get
suspend fun getFolderServiceAccount(argument: GetFolderServiceAccountPlainArgs): GetFolderServiceAccountResult
Get the email address of a folder's Access Approval service account. Each Google Cloud folder has a unique service account used by Access Approval. When using Access Approval with a custom signing key, this account needs to be granted the cloudkms.signerVerifier IAM role on the Cloud KMS key used to sign approvals.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.accessapproval.AccessapprovalFunctions;
import com.pulumi.gcp.accessapproval.inputs.GetFolderServiceAccountArgs;
import com.pulumi.gcp.kms.CryptoKeyIAMMember;
import com.pulumi.gcp.kms.CryptoKeyIAMMemberArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var serviceAccount = AccessapprovalFunctions.getFolderServiceAccount(GetFolderServiceAccountArgs.builder()
.folderId("my-folder")
.build());
var iam = new CryptoKeyIAMMember("iam", CryptoKeyIAMMemberArgs.builder()
.cryptoKeyId(google_kms_crypto_key.crypto_key().id())
.role("roles/cloudkms.signerVerifier")
.member(String.format("serviceAccount:%s", serviceAccount.applyValue(getFolderServiceAccountResult -> getFolderServiceAccountResult.accountEmail())))
.build());
}
}Content copied to clipboard
Return
A collection of values returned by getFolderServiceAccount.
Parameters
argument
A collection of arguments for invoking getFolderServiceAccount.
Return
A collection of values returned by getFolderServiceAccount.
Parameters
folder
The folder ID the service account was created for.
See also
suspend fun getFolderServiceAccount(argument: suspend GetFolderServiceAccountPlainArgsBuilder.() -> Unit): GetFolderServiceAccountResult
Return
A collection of values returned by getFolderServiceAccount.
Parameters
argument
Builder for com.pulumi.gcp.accessapproval.kotlin.inputs.GetFolderServiceAccountPlainArgs.