ResourcePolicyIamBinding

class ResourcePolicyIamBinding : KotlinCustomResource

Sets the access control policy on the specified resource. Replaces any existing policy.

Properties

Link copied to clipboard
val condition: Output<Condition>?

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

Link copied to clipboard
val etag: Output<String>

The etag of the resource's IAM policy.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val members: Output<List<String>>

Specifies the principals requesting access for a Google Cloud resource. members can have the following values: * allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. * allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . * serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. * serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account. For example, my-project&#46;svc&#46;id&#46;goog[my-namespace/my-kubernetes-sa]. * group:{emailid}: An email address that represents a Google group. For example, admins@example.com. * domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com. * deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. * deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. * deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding.

Link copied to clipboard
val name: Output<String>

The name of the resource to manage IAM policies for.

Link copied to clipboard
val project: Output<String>

The project in which the resource belongs. If it is not provided, a default will be supplied.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val role: Output<String>

Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner.

Link copied to clipboard
val urn: Output<String>