Docs Packages
  1. Packages
  2. Yandex
  3. API Docs
  4. getIamPolicy
Yandex v0.13.0 published on Tuesday, Feb 22, 2022 by Pulumi
pulumi/pulumi-yandex

yandex.getIamPolicy

Explore with Pulumi AI

yandex logo
Yandex v0.13.0 published on Tuesday, Feb 22, 2022 by Pulumi
pulumi/pulumi-yandex

    Generates an [IAM] policy document that may be referenced by and applied to other Yandex.Cloud Platform resources, such as the yandex.ResourcemanagerFolder resource.

    import * as pulumi from "@pulumi/pulumi";
import * as yandex from "@pulumi/yandex";

const admin = pulumi.output(yandex.getIamPolicy({
    bindings: [
        {
            members: ["userAccount:user_id_1"],
            role: "admin",
        },
        {
            members: ["userAccount:user_id_2"],
            role: "viewer",
        },
    ],
}));

    import pulumi
import pulumi_yandex as yandex

admin = yandex.get_iam_policy(bindings=[
    yandex.GetIamPolicyBindingArgs(
        members=["userAccount:user_id_1"],
        role="admin",
    ),
    yandex.GetIamPolicyBindingArgs(
        members=["userAccount:user_id_2"],
        role="viewer",
    ),
])

    using Pulumi;
using Yandex = Pulumi.Yandex;

class MyStack : Stack
{
    public MyStack()
    {
        var admin = Output.Create(Yandex.GetIamPolicy.InvokeAsync(new Yandex.GetIamPolicyArgs
        {
            Bindings = 
            {
                new Yandex.Inputs.GetIamPolicyBindingArgs
                {
                    Members = 
                    {
                        "userAccount:user_id_1",
                    },
                    Role = "admin",
                },
                new Yandex.Inputs.GetIamPolicyBindingArgs
                {
                    Members = 
                    {
                        "userAccount:user_id_2",
                    },
                    Role = "viewer",
                },
            },
        }));
    }

}

    package main

import (
	"github.com/pulumi/pulumi-yandex/sdk/go/yandex"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := yandex.GetIamPolicy(ctx, &GetIamPolicyArgs{
			Bindings: []GetIamPolicyBinding{
				GetIamPolicyBinding{
					Members: []string{
						"userAccount:user_id_1",
					},
					Role: "admin",
				},
				GetIamPolicyBinding{
					Members: []string{
						"userAccount:user_id_2",
					},
					Role: "viewer",
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

    This data source is used to define [IAM] policies to apply to other resources. Currently, defining a policy through a data source and referencing that policy from another resource is the only way to apply an IAM policy to a resource.

    Using getIamPolicy

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getIamPolicy(args: GetIamPolicyArgs, opts?: InvokeOptions): Promise<GetIamPolicyResult>
function getIamPolicyOutput(args: GetIamPolicyOutputArgs, opts?: InvokeOptions): Output<GetIamPolicyResult>
    def get_iam_policy(bindings: Optional[Sequence[GetIamPolicyBinding]] = None,
                   opts: Optional[InvokeOptions] = None) -> GetIamPolicyResult
def get_iam_policy_output(bindings: Optional[pulumi.Input[Sequence[pulumi.Input[GetIamPolicyBindingArgs]]]] = None,
                   opts: Optional[InvokeOptions] = None) -> Output[GetIamPolicyResult]
    func GetIamPolicy(ctx *Context, args *GetIamPolicyArgs, opts ...InvokeOption) (*GetIamPolicyResult, error)
func GetIamPolicyOutput(ctx *Context, args *GetIamPolicyOutputArgs, opts ...InvokeOption) GetIamPolicyResultOutput

    > Note: This function is named GetIamPolicy in the Go SDK.

    public static class GetIamPolicy 
{
    public static Task<GetIamPolicyResult> InvokeAsync(GetIamPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetIamPolicyResult> Invoke(GetIamPolicyInvokeArgs args, InvokeOptions? opts = null)
}
    public static CompletableFuture<GetIamPolicyResult> getIamPolicy(GetIamPolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

    fn::invoke:
  function: yandex:index/getIamPolicy:getIamPolicy
  arguments:
    # arguments dictionary

    The following arguments are supported:

    Bindings List<GetIamPolicyBinding>
    A nested configuration block (described below) that defines a binding to be included in the policy document. Multiple binding arguments are supported.
    Bindings []GetIamPolicyBinding
    A nested configuration block (described below) that defines a binding to be included in the policy document. Multiple binding arguments are supported.
    bindings List<GetIamPolicyBinding>
    A nested configuration block (described below) that defines a binding to be included in the policy document. Multiple binding arguments are supported.
    bindings GetIamPolicyBinding[]
    A nested configuration block (described below) that defines a binding to be included in the policy document. Multiple binding arguments are supported.
    bindings Sequence[GetIamPolicyBinding]
    A nested configuration block (described below) that defines a binding to be included in the policy document. Multiple binding arguments are supported.
    bindings List<Property Map>
    A nested configuration block (described below) that defines a binding to be included in the policy document. Multiple binding arguments are supported.

    getIamPolicy Result

    The following output properties are available:

    Bindings List<GetIamPolicyBinding>
    Id string
    The provider-assigned unique ID for this managed resource.
    PolicyData string
    The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
    Bindings []GetIamPolicyBinding
    Id string
    The provider-assigned unique ID for this managed resource.
    PolicyData string
    The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
    bindings List<GetIamPolicyBinding>
    id String
    The provider-assigned unique ID for this managed resource.
    policyData String
    The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
    bindings GetIamPolicyBinding[]
    id string
    The provider-assigned unique ID for this managed resource.
    policyData string
    The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
    bindings Sequence[GetIamPolicyBinding]
    id str
    The provider-assigned unique ID for this managed resource.
    policy_data str
    The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
    bindings List<Property Map>
    id String
    The provider-assigned unique ID for this managed resource.
    policyData String
    The above bindings serialized in a format suitable for referencing from a resource that supports IAM.

    Supporting Types

    GetIamPolicyBinding

    Members List<string>
    An array of identities that will be granted the privilege in the role. Each entry can have one of the following values:

    • userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
    • serviceAccount:{service_account_id}: A unique service account ID.
    Role string
    The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
    Members []string
    An array of identities that will be granted the privilege in the role. Each entry can have one of the following values:

    • userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
    • serviceAccount:{service_account_id}: A unique service account ID.
    Role string
    The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
    members List<String>
    An array of identities that will be granted the privilege in the role. Each entry can have one of the following values:

    • userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
    • serviceAccount:{service_account_id}: A unique service account ID.
    role String
    The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
    members string[]
    An array of identities that will be granted the privilege in the role. Each entry can have one of the following values:

    • userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
    • serviceAccount:{service_account_id}: A unique service account ID.
    role string
    The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
    members Sequence[str]
    An array of identities that will be granted the privilege in the role. Each entry can have one of the following values:

    • userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
    • serviceAccount:{service_account_id}: A unique service account ID.
    role str
    The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
    members List<String>
    An array of identities that will be granted the privilege in the role. Each entry can have one of the following values:

    • userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
    • serviceAccount:{service_account_id}: A unique service account ID.
    role String
    The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.

    Package Details

    Repository
    Yandex pulumi/pulumi-yandex
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the yandex Terraform Provider.
    yandex logo
    Yandex v0.13.0 published on Tuesday, Feb 22, 2022 by Pulumi
    pulumi/pulumi-yandex