IAMPolicy
Import
IAM member imports use space-delimited identifiers; the resource in question, the role, and the account. This member resource can be imported using the folder, role, and member e.g.
$ pulumi import gcp:folder/iAMPolicy:IAMPolicy my_folder "folder roles/viewer user:foo@example.com"IAM binding imports use space-delimited identifiers; the resource in question and the role. This binding resource can be imported using the folder and role, e.g.
$ pulumi import gcp:folder/iAMPolicy:IAMPolicy my_folder "folder roles/viewer"IAM policy imports use the identifier of the resource in question. This policy resource can be imported using the folder.
$ pulumi import gcp:folder/iAMPolicy:IAMPolicy my_folder folderIAM audit config imports use the identifier of the resource in question and the service, e.g.
$ pulumi import gcp:folder/iAMPolicy:IAMPolicy my_folder "folder foo.googleapis.com"->Custom RolesIf you're importing a IAM resource with a custom role, make sure to use the full name of the custom role, e.g. organizations/{{org_id}}/roles/{{role_id}}. ->Conditional IAM BindingsIf you're importing a IAM binding with a condition block, make sure
$ pulumi import gcp:folder/iAMPolicy:IAMPolicy to include the title of condition, e.g. `google_folder_iam_binding.my_folder "folder roles/{{role_id}} condition-title"`