pulumi-gcp-kotlin/com.pulumi.gcp.accesscontextmanager.kotlin/AccessLevel

AccessLevel

class AccessLevel : KotlinCustomResource

An AccessLevel is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied. To get more information about AccessLevel, see:

API documentation
How-to Guides

Access Policy Quickstart

Warning: If you are using User ADCs (Application Default Credentials) with this resource, you must specify a billing_project and set user_project_override to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the serviceusage.services.use permission on the billing_project you defined.

Example Usage

Access Context Manager Access Level Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
import com.pulumi.gcp.accesscontextmanager.AccessLevel;
import com.pulumi.gcp.accesscontextmanager.AccessLevelArgs;
import com.pulumi.gcp.accesscontextmanager.inputs.AccessLevelBasicArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var access_policy = new AccessPolicy("access-policy", AccessPolicyArgs.builder()
            .parent("organizations/123456789")
            .title("my policy")
            .build());
        var access_level = new AccessLevel("access-level", AccessLevelArgs.builder()
            .basic(AccessLevelBasicArgs.builder()
                .conditions(AccessLevelBasicConditionArgs.builder()
                    .devicePolicy(AccessLevelBasicConditionDevicePolicyArgs.builder()
                        .osConstraints(AccessLevelBasicConditionDevicePolicyOsConstraintArgs.builder()
                            .osType("DESKTOP_CHROME_OS")
                            .build())
                        .requireScreenLock(true)
                        .build())
                    .regions(
                        "CH",
                        "IT",
                        "US")
                    .build())
                .build())
            .parent(access_policy.name().applyValue(name -> String.format("accessPolicies/%s", name)))
            .title("chromeos_no_lock")
            .build());
    }
}

Import

AccessLevel can be imported using any of these accepted formats:

$ pulumi import gcp:accesscontextmanager/accessLevel:AccessLevel default {{name}}

Properties

basic

val basic: Output<AccessLevelBasic>?

A set of predefined conditions for the access level and a combining function. Structure is documented below.

custom

val custom: Output<AccessLevelCustom>?

Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec. Structure is documented below.

description

val description: Output<String>?

Description of the AccessLevel and its use. Does not affect behavior.

val id: Output<String>

name

val name: Output<String>

Resource name for the Access Level. The short_name component must begin with a letter and only include alphanumeric and '_'. Format: accessPolicies/{policy_id}/accessLevels/{short_name}

parent

val parent: Output<String>

The AccessPolicy this AccessLevel lives in. Format: accessPolicies/{policy_id}

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

title

val title: Output<String>

Human readable title. Must be unique within the Policy.

urn

val urn: Output<String>