pulumi-gcp-kotlin/com.pulumi.gcp.accesscontextmanager.kotlin/AccessLevelArgs

AccessLevelArgs

data class AccessLevelArgs(val basic: Output<AccessLevelBasicArgs>? = null, val custom: Output<AccessLevelCustomArgs>? = null, val description: Output<String>? = null, val name: Output<String>? = null, val parent: Output<String>? = null, val title: Output<String>? = null) : ConvertibleToJava<AccessLevelArgs>

An AccessLevel is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied. To get more information about AccessLevel, see:

API documentation
How-to Guides

Access Policy Quickstart

Warning: If you are using User ADCs (Application Default Credentials) with this resource, you must specify a billing_project and set user_project_override to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the serviceusage.services.use permission on the billing_project you defined.

Example Usage

Access Context Manager Access Level Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
import com.pulumi.gcp.accesscontextmanager.AccessLevel;
import com.pulumi.gcp.accesscontextmanager.AccessLevelArgs;
import com.pulumi.gcp.accesscontextmanager.inputs.AccessLevelBasicArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var access_policy = new AccessPolicy("access-policy", AccessPolicyArgs.builder()
            .parent("organizations/123456789")
            .title("my policy")
            .build());
        var access_level = new AccessLevel("access-level", AccessLevelArgs.builder()
            .basic(AccessLevelBasicArgs.builder()
                .conditions(AccessLevelBasicConditionArgs.builder()
                    .devicePolicy(AccessLevelBasicConditionDevicePolicyArgs.builder()
                        .osConstraints(AccessLevelBasicConditionDevicePolicyOsConstraintArgs.builder()
                            .osType("DESKTOP_CHROME_OS")
                            .build())
                        .requireScreenLock(true)
                        .build())
                    .regions(
                        "CH",
                        "IT",
                        "US")
                    .build())
                .build())
            .parent(access_policy.name().applyValue(name -> String.format("accessPolicies/%s", name)))
            .title("chromeos_no_lock")
            .build());
    }
}

Import

AccessLevel can be imported using any of these accepted formats:

$ pulumi import gcp:accesscontextmanager/accessLevel:AccessLevel default {{name}}

Constructors

AccessLevelArgs

constructor(basic: Output<AccessLevelBasicArgs>? = null, custom: Output<AccessLevelCustomArgs>? = null, description: Output<String>? = null, name: Output<String>? = null, parent: Output<String>? = null, title: Output<String>? = null)

Properties

basic

val basic: Output<AccessLevelBasicArgs>? = null

A set of predefined conditions for the access level and a combining function. Structure is documented below.

custom

val custom: Output<AccessLevelCustomArgs>? = null

Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec. Structure is documented below.

description

val description: Output<String>? = null

Description of the AccessLevel and its use. Does not affect behavior.

name

val name: Output<String>? = null

Resource name for the Access Level. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/accessLevels/{short_name}

parent

val parent: Output<String>? = null

The AccessPolicy this AccessLevel lives in. Format: accessPolicies/{policy_id}

title

val title: Output<String>? = null

Human readable title. Must be unique within the Policy.

Functions

toJava

open override fun toJava(): AccessLevelArgs