1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. iam
  5. getTestablePermissions
Google Cloud Classic v7.38.0 published on Monday, Aug 26, 2024 by Pulumi

gcp.iam.getTestablePermissions

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.38.0 published on Monday, Aug 26, 2024 by Pulumi

    Retrieve a list of testable permissions for a resource. Testable permissions mean the permissions that user can add or remove in a role at a given resource. The resource can be referenced either via the full resource name or via a URI.

    Example Usage

    Retrieve all the supported permissions able to be set on my-project that are in either GA or BETA. This is useful for dynamically constructing custom roles.

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const perms = gcp.iam.getTestablePermissions({
        fullResourceName: "//cloudresourcemanager.googleapis.com/projects/my-project",
        stages: [
            "GA",
            "BETA",
        ],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    perms = gcp.iam.get_testable_permissions(full_resource_name="//cloudresourcemanager.googleapis.com/projects/my-project",
        stages=[
            "GA",
            "BETA",
        ])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/iam"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := iam.GetTestablePermissions(ctx, &iam.GetTestablePermissionsArgs{
    			FullResourceName: "//cloudresourcemanager.googleapis.com/projects/my-project",
    			Stages: []string{
    				"GA",
    				"BETA",
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var perms = Gcp.Iam.GetTestablePermissions.Invoke(new()
        {
            FullResourceName = "//cloudresourcemanager.googleapis.com/projects/my-project",
            Stages = new[]
            {
                "GA",
                "BETA",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.iam.IamFunctions;
    import com.pulumi.gcp.iam.inputs.GetTestablePermissionsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var perms = IamFunctions.getTestablePermissions(GetTestablePermissionsArgs.builder()
                .fullResourceName("//cloudresourcemanager.googleapis.com/projects/my-project")
                .stages(            
                    "GA",
                    "BETA")
                .build());
    
        }
    }
    
    variables:
      perms:
        fn::invoke:
          Function: gcp:iam:getTestablePermissions
          Arguments:
            fullResourceName: //cloudresourcemanager.googleapis.com/projects/my-project
            stages:
              - GA
              - BETA
    

    Using getTestablePermissions

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getTestablePermissions(args: GetTestablePermissionsArgs, opts?: InvokeOptions): Promise<GetTestablePermissionsResult>
    function getTestablePermissionsOutput(args: GetTestablePermissionsOutputArgs, opts?: InvokeOptions): Output<GetTestablePermissionsResult>
    def get_testable_permissions(custom_support_level: Optional[str] = None,
                                 full_resource_name: Optional[str] = None,
                                 stages: Optional[Sequence[str]] = None,
                                 opts: Optional[InvokeOptions] = None) -> GetTestablePermissionsResult
    def get_testable_permissions_output(custom_support_level: Optional[pulumi.Input[str]] = None,
                                 full_resource_name: Optional[pulumi.Input[str]] = None,
                                 stages: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                                 opts: Optional[InvokeOptions] = None) -> Output[GetTestablePermissionsResult]
    func GetTestablePermissions(ctx *Context, args *GetTestablePermissionsArgs, opts ...InvokeOption) (*GetTestablePermissionsResult, error)
    func GetTestablePermissionsOutput(ctx *Context, args *GetTestablePermissionsOutputArgs, opts ...InvokeOption) GetTestablePermissionsResultOutput

    > Note: This function is named GetTestablePermissions in the Go SDK.

    public static class GetTestablePermissions 
    {
        public static Task<GetTestablePermissionsResult> InvokeAsync(GetTestablePermissionsArgs args, InvokeOptions? opts = null)
        public static Output<GetTestablePermissionsResult> Invoke(GetTestablePermissionsInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetTestablePermissionsResult> getTestablePermissions(GetTestablePermissionsArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: gcp:iam/getTestablePermissions:getTestablePermissions
      arguments:
        # arguments dictionary

    The following arguments are supported:

    FullResourceName string
    See full resource name documentation for more detail.
    CustomSupportLevel string
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    Stages List<string>
    The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].
    FullResourceName string
    See full resource name documentation for more detail.
    CustomSupportLevel string
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    Stages []string
    The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].
    fullResourceName String
    See full resource name documentation for more detail.
    customSupportLevel String
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    stages List<String>
    The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].
    fullResourceName string
    See full resource name documentation for more detail.
    customSupportLevel string
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    stages string[]
    The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].
    full_resource_name str
    See full resource name documentation for more detail.
    custom_support_level str
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    stages Sequence[str]
    The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].
    fullResourceName String
    See full resource name documentation for more detail.
    customSupportLevel String
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    stages List<String>
    The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].

    getTestablePermissions Result

    The following output properties are available:

    FullResourceName string
    Id string
    The provider-assigned unique ID for this managed resource.
    Permissions List<GetTestablePermissionsPermission>
    A list of permissions matching the provided input. Structure is defined below.
    CustomSupportLevel string
    The the support level of this permission for custom roles.
    Stages List<string>
    FullResourceName string
    Id string
    The provider-assigned unique ID for this managed resource.
    Permissions []GetTestablePermissionsPermission
    A list of permissions matching the provided input. Structure is defined below.
    CustomSupportLevel string
    The the support level of this permission for custom roles.
    Stages []string
    fullResourceName String
    id String
    The provider-assigned unique ID for this managed resource.
    permissions List<GetTestablePermissionsPermission>
    A list of permissions matching the provided input. Structure is defined below.
    customSupportLevel String
    The the support level of this permission for custom roles.
    stages List<String>
    fullResourceName string
    id string
    The provider-assigned unique ID for this managed resource.
    permissions GetTestablePermissionsPermission[]
    A list of permissions matching the provided input. Structure is defined below.
    customSupportLevel string
    The the support level of this permission for custom roles.
    stages string[]
    full_resource_name str
    id str
    The provider-assigned unique ID for this managed resource.
    permissions Sequence[GetTestablePermissionsPermission]
    A list of permissions matching the provided input. Structure is defined below.
    custom_support_level str
    The the support level of this permission for custom roles.
    stages Sequence[str]
    fullResourceName String
    id String
    The provider-assigned unique ID for this managed resource.
    permissions List<Property Map>
    A list of permissions matching the provided input. Structure is defined below.
    customSupportLevel String
    The the support level of this permission for custom roles.
    stages List<String>

    Supporting Types

    GetTestablePermissionsPermission

    ApiDisabled bool
    Whether the corresponding API has been enabled for the resource.
    CustomSupportLevel string
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    Name string
    Name of the permission.
    Stage string
    Release stage of the permission.
    Title string
    Human readable title of the permission.
    ApiDisabled bool
    Whether the corresponding API has been enabled for the resource.
    CustomSupportLevel string
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    Name string
    Name of the permission.
    Stage string
    Release stage of the permission.
    Title string
    Human readable title of the permission.
    apiDisabled Boolean
    Whether the corresponding API has been enabled for the resource.
    customSupportLevel String
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    name String
    Name of the permission.
    stage String
    Release stage of the permission.
    title String
    Human readable title of the permission.
    apiDisabled boolean
    Whether the corresponding API has been enabled for the resource.
    customSupportLevel string
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    name string
    Name of the permission.
    stage string
    Release stage of the permission.
    title string
    Human readable title of the permission.
    api_disabled bool
    Whether the corresponding API has been enabled for the resource.
    custom_support_level str
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    name str
    Name of the permission.
    stage str
    Release stage of the permission.
    title str
    Human readable title of the permission.
    apiDisabled Boolean
    Whether the corresponding API has been enabled for the resource.
    customSupportLevel String
    The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"
    name String
    Name of the permission.
    stage String
    Release stage of the permission.
    title String
    Human readable title of the permission.

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v7.38.0 published on Monday, Aug 26, 2024 by Pulumi