Namespace Pulumi.Gcp.ArtifactRegistry

Classes

Repository

A repository for storing artifacts

To get more information about Repository, see:

Example Usage - Artifact Registry Repository Basic

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var my_repo = new Gcp.ArtifactRegistry.Repository("my-repo", new Gcp.ArtifactRegistry.RepositoryArgs
    {
        Location = "us-central1",
        RepositoryId = "my-repository",
        Description = "example docker repository",
        Format = "DOCKER",
    });
}

}

Example Usage - Artifact Registry Repository Iam

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var my_repo = new Gcp.ArtifactRegistry.Repository("my-repo", new Gcp.ArtifactRegistry.RepositoryArgs
    {
        Location = "us-central1",
        RepositoryId = "my-repository",
        Description = "example docker repository with iam",
        Format = "DOCKER",
    });
    var test_account = new Gcp.ServiceAccount.Account("test-account", new Gcp.ServiceAccount.AccountArgs
    {
        AccountId = "my-account",
        DisplayName = "Test Service Account",
    });
    var test_iam = new Gcp.ArtifactRegistry.RepositoryIamMember("test-iam", new Gcp.ArtifactRegistry.RepositoryIamMemberArgs
    {
        Location = my_repo.Location,
        Repository = my_repo.Name,
        Role = "roles/artifactregistry.reader",
        Member = test_account.Email.Apply(email => $"serviceAccount:{email}"),
    });
}

}

RepositoryArgs

RepositoryIamBinding

Three different resources help you manage your IAM policy for Artifact Registry Repository. Each of these resources serves a different use case:

  • gcp.artifactregistry.RepositoryIamPolicy: Authoritative. Sets the IAM policy for the repository and replaces any existing policy already attached.
  • gcp.artifactregistry.RepositoryIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repository are preserved.
  • gcp.artifactregistry.RepositoryIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repository are preserved.

Note: gcp.artifactregistry.RepositoryIamPolicy cannot be used in conjunction with gcp.artifactregistry.RepositoryIamBinding and gcp.artifactregistry.RepositoryIamMember or they will fight over what your policy should be.

Note: gcp.artifactregistry.RepositoryIamBinding resources can be used in conjunction with gcp.artifactregistry.RepositoryIamMember resources only if they do not grant privilege to the same role.

google_artifact_registry_repository_iam_policy

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
    {
        Binding = 
        {

            {
                { "role", "roles/viewer" },
                { "members", 
                {
                    "user:jane@example.com",
                } },
            },
        },
    }));
    var policy = new Gcp.ArtifactRegistry.RepositoryIamPolicy("policy", new Gcp.ArtifactRegistry.RepositoryIamPolicyArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        PolicyData = admin.Apply(admin => admin.PolicyData),
    });
}

}

google_artifact_registry_repository_iam_binding

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var binding = new Gcp.ArtifactRegistry.RepositoryIamBinding("binding", new Gcp.ArtifactRegistry.RepositoryIamBindingArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        Role = "roles/viewer",
        Members = 
        {
            "user:jane@example.com",
        },
    });
}

}

google_artifact_registry_repository_iam_member

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var member = new Gcp.ArtifactRegistry.RepositoryIamMember("member", new Gcp.ArtifactRegistry.RepositoryIamMemberArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        Role = "roles/viewer",
        Member = "user:jane@example.com",
    });
}

}

RepositoryIamBindingArgs

RepositoryIamBindingState

RepositoryIamMember

Three different resources help you manage your IAM policy for Artifact Registry Repository. Each of these resources serves a different use case:

  • gcp.artifactregistry.RepositoryIamPolicy: Authoritative. Sets the IAM policy for the repository and replaces any existing policy already attached.
  • gcp.artifactregistry.RepositoryIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repository are preserved.
  • gcp.artifactregistry.RepositoryIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repository are preserved.

Note: gcp.artifactregistry.RepositoryIamPolicy cannot be used in conjunction with gcp.artifactregistry.RepositoryIamBinding and gcp.artifactregistry.RepositoryIamMember or they will fight over what your policy should be.

Note: gcp.artifactregistry.RepositoryIamBinding resources can be used in conjunction with gcp.artifactregistry.RepositoryIamMember resources only if they do not grant privilege to the same role.

google_artifact_registry_repository_iam_policy

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
    {
        Binding = 
        {

            {
                { "role", "roles/viewer" },
                { "members", 
                {
                    "user:jane@example.com",
                } },
            },
        },
    }));
    var policy = new Gcp.ArtifactRegistry.RepositoryIamPolicy("policy", new Gcp.ArtifactRegistry.RepositoryIamPolicyArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        PolicyData = admin.Apply(admin => admin.PolicyData),
    });
}

}

google_artifact_registry_repository_iam_binding

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var binding = new Gcp.ArtifactRegistry.RepositoryIamBinding("binding", new Gcp.ArtifactRegistry.RepositoryIamBindingArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        Role = "roles/viewer",
        Members = 
        {
            "user:jane@example.com",
        },
    });
}

}

google_artifact_registry_repository_iam_member

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var member = new Gcp.ArtifactRegistry.RepositoryIamMember("member", new Gcp.ArtifactRegistry.RepositoryIamMemberArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        Role = "roles/viewer",
        Member = "user:jane@example.com",
    });
}

}

RepositoryIamMemberArgs

RepositoryIamMemberState

RepositoryIamPolicy

Three different resources help you manage your IAM policy for Artifact Registry Repository. Each of these resources serves a different use case:

  • gcp.artifactregistry.RepositoryIamPolicy: Authoritative. Sets the IAM policy for the repository and replaces any existing policy already attached.
  • gcp.artifactregistry.RepositoryIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repository are preserved.
  • gcp.artifactregistry.RepositoryIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repository are preserved.

Note: gcp.artifactregistry.RepositoryIamPolicy cannot be used in conjunction with gcp.artifactregistry.RepositoryIamBinding and gcp.artifactregistry.RepositoryIamMember or they will fight over what your policy should be.

Note: gcp.artifactregistry.RepositoryIamBinding resources can be used in conjunction with gcp.artifactregistry.RepositoryIamMember resources only if they do not grant privilege to the same role.

google_artifact_registry_repository_iam_policy

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
    {
        Binding = 
        {

            {
                { "role", "roles/viewer" },
                { "members", 
                {
                    "user:jane@example.com",
                } },
            },
        },
    }));
    var policy = new Gcp.ArtifactRegistry.RepositoryIamPolicy("policy", new Gcp.ArtifactRegistry.RepositoryIamPolicyArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        PolicyData = admin.Apply(admin => admin.PolicyData),
    });
}

}

google_artifact_registry_repository_iam_binding

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var binding = new Gcp.ArtifactRegistry.RepositoryIamBinding("binding", new Gcp.ArtifactRegistry.RepositoryIamBindingArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        Role = "roles/viewer",
        Members = 
        {
            "user:jane@example.com",
        },
    });
}

}

google_artifact_registry_repository_iam_member

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var member = new Gcp.ArtifactRegistry.RepositoryIamMember("member", new Gcp.ArtifactRegistry.RepositoryIamMemberArgs
    {
        Project = google_artifact_registry_repository.My_repo.Project,
        Location = google_artifact_registry_repository.My_repo.Location,
        Repository = google_artifact_registry_repository.My_repo.Name,
        Role = "roles/viewer",
        Member = "user:jane@example.com",
    });
}

}

RepositoryIamPolicyArgs

RepositoryIamPolicyState

RepositoryState