pulumi-gcp-kotlin/com.pulumi.gcp.iam.kotlin/OauthClientCredential

OauthClientCredential

class OauthClientCredential : KotlinCustomResource

Represents an OAuth Client Credential. Used to authenticate an OAuth Client while accessing Google Cloud resources on behalf of a Workforce Identity Federation user by using OAuth 2.0 Protocol. To get more information about OauthClientCredential, see:

Example Usage

Iam Oauth Client Credential Full

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const oauthClient = new gcp.iam.OauthClient("oauth_client", {
    oauthClientId: "example-client-id",
    location: "global",
    allowedGrantTypes: ["AUTHORIZATION_CODE_GRANT"],
    allowedRedirectUris: ["https://www.example.com"],
    allowedScopes: ["https://www.googleapis.com/auth/cloud-platform"],
    clientType: "CONFIDENTIAL_CLIENT",
});
const example = new gcp.iam.OauthClientCredential("example", {
    oauthclient: oauthClient.oauthClientId,
    location: oauthClient.location,
    oauthClientCredentialId: "cred-id",
    disabled: true,
    displayName: "Display Name of credential",
});
Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
oauth_client = gcp.iam.OauthClient("oauth_client",
    oauth_client_id="example-client-id",
    location="global",
    allowed_grant_types=["AUTHORIZATION_CODE_GRANT"],
    allowed_redirect_uris=["https://www.example.com"],
    allowed_scopes=["https://www.googleapis.com/auth/cloud-platform"],
    client_type="CONFIDENTIAL_CLIENT")
example = gcp.iam.OauthClientCredential("example",
    oauthclient=oauth_client.oauth_client_id,
    location=oauth_client.location,
    oauth_client_credential_id="cred-id",
    disabled=True,
    display_name="Display Name of credential")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
    var oauthClient = new Gcp.Iam.OauthClient("oauth_client", new()
    {
        OauthClientId = "example-client-id",
        Location = "global",
        AllowedGrantTypes = new[]
        {
            "AUTHORIZATION_CODE_GRANT",
        },
        AllowedRedirectUris = new[]
        {
            "https://www.example.com",
        },
        AllowedScopes = new[]
        {
            "https://www.googleapis.com/auth/cloud-platform",
        },
        ClientType = "CONFIDENTIAL_CLIENT",
    });
    var example = new Gcp.Iam.OauthClientCredential("example", new()
    {
        Oauthclient = oauthClient.OauthClientId,
        Location = oauthClient.Location,
        OauthClientCredentialId = "cred-id",
        Disabled = true,
        DisplayName = "Display Name of credential",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/iam"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		oauthClient, err := iam.NewOauthClient(ctx, "oauth_client", &iam.OauthClientArgs{
			OauthClientId: pulumi.String("example-client-id"),
			Location:      pulumi.String("global"),
			AllowedGrantTypes: pulumi.StringArray{
				pulumi.String("AUTHORIZATION_CODE_GRANT"),
			},
			AllowedRedirectUris: pulumi.StringArray{
				pulumi.String("https://www.example.com"),
			},
			AllowedScopes: pulumi.StringArray{
				pulumi.String("https://www.googleapis.com/auth/cloud-platform"),
			},
			ClientType: pulumi.String("CONFIDENTIAL_CLIENT"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewOauthClientCredential(ctx, "example", &iam.OauthClientCredentialArgs{
			Oauthclient:             oauthClient.OauthClientId,
			Location:                oauthClient.Location,
			OauthClientCredentialId: pulumi.String("cred-id"),
			Disabled:                pulumi.Bool(true),
			DisplayName:             pulumi.String("Display Name of credential"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.iam.OauthClient;
import com.pulumi.gcp.iam.OauthClientArgs;
import com.pulumi.gcp.iam.OauthClientCredential;
import com.pulumi.gcp.iam.OauthClientCredentialArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var oauthClient = new OauthClient("oauthClient", OauthClientArgs.builder()
            .oauthClientId("example-client-id")
            .location("global")
            .allowedGrantTypes("AUTHORIZATION_CODE_GRANT")
            .allowedRedirectUris("https://www.example.com")
            .allowedScopes("https://www.googleapis.com/auth/cloud-platform")
            .clientType("CONFIDENTIAL_CLIENT")
            .build());
        var example = new OauthClientCredential("example", OauthClientCredentialArgs.builder()
            .oauthclient(oauthClient.oauthClientId())
            .location(oauthClient.location())
            .oauthClientCredentialId("cred-id")
            .disabled(true)
            .displayName("Display Name of credential")
            .build());
    }
}
Content copied to clipboard
resources:
  oauthClient:
    type: gcp:iam:OauthClient
    name: oauth_client
    properties:
      oauthClientId: example-client-id
      location: global
      allowedGrantTypes:
        - AUTHORIZATION_CODE_GRANT
      allowedRedirectUris:
        - https://www.example.com
      allowedScopes:
        - https://www.googleapis.com/auth/cloud-platform
      clientType: CONFIDENTIAL_CLIENT
  example:
    type: gcp:iam:OauthClientCredential
    properties:
      oauthclient: ${oauthClient.oauthClientId}
      location: ${oauthClient.location}
      oauthClientCredentialId: cred-id
      disabled: true
      displayName: Display Name of credential
Content copied to clipboard

Import

OauthClientCredential can be imported using any of these accepted formats:

  • projects/{{project}}/locations/{{location}}/oauthClients/{{oauthclient}}/credentials/{{oauth_client_credential_id}}

  • {{project}}/{{location}}/{{oauthclient}}/{{oauth_client_credential_id}}

  • {{location}}/{{oauthclient}}/{{oauth_client_credential_id}} When using the pulumi import command, OauthClientCredential can be imported using one of the formats above. For example:

$ pulumi import gcp:iam/oauthClientCredential:OauthClientCredential default projects/{{project}}/locations/{{location}}/oauthClients/{{oauthclient}}/credentials/{{oauth_client_credential_id}}
Content copied to clipboard
$ pulumi import gcp:iam/oauthClientCredential:OauthClientCredential default {{project}}/{{location}}/{{oauthclient}}/{{oauth_client_credential_id}}
Content copied to clipboard
$ pulumi import gcp:iam/oauthClientCredential:OauthClientCredential default {{location}}/{{oauthclient}}/{{oauth_client_credential_id}}
Content copied to clipboard

Properties

Link copied to clipboard
val clientSecret: Output<String>

The system-generated OAuth client secret. The client secret must be stored securely. If the client secret is leaked, you must delete and re-create the client credential. To learn more, see [OAuth client and credential security risks and

Link copied to clipboard
val disabled: Output<Boolean>?

Whether the OauthClientCredential is disabled. You cannot use a disabled OauthClientCredential.

Link copied to clipboard
val displayName: Output<String>?

A user-specified display name of the OauthClientCredential. Cannot exceed 32 characters.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val location: Output<String>

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

Link copied to clipboard
val name: Output<String>

Immutable. Identifier. The resource name of the OauthClientCredential. Format: projects/{project}/locations/{location}/oauthClients/{oauth_client}/credentials/{credential}

Link copied to clipboard
val oauthclient: Output<String>

Resource ID segment making up resource name. It identifies the resource within its parent collection as described in https://google.aip.dev/122.

Link copied to clipboard
val oauthClientCredentialId: Output<String>

Required. The ID to use for the OauthClientCredential, which becomes the final component of the resource name. This value should be 4-32 characters, and may contain the characters a-z0-9-. The prefix gcp- is reserved for use by Google, and may not be specified.

Link copied to clipboard
val project: Output<String>

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val urn: Output<String>