This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.


This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-gcp repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-google repo.

class pulumi_gcp.iam.AwaitableGetRuleResult(id=None, included_permissions=None, name=None, stage=None, title=None)
class pulumi_gcp.iam.AwaitableGetTestablePermissionsResult(custom_support_level=None, full_resource_name=None, id=None, permissions=None, stages=None)
class pulumi_gcp.iam.GetRuleResult(id=None, included_permissions=None, name=None, stage=None, title=None)

A collection of values returned by getRule.

id = None

The provider-assigned unique ID for this managed resource.

included_permissions = None

specifies the list of one or more permissions to include in the custom role, such as - iam.roles.get

stage = None

indicates the stage of a role in the launch lifecycle, such as GA, BETA or ALPHA.

title = None

is a friendly title for the role, such as “Role Viewer”

class pulumi_gcp.iam.GetTestablePermissionsResult(custom_support_level=None, full_resource_name=None, id=None, permissions=None, stages=None)

A collection of values returned by getTestablePermissions.

custom_support_level = None

The the support level of this permission for custom roles.

id = None

The provider-assigned unique ID for this managed resource.

permissions = None

A list of permissions matching the provided input. Structure is defined below.

pulumi_gcp.iam.get_rule(name=None, opts=None)

Use this data source to get information about a Google IAM Role.

import pulumi
import pulumi_gcp as gcp

roleinfo = gcp.iam.get_rule(name="roles/compute.viewer")
pulumi.export("theRolePermissions", roleinfo.included_permissions)

name (str) – The name of the Role to lookup in the form roles/{ROLE_NAME}, organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME} or projects/{PROJECT_ID}/roles/{ROLE_NAME}

pulumi_gcp.iam.get_testable_permissions(custom_support_level=None, full_resource_name=None, stages=None, opts=None)

Retrieve a list of testable permissions for a resource. Testable permissions mean the permissions that user can add or remove in a role at a given resource. The resource can be referenced either via the full resource name or via a URI.

import pulumi
import pulumi_gcp as gcp

perms = gcp.iam.get_testable_permissions(full_resource_name="//",
  • custom_support_level (str) – The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"

  • full_resource_name (str) – See full resource name documentation for more detail.

  • stages (list) – The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].