Google Cloud Classic v6.57.0, May 30 23
Google Cloud Classic v6.57.0, May 30 23
gcp.serviceAccount.getAccountAccessToken
Explore with Pulumi AI
This data source provides a google oauth2
access_token
for a different service account than the one initially running the script.
For more information see the official documentation as well as iamcredentials.generateAccessToken()
Using getAccountAccessToken
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAccountAccessToken(args: GetAccountAccessTokenArgs, opts?: InvokeOptions): Promise<GetAccountAccessTokenResult>
function getAccountAccessTokenOutput(args: GetAccountAccessTokenOutputArgs, opts?: InvokeOptions): Output<GetAccountAccessTokenResult>
def get_account_access_token(delegates: Optional[Sequence[str]] = None,
lifetime: Optional[str] = None,
scopes: Optional[Sequence[str]] = None,
target_service_account: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAccountAccessTokenResult
def get_account_access_token_output(delegates: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
lifetime: Optional[pulumi.Input[str]] = None,
scopes: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
target_service_account: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAccountAccessTokenResult]
func GetAccountAccessToken(ctx *Context, args *GetAccountAccessTokenArgs, opts ...InvokeOption) (*GetAccountAccessTokenResult, error)
func GetAccountAccessTokenOutput(ctx *Context, args *GetAccountAccessTokenOutputArgs, opts ...InvokeOption) GetAccountAccessTokenResultOutput
> Note: This function is named GetAccountAccessToken
in the Go SDK.
public static class GetAccountAccessToken
{
public static Task<GetAccountAccessTokenResult> InvokeAsync(GetAccountAccessTokenArgs args, InvokeOptions? opts = null)
public static Output<GetAccountAccessTokenResult> Invoke(GetAccountAccessTokenInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetAccountAccessTokenResult> getAccountAccessToken(GetAccountAccessTokenArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: gcp:serviceAccount/getAccountAccessToken:getAccountAccessToken
arguments:
# arguments dictionary
The following arguments are supported:
- Scopes List<string>
The scopes the new credential should have (e.g.
["cloud-platform"]
)- Target
Service stringAccount The service account to impersonate (e.g.
service_B@your-project-id.iam.gserviceaccount.com
)- Delegates List<string>
Delegate chain of approvals needed to perform full impersonation. Specify the fully qualified service account name. (e.g.
["projects/-/serviceAccounts/delegate-svc-account@project-id.iam.gserviceaccount.com"]
)- Lifetime string
Lifetime of the impersonated token (defaults to its max:
3600s
).
- Scopes []string
The scopes the new credential should have (e.g.
["cloud-platform"]
)- Target
Service stringAccount The service account to impersonate (e.g.
service_B@your-project-id.iam.gserviceaccount.com
)- Delegates []string
Delegate chain of approvals needed to perform full impersonation. Specify the fully qualified service account name. (e.g.
["projects/-/serviceAccounts/delegate-svc-account@project-id.iam.gserviceaccount.com"]
)- Lifetime string
Lifetime of the impersonated token (defaults to its max:
3600s
).
- scopes List<String>
The scopes the new credential should have (e.g.
["cloud-platform"]
)- target
Service StringAccount The service account to impersonate (e.g.
service_B@your-project-id.iam.gserviceaccount.com
)- delegates List<String>
Delegate chain of approvals needed to perform full impersonation. Specify the fully qualified service account name. (e.g.
["projects/-/serviceAccounts/delegate-svc-account@project-id.iam.gserviceaccount.com"]
)- lifetime String
Lifetime of the impersonated token (defaults to its max:
3600s
).
- scopes string[]
The scopes the new credential should have (e.g.
["cloud-platform"]
)- target
Service stringAccount The service account to impersonate (e.g.
service_B@your-project-id.iam.gserviceaccount.com
)- delegates string[]
Delegate chain of approvals needed to perform full impersonation. Specify the fully qualified service account name. (e.g.
["projects/-/serviceAccounts/delegate-svc-account@project-id.iam.gserviceaccount.com"]
)- lifetime string
Lifetime of the impersonated token (defaults to its max:
3600s
).
- scopes Sequence[str]
The scopes the new credential should have (e.g.
["cloud-platform"]
)- target_
service_ straccount The service account to impersonate (e.g.
service_B@your-project-id.iam.gserviceaccount.com
)- delegates Sequence[str]
Delegate chain of approvals needed to perform full impersonation. Specify the fully qualified service account name. (e.g.
["projects/-/serviceAccounts/delegate-svc-account@project-id.iam.gserviceaccount.com"]
)- lifetime str
Lifetime of the impersonated token (defaults to its max:
3600s
).
- scopes List<String>
The scopes the new credential should have (e.g.
["cloud-platform"]
)- target
Service StringAccount The service account to impersonate (e.g.
service_B@your-project-id.iam.gserviceaccount.com
)- delegates List<String>
Delegate chain of approvals needed to perform full impersonation. Specify the fully qualified service account name. (e.g.
["projects/-/serviceAccounts/delegate-svc-account@project-id.iam.gserviceaccount.com"]
)- lifetime String
Lifetime of the impersonated token (defaults to its max:
3600s
).
getAccountAccessToken Result
The following output properties are available:
- Access
Token string The
access_token
representing the new generated identity.- Id string
The provider-assigned unique ID for this managed resource.
- Scopes List<string>
- Target
Service stringAccount - Delegates List<string>
- Lifetime string
- Access
Token string The
access_token
representing the new generated identity.- Id string
The provider-assigned unique ID for this managed resource.
- Scopes []string
- Target
Service stringAccount - Delegates []string
- Lifetime string
- access
Token String The
access_token
representing the new generated identity.- id String
The provider-assigned unique ID for this managed resource.
- scopes List<String>
- target
Service StringAccount - delegates List<String>
- lifetime String
- access
Token string The
access_token
representing the new generated identity.- id string
The provider-assigned unique ID for this managed resource.
- scopes string[]
- target
Service stringAccount - delegates string[]
- lifetime string
- access_
token str The
access_token
representing the new generated identity.- id str
The provider-assigned unique ID for this managed resource.
- scopes Sequence[str]
- target_
service_ straccount - delegates Sequence[str]
- lifetime str
- access
Token String The
access_token
representing the new generated identity.- id String
The provider-assigned unique ID for this managed resource.
- scopes List<String>
- target
Service StringAccount - delegates List<String>
- lifetime String
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-beta
Terraform Provider.