1. Docs
  2. Reference
  3. API
  4. @pulumi/gcp
  5. iam

Module iam

This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.

Functions

Others

Functions

Function getRule

getRule(args: GetRuleArgs, opts?: pulumi.InvokeOptions): Promise<GetRuleResult>

Use this data source to get information about a Google IAM Role.

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const roleinfo = gcp.iam.getRule({
    name: "roles/compute.viewer",
});
export const theRolePermissions = roleinfo.then(roleinfo => roleinfo.includedPermissions);

Function getTestablePermissions

getTestablePermissions(args: GetTestablePermissionsArgs, opts?: pulumi.InvokeOptions): Promise<GetTestablePermissionsResult>

Retrieve a list of testable permissions for a resource. Testable permissions mean the permissions that user can add or remove in a role at a given resource. The resource can be referenced either via the full resource name or via a URI.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const perms = pulumi.output(gcp.iam.getTestablePermissions({
    fullResourceName: "//cloudresourcemanager.googleapis.com/projects/my-project",
    stages: [
        "GA",
        "BETA",
    ],
}, { async: true }));

Others

interface GetRuleArgs

interface GetRuleArgs

A collection of arguments for invoking getRule.

property name

name: string;

The name of the Role to lookup in the form roles/{ROLE_NAME}, organizations/{ORGANIZATION_ID}/roles/{ROLE_NAME} or projects/{PROJECT_ID}/roles/{ROLE_NAME}

interface GetRuleResult

interface GetRuleResult

A collection of values returned by getRule.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property includedPermissions

includedPermissions: string[];

specifies the list of one or more permissions to include in the custom role, such as - iam.roles.get

property name

name: string;

property stage

stage: string;

indicates the stage of a role in the launch lifecycle, such as GA, BETA or ALPHA.

property title

title: string;

is a friendly title for the role, such as “Role Viewer”

interface GetTestablePermissionsArgs

interface GetTestablePermissionsArgs

A collection of arguments for invoking getTestablePermissions.

property customSupportLevel

customSupportLevel?: undefined | string;

The level of support for custom roles. Can be one of "NOT_SUPPORTED", "SUPPORTED", "TESTING". Default is "SUPPORTED"

property fullResourceName

fullResourceName: string;

See full resource name documentation for more detail.

property stages

stages?: string[];

The acceptable release stages of the permission in the output. Note that BETA does not include permissions in GA, but you can specify both with ["GA", "BETA"] for example. Can be a list of "ALPHA", "BETA", "GA", "DEPRECATED". Default is ["GA"].

interface GetTestablePermissionsResult

interface GetTestablePermissionsResult

A collection of values returned by getTestablePermissions.

property customSupportLevel

customSupportLevel?: undefined | string;

The the support level of this permission for custom roles.

property fullResourceName

fullResourceName: string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property permissions

permissions: GetTestablePermissionsPermission[];

A list of permissions matching the provided input. Structure is defined below.

property stages

stages?: string[];