Namespace Pulumi.Gcp.Endpoints

Classes

Service

This resource creates and rolls out a Cloud Endpoints service using OpenAPI or gRPC. View the relevant docs for OpenAPI and gRPC.

ServiceArgs

ServiceIamBinding

Three different resources help you manage your IAM policy for Cloud Endpoints Service. Each of these resources serves a different use case:

  • gcp.endpoints.ServiceIamPolicy: Authoritative. Sets the IAM policy for the service and replaces any existing policy already attached.
  • gcp.endpoints.ServiceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the service are preserved.
  • gcp.endpoints.ServiceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the service are preserved.

Note: gcp.endpoints.ServiceIamPolicy cannot be used in conjunction with gcp.endpoints.ServiceIamBinding and gcp.endpoints.ServiceIamMember or they will fight over what your policy should be.

Note: gcp.endpoints.ServiceIamBinding resources can be used in conjunction with gcp.endpoints.ServiceIamMember resources only if they do not grant privilege to the same role.

google_endpoints_service_iam_policy

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
    {
        Binding = 
        {

            {
                { "role", "roles/viewer" },
                { "members", 
                {
                    "user:jane@example.com",
                } },
            },
        },
    }));
    var policy = new Gcp.Endpoints.ServiceIamPolicy("policy", new Gcp.Endpoints.ServiceIamPolicyArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        PolicyData = admin.Apply(admin => admin.PolicyData),
    });
}

}

google_endpoints_service_iam_binding

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var binding = new Gcp.Endpoints.ServiceIamBinding("binding", new Gcp.Endpoints.ServiceIamBindingArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        Role = "roles/viewer",
        Members = 
        {
            "user:jane@example.com",
        },
    });
}

}

google_endpoints_service_iam_member

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var member = new Gcp.Endpoints.ServiceIamMember("member", new Gcp.Endpoints.ServiceIamMemberArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        Role = "roles/viewer",
        Member = "user:jane@example.com",
    });
}

}

ServiceIamBindingArgs

ServiceIamBindingState

ServiceIamMember

Three different resources help you manage your IAM policy for Cloud Endpoints Service. Each of these resources serves a different use case:

  • gcp.endpoints.ServiceIamPolicy: Authoritative. Sets the IAM policy for the service and replaces any existing policy already attached.
  • gcp.endpoints.ServiceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the service are preserved.
  • gcp.endpoints.ServiceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the service are preserved.

Note: gcp.endpoints.ServiceIamPolicy cannot be used in conjunction with gcp.endpoints.ServiceIamBinding and gcp.endpoints.ServiceIamMember or they will fight over what your policy should be.

Note: gcp.endpoints.ServiceIamBinding resources can be used in conjunction with gcp.endpoints.ServiceIamMember resources only if they do not grant privilege to the same role.

google_endpoints_service_iam_policy

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
    {
        Binding = 
        {

            {
                { "role", "roles/viewer" },
                { "members", 
                {
                    "user:jane@example.com",
                } },
            },
        },
    }));
    var policy = new Gcp.Endpoints.ServiceIamPolicy("policy", new Gcp.Endpoints.ServiceIamPolicyArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        PolicyData = admin.Apply(admin => admin.PolicyData),
    });
}

}

google_endpoints_service_iam_binding

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var binding = new Gcp.Endpoints.ServiceIamBinding("binding", new Gcp.Endpoints.ServiceIamBindingArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        Role = "roles/viewer",
        Members = 
        {
            "user:jane@example.com",
        },
    });
}

}

google_endpoints_service_iam_member

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var member = new Gcp.Endpoints.ServiceIamMember("member", new Gcp.Endpoints.ServiceIamMemberArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        Role = "roles/viewer",
        Member = "user:jane@example.com",
    });
}

}

ServiceIamMemberArgs

ServiceIamMemberState

ServiceIamPolicy

Three different resources help you manage your IAM policy for Cloud Endpoints Service. Each of these resources serves a different use case:

  • gcp.endpoints.ServiceIamPolicy: Authoritative. Sets the IAM policy for the service and replaces any existing policy already attached.
  • gcp.endpoints.ServiceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the service are preserved.
  • gcp.endpoints.ServiceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the service are preserved.

Note: gcp.endpoints.ServiceIamPolicy cannot be used in conjunction with gcp.endpoints.ServiceIamBinding and gcp.endpoints.ServiceIamMember or they will fight over what your policy should be.

Note: gcp.endpoints.ServiceIamBinding resources can be used in conjunction with gcp.endpoints.ServiceIamMember resources only if they do not grant privilege to the same role.

google_endpoints_service_iam_policy

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
    {
        Binding = 
        {

            {
                { "role", "roles/viewer" },
                { "members", 
                {
                    "user:jane@example.com",
                } },
            },
        },
    }));
    var policy = new Gcp.Endpoints.ServiceIamPolicy("policy", new Gcp.Endpoints.ServiceIamPolicyArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        PolicyData = admin.Apply(admin => admin.PolicyData),
    });
}

}

google_endpoints_service_iam_binding

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var binding = new Gcp.Endpoints.ServiceIamBinding("binding", new Gcp.Endpoints.ServiceIamBindingArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        Role = "roles/viewer",
        Members = 
        {
            "user:jane@example.com",
        },
    });
}

}

google_endpoints_service_iam_member

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var member = new Gcp.Endpoints.ServiceIamMember("member", new Gcp.Endpoints.ServiceIamMemberArgs
    {
        ServiceName = google_endpoints_service.Endpoints_service.Service_name,
        Role = "roles/viewer",
        Member = "user:jane@example.com",
    });
}

}

ServiceIamPolicyArgs

ServiceIamPolicyState

ServiceState