pulumi-gcp-kotlin/com.pulumi.gcp.projects.kotlin/ServiceIdentityArgs

ServiceIdentityArgs

data class ServiceIdentityArgs(val project: Output<String>? = null, val service: Output<String>? = null) : ConvertibleToJava<ServiceIdentityArgs>

Generate service identity for a service.

Note: Once created, this resource cannot be updated or destroyed. These actions are a no-op. Note: This resource can be used to retrieve the emails of the Google-managed service accounts of the APIs that Google has configured with a Service Identity. You can run gcloud beta services identity create --service SERVICE_NAME.googleapis.com to verify if an API supports this. To get more information about Service Identity, see:

Example Usage

Service Identity Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.projects.ServiceIdentity;
import com.pulumi.gcp.projects.ServiceIdentityArgs;
import com.pulumi.gcp.projects.IAMMember;
import com.pulumi.gcp.projects.IAMMemberArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var project = OrganizationsFunctions.getProject();
        var hcSa = new ServiceIdentity("hcSa", ServiceIdentityArgs.builder()
            .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
            .service("healthcare.googleapis.com")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var hcSaBqJobuser = new IAMMember("hcSaBqJobuser", IAMMemberArgs.builder()
            .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
            .role("roles/bigquery.jobUser")
            .member(hcSa.email().applyValue(email -> String.format("serviceAccount:%s", email)))
            .build());
    }
}
Content copied to clipboard

Import

This resource does not support import.

Constructors

Link copied to clipboard
constructor(project: Output<String>? = null, service: Output<String>? = null)

Properties

Link copied to clipboard
val project: Output<String>? = null

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Link copied to clipboard
val service: Output<String>? = null

The service to generate identity for.

Functions

Link copied to clipboard
open override fun toJava(): ServiceIdentityArgs