Namespace Pulumi.Gcp.Projects
Classes
GetOrganizationPolicy
GetOrganizationPolicyArgs
GetOrganizationPolicyResult
GetProject
GetProjectArgs
GetProjectResult
IAMAuditConfig
Four different resources help you manage your IAM policy for a project. Each of these resources serves a different use case:
gcp.projects.IAMPolicy: Authoritative. Sets the IAM policy for the project and replaces any existing policy already attached.gcp.projects.IAMBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the project are preserved.gcp.projects.IAMMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the project are preserved.gcp.projects.IAMAuditConfig: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.
Note:
gcp.projects.IAMPolicycannot be used in conjunction withgcp.projects.IAMBinding,gcp.projects.IAMMember, orgcp.projects.IAMAuditConfigor they will fight over what your policy should be.
Note:
gcp.projects.IAMBindingresources can be used in conjunction withgcp.projects.IAMMemberresources only if they do not grant privilege to the same role.
google_project_iam_policy
Be careful! You can accidentally lock yourself out of your project using this resource. Deleting a
gcp.projects.IAMPolicyremoves access from anyone without organization-level access to the project. Proceed with caution. It's not recommended to usegcp.projects.IAMPolicywith your provider project to avoid locking yourself out, and it should generally only be used with projects fully managed by this provider. If you do use this resource, it is recommended to import the policy before applying the change.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Binding =
{
{
{ "role", "roles/editor" },
{ "members",
{
"user:jane@example.com",
} },
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
Project = "your-project-id",
PolicyData = admin.Apply(admin => admin.PolicyData),
});
}
}
With IAM Conditions):
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Bindings =
{
new Gcp.Organizations.Inputs.GetIAMPolicyBindingArgs
{
Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Role = "roles/editor",
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
PolicyData = admin.Apply(admin => admin.PolicyData),
Project = "your-project-id",
});
}
}
google_project_iam_binding
Note: If
roleis set toroles/ownerand you don't specify a user or service account you have access to inmembers, you can lock yourself out of your project.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Condition = new Gcp.Projects.Inputs.IAMBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_member
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Condition = new Gcp.Projects.Inputs.IAMMemberConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_audit_config
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMAuditConfig("project", new Gcp.Projects.IAMAuditConfigArgs
{
AuditLogConfigs =
{
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
LogType = "ADMIN_READ",
},
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
ExemptedMembers =
{
"user:joebloggs@hashicorp.com",
},
LogType = "DATA_READ",
},
},
Project = "your-project-id",
Service = "allServices",
});
}
}
IAMAuditConfigArgs
IAMAuditConfigState
IAMBinding
Four different resources help you manage your IAM policy for a project. Each of these resources serves a different use case:
gcp.projects.IAMPolicy: Authoritative. Sets the IAM policy for the project and replaces any existing policy already attached.gcp.projects.IAMBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the project are preserved.gcp.projects.IAMMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the project are preserved.gcp.projects.IAMAuditConfig: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.
Note:
gcp.projects.IAMPolicycannot be used in conjunction withgcp.projects.IAMBinding,gcp.projects.IAMMember, orgcp.projects.IAMAuditConfigor they will fight over what your policy should be.
Note:
gcp.projects.IAMBindingresources can be used in conjunction withgcp.projects.IAMMemberresources only if they do not grant privilege to the same role.
google_project_iam_policy
Be careful! You can accidentally lock yourself out of your project using this resource. Deleting a
gcp.projects.IAMPolicyremoves access from anyone without organization-level access to the project. Proceed with caution. It's not recommended to usegcp.projects.IAMPolicywith your provider project to avoid locking yourself out, and it should generally only be used with projects fully managed by this provider. If you do use this resource, it is recommended to import the policy before applying the change.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Binding =
{
{
{ "role", "roles/editor" },
{ "members",
{
"user:jane@example.com",
} },
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
Project = "your-project-id",
PolicyData = admin.Apply(admin => admin.PolicyData),
});
}
}
With IAM Conditions):
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Bindings =
{
new Gcp.Organizations.Inputs.GetIAMPolicyBindingArgs
{
Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Role = "roles/editor",
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
PolicyData = admin.Apply(admin => admin.PolicyData),
Project = "your-project-id",
});
}
}
google_project_iam_binding
Note: If
roleis set toroles/ownerand you don't specify a user or service account you have access to inmembers, you can lock yourself out of your project.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Condition = new Gcp.Projects.Inputs.IAMBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_member
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Condition = new Gcp.Projects.Inputs.IAMMemberConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_audit_config
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMAuditConfig("project", new Gcp.Projects.IAMAuditConfigArgs
{
AuditLogConfigs =
{
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
LogType = "ADMIN_READ",
},
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
ExemptedMembers =
{
"user:joebloggs@hashicorp.com",
},
LogType = "DATA_READ",
},
},
Project = "your-project-id",
Service = "allServices",
});
}
}
IAMBindingArgs
IAMBindingState
IAMCustomRole
Allows management of a customized Cloud IAM project role. For more information see the official documentation and API.
Warning: Note that custom roles in GCP have the concept of a soft-delete. There are two issues that may arise from this and how roles are propagated. 1) creating a role may involve undeleting and then updating a role with the same name, possibly causing confusing behavior between undelete and update. 2) A deleted role is permanently deleted after 7 days, but it can take up to 30 more days (i.e. between 7 and 37 days after deletion) before the role name is made available again. This means a deleted role that has been deleted for more than 7 days cannot be changed at all by the provider, and new roles cannot share that name.
Example Usage
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var my_custom_role = new Gcp.Projects.IAMCustomRole("my-custom-role", new Gcp.Projects.IAMCustomRoleArgs
{
Description = "A description",
Permissions =
{
"iam.roles.list",
"iam.roles.create",
"iam.roles.delete",
},
RoleId = "myCustomRole",
Title = "My Custom Role",
});
}
}
IAMCustomRoleArgs
IAMCustomRoleState
IAMMember
Four different resources help you manage your IAM policy for a project. Each of these resources serves a different use case:
gcp.projects.IAMPolicy: Authoritative. Sets the IAM policy for the project and replaces any existing policy already attached.gcp.projects.IAMBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the project are preserved.gcp.projects.IAMMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the project are preserved.gcp.projects.IAMAuditConfig: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.
Note:
gcp.projects.IAMPolicycannot be used in conjunction withgcp.projects.IAMBinding,gcp.projects.IAMMember, orgcp.projects.IAMAuditConfigor they will fight over what your policy should be.
Note:
gcp.projects.IAMBindingresources can be used in conjunction withgcp.projects.IAMMemberresources only if they do not grant privilege to the same role.
google_project_iam_policy
Be careful! You can accidentally lock yourself out of your project using this resource. Deleting a
gcp.projects.IAMPolicyremoves access from anyone without organization-level access to the project. Proceed with caution. It's not recommended to usegcp.projects.IAMPolicywith your provider project to avoid locking yourself out, and it should generally only be used with projects fully managed by this provider. If you do use this resource, it is recommended to import the policy before applying the change.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Binding =
{
{
{ "role", "roles/editor" },
{ "members",
{
"user:jane@example.com",
} },
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
Project = "your-project-id",
PolicyData = admin.Apply(admin => admin.PolicyData),
});
}
}
With IAM Conditions):
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Bindings =
{
new Gcp.Organizations.Inputs.GetIAMPolicyBindingArgs
{
Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Role = "roles/editor",
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
PolicyData = admin.Apply(admin => admin.PolicyData),
Project = "your-project-id",
});
}
}
google_project_iam_binding
Note: If
roleis set toroles/ownerand you don't specify a user or service account you have access to inmembers, you can lock yourself out of your project.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Condition = new Gcp.Projects.Inputs.IAMBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_member
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Condition = new Gcp.Projects.Inputs.IAMMemberConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_audit_config
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMAuditConfig("project", new Gcp.Projects.IAMAuditConfigArgs
{
AuditLogConfigs =
{
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
LogType = "ADMIN_READ",
},
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
ExemptedMembers =
{
"user:joebloggs@hashicorp.com",
},
LogType = "DATA_READ",
},
},
Project = "your-project-id",
Service = "allServices",
});
}
}
IAMMemberArgs
IAMMemberState
IAMPolicy
Four different resources help you manage your IAM policy for a project. Each of these resources serves a different use case:
gcp.projects.IAMPolicy: Authoritative. Sets the IAM policy for the project and replaces any existing policy already attached.gcp.projects.IAMBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the project are preserved.gcp.projects.IAMMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the project are preserved.gcp.projects.IAMAuditConfig: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.
Note:
gcp.projects.IAMPolicycannot be used in conjunction withgcp.projects.IAMBinding,gcp.projects.IAMMember, orgcp.projects.IAMAuditConfigor they will fight over what your policy should be.
Note:
gcp.projects.IAMBindingresources can be used in conjunction withgcp.projects.IAMMemberresources only if they do not grant privilege to the same role.
google_project_iam_policy
Be careful! You can accidentally lock yourself out of your project using this resource. Deleting a
gcp.projects.IAMPolicyremoves access from anyone without organization-level access to the project. Proceed with caution. It's not recommended to usegcp.projects.IAMPolicywith your provider project to avoid locking yourself out, and it should generally only be used with projects fully managed by this provider. If you do use this resource, it is recommended to import the policy before applying the change.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Binding =
{
{
{ "role", "roles/editor" },
{ "members",
{
"user:jane@example.com",
} },
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
Project = "your-project-id",
PolicyData = admin.Apply(admin => admin.PolicyData),
});
}
}
With IAM Conditions):
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Gcp.Organizations.GetIAMPolicy.InvokeAsync(new Gcp.Organizations.GetIAMPolicyArgs
{
Bindings =
{
new Gcp.Organizations.Inputs.GetIAMPolicyBindingArgs
{
Condition = new Gcp.Organizations.Inputs.GetIAMPolicyBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Role = "roles/editor",
},
},
}));
var project = new Gcp.Projects.IAMPolicy("project", new Gcp.Projects.IAMPolicyArgs
{
PolicyData = admin.Apply(admin => admin.PolicyData),
Project = "your-project-id",
});
}
}
google_project_iam_binding
Note: If
roleis set toroles/ownerand you don't specify a user or service account you have access to inmembers, you can lock yourself out of your project.
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMBinding("project", new Gcp.Projects.IAMBindingArgs
{
Condition = new Gcp.Projects.Inputs.IAMBindingConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Members =
{
"user:jane@example.com",
},
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_member
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
With IAM Conditions:
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMMember("project", new Gcp.Projects.IAMMemberArgs
{
Condition = new Gcp.Projects.Inputs.IAMMemberConditionArgs
{
Description = "Expiring at midnight of 2019-12-31",
Expression = "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title = "expires_after_2019_12_31",
},
Member = "user:jane@example.com",
Project = "your-project-id",
Role = "roles/editor",
});
}
}
google_project_iam_audit_config
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.IAMAuditConfig("project", new Gcp.Projects.IAMAuditConfigArgs
{
AuditLogConfigs =
{
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
LogType = "ADMIN_READ",
},
new Gcp.Projects.Inputs.IAMAuditConfigAuditLogConfigArgs
{
ExemptedMembers =
{
"user:joebloggs@hashicorp.com",
},
LogType = "DATA_READ",
},
},
Project = "your-project-id",
Service = "allServices",
});
}
}
IAMPolicyArgs
IAMPolicyState
OrganizationPolicy
Allows management of Organization policies for a Google Project. For more information see the official documentation and API.
Example Usage
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var serialPortPolicy = new Gcp.Projects.OrganizationPolicy("serialPortPolicy", new Gcp.Projects.OrganizationPolicyArgs
{
BooleanPolicy = new Gcp.Projects.Inputs.OrganizationPolicyBooleanPolicyArgs
{
Enforced = true,
},
Constraint = "compute.disableSerialPortAccess",
Project = "your-project-id",
});
}
}
OrganizationPolicyArgs
OrganizationPolicyState
Service
Allows management of a single API service for an existing Google Cloud Platform project.
For a list of services available, visit the
API library page or run gcloud services list.
Example Usage
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var project = new Gcp.Projects.Service("project", new Gcp.Projects.ServiceArgs
{
DisableDependentServices = true,
Project = "your-project-id",
Service = "iam.googleapis.com",
});
}
}
ServiceArgs
ServiceState
UsageExportBucket
Allows creation and management of a Google Cloud Platform project.
Projects created with this resource must be associated with an Organization. See the Organization documentation for more details.
The service account used to run this provider when creating a gcp.organizations.Project
resource must have roles/resourcemanager.projectCreator. See the
Access Control for Organizations Using IAM
doc for more information.
Example Usage
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var myProject = new Gcp.Organizations.Project("myProject", new Gcp.Organizations.ProjectArgs
{
OrgId = "1234567",
ProjectId = "your-project-id",
});
}
}