pulumi-gcp-kotlin/com.pulumi.gcp.accesscontextmanager.kotlin/AccessPolicyArgs

AccessPolicyArgs

data class AccessPolicyArgs(val parent: Output<String>? = null, val scopes: Output<String>? = null, val title: Output<String>? = null) : ConvertibleToJava<AccessPolicyArgs>

AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization. To get more information about AccessPolicy, see:

Warning: If you are using User ADCs (Application Default Credentials) with this resource, you must specify a billing_project and set user_project_override to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the serviceusage.services.use permission on the billing_project you defined.

Example Usage

Access Context Manager Access Policy Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var access_policy = new AccessPolicy("access-policy", AccessPolicyArgs.builder()
            .parent("organizations/123456789")
            .title("Org Access Policy")
            .build());
    }
}
Content copied to clipboard

Access Context Manager Access Policy Scoped

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.organizations.Project;
import com.pulumi.gcp.organizations.ProjectArgs;
import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var project = new Project("project", ProjectArgs.builder()
            .orgId("123456789")
            .projectId("acm-test-proj-123")
            .build());
        var access_policy = new AccessPolicy("access-policy", AccessPolicyArgs.builder()
            .parent("organizations/123456789")
            .scopes(project.number().applyValue(number -> String.format("projects/%s", number)))
            .title("Scoped Access Policy")
            .build());
    }
}
Content copied to clipboard

Import

AccessPolicy can be imported using any of these accepted formats:

$ pulumi import gcp:accesscontextmanager/accessPolicy:AccessPolicy default {{name}}
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(parent: Output<String>? = null, scopes: Output<String>? = null, title: Output<String>? = null)

Properties

Link copied to clipboard
val parent: Output<String>? = null

The parent of this AccessPolicy in the Cloud Resource Hierarchy. Format: organizations/{organization_id}

Link copied to clipboard
val scopes: Output<String>? = null

Folder or project on which this policy is applicable. Format: folders/{{folder_id}} or projects/{{project_id}}

Link copied to clipboard
val title: Output<String>? = null

Human readable title. Does not affect behavior.

Functions

Link copied to clipboard
open override fun toJava(): AccessPolicyArgs