pulumi-gcp-kotlin/com.pulumi.gcp.compute.kotlin.inputs/InstanceTemplateServiceAccountArgs

InstanceTemplateServiceAccountArgs

data class InstanceTemplateServiceAccountArgs(val email: Output<String>? = null, val scopes: Output<List<String>>) : ConvertibleToJava<InstanceTemplateServiceAccountArgs>

Constructors

Link copied to clipboard
constructor(email: Output<String>? = null, scopes: Output<List<String>>)

Properties

Link copied to clipboard
val email: Output<String>? = null

The service account e-mail address. If not given, the default Google Compute Engine service account is used.

Link copied to clipboard
val scopes: Output<List<String>>

A list of service scopes. Both OAuth2 URLs and gcloud short names are supported. To allow full access to all Cloud APIs, use the cloud-platform scope. See a complete list of scopes here. The service accounts documentation explains that access scopes are the legacy method of specifying permissions for your instance. To follow best practices you should create a dedicated service account with the minimum permissions the VM requires. To use a dedicated service account this field should be configured as a list containing the cloud-platform scope. See Authenticate workloads using service accounts best practices and Best practices for using service accounts.

Functions

Link copied to clipboard
open override fun toJava(): InstanceTemplateServiceAccountArgs