esc env provider gcp-login oidc | CLI commands
Generated for Pulumi ESC CLI v0.24.0.
Add a GCP OIDC login provider to an environment
Synopsis
[EXPERIMENTAL] Add a GCP OIDC login provider to an environment
Writes an fn::open::gcp-login block with an oidc workload-identity
federation block at the configured path under values.
See https://www.pulumi.com/docs/esc/integrations/dynamic-login-credentials/gcp-login/ for the full provider reference.
esc env provider gcp-login oidc [<org>/][<project>/]<environment-name> <project-number> [flags]
Options
--create create the environment if it does not already exist
--draft string[="new"] set flag without a value (--draft) to create a draft rather than saving changes directly. --draft=<change-request-id> to update an existing change request.
-h, --help help for oidc
--path values property path under values where the provider block is written (default "gcp.login")
--provider-id string GCP workload identity pool provider ID (required)
--region string optional GCP region for the workload identity pool
--service-account string GCP service account to impersonate (required)
--subject-attribute stringArray OIDC subject attribute to include in the federated token (repeatable)
--token-lifetime string optional lifetime for impersonated credentials, e.g. 1h30m
--workload-pool-id string GCP workload identity pool ID (required)
Options inherited from parent commands
--env string The name of the environment to operate on.
SEE ALSO
- esc env provider gcp-login - Add a GCP login provider to an environment
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.