IAMPolicy

Import

IAM member imports use space-delimited identifiers; the resource in question, the role, and the account. This member resource can be imported using the org_id, role, and member e.g.

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization "your-orgid roles/viewer user:foo@example.com"

IAM binding imports use space-delimited identifiers; the resource in question and the role. This binding resource can be imported using the org_id and role, e.g.

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization "your-org-id roles/viewer"

IAM policy imports use the identifier of the resource in question. This policy resource can be imported using the org_id.

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization your-org-id

IAM audit config imports use the identifier of the resource in question and the service, e.g.

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization "your-organization-id foo.googleapis.com"

->Custom RolesIf you're importing a IAM resource with a custom role, make sure to use the full name of the custom role, e.g. organizations/{{org_id}}/roles/{{role_id}}. ->Conditional IAM BindingsIf you're importing a IAM binding with a condition block, make sure

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy to include the title of condition, e.g. `google_organization_iam_binding.my_organization "your-org-id roles/{{role_id}} condition-title"`

Properties

Link copied to clipboard
val etag: Output<String>

(Computed) The etag of the organization's IAM policy.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val orgId: Output<String>

The organization ID. If not specified for gcp.organizations.IAMBinding, gcp.organizations.IAMMember, or gcp.organizations.IamAuditConfig, uses the ID of the organization configured with the provider. Required for gcp.organizations.IAMPolicy - you must explicitly set the organization, and it will not be inferred from the provider.

Link copied to clipboard
val policyData: Output<String>

The gcp.organizations.getIAMPolicy data source that represents the IAM policy that will be applied to the organization. The policy will be merged with any existing policy applied to the organization.

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val urn: Output<String>