o LookupOrganizationPolicyResultOutput) Constraint() pulumi.StringOutput
func (LookupOrganizationPolicyResultOutput) ElementType ¶
func (LookupOrganizationPolicyResultOutput) ElementType() reflect.Type
func (LookupOrganizationPolicyResultOutput) Etag ¶
func (o LookupOrganizationPolicyResultOutput) Etag() pulumi.StringOutput
func (LookupOrganizationPolicyResultOutput) Folder ¶
func (o LookupOrganizationPolicyResultOutput) Folder() pulumi.StringOutput
func (LookupOrganizationPolicyResultOutput) Id ¶
func (o LookupOrganizationPolicyResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupOrganizationPolicyResultOutput) ListPolicies ¶
func (o LookupOrganizationPolicyResultOutput) ListPolicies() GetOrganizationPolicyListPolicyArrayOutput
func (LookupOrganizationPolicyResultOutput) RestorePolicies ¶
func (o LookupOrganizationPolicyResultOutput) RestorePolicies() GetOrganizationPolicyRestorePolicyArrayOutput
func (LookupOrganizationPolicyResultOutput) ToLookupOrganizationPolicyResultOutput ¶
func (o LookupOrganizationPolicyResultOutput) ToLookupOrganizationPolicyResultOutput() LookupOrganizationPolicyResultOutput
func (LookupOrganizationPolicyResultOutput) ToLookupOrganizationPolicyResultOutputWithContext ¶
func (o LookupOrganizationPolicyResultOutput) ToLookupOrganizationPolicyResultOutputWithContext(ctx context.Context) LookupOrganizationPolicyResultOutput
func (LookupOrganizationPolicyResultOutput) UpdateTime ¶
func (o LookupOrganizationPolicyResultOutput) UpdateTime() pulumi.StringOutput
func (LookupOrganizationPolicyResultOutput) Version ¶
func (o LookupOrganizationPolicyResultOutput) Version() pulumi.IntOutput
type OrganizationPolicy ¶
type OrganizationPolicy struct { pulumi.CustomResourceState // A boolean policy is a constraint that is either enforced or not. Structure is documented below. BooleanPolicy OrganizationPolicyBooleanPolicyPtrOutput `pulumi:"booleanPolicy"` // The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints). // // *** Constraint pulumi.StringOutput `pulumi:"constraint"` // (Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. Etag pulumi.StringOutput `pulumi:"etag"` // The resource name of the folder to set the policy for. Its format is folders/{folder_id}. Folder pulumi.StringOutput `pulumi:"folder"` // A policy that can define specific values that are allowed or denied for the given constraint. It // can also be used to allow or deny all values. Structure is documented below. ListPolicy OrganizationPolicyListPolicyPtrOutput `pulumi:"listPolicy"` // A restore policy is a constraint to restore the default policy. Structure is documented below. // // > **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will // effectively be unset. This is represented in the UI as the constraint being 'Inherited'. // // *** RestorePolicy OrganizationPolicyRestorePolicyPtrOutput `pulumi:"restorePolicy"` // (Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z". UpdateTime pulumi.StringOutput `pulumi:"updateTime"` // Version of the Policy. Default version is 0. Version pulumi.IntOutput `pulumi:"version"` }
Allows management of Organization Policies for a Google Cloud Folder.
> **Warning:** This resource has been superseded by `orgpolicy.Policy`. `orgpolicy.Policy` uses Organization Policy API V2 instead of Cloud Resource Manager API V1 and it supports additional features such as tags and conditions.
To get more information about Organization Policies, see:
* [API documentation](https://cloud.google.com/resource-manager/reference/rest/v1/folders/setOrgPolicy) * How-to Guides
- [Introduction to the Organization Policy Service](https://cloud.google.com/resource-manager/docs/organization-policy/overview)
## Example Usage
To set policy with a [boolean constraint](https://cloud.google.com/resource-manager/docs/organization-policy/quickstart-boolean-constraints):
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewOrganizationPolicy(ctx, "serial_port_policy", &folder.OrganizationPolicyArgs{ Folder: pulumi.String("folders/123456789"), Constraint: pulumi.String("compute.disableSerialPortAccess"), BooleanPolicy: &folder.OrganizationPolicyBooleanPolicyArgs{ Enforced: pulumi.Bool(true), }, }) if err != nil { return err } return nil }) }
```
To set a policy with a [list constraint](https://cloud.google.com/resource-manager/docs/organization-policy/quickstart-list-constraints):
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewOrganizationPolicy(ctx, "services_policy", &folder.OrganizationPolicyArgs{ Folder: pulumi.String("folders/123456789"), Constraint: pulumi.String("serviceuser.services"), ListPolicy: &folder.OrganizationPolicyListPolicyArgs{ Allow: &folder.OrganizationPolicyListPolicyAllowArgs{ All: pulumi.Bool(true), }, }, }) if err != nil { return err } return nil }) }
```
Or to deny some services, use the following instead:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewOrganizationPolicy(ctx, "services_policy", &folder.OrganizationPolicyArgs{ Folder: pulumi.String("folders/123456789"), Constraint: pulumi.String("serviceuser.services"), ListPolicy: &folder.OrganizationPolicyListPolicyArgs{ SuggestedValue: pulumi.String("compute.googleapis.com"), Deny: &folder.OrganizationPolicyListPolicyDenyArgs{ Values: pulumi.StringArray{ pulumi.String("cloudresourcemanager.googleapis.com"), }, }, }, }) if err != nil { return err } return nil }) }
```
To restore the default folder organization policy, use the following instead:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/folder" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := folder.NewOrganizationPolicy(ctx, "services_policy", &folder.OrganizationPolicyArgs{ Folder: pulumi.String("folders/123456789"), Constraint: pulumi.String("serviceuser.services"), RestorePolicy: &folder.OrganizationPolicyRestorePolicyArgs{ Default: pulumi.Bool(true), }, }) if err != nil { return err } return nil }) }
```
## Import
Folder organization policies can be imported using any of the follow formats:
* `folders/{{folder_id}}/constraints/serviceuser.services`
* `{{folder_id}}/serviceuser.services`
When using the `pulumi import` command, folder organization policies can be imported using one of the formats above. For example:
```sh $ pulumi import gcp:folder/organizationPolicy:OrganizationPolicy * `google_folder_organization_policy.default folders/* “{{folder_id}}/constraints/serviceuser.services` ```
```sh $ pulumi import gcp:folder/organizationPolicy:OrganizationPolicy * `* `google_folder_organization_policy.default {{folder_id}}/“serviceuser.services ```
func GetOrganizationPolicy ¶
func GetOrganizationPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OrganizationPolicyState, opts ...pulumi.ResourceOption) (*OrganizationPolicy, error)
GetOrganizationPolicy gets an existing OrganizationPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOrganizationPolicy ¶
func NewOrganizationPolicy(ctx *pulumi.Context, name string, args *OrganizationPolicyArgs, opts ...pulumi.ResourceOption) (*OrganizationPolicy, error)
NewOrganizationPolicy registers a new resource with the given unique name, arguments, and options.
func (*OrganizationPolicy) ElementType ¶
func (*OrganizationPolicy) ElementType() reflect.Type
func (*OrganizationPolicy) ToOrganizationPolicyOutput ¶
func (i *OrganizationPolicy) ToOrganizationPolicyOutput() OrganizationPolicyOutput
func (*OrganizationPolicy) ToOrganizationPolicyOutputWithContext ¶
func (i *OrganizationPolicy) ToOrganizationPolicyOutputWithContext(ctx context.Context) OrganizationPolicyOutput
type OrganizationPolicyArgs ¶
type OrganizationPolicyArgs struct { // A boolean policy is a constraint that is either enforced or not. Structure is documented below. BooleanPolicy OrganizationPolicyBooleanPolicyPtrInput // The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints). // // *** Constraint pulumi.StringInput // The resource name of the folder to set the policy for. Its format is folders/{folder_id}. Folder pulumi.StringInput // A policy that can define specific values that are allowed or denied for the given constraint. It // can also be used to allow or deny all values. Structure is documented below. ListPolicy OrganizationPolicyListPolicyPtrInput // A restore policy is a constraint to restore the default policy. Structure is documented below. // // > **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will // effectively be unset. This is represented in the UI as the constraint being 'Inherited'. // // *** RestorePolicy OrganizationPolicyRestorePolicyPtrInput // Version of the Policy. Default version is 0. Version pulumi.IntPtrInput }
The set of arguments for constructing a OrganizationPolicy resource.
func (OrganizationPolicyArgs) ElementType ¶
func (OrganizationPolicyArgs) ElementType() reflect.Type
type OrganizationPolicyArray ¶
type OrganizationPolicyArray []OrganizationPolicyInput
func (OrganizationPolicyArray) ElementType ¶
func (OrganizationPolicyArray) ElementType() reflect.Type
func (OrganizationPolicyArray) ToOrganizationPolicyArrayOutput ¶
func (i OrganizationPolicyArray) ToOrganizationPolicyArrayOutput() OrganizationPolicyArrayOutput
func (OrganizationPolicyArray) ToOrganizationPolicyArrayOutputWithContext ¶
func (i OrganizationPolicyArray) ToOrganizationPolicyArrayOutputWithContext(ctx context.Context) OrganizationPolicyArrayOutput
type OrganizationPolicyArrayInput ¶
type OrganizationPolicyArrayInput interface { pulumi.Input ToOrganizationPolicyArrayOutput() OrganizationPolicyArrayOutput ToOrganizationPolicyArrayOutputWithContext(context.Context) OrganizationPolicyArrayOutput }
OrganizationPolicyArrayInput is an input type that accepts OrganizationPolicyArray and OrganizationPolicyArrayOutput values. You can construct a concrete instance of `OrganizationPolicyArrayInput` via:
OrganizationPolicyArray{ OrganizationPolicyArgs{...} }
type OrganizationPolicyArrayOutput ¶
type OrganizationPolicyArrayOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyArrayOutput) ElementType ¶
func (OrganizationPolicyArrayOutput) ElementType() reflect.Type
func (OrganizationPolicyArrayOutput) Index ¶
func (o OrganizationPolicyArrayOutput) Index(i pulumi.IntInput) OrganizationPolicyOutput
func (OrganizationPolicyArrayOutput) ToOrganizationPolicyArrayOutput ¶
func (o OrganizationPolicyArrayOutput) ToOrganizationPolicyArrayOutput() OrganizationPolicyArrayOutput
func (OrganizationPolicyArrayOutput) ToOrganizationPolicyArrayOutputWithContext ¶
func (o OrganizationPolicyArrayOutput) ToOrganizationPolicyArrayOutputWithContext(ctx context.Context) OrganizationPolicyArrayOutput
type OrganizationPolicyBooleanPolicy ¶
type OrganizationPolicyBooleanPolicy struct { // If true, then the Policy is enforced. If false, then any configuration is acceptable. Enforced bool `pulumi:"enforced"` }
type OrganizationPolicyBooleanPolicyArgs ¶
type OrganizationPolicyBooleanPolicyArgs struct { // If true, then the Policy is enforced. If false, then any configuration is acceptable. Enforced pulumi.BoolInput `pulumi:"enforced"` }
func (OrganizationPolicyBooleanPolicyArgs) ElementType ¶
func (OrganizationPolicyBooleanPolicyArgs) ElementType() reflect.Type
func (OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyOutput ¶
func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyOutput() OrganizationPolicyBooleanPolicyOutput
func (OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyOutputWithContext ¶
func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyOutput
func (OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyPtrOutput ¶
func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyPtrOutput() OrganizationPolicyBooleanPolicyPtrOutput
func (OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext ¶
func (i OrganizationPolicyBooleanPolicyArgs) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyPtrOutput
type OrganizationPolicyBooleanPolicyInput ¶
type OrganizationPolicyBooleanPolicyInput interface { pulumi.Input ToOrganizationPolicyBooleanPolicyOutput() OrganizationPolicyBooleanPolicyOutput ToOrganizationPolicyBooleanPolicyOutputWithContext(context.Context) OrganizationPolicyBooleanPolicyOutput }
OrganizationPolicyBooleanPolicyInput is an input type that accepts OrganizationPolicyBooleanPolicyArgs and OrganizationPolicyBooleanPolicyOutput values. You can construct a concrete instance of `OrganizationPolicyBooleanPolicyInput` via:
OrganizationPolicyBooleanPolicyArgs{...}
type OrganizationPolicyBooleanPolicyOutput ¶
type OrganizationPolicyBooleanPolicyOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyBooleanPolicyOutput) ElementType ¶
func (OrganizationPolicyBooleanPolicyOutput) ElementType() reflect.Type
func (OrganizationPolicyBooleanPolicyOutput) Enforced ¶
func (o OrganizationPolicyBooleanPolicyOutput) Enforced() pulumi.BoolOutput
If true, then the Policy is enforced. If false, then any configuration is acceptable.
func (OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyOutput ¶
func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyOutput() OrganizationPolicyBooleanPolicyOutput
func (OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyOutputWithContext ¶
func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyOutput
func (OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyPtrOutput ¶
func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyPtrOutput() OrganizationPolicyBooleanPolicyPtrOutput
func (OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext ¶
func (o OrganizationPolicyBooleanPolicyOutput) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyPtrOutput
type OrganizationPolicyBooleanPolicyPtrInput ¶
type OrganizationPolicyBooleanPolicyPtrInput interface { pulumi.Input ToOrganizationPolicyBooleanPolicyPtrOutput() OrganizationPolicyBooleanPolicyPtrOutput ToOrganizationPolicyBooleanPolicyPtrOutputWithContext(context.Context) OrganizationPolicyBooleanPolicyPtrOutput }
OrganizationPolicyBooleanPolicyPtrInput is an input type that accepts OrganizationPolicyBooleanPolicyArgs, OrganizationPolicyBooleanPolicyPtr and OrganizationPolicyBooleanPolicyPtrOutput values. You can construct a concrete instance of `OrganizationPolicyBooleanPolicyPtrInput` via:
OrganizationPolicyBooleanPolicyArgs{...} or: nil
func OrganizationPolicyBooleanPolicyPtr ¶
func OrganizationPolicyBooleanPolicyPtr(v *OrganizationPolicyBooleanPolicyArgs) OrganizationPolicyBooleanPolicyPtrInput
type OrganizationPolicyBooleanPolicyPtrOutput ¶
type OrganizationPolicyBooleanPolicyPtrOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyBooleanPolicyPtrOutput) ElementType ¶
func (OrganizationPolicyBooleanPolicyPtrOutput) ElementType() reflect.Type
func (OrganizationPolicyBooleanPolicyPtrOutput) Enforced ¶
func (o OrganizationPolicyBooleanPolicyPtrOutput) Enforced() pulumi.BoolPtrOutput
If true, then the Policy is enforced. If false, then any configuration is acceptable.
func (OrganizationPolicyBooleanPolicyPtrOutput) ToOrganizationPolicyBooleanPolicyPtrOutput ¶
func (o OrganizationPolicyBooleanPolicyPtrOutput) ToOrganizationPolicyBooleanPolicyPtrOutput() OrganizationPolicyBooleanPolicyPtrOutput
func (OrganizationPolicyBooleanPolicyPtrOutput) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext ¶
func (o OrganizationPolicyBooleanPolicyPtrOutput) ToOrganizationPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyBooleanPolicyPtrOutput
type OrganizationPolicyInput ¶
type OrganizationPolicyInput interface { pulumi.Input ToOrganizationPolicyOutput() OrganizationPolicyOutput ToOrganizationPolicyOutputWithContext(ctx context.Context) OrganizationPolicyOutput }
type OrganizationPolicyListPolicy ¶
type OrganizationPolicyListPolicy struct { // or `deny` - (Optional) One or the other must be set. Allow *OrganizationPolicyListPolicyAllow `pulumi:"allow"` // One or the other must be set. Deny *OrganizationPolicyListPolicyDeny `pulumi:"deny"` // If set to true, the values from the effective Policy of the parent resource // are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. // // The `allow` or `deny` blocks support: InheritFromParent *bool `pulumi:"inheritFromParent"` // The Google Cloud Console will try to default to a configuration that matches the value specified in this field. SuggestedValue *string `pulumi:"suggestedValue"` }
type OrganizationPolicyListPolicyAllowArgs ¶
type OrganizationPolicyListPolicyAllowArgs struct { // The policy allows or denies all values. All pulumi.BoolPtrInput `pulumi:"all"` // The policy can define specific values that are allowed or denied. Values pulumi.StringArrayInput `pulumi:"values"` }
func (OrganizationPolicyListPolicyAllowArgs) ElementType ¶
func (OrganizationPolicyListPolicyAllowArgs) ElementType() reflect.Type
func (OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowOutput ¶
func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowOutput() OrganizationPolicyListPolicyAllowOutput
func (OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowOutputWithContext ¶
func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowOutput
func (OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowPtrOutput ¶
func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowPtrOutput() OrganizationPolicyListPolicyAllowPtrOutput
func (OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext ¶
func (i OrganizationPolicyListPolicyAllowArgs) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowPtrOutput
type OrganizationPolicyListPolicyAllowInput ¶
type OrganizationPolicyListPolicyAllowInput interface { pulumi.Input ToOrganizationPolicyListPolicyAllowOutput() OrganizationPolicyListPolicyAllowOutput ToOrganizationPolicyListPolicyAllowOutputWithContext(context.Context) OrganizationPolicyListPolicyAllowOutput }
OrganizationPolicyListPolicyAllowInput is an input type that accepts OrganizationPolicyListPolicyAllowArgs and OrganizationPolicyListPolicyAllowOutput values. You can construct a concrete instance of `OrganizationPolicyListPolicyAllowInput` via:
OrganizationPolicyListPolicyAllowArgs{...}
type OrganizationPolicyListPolicyAllowOutput ¶
type OrganizationPolicyListPolicyAllowOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyListPolicyAllowOutput) All ¶
func (o OrganizationPolicyListPolicyAllowOutput) All() pulumi.BoolPtrOutput
The policy allows or denies all values.
func (OrganizationPolicyListPolicyAllowOutput) ElementType ¶
func (OrganizationPolicyListPolicyAllowOutput) ElementType() reflect.Type
func (OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowOutput ¶
func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowOutput() OrganizationPolicyListPolicyAllowOutput
func (OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowOutputWithContext ¶
func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowOutput
func (OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowPtrOutput ¶
func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowPtrOutput() OrganizationPolicyListPolicyAllowPtrOutput
func (OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext ¶
func (o OrganizationPolicyListPolicyAllowOutput) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowPtrOutput
func (OrganizationPolicyListPolicyAllowOutput) Values ¶
func (o OrganizationPolicyListPolicyAllowOutput) Values() pulumi.StringArrayOutput
The policy can define specific values that are allowed or denied.
type OrganizationPolicyListPolicyAllowPtrInput ¶
type OrganizationPolicyListPolicyAllowPtrInput interface { pulumi.Input ToOrganizationPolicyListPolicyAllowPtrOutput() OrganizationPolicyListPolicyAllowPtrOutput ToOrganizationPolicyListPolicyAllowPtrOutputWithContext(context.Context) OrganizationPolicyListPolicyAllowPtrOutput }
OrganizationPolicyListPolicyAllowPtrInput is an input type that accepts OrganizationPolicyListPolicyAllowArgs, OrganizationPolicyListPolicyAllowPtr and OrganizationPolicyListPolicyAllowPtrOutput values. You can construct a concrete instance of `OrganizationPolicyListPolicyAllowPtrInput` via:
OrganizationPolicyListPolicyAllowArgs{...} or: nil
func OrganizationPolicyListPolicyAllowPtr ¶
func OrganizationPolicyListPolicyAllowPtr(v *OrganizationPolicyListPolicyAllowArgs) OrganizationPolicyListPolicyAllowPtrInput
type OrganizationPolicyListPolicyAllowPtrOutput ¶
type OrganizationPolicyListPolicyAllowPtrOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyListPolicyAllowPtrOutput) All ¶
func (o OrganizationPolicyListPolicyAllowPtrOutput) All() pulumi.BoolPtrOutput
The policy allows or denies all values.
func (OrganizationPolicyListPolicyAllowPtrOutput) ElementType ¶
func (OrganizationPolicyListPolicyAllowPtrOutput) ElementType() reflect.Type
func (OrganizationPolicyListPolicyAllowPtrOutput) ToOrganizationPolicyListPolicyAllowPtrOutput ¶
func (o OrganizationPolicyListPolicyAllowPtrOutput) ToOrganizationPolicyListPolicyAllowPtrOutput() OrganizationPolicyListPolicyAllowPtrOutput
func (OrganizationPolicyListPolicyAllowPtrOutput) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext ¶
func (o OrganizationPolicyListPolicyAllowPtrOutput) ToOrganizationPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyAllowPtrOutput
func (OrganizationPolicyListPolicyAllowPtrOutput) Values ¶
func (o OrganizationPolicyListPolicyAllowPtrOutput) Values() pulumi.StringArrayOutput
The policy can define specific values that are allowed or denied.
type OrganizationPolicyListPolicyArgs ¶
type OrganizationPolicyListPolicyArgs struct { // or `deny` - (Optional) One or the other must be set. Allow OrganizationPolicyListPolicyAllowPtrInput `pulumi:"allow"` // One or the other must be set. Deny OrganizationPolicyListPolicyDenyPtrInput `pulumi:"deny"` // If set to true, the values from the effective Policy of the parent resource // are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy. // // The `allow` or `deny` blocks support: InheritFromParent pulumi.BoolPtrInput `pulumi:"inheritFromParent"` // The Google Cloud Console will try to default to a configuration that matches the value specified in this field. SuggestedValue pulumi.StringPtrInput `pulumi:"suggestedValue"` }
func (OrganizationPolicyListPolicyArgs) ElementType ¶
func (OrganizationPolicyListPolicyArgs) ElementType() reflect.Type
func (OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyOutput ¶
func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyOutput() OrganizationPolicyListPolicyOutput
func (OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyOutputWithContext ¶
func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyOutput
func (OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyPtrOutput ¶
func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyPtrOutput() OrganizationPolicyListPolicyPtrOutput
func (OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyPtrOutputWithContext ¶
func (i OrganizationPolicyListPolicyArgs) ToOrganizationPolicyListPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyPtrOutput
type OrganizationPolicyListPolicyDenyArgs ¶
type OrganizationPolicyListPolicyDenyArgs struct { // The policy allows or denies all values. All pulumi.BoolPtrInput `pulumi:"all"` // The policy can define specific values that are allowed or denied. Values pulumi.StringArrayInput `pulumi:"values"` }
func (OrganizationPolicyListPolicyDenyArgs) ElementType ¶
func (OrganizationPolicyListPolicyDenyArgs) ElementType() reflect.Type
func (OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyOutput ¶
func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyOutput() OrganizationPolicyListPolicyDenyOutput
func (OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyOutputWithContext ¶
func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyOutput
func (OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyPtrOutput ¶
func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyPtrOutput() OrganizationPolicyListPolicyDenyPtrOutput
func (OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext ¶
func (i OrganizationPolicyListPolicyDenyArgs) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyPtrOutput
type OrganizationPolicyListPolicyDenyInput ¶
type OrganizationPolicyListPolicyDenyInput interface { pulumi.Input ToOrganizationPolicyListPolicyDenyOutput() OrganizationPolicyListPolicyDenyOutput ToOrganizationPolicyListPolicyDenyOutputWithContext(context.Context) OrganizationPolicyListPolicyDenyOutput }
OrganizationPolicyListPolicyDenyInput is an input type that accepts OrganizationPolicyListPolicyDenyArgs and OrganizationPolicyListPolicyDenyOutput values. You can construct a concrete instance of `OrganizationPolicyListPolicyDenyInput` via:
OrganizationPolicyListPolicyDenyArgs{...}
type OrganizationPolicyListPolicyDenyOutput ¶
type OrganizationPolicyListPolicyDenyOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyListPolicyDenyOutput) All ¶
func (o OrganizationPolicyListPolicyDenyOutput) All() pulumi.BoolPtrOutput
The policy allows or denies all values.
func (OrganizationPolicyListPolicyDenyOutput) ElementType ¶
func (OrganizationPolicyListPolicyDenyOutput) ElementType() reflect.Type
func (OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyOutput ¶
func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyOutput() OrganizationPolicyListPolicyDenyOutput
func (OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyOutputWithContext ¶
func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyOutput
func (OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyPtrOutput ¶
func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyPtrOutput() OrganizationPolicyListPolicyDenyPtrOutput
func (OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext ¶
func (o OrganizationPolicyListPolicyDenyOutput) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyPtrOutput
func (OrganizationPolicyListPolicyDenyOutput) Values ¶
func (o OrganizationPolicyListPolicyDenyOutput) Values() pulumi.StringArrayOutput
The policy can define specific values that are allowed or denied.
type OrganizationPolicyListPolicyDenyPtrInput ¶
type OrganizationPolicyListPolicyDenyPtrInput interface { pulumi.Input ToOrganizationPolicyListPolicyDenyPtrOutput() OrganizationPolicyListPolicyDenyPtrOutput ToOrganizationPolicyListPolicyDenyPtrOutputWithContext(context.Context) OrganizationPolicyListPolicyDenyPtrOutput }
OrganizationPolicyListPolicyDenyPtrInput is an input type that accepts OrganizationPolicyListPolicyDenyArgs, OrganizationPolicyListPolicyDenyPtr and OrganizationPolicyListPolicyDenyPtrOutput values. You can construct a concrete instance of `OrganizationPolicyListPolicyDenyPtrInput` via:
OrganizationPolicyListPolicyDenyArgs{...} or: nil
func OrganizationPolicyListPolicyDenyPtr ¶
func OrganizationPolicyListPolicyDenyPtr(v *OrganizationPolicyListPolicyDenyArgs) OrganizationPolicyListPolicyDenyPtrInput
type OrganizationPolicyListPolicyDenyPtrOutput ¶
type OrganizationPolicyListPolicyDenyPtrOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyListPolicyDenyPtrOutput) All ¶
func (o OrganizationPolicyListPolicyDenyPtrOutput) All() pulumi.BoolPtrOutput
The policy allows or denies all values.
func (OrganizationPolicyListPolicyDenyPtrOutput) ElementType ¶
func (OrganizationPolicyListPolicyDenyPtrOutput) ElementType() reflect.Type
func (OrganizationPolicyListPolicyDenyPtrOutput) ToOrganizationPolicyListPolicyDenyPtrOutput ¶
func (o OrganizationPolicyListPolicyDenyPtrOutput) ToOrganizationPolicyListPolicyDenyPtrOutput() OrganizationPolicyListPolicyDenyPtrOutput
func (OrganizationPolicyListPolicyDenyPtrOutput) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext ¶
func (o OrganizationPolicyListPolicyDenyPtrOutput) ToOrganizationPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyDenyPtrOutput
func (OrganizationPolicyListPolicyDenyPtrOutput) Values ¶
func (o OrganizationPolicyListPolicyDenyPtrOutput) Values() pulumi.StringArrayOutput
The policy can define specific values that are allowed or denied.
type OrganizationPolicyListPolicyInput ¶
type OrganizationPolicyListPolicyInput interface { pulumi.Input ToOrganizationPolicyListPolicyOutput() OrganizationPolicyListPolicyOutput ToOrganizationPolicyListPolicyOutputWithContext(context.Context) OrganizationPolicyListPolicyOutput }
OrganizationPolicyListPolicyInput is an input type that accepts OrganizationPolicyListPolicyArgs and OrganizationPolicyListPolicyOutput values. You can construct a concrete instance of `OrganizationPolicyListPolicyInput` via:
OrganizationPolicyListPolicyArgs{...}
type OrganizationPolicyListPolicyOutput ¶
type OrganizationPolicyListPolicyOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyListPolicyOutput) Allow ¶
or `deny` - (Optional) One or the other must be set.
func (OrganizationPolicyListPolicyOutput) ElementType ¶
func (OrganizationPolicyListPolicyOutput) ElementType() reflect.Type
func (OrganizationPolicyListPolicyOutput) InheritFromParent ¶
func (o OrganizationPolicyListPolicyOutput) InheritFromParent() pulumi.BoolPtrOutput
If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
The `allow` or `deny` blocks support:
func (OrganizationPolicyListPolicyOutput) SuggestedValue ¶
func (o OrganizationPolicyListPolicyOutput) SuggestedValue() pulumi.StringPtrOutput
The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
func (OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyOutput ¶
func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyOutput() OrganizationPolicyListPolicyOutput
func (OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyOutputWithContext ¶
func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyOutput
func (OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyPtrOutput ¶
func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyPtrOutput() OrganizationPolicyListPolicyPtrOutput
func (OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyPtrOutputWithContext ¶
func (o OrganizationPolicyListPolicyOutput) ToOrganizationPolicyListPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyPtrOutput
type OrganizationPolicyListPolicyPtrInput ¶
type OrganizationPolicyListPolicyPtrInput interface { pulumi.Input ToOrganizationPolicyListPolicyPtrOutput() OrganizationPolicyListPolicyPtrOutput ToOrganizationPolicyListPolicyPtrOutputWithContext(context.Context) OrganizationPolicyListPolicyPtrOutput }
OrganizationPolicyListPolicyPtrInput is an input type that accepts OrganizationPolicyListPolicyArgs, OrganizationPolicyListPolicyPtr and OrganizationPolicyListPolicyPtrOutput values. You can construct a concrete instance of `OrganizationPolicyListPolicyPtrInput` via:
OrganizationPolicyListPolicyArgs{...} or: nil
func OrganizationPolicyListPolicyPtr ¶
func OrganizationPolicyListPolicyPtr(v *OrganizationPolicyListPolicyArgs) OrganizationPolicyListPolicyPtrInput
type OrganizationPolicyListPolicyPtrOutput ¶
type OrganizationPolicyListPolicyPtrOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyListPolicyPtrOutput) Allow ¶
or `deny` - (Optional) One or the other must be set.
func (OrganizationPolicyListPolicyPtrOutput) ElementType ¶
func (OrganizationPolicyListPolicyPtrOutput) ElementType() reflect.Type
func (OrganizationPolicyListPolicyPtrOutput) InheritFromParent ¶
func (o OrganizationPolicyListPolicyPtrOutput) InheritFromParent() pulumi.BoolPtrOutput
If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
The `allow` or `deny` blocks support:
func (OrganizationPolicyListPolicyPtrOutput) SuggestedValue ¶
func (o OrganizationPolicyListPolicyPtrOutput) SuggestedValue() pulumi.StringPtrOutput
The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
func (OrganizationPolicyListPolicyPtrOutput) ToOrganizationPolicyListPolicyPtrOutput ¶
func (o OrganizationPolicyListPolicyPtrOutput) ToOrganizationPolicyListPolicyPtrOutput() OrganizationPolicyListPolicyPtrOutput
func (OrganizationPolicyListPolicyPtrOutput) ToOrganizationPolicyListPolicyPtrOutputWithContext ¶
func (o OrganizationPolicyListPolicyPtrOutput) ToOrganizationPolicyListPolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyListPolicyPtrOutput
type OrganizationPolicyMap ¶
type OrganizationPolicyMap map[string]OrganizationPolicyInput
func (OrganizationPolicyMap) ElementType ¶
func (OrganizationPolicyMap) ElementType() reflect.Type
func (OrganizationPolicyMap) ToOrganizationPolicyMapOutput ¶
func (i OrganizationPolicyMap) ToOrganizationPolicyMapOutput() OrganizationPolicyMapOutput
func (OrganizationPolicyMap) ToOrganizationPolicyMapOutputWithContext ¶
func (i OrganizationPolicyMap) ToOrganizationPolicyMapOutputWithContext(ctx context.Context) OrganizationPolicyMapOutput
type OrganizationPolicyMapInput ¶
type OrganizationPolicyMapInput interface { pulumi.Input ToOrganizationPolicyMapOutput() OrganizationPolicyMapOutput ToOrganizationPolicyMapOutputWithContext(context.Context) OrganizationPolicyMapOutput }
OrganizationPolicyMapInput is an input type that accepts OrganizationPolicyMap and OrganizationPolicyMapOutput values. You can construct a concrete instance of `OrganizationPolicyMapInput` via:
OrganizationPolicyMap{ "key": OrganizationPolicyArgs{...} }
type OrganizationPolicyMapOutput ¶
type OrganizationPolicyMapOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyMapOutput) ElementType ¶
func (OrganizationPolicyMapOutput) ElementType() reflect.Type
func (OrganizationPolicyMapOutput) MapIndex ¶
func (o OrganizationPolicyMapOutput) MapIndex(k pulumi.StringInput) OrganizationPolicyOutput
func (OrganizationPolicyMapOutput) ToOrganizationPolicyMapOutput ¶
func (o OrganizationPolicyMapOutput) ToOrganizationPolicyMapOutput() OrganizationPolicyMapOutput
func (OrganizationPolicyMapOutput) ToOrganizationPolicyMapOutputWithContext ¶
func (o OrganizationPolicyMapOutput) ToOrganizationPolicyMapOutputWithContext(ctx context.Context) OrganizationPolicyMapOutput
type OrganizationPolicyOutput ¶
type OrganizationPolicyOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyOutput) BooleanPolicy ¶
func (o OrganizationPolicyOutput) BooleanPolicy() OrganizationPolicyBooleanPolicyPtrOutput
A boolean policy is a constraint that is either enforced or not. Structure is documented below.
func (OrganizationPolicyOutput) Constraint ¶
func (o OrganizationPolicyOutput) Constraint() pulumi.StringOutput
The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
***
func (OrganizationPolicyOutput) ElementType ¶
func (OrganizationPolicyOutput) ElementType() reflect.Type
func (OrganizationPolicyOutput) Etag ¶
func (o OrganizationPolicyOutput) Etag() pulumi.StringOutput
(Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
func (OrganizationPolicyOutput) Folder ¶
func (o OrganizationPolicyOutput) Folder() pulumi.StringOutput
The resource name of the folder to set the policy for. Its format is folders/{folder_id}.
func (OrganizationPolicyOutput) ListPolicy ¶
func (o OrganizationPolicyOutput) ListPolicy() OrganizationPolicyListPolicyPtrOutput
A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
func (OrganizationPolicyOutput) RestorePolicy ¶
func (o OrganizationPolicyOutput) RestorePolicy() OrganizationPolicyRestorePolicyPtrOutput
A restore policy is a constraint to restore the default policy. Structure is documented below.
> **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will effectively be unset. This is represented in the UI as the constraint being 'Inherited'.
***
func (OrganizationPolicyOutput) ToOrganizationPolicyOutput ¶
func (o OrganizationPolicyOutput) ToOrganizationPolicyOutput() OrganizationPolicyOutput
func (OrganizationPolicyOutput) ToOrganizationPolicyOutputWithContext ¶
func (o OrganizationPolicyOutput) ToOrganizationPolicyOutputWithContext(ctx context.Context) OrganizationPolicyOutput
func (OrganizationPolicyOutput) UpdateTime ¶
func (o OrganizationPolicyOutput) UpdateTime() pulumi.StringOutput
(Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".
func (OrganizationPolicyOutput) Version ¶
func (o OrganizationPolicyOutput) Version() pulumi.IntOutput
Version of the Policy. Default version is 0.
type OrganizationPolicyRestorePolicy ¶
type OrganizationPolicyRestorePolicy struct { // May only be set to true. If set, then the default Policy is restored. Default bool `pulumi:"default"` }
type OrganizationPolicyRestorePolicyArgs ¶
type OrganizationPolicyRestorePolicyArgs struct { // May only be set to true. If set, then the default Policy is restored. Default pulumi.BoolInput `pulumi:"default"` }
func (OrganizationPolicyRestorePolicyArgs) ElementType ¶
func (OrganizationPolicyRestorePolicyArgs) ElementType() reflect.Type
func (OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyOutput ¶
func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyOutput() OrganizationPolicyRestorePolicyOutput
func (OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyOutputWithContext ¶
func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyOutput
func (OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyPtrOutput ¶
func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyPtrOutput() OrganizationPolicyRestorePolicyPtrOutput
func (OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyPtrOutputWithContext ¶
func (i OrganizationPolicyRestorePolicyArgs) ToOrganizationPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyPtrOutput
type OrganizationPolicyRestorePolicyInput ¶
type OrganizationPolicyRestorePolicyInput interface { pulumi.Input ToOrganizationPolicyRestorePolicyOutput() OrganizationPolicyRestorePolicyOutput ToOrganizationPolicyRestorePolicyOutputWithContext(context.Context) OrganizationPolicyRestorePolicyOutput }
OrganizationPolicyRestorePolicyInput is an input type that accepts OrganizationPolicyRestorePolicyArgs and OrganizationPolicyRestorePolicyOutput values. You can construct a concrete instance of `OrganizationPolicyRestorePolicyInput` via:
OrganizationPolicyRestorePolicyArgs{...}
type OrganizationPolicyRestorePolicyOutput ¶
type OrganizationPolicyRestorePolicyOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyRestorePolicyOutput) Default ¶
func (o OrganizationPolicyRestorePolicyOutput) Default() pulumi.BoolOutput
May only be set to true. If set, then the default Policy is restored.
func (OrganizationPolicyRestorePolicyOutput) ElementType ¶
func (OrganizationPolicyRestorePolicyOutput) ElementType() reflect.Type
func (OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyOutput ¶
func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyOutput() OrganizationPolicyRestorePolicyOutput
func (OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyOutputWithContext ¶
func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyOutput
func (OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyPtrOutput ¶
func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyPtrOutput() OrganizationPolicyRestorePolicyPtrOutput
func (OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyPtrOutputWithContext ¶
func (o OrganizationPolicyRestorePolicyOutput) ToOrganizationPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyPtrOutput
type OrganizationPolicyRestorePolicyPtrInput ¶
type OrganizationPolicyRestorePolicyPtrInput interface { pulumi.Input ToOrganizationPolicyRestorePolicyPtrOutput() OrganizationPolicyRestorePolicyPtrOutput ToOrganizationPolicyRestorePolicyPtrOutputWithContext(context.Context) OrganizationPolicyRestorePolicyPtrOutput }
OrganizationPolicyRestorePolicyPtrInput is an input type that accepts OrganizationPolicyRestorePolicyArgs, OrganizationPolicyRestorePolicyPtr and OrganizationPolicyRestorePolicyPtrOutput values. You can construct a concrete instance of `OrganizationPolicyRestorePolicyPtrInput` via:
OrganizationPolicyRestorePolicyArgs{...} or: nil
func OrganizationPolicyRestorePolicyPtr ¶
func OrganizationPolicyRestorePolicyPtr(v *OrganizationPolicyRestorePolicyArgs) OrganizationPolicyRestorePolicyPtrInput
type OrganizationPolicyRestorePolicyPtrOutput ¶
type OrganizationPolicyRestorePolicyPtrOutput struct{ *pulumi.OutputState }
func (OrganizationPolicyRestorePolicyPtrOutput) Default ¶
func (o OrganizationPolicyRestorePolicyPtrOutput) Default() pulumi.BoolPtrOutput
May only be set to true. If set, then the default Policy is restored.
func (OrganizationPolicyRestorePolicyPtrOutput) ElementType ¶
func (OrganizationPolicyRestorePolicyPtrOutput) ElementType() reflect.Type
func (OrganizationPolicyRestorePolicyPtrOutput) ToOrganizationPolicyRestorePolicyPtrOutput ¶
func (o OrganizationPolicyRestorePolicyPtrOutput) ToOrganizationPolicyRestorePolicyPtrOutput() OrganizationPolicyRestorePolicyPtrOutput
func (OrganizationPolicyRestorePolicyPtrOutput) ToOrganizationPolicyRestorePolicyPtrOutputWithContext ¶
func (o OrganizationPolicyRestorePolicyPtrOutput) ToOrganizationPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) OrganizationPolicyRestorePolicyPtrOutput
type OrganizationPolicyState ¶
type OrganizationPolicyState struct { // A boolean policy is a constraint that is either enforced or not. Structure is documented below. BooleanPolicy OrganizationPolicyBooleanPolicyPtrInput // The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints). // // *** Constraint pulumi.StringPtrInput // (Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. Etag pulumi.StringPtrInput // The resource name of the folder to set the policy for. Its format is folders/{folder_id}. Folder pulumi.StringPtrInput // A policy that can define specific values that are allowed or denied for the given constraint. It // can also be used to allow or deny all values. Structure is documented below. ListPolicy OrganizationPolicyListPolicyPtrInput // A restore policy is a constraint to restore the default policy. Structure is documented below. // // > **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will // effectively be unset. This is represented in the UI as the constraint being 'Inherited'. // // *** RestorePolicy OrganizationPolicyRestorePolicyPtrInput // (Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z". UpdateTime pulumi.StringPtrInput // Version of the Policy. Default version is 0. Version pulumi.IntPtrInput }
func (OrganizationPolicyState) ElementType ¶
func (OrganizationPolicyState) ElementType() reflect.Type