Class IAMMember
Allows creation and management of a single member for a single binding within the IAM policy for an existing Google Cloud Platform folder.
Note: This resource must not be used in conjunction with
gcp.folder.IAMPolicyor they will fight over what your policy should be. Similarly, roles controlled bygcp.folder.IAMBindingshould not be assigned to usinggcp.folder.IAMMember.
Example Usage
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var department1 = new Gcp.Organizations.Folder("department1", new Gcp.Organizations.FolderArgs
{
DisplayName = "Department 1",
Parent = "organizations/1234567",
});
var admin = new Gcp.Folder.IAMMember("admin", new Gcp.Folder.IAMMemberArgs
{
Folder = department1.Name,
Role = "roles/editor",
Member = "user:alice@gmail.com",
});
}
}
Inherited Members
Namespace: Pulumi.Gcp.Folder
Assembly: Pulumi.Gcp.dll
Syntax
public class IAMMember : CustomResourceConstructors
View SourceIAMMember(String, IAMMemberArgs, CustomResourceOptions)
Create a IAMMember resource with the given unique name, arguments, and options.
Declaration
public IAMMember(string name, IAMMemberArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| IAMMemberArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceCondition
Declaration
public Output<IAMMemberCondition> Condition { get; }Property Value
| Type | Description |
|---|---|
| Output<IAMMemberCondition> |
Etag
(Computed) The etag of the folder's IAM policy.
Declaration
public Output<string> Etag { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Folder
The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
Declaration
public Output<string> Folder { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Member
The identity that will be granted the privilege in the role. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
This field can have one of the following values:
- user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
- serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
- group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
- domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
Declaration
public Output<string> Member { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Role
The role that should be applied. Note that custom roles must be of the format
[projects|organizations]/{parent-name}/roles/{role-name}.
Declaration
public Output<string> Role { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Methods
View SourceGet(String, Input<String>, IAMMemberState, CustomResourceOptions)
Get an existing IAMMember resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static IAMMember Get(string name, Input<string> id, IAMMemberState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| IAMMemberState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| IAMMember |