pulumi-google-native-kotlin/com.pulumi.googlenative.iam.v1.kotlin.outputs

Package-level declarations

Types

Link copied to clipboard
data class AuditConfigResponse(val auditLogConfigs: List<AuditLogConfigResponse>, val service: String)

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": "user:aliya@example.com" } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.

Link copied to clipboard
data class AuditLogConfigResponse(val exemptedMembers: List<String>, val logType: String)

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": "user:jose@example.com" }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

Link copied to clipboard
data class AwsResponse(val accountId: String)

Represents an Amazon Web Services identity provider.

Link copied to clipboard
data class BindingResponse(val condition: ExprResponse, val members: List<String>, val role: String)

Associates members, or principals, with a role.

Link copied to clipboard
data class Condition(val description: String? = null, val expression: String, val title: String)

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

Link copied to clipboard
data class ExprResponse(val description: String, val expression: String, val location: String, val title: String)

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

Link copied to clipboard
data class GetKeyResult(val disabled: Boolean, val keyAlgorithm: String, val keyOrigin: String, val keyType: String, val name: String, val privateKeyData: String, val privateKeyType: String, val publicKeyData: String, val validAfterTime: String, val validBeforeTime: String)
Link copied to clipboard
data class GetOrganizationRoleResult(val deleted: Boolean, val description: String, val etag: String, val includedPermissions: List<String>, val name: String, val stage: String, val title: String)
Link copied to clipboard
data class GetProviderResult(val attributeCondition: String, val attributeMapping: Map<String, String>, val aws: AwsResponse, val description: String, val disabled: Boolean, val displayName: String, val name: String, val oidc: OidcResponse, val saml: SamlResponse, val state: String)
Link copied to clipboard
data class GetRoleResult(val deleted: Boolean, val description: String, val etag: String, val includedPermissions: List<String>, val name: String, val stage: String, val title: String)
Link copied to clipboard
data class GetServiceAccountIamPolicyResult(val auditConfigs: List<AuditConfigResponse>, val bindings: List<BindingResponse>, val etag: String, val version: Int)
Link copied to clipboard
data class GetServiceAccountResult(val description: String, val disabled: Boolean, val displayName: String, val email: String, val etag: String, val name: String, val oauth2ClientId: String, val project: String, val uniqueId: String)
Link copied to clipboard
data class GetWorkforcePoolIamPolicyResult(val auditConfigs: List<AuditConfigResponse>, val bindings: List<BindingResponse>, val etag: String, val version: Int)
Link copied to clipboard
data class GetWorkforcePoolKeyResult(val expireTime: String, val keyData: KeyDataResponse, val name: String, val state: String, val use: String)
Link copied to clipboard
data class GetWorkforcePoolProviderResult(val attributeCondition: String, val attributeMapping: Map<String, String>, val description: String, val disabled: Boolean, val displayName: String, val name: String, val oidc: GoogleIamAdminV1WorkforcePoolProviderOidcResponse, val saml: GoogleIamAdminV1WorkforcePoolProviderSamlResponse, val state: String)
Link copied to clipboard
data class GetWorkforcePoolResult(val description: String, val disabled: Boolean, val displayName: String, val name: String, val parent: String, val sessionDuration: String, val state: String)
Link copied to clipboard
data class GetWorkloadIdentityPoolKeyResult(val expireTime: String, val keyData: KeyDataResponse, val name: String, val state: String, val use: String)
Link copied to clipboard
data class GetWorkloadIdentityPoolResult(val description: String, val disabled: Boolean, val displayName: String, val name: String, val state: String)
data class GoogleIamAdminV1WorkforcePoolProviderOidcResponse(val clientId: String, val issuerUri: String, val webSsoConfig: GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigResponse)

Represents an OpenId Connect 1.0 identity provider.

data class GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigResponse(val assertionClaimsBehavior: String, val responseType: String)

Configuration for web single sign-on for the OIDC provider.

data class GoogleIamAdminV1WorkforcePoolProviderSamlResponse(val idpMetadataXml: String)

Represents a SAML identity provider.

Link copied to clipboard
data class KeyDataResponse(val format: String, val key: String, val keySpec: String, val notAfterTime: String, val notBeforeTime: String)

Represents a public key data along with its format.

Link copied to clipboard
data class OidcResponse(val allowedAudiences: List<String>, val issuerUri: String)

Represents an OpenId Connect 1.0 identity provider.

Link copied to clipboard
data class SamlResponse(val idpMetadataXml: String)

Represents an SAML 2.0 identity provider.