google-native logo
Google Cloud Native v0.30.0, Apr 14 23

google-native.accesscontextmanager/v1.AccessPolicy

Explore with Pulumi AI

Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto. Auto-naming is currently not supported for this resource.

Create AccessPolicy Resource

new AccessPolicy(name: string, args: AccessPolicyArgs, opts?: CustomResourceOptions);
@overload
def AccessPolicy(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 parent: Optional[str] = None,
                 scopes: Optional[Sequence[str]] = None,
                 title: Optional[str] = None)
@overload
def AccessPolicy(resource_name: str,
                 args: AccessPolicyArgs,
                 opts: Optional[ResourceOptions] = None)
func NewAccessPolicy(ctx *Context, name string, args AccessPolicyArgs, opts ...ResourceOption) (*AccessPolicy, error)
public AccessPolicy(string name, AccessPolicyArgs args, CustomResourceOptions? opts = null)
public AccessPolicy(String name, AccessPolicyArgs args)
public AccessPolicy(String name, AccessPolicyArgs args, CustomResourceOptions options)
type: google-native:accesscontextmanager/v1:AccessPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AccessPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AccessPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AccessPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AccessPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AccessPolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AccessPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AccessPolicy resource accepts the following input properties:

Parent string

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

Title string

Human readable title. Does not affect behavior.

Scopes List<string>

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

Parent string

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

Title string

Human readable title. Does not affect behavior.

Scopes []string

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

parent String

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

title String

Human readable title. Does not affect behavior.

scopes List<String>

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

parent string

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

title string

Human readable title. Does not affect behavior.

scopes string[]

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

parent str

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

title str

Human readable title. Does not affect behavior.

scopes Sequence[str]

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

parent String

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}

title String

Human readable title. Does not affect behavior.

scopes List<String>

The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no limitations on which resources can be restricted by an ACM policy, and there are no limitations on where ACM resources can be referenced. Only one policy can include a given scope (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

Outputs

All input properties are implicitly available as output properties. Additionally, the AccessPolicy resource produces the following output properties:

Etag string

An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

Id string

The provider-assigned unique ID for this managed resource.

Name string

Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

Etag string

An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

Id string

The provider-assigned unique ID for this managed resource.

Name string

Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

etag String

An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

id String

The provider-assigned unique ID for this managed resource.

name String

Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

etag string

An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

id string

The provider-assigned unique ID for this managed resource.

name string

Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

etag str

An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

id str

The provider-assigned unique ID for this managed resource.

name str

Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

etag String

An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.

id String

The provider-assigned unique ID for this managed resource.

name String

Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

Package Details

Repository
Google Cloud Native pulumi/pulumi-google-native
License
Apache-2.0