How do I deploy a GCP storage bucketiammember?
In this example, we’ll walk through how to set up a Google Cloud Storage Bucket and configure IAM permissions for a specific member. By the end, you’ll have a storage bucket created and an IAM member assigned to it with appropriate access permissions.
Explanation
- Provider Configuration: We start by configuring the Google Cloud provider, specifying our project and region.
- Resource Definition: Next, we create a Google Cloud Storage Bucket.
- IAM Member Binding: Finally, we assign an IAM policy binding to the bucket, granting specific permissions to a user, service account, or group.
Program
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
export = async () => {
// Create a GCP storage bucket
const bucket = new gcp.storage.Bucket("bucket", {
name: "example-bucket",
location: "US",
});
// Define the IAM policy binding for the storage bucket
const bucketIamMember = new gcp.storage.BucketIAMMember("bucket_iam_member", {
bucket: bucket.name,
role: "roles/storage.objectViewer",
member: "user:example@example.com",
});
return {
bucketName: bucket.name,
bucketIamMemberRole: bucketIamMember.role,
bucketIamMember: bucketIamMember.member,
};
}
Summary
This configuration sets up a Google Cloud Storage Bucket and assigns read permissions to a specified IAM member. This workflow allows for managing and organizing GCP resources and their permissions efficiently using Infrastructure as Code.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.