Membership
data class MembershipRbacRoleBindingArgs(val location: Output<String>? = null, val membershipId: Output<String>? = null, val membershipRbacRoleBindingId: Output<String>? = null, val project: Output<String>? = null, val role: Output<MembershipRbacRoleBindingRoleArgs>? = null, val user: Output<String>? = null) : ConvertibleToJava<MembershipRbacRoleBindingArgs>
Example Usage
Gkehub Membership Rbac Role Binding Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const primary = new gcp.container.Cluster("primary", {
name: "basic-cluster",
location: "us-central1-a",
initialNodeCount: 1,
deletionProtection: true,
network: "default",
subnetwork: "default",
});
const membership = new gcp.gkehub.Membership("membership", {
membershipId: "tf-test-membership_8493",
endpoint: {
gkeCluster: {
resourceLink: pulumi.interpolate`//container.googleapis.com/${primary.id}`,
},
},
}, {
dependsOn: [primary],
});
const project = gcp.organizations.getProject({});
const membershipRbacRoleBinding = new gcp.gkehub.MembershipRbacRoleBinding("membership_rbac_role_binding", {
membershipRbacRoleBindingId: "tf-test-membership-rbac-role-binding_9106",
membershipId: membership.membershipId,
user: project.then(project => `service-${project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com`),
role: {
predefinedRole: "ANTHOS_SUPPORT",
},
location: "global",
}, {
dependsOn: [membership],
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
primary = gcp.container.Cluster("primary",
name="basic-cluster",
location="us-central1-a",
initial_node_count=1,
deletion_protection=True,
network="default",
subnetwork="default")
membership = gcp.gkehub.Membership("membership",
membership_id="tf-test-membership_8493",
endpoint={
"gke_cluster": {
"resource_link": primary.id.apply(lambda id: f"//container.googleapis.com/{id}"),
},
},
opts = pulumi.ResourceOptions(depends_on=[primary]))
project = gcp.organizations.get_project()
membership_rbac_role_binding = gcp.gkehub.MembershipRbacRoleBinding("membership_rbac_role_binding",
membership_rbac_role_binding_id="tf-test-membership-rbac-role-binding_9106",
membership_id=membership.membership_id,
user=f"service-{project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com",
role={
"predefined_role": "ANTHOS_SUPPORT",
},
location="global",
opts = pulumi.ResourceOptions(depends_on=[membership]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var primary = new Gcp.Container.Cluster("primary", new()
{
Name = "basic-cluster",
Location = "us-central1-a",
InitialNodeCount = 1,
DeletionProtection = true,
Network = "default",
Subnetwork = "default",
});
var membership = new Gcp.GkeHub.Membership("membership", new()
{
MembershipId = "tf-test-membership_8493",
Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
{
GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
{
ResourceLink = primary.Id.Apply(id => $"//container.googleapis.com/{id}"),
},
},
}, new CustomResourceOptions
{
DependsOn =
{
primary,
},
});
var project = Gcp.Organizations.GetProject.Invoke();
var membershipRbacRoleBinding = new Gcp.GkeHub.MembershipRbacRoleBinding("membership_rbac_role_binding", new()
{
MembershipRbacRoleBindingId = "tf-test-membership-rbac-role-binding_9106",
MembershipId = membership.MembershipId,
User = $"service-{project.Apply(getProjectResult => getProjectResult.Number)}@gcp-sa-anthossupport.iam.gserviceaccount.com",
Role = new Gcp.GkeHub.Inputs.MembershipRbacRoleBindingRoleArgs
{
PredefinedRole = "ANTHOS_SUPPORT",
},
Location = "global",
}, new CustomResourceOptions
{
DependsOn =
{
membership,
},
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/container"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/gkehub"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
primary, err := container.NewCluster(ctx, "primary", &container.ClusterArgs{
Name: pulumi.String("basic-cluster"),
Location: pulumi.String("us-central1-a"),
InitialNodeCount: pulumi.Int(1),
DeletionProtection: pulumi.Bool(true),
Network: pulumi.String("default"),
Subnetwork: pulumi.String("default"),
})
if err != nil {
return err
}
membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
MembershipId: pulumi.String("tf-test-membership_8493"),
Endpoint: &gkehub.MembershipEndpointArgs{
GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
ResourceLink: primary.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("//container.googleapis.com/%v", id), nil
}).(pulumi.StringOutput),
},
},
}, pulumi.DependsOn([]pulumi.Resource{
primary,
}))
if err != nil {
return err
}
project, err := organizations.LookupProject(ctx, nil, nil)
if err != nil {
return err
}
_, err = gkehub.NewMembershipRbacRoleBinding(ctx, "membership_rbac_role_binding", &gkehub.MembershipRbacRoleBindingArgs{
MembershipRbacRoleBindingId: pulumi.String("tf-test-membership-rbac-role-binding_9106"),
MembershipId: membership.MembershipId,
User: pulumi.Sprintf("service-%v@gcp-sa-anthossupport.iam.gserviceaccount.com", project.Number),
Role: &gkehub.MembershipRbacRoleBindingRoleArgs{
PredefinedRole: pulumi.String("ANTHOS_SUPPORT"),
},
Location: pulumi.String("global"),
}, pulumi.DependsOn([]pulumi.Resource{
membership,
}))
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.Cluster;
import com.pulumi.gcp.container.ClusterArgs;
import com.pulumi.gcp.gkehub.Membership;
import com.pulumi.gcp.gkehub.MembershipArgs;
import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.gkehub.MembershipRbacRoleBinding;
import com.pulumi.gcp.gkehub.MembershipRbacRoleBindingArgs;
import com.pulumi.gcp.gkehub.inputs.MembershipRbacRoleBindingRoleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var primary = new Cluster("primary", ClusterArgs.builder()
.name("basic-cluster")
.location("us-central1-a")
.initialNodeCount(1)
.deletionProtection("true")
.network("default")
.subnetwork("default")
.build());
var membership = new Membership("membership", MembershipArgs.builder()
.membershipId("tf-test-membership_8493")
.endpoint(MembershipEndpointArgs.builder()
.gkeCluster(MembershipEndpointGkeClusterArgs.builder()
.resourceLink(primary.id().applyValue(id -> String.format("//container.googleapis.com/%s", id)))
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(primary)
.build());
final var project = OrganizationsFunctions.getProject();
var membershipRbacRoleBinding = new MembershipRbacRoleBinding("membershipRbacRoleBinding", MembershipRbacRoleBindingArgs.builder()
.membershipRbacRoleBindingId("tf-test-membership-rbac-role-binding_9106")
.membershipId(membership.membershipId())
.user(String.format("service-%s@gcp-sa-anthossupport.iam.gserviceaccount.com", project.applyValue(getProjectResult -> getProjectResult.number())))
.role(MembershipRbacRoleBindingRoleArgs.builder()
.predefinedRole("ANTHOS_SUPPORT")
.build())
.location("global")
.build(), CustomResourceOptions.builder()
.dependsOn(membership)
.build());
}
}Content copied to clipboard
resources:
primary:
type: gcp:container:Cluster
properties:
name: basic-cluster
location: us-central1-a
initialNodeCount: 1
deletionProtection: 'true'
network: default
subnetwork: default
membership:
type: gcp:gkehub:Membership
properties:
membershipId: tf-test-membership_8493
endpoint:
gkeCluster:
resourceLink: //container.googleapis.com/${primary.id}
options:
dependson:
- ${primary}
membershipRbacRoleBinding:
type: gcp:gkehub:MembershipRbacRoleBinding
name: membership_rbac_role_binding
properties:
membershipRbacRoleBindingId: tf-test-membership-rbac-role-binding_9106
membershipId: ${membership.membershipId}
user: service-${project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com
role:
predefinedRole: ANTHOS_SUPPORT
location: global
options:
dependson:
- ${membership}
variables:
project:
fn::invoke:
Function: gcp:organizations:getProject
Arguments: {}Content copied to clipboard
Import
MembershipRBACRoleBinding can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}{{project}}/{{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}{{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}When using thepulumi importcommand, MembershipRBACRoleBinding can be imported using one of the formats above. For example:
$ pulumi import gcp:gkehub/membershipRbacRoleBinding:MembershipRbacRoleBinding default projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}Content copied to clipboard
$ pulumi import gcp:gkehub/membershipRbacRoleBinding:MembershipRbacRoleBinding default {{project}}/{{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}Content copied to clipboard
$ pulumi import gcp:gkehub/membershipRbacRoleBinding:MembershipRbacRoleBinding default {{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}Content copied to clipboard