pulumi-gcp-kotlin/com.pulumi.gcp.storage.kotlin/DefaultObjectAccessControlArgs

DefaultObjectAccessControlArgs

data class DefaultObjectAccessControlArgs(val bucket: Output<String>? = null, val entity: Output<String>? = null, val object: Output<String>? = null, val role: Output<String>? = null) : ConvertibleToJava<DefaultObjectAccessControlArgs>

The DefaultObjectAccessControls resources represent the Access Control Lists (ACLs) applied to a new object within a Google Cloud Storage bucket when no ACL was provided for that object. ACLs let you specify who has access to your bucket contents and to what extent. There are two roles that can be assigned to an entity: READERs can get an object, though the acl property will not be revealed. OWNERs are READERs, and they can get the acl property, update an object, and call all objectAccessControls methods on the object. The owner of an object is always an OWNER. For more information, see Access Control, with the caveat that this API uses READER and OWNER instead of READ and FULL_CONTROL. To get more information about DefaultObjectAccessControl, see:

API documentation
How-to Guides

Official Documentation

Example Usage

Storage Default Object Access Control Public

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const bucket = new gcp.storage.Bucket("bucket", {
    name: "static-content-bucket",
    location: "US",
});
const publicRule = new gcp.storage.DefaultObjectAccessControl("public_rule", {
    bucket: bucket.name,
    role: "READER",
    entity: "allUsers",
});

import pulumi
import pulumi_gcp as gcp
bucket = gcp.storage.Bucket("bucket",
    name="static-content-bucket",
    location="US")
public_rule = gcp.storage.DefaultObjectAccessControl("public_rule",
    bucket=bucket.name,
    role="READER",
    entity="allUsers")

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
    var bucket = new Gcp.Storage.Bucket("bucket", new()
    {
        Name = "static-content-bucket",
        Location = "US",
    });
    var publicRule = new Gcp.Storage.DefaultObjectAccessControl("public_rule", new()
    {
        Bucket = bucket.Name,
        Role = "READER",
        Entity = "allUsers",
    });
});

package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		bucket, err := storage.NewBucket(ctx, "bucket", &storage.BucketArgs{
			Name:     pulumi.String("static-content-bucket"),
			Location: pulumi.String("US"),
		})
		if err != nil {
			return err
		}
		_, err = storage.NewDefaultObjectAccessControl(ctx, "public_rule", &storage.DefaultObjectAccessControlArgs{
			Bucket: bucket.Name,
			Role:   pulumi.String("READER"),
			Entity: pulumi.String("allUsers"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.storage.DefaultObjectAccessControl;
import com.pulumi.gcp.storage.DefaultObjectAccessControlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var bucket = new Bucket("bucket", BucketArgs.builder()
            .name("static-content-bucket")
            .location("US")
            .build());
        var publicRule = new DefaultObjectAccessControl("publicRule", DefaultObjectAccessControlArgs.builder()
            .bucket(bucket.name())
            .role("READER")
            .entity("allUsers")
            .build());
    }
}

resources:
  publicRule:
    type: gcp:storage:DefaultObjectAccessControl
    name: public_rule
    properties:
      bucket: ${bucket.name}
      role: READER
      entity: allUsers
  bucket:
    type: gcp:storage:Bucket
    properties:
      name: static-content-bucket
      location: US

Import

DefaultObjectAccessControl can be imported using any of these accepted formats:

{{bucket}}/{{entity}} When using the pulumi import command, DefaultObjectAccessControl can be imported using one of the formats above. For example:

$ pulumi import gcp:storage/defaultObjectAccessControl:DefaultObjectAccessControl default {{bucket}}/{{entity}}

Constructors

DefaultObjectAccessControlArgs

constructor(bucket: Output<String>? = null, entity: Output<String>? = null, object: Output<String>? = null, role: Output<String>? = null)

Properties

bucket

val bucket: Output<String>? = null

The name of the bucket.

entity

val entity: Output<String>? = null

The entity holding the permission, in one of the following forms:

object

val object: Output<String>? = null

The name of the object, if applied to an object.

role

val role: Output<String>? = null

The access permission for the entity. Possible values are: OWNER, READER.

Functions

toJava

open override fun toJava(): DefaultObjectAccessControlArgs