Class IamAuditConfig

Allows management of audit logging config for a given service for a Google Cloud Platform Organization.

Example Usage

using Pulumi;
using Gcp = Pulumi.Gcp;

class MyStack : Stack
{
public MyStack()
{
    var config = new Gcp.Organizations.IamAuditConfig("config", new Gcp.Organizations.IamAuditConfigArgs
    {
        AuditLogConfigs = 
        {
            new Gcp.Organizations.Inputs.IamAuditConfigAuditLogConfigArgs
            {
                ExemptedMembers = 
                {
                    "user:joebloggs@hashicorp.com",
                },
                LogType = "DATA_READ",
            },
        },
        OrgId = "your-organization-id",
        Service = "allServices",
    });
}

}
Inheritance
System.Object
Resource
CustomResource
IamAuditConfig
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Gcp.Organizations
Assembly: Pulumi.Gcp.dll
Syntax
public class IamAuditConfig : CustomResource

Constructors

View Source

IamAuditConfig(String, IamAuditConfigArgs, CustomResourceOptions)

Create a IamAuditConfig resource with the given unique name, arguments, and options.

Declaration
public IamAuditConfig(string name, IamAuditConfigArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
IamAuditConfigArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

AuditLogConfigs

The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below.

Declaration
public Output<ImmutableArray<IamAuditConfigAuditLogConfig>> AuditLogConfigs { get; }
Property Value
Type Description
Output<System.Collections.Immutable.ImmutableArray<IamAuditConfigAuditLogConfig>>
View Source

Etag

Declaration
public Output<string> Etag { get; }
Property Value
Type Description
Output<System.String>
View Source

OrgId

The numeric ID of the organization in which you want to manage the audit logging config.

Declaration
public Output<string> OrgId { get; }
Property Value
Type Description
Output<System.String>
View Source

Service

Service which will be enabled for audit logging. The special value allServices covers all services. Note that if there are google_organization_iam_audit_config resources covering both allServices and a specific service then the union of the two AuditConfigs is used for that service: the log_types specified in each audit_log_config are enabled, and the exempted_members in each audit_log_config are exempted.

Declaration
public Output<string> Service { get; }
Property Value
Type Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, IamAuditConfigState, CustomResourceOptions)

Get an existing IamAuditConfig resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static IamAuditConfig Get(string name, Input<string> id, IamAuditConfigState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
IamAuditConfigState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
IamAuditConfig