Membership
Example Usage
Gkehub Membership Rbac Role Binding Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const primary = new gcp.container.Cluster("primary", {
name: "basic-cluster",
location: "us-central1-a",
initialNodeCount: 1,
deletionProtection: true,
network: "default",
subnetwork: "default",
});
const membership = new gcp.gkehub.Membership("membership", {
membershipId: "tf-test-membership_34535",
endpoint: {
gkeCluster: {
resourceLink: pulumi.interpolate`//container.googleapis.com/${primary.id}`,
},
},
}, {
dependsOn: [primary],
});
const project = gcp.organizations.getProject({});
const membershipRbacRoleBinding = new gcp.gkehub.MembershipRbacRoleBinding("membership_rbac_role_binding", {
membershipRbacRoleBindingId: "tf-test-membership-rbac-role-binding_22375",
membershipId: membership.membershipId,
user: project.then(project => `service-${project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com`),
role: {
predefinedRole: "ANTHOS_SUPPORT",
},
location: "global",
}, {
dependsOn: [membership],
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
primary = gcp.container.Cluster("primary",
name="basic-cluster",
location="us-central1-a",
initial_node_count=1,
deletion_protection=True,
network="default",
subnetwork="default")
membership = gcp.gkehub.Membership("membership",
membership_id="tf-test-membership_34535",
endpoint={
"gke_cluster": {
"resource_link": primary.id.apply(lambda id: f"//container.googleapis.com/{id}"),
},
},
opts = pulumi.ResourceOptions(depends_on=[primary]))
project = gcp.organizations.get_project()
membership_rbac_role_binding = gcp.gkehub.MembershipRbacRoleBinding("membership_rbac_role_binding",
membership_rbac_role_binding_id="tf-test-membership-rbac-role-binding_22375",
membership_id=membership.membership_id,
user=f"service-{project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com",
role={
"predefined_role": "ANTHOS_SUPPORT",
},
location="global",
opts = pulumi.ResourceOptions(depends_on=[membership]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var primary = new Gcp.Container.Cluster("primary", new()
{
Name = "basic-cluster",
Location = "us-central1-a",
InitialNodeCount = 1,
DeletionProtection = true,
Network = "default",
Subnetwork = "default",
});
var membership = new Gcp.GkeHub.Membership("membership", new()
{
MembershipId = "tf-test-membership_34535",
Endpoint = new Gcp.GkeHub.Inputs.MembershipEndpointArgs
{
GkeCluster = new Gcp.GkeHub.Inputs.MembershipEndpointGkeClusterArgs
{
ResourceLink = primary.Id.Apply(id => $"//container.googleapis.com/{id}"),
},
},
}, new CustomResourceOptions
{
DependsOn =
{
primary,
},
});
var project = Gcp.Organizations.GetProject.Invoke();
var membershipRbacRoleBinding = new Gcp.GkeHub.MembershipRbacRoleBinding("membership_rbac_role_binding", new()
{
MembershipRbacRoleBindingId = "tf-test-membership-rbac-role-binding_22375",
MembershipId = membership.MembershipId,
User = $"service-{project.Apply(getProjectResult => getProjectResult.Number)}@gcp-sa-anthossupport.iam.gserviceaccount.com",
Role = new Gcp.GkeHub.Inputs.MembershipRbacRoleBindingRoleArgs
{
PredefinedRole = "ANTHOS_SUPPORT",
},
Location = "global",
}, new CustomResourceOptions
{
DependsOn =
{
membership,
},
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/container"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/gkehub"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
primary, err := container.NewCluster(ctx, "primary", &container.ClusterArgs{
Name: pulumi.String("basic-cluster"),
Location: pulumi.String("us-central1-a"),
InitialNodeCount: pulumi.Int(1),
DeletionProtection: pulumi.Bool(true),
Network: pulumi.String("default"),
Subnetwork: pulumi.String("default"),
})
if err != nil {
return err
}
membership, err := gkehub.NewMembership(ctx, "membership", &gkehub.MembershipArgs{
MembershipId: pulumi.String("tf-test-membership_34535"),
Endpoint: &gkehub.MembershipEndpointArgs{
GkeCluster: &gkehub.MembershipEndpointGkeClusterArgs{
ResourceLink: primary.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("//container.googleapis.com/%v", id), nil
}).(pulumi.StringOutput),
},
},
}, pulumi.DependsOn([]pulumi.Resource{
primary,
}))
if err != nil {
return err
}
project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
if err != nil {
return err
}
_, err = gkehub.NewMembershipRbacRoleBinding(ctx, "membership_rbac_role_binding", &gkehub.MembershipRbacRoleBindingArgs{
MembershipRbacRoleBindingId: pulumi.String("tf-test-membership-rbac-role-binding_22375"),
MembershipId: membership.MembershipId,
User: pulumi.Sprintf("service-%v@gcp-sa-anthossupport.iam.gserviceaccount.com", project.Number),
Role: &gkehub.MembershipRbacRoleBindingRoleArgs{
PredefinedRole: pulumi.String("ANTHOS_SUPPORT"),
},
Location: pulumi.String("global"),
}, pulumi.DependsOn([]pulumi.Resource{
membership,
}))
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.container.Cluster;
import com.pulumi.gcp.container.ClusterArgs;
import com.pulumi.gcp.gkehub.Membership;
import com.pulumi.gcp.gkehub.MembershipArgs;
import com.pulumi.gcp.gkehub.inputs.MembershipEndpointArgs;
import com.pulumi.gcp.gkehub.inputs.MembershipEndpointGkeClusterArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.gkehub.MembershipRbacRoleBinding;
import com.pulumi.gcp.gkehub.MembershipRbacRoleBindingArgs;
import com.pulumi.gcp.gkehub.inputs.MembershipRbacRoleBindingRoleArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var primary = new Cluster("primary", ClusterArgs.builder()
.name("basic-cluster")
.location("us-central1-a")
.initialNodeCount(1)
.deletionProtection(true)
.network("default")
.subnetwork("default")
.build());
var membership = new Membership("membership", MembershipArgs.builder()
.membershipId("tf-test-membership_34535")
.endpoint(MembershipEndpointArgs.builder()
.gkeCluster(MembershipEndpointGkeClusterArgs.builder()
.resourceLink(primary.id().applyValue(_id -> String.format("//container.googleapis.com/%s", _id)))
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(primary)
.build());
final var project = OrganizationsFunctions.getProject(GetProjectArgs.builder()
.build());
var membershipRbacRoleBinding = new MembershipRbacRoleBinding("membershipRbacRoleBinding", MembershipRbacRoleBindingArgs.builder()
.membershipRbacRoleBindingId("tf-test-membership-rbac-role-binding_22375")
.membershipId(membership.membershipId())
.user(String.format("service-%s@gcp-sa-anthossupport.iam.gserviceaccount.com", project.number()))
.role(MembershipRbacRoleBindingRoleArgs.builder()
.predefinedRole("ANTHOS_SUPPORT")
.build())
.location("global")
.build(), CustomResourceOptions.builder()
.dependsOn(membership)
.build());
}
}Content copied to clipboard
resources:
primary:
type: gcp:container:Cluster
properties:
name: basic-cluster
location: us-central1-a
initialNodeCount: 1
deletionProtection: true
network: default
subnetwork: default
membership:
type: gcp:gkehub:Membership
properties:
membershipId: tf-test-membership_34535
endpoint:
gkeCluster:
resourceLink: //container.googleapis.com/${primary.id}
options:
dependsOn:
- ${primary}
membershipRbacRoleBinding:
type: gcp:gkehub:MembershipRbacRoleBinding
name: membership_rbac_role_binding
properties:
membershipRbacRoleBindingId: tf-test-membership-rbac-role-binding_22375
membershipId: ${membership.membershipId}
user: service-${project.number}@gcp-sa-anthossupport.iam.gserviceaccount.com
role:
predefinedRole: ANTHOS_SUPPORT
location: global
options:
dependsOn:
- ${membership}
variables:
project:
fn::invoke:
function: gcp:organizations:getProject
arguments: {}Content copied to clipboard
Import
MembershipRBACRoleBinding can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}{{project}}/{{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}{{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}When using thepulumi importcommand, MembershipRBACRoleBinding can be imported using one of the formats above. For example:
$ pulumi import gcp:gkehub/membershipRbacRoleBinding:MembershipRbacRoleBinding default projects/{{project}}/locations/{{location}}/memberships/{{membership_id}}/rbacrolebindings/{{membership_rbac_role_binding_id}}Content copied to clipboard
$ pulumi import gcp:gkehub/membershipRbacRoleBinding:MembershipRbacRoleBinding default {{project}}/{{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}Content copied to clipboard
$ pulumi import gcp:gkehub/membershipRbacRoleBinding:MembershipRbacRoleBinding default {{location}}/{{membership_id}}/{{membership_rbac_role_binding_id}}Content copied to clipboard
Properties
Link copied to clipboard
Time the RBAC Role Binding was created in UTC.
Link copied to clipboard
Time the RBAC Role Binding was deleted in UTC.
Link copied to clipboard
Id of the membership
Link copied to clipboard
The client-provided identifier of the RBAC Role Binding.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Role to bind to the principal. Structure is documented below.
Link copied to clipboard
State of the RBAC Role Binding resource. Structure is documented below.
Link copied to clipboard
Time the RBAC Role Binding was updated in UTC.