pulumi-gcp-kotlin/com.pulumi.gcp.accessapproval.kotlin/AccessapprovalFunctions/getProjectServiceAccount

getProjectServiceAccount

suspend fun getProjectServiceAccount(argument: GetProjectServiceAccountPlainArgs): GetProjectServiceAccountResult

Get the email address of a project's Access Approval service account. Each Google Cloud project has a unique service account used by Access Approval. When using Access Approval with a custom signing key, this account needs to be granted the cloudkms.signerVerifier IAM role on the Cloud KMS key used to sign approvals.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.accessapproval.AccessapprovalFunctions;
import com.pulumi.gcp.accessapproval.inputs.GetProjectServiceAccountArgs;
import com.pulumi.gcp.kms.CryptoKeyIAMMember;
import com.pulumi.gcp.kms.CryptoKeyIAMMemberArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var serviceAccount = AccessapprovalFunctions.getProjectServiceAccount(GetProjectServiceAccountArgs.builder()
            .projectId("my-project")
            .build());
        var iam = new CryptoKeyIAMMember("iam", CryptoKeyIAMMemberArgs.builder()
            .cryptoKeyId(google_kms_crypto_key.crypto_key().id())
            .role("roles/cloudkms.signerVerifier")
            .member(String.format("serviceAccount:%s", serviceAccount.applyValue(getProjectServiceAccountResult -> getProjectServiceAccountResult.accountEmail())))
            .build());
    }
}
Content copied to clipboard

Return

A collection of values returned by getProjectServiceAccount.

Parameters

argument

A collection of arguments for invoking getProjectServiceAccount.

suspend fun getProjectServiceAccount(projectId: String): GetProjectServiceAccountResult

Return

A collection of values returned by getProjectServiceAccount.

Parameters

projectId

The project ID the service account was created for.

See also

.

suspend fun getProjectServiceAccount(argument: suspend GetProjectServiceAccountPlainArgsBuilder.() -> Unit): GetProjectServiceAccountResult

Return

A collection of values returned by getProjectServiceAccount.

Parameters

argument

Builder for com.pulumi.gcp.accessapproval.kotlin.inputs.GetProjectServiceAccountPlainArgs.

See also

.