Google Native

v0.26.0 published on Friday, Sep 16, 2022 by Pulumi

EntryGroupIamBinding

Sets the access control policy for a resource. Replaces any existing policy. Supported resources are: - Tag templates. - Entries. - Entry groups. Note, this method cannot be used to manage policies for BigQuery, Pub/Sub and any external Google Cloud Platform resources synced to Data Catalog. Callers must have following Google IAM permission - datacatalog.tagTemplates.setIamPolicy to set policies on tag templates. - datacatalog.entries.setIamPolicy to set policies on entries. - datacatalog.entryGroups.setIamPolicy to set policies on entry groups. Note - this resource’s API doesn’t support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

Create a EntryGroupIamBinding Resource

new EntryGroupIamBinding(name: string, args: EntryGroupIamBindingArgs, opts?: CustomResourceOptions);
@overload
def EntryGroupIamBinding(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         condition: Optional[_iam.v1.ConditionArgs] = None,
                         members: Optional[Sequence[str]] = None,
                         name: Optional[str] = None,
                         role: Optional[str] = None)
@overload
def EntryGroupIamBinding(resource_name: str,
                         args: EntryGroupIamBindingArgs,
                         opts: Optional[ResourceOptions] = None)
func NewEntryGroupIamBinding(ctx *Context, name string, args EntryGroupIamBindingArgs, opts ...ResourceOption) (*EntryGroupIamBinding, error)
public EntryGroupIamBinding(string name, EntryGroupIamBindingArgs args, CustomResourceOptions? opts = null)
public EntryGroupIamBinding(String name, EntryGroupIamBindingArgs args)
public EntryGroupIamBinding(String name, EntryGroupIamBindingArgs args, CustomResourceOptions options)
type: google-native:datacatalog/v1beta1:EntryGroupIamBinding
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args EntryGroupIamBindingArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args EntryGroupIamBindingArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args EntryGroupIamBindingArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args EntryGroupIamBindingArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args EntryGroupIamBindingArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

EntryGroupIamBinding Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The EntryGroupIamBinding resource accepts the following input properties:

Members List<string>

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
Name string

The name of the resource to manage IAM policies for.

Role string

The role that should be applied. Only one IamBinding can be used per role.

Condition Pulumi.GoogleNative.IAM.V1.Inputs.ConditionArgs

An IAM Condition for a given binding.

Members []string

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
Name string

The name of the resource to manage IAM policies for.

Role string

The role that should be applied. Only one IamBinding can be used per role.

Condition ConditionArgs

An IAM Condition for a given binding.

members List<String>

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
name String

The name of the resource to manage IAM policies for.

role String

The role that should be applied. Only one IamBinding can be used per role.

condition ConditionArgs

An IAM Condition for a given binding.

members string[]

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
name string

The name of the resource to manage IAM policies for.

role string

The role that should be applied. Only one IamBinding can be used per role.

condition iam.v1.ConditionArgs

An IAM Condition for a given binding.

members Sequence[str]

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
name str

The name of the resource to manage IAM policies for.

role str

The role that should be applied. Only one IamBinding can be used per role.

condition ConditionArgs

An IAM Condition for a given binding.

members List<String>

Identities that will be granted the privilege in role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
name String

The name of the resource to manage IAM policies for.

role String

The role that should be applied. Only one IamBinding can be used per role.

condition Property Map

An IAM Condition for a given binding.

Outputs

All input properties are implicitly available as output properties. Additionally, the EntryGroupIamBinding resource produces the following output properties:

Etag string

The etag of the resource's IAM policy.

Id string

The provider-assigned unique ID for this managed resource.

Project string

The project in which the resource belongs. If it is not provided, a default will be supplied.

Etag string

The etag of the resource's IAM policy.

Id string

The provider-assigned unique ID for this managed resource.

Project string

The project in which the resource belongs. If it is not provided, a default will be supplied.

etag String

The etag of the resource's IAM policy.

id String

The provider-assigned unique ID for this managed resource.

project String

The project in which the resource belongs. If it is not provided, a default will be supplied.

etag string

The etag of the resource's IAM policy.

id string

The provider-assigned unique ID for this managed resource.

project string

The project in which the resource belongs. If it is not provided, a default will be supplied.

etag str

The etag of the resource's IAM policy.

id str

The provider-assigned unique ID for this managed resource.

project str

The project in which the resource belongs. If it is not provided, a default will be supplied.

etag String

The etag of the resource's IAM policy.

id String

The provider-assigned unique ID for this managed resource.

project String

The project in which the resource belongs. If it is not provided, a default will be supplied.

Supporting Types

Condition

Expression string

Textual representation of an expression in Common Expression Language syntax.

Title string

A title for the expression, i.e. a short string describing its purpose.

Description string

An optional description of the expression. This is a longer text which describes the expression, e.g., when hovering over it in a UI.

Expression string

Textual representation of an expression in Common Expression Language syntax.

Title string

A title for the expression, i.e. a short string describing its purpose.

Description string

An optional description of the expression. This is a longer text which describes the expression, e.g., when hovering over it in a UI.

expression String

Textual representation of an expression in Common Expression Language syntax.

title String

A title for the expression, i.e. a short string describing its purpose.

description String

An optional description of the expression. This is a longer text which describes the expression, e.g., when hovering over it in a UI.

expression string

Textual representation of an expression in Common Expression Language syntax.

title string

A title for the expression, i.e. a short string describing its purpose.

description string

An optional description of the expression. This is a longer text which describes the expression, e.g., when hovering over it in a UI.

expression str

Textual representation of an expression in Common Expression Language syntax.

title str

A title for the expression, i.e. a short string describing its purpose.

description str

An optional description of the expression. This is a longer text which describes the expression, e.g., when hovering over it in a UI.

expression String

Textual representation of an expression in Common Expression Language syntax.

title String

A title for the expression, i.e. a short string describing its purpose.

description String

An optional description of the expression. This is a longer text which describes the expression, e.g., when hovering over it in a UI.

Package Details

Repository
https://github.com/pulumi/pulumi-google-native
License
Apache-2.0