1. Docs
  2. Reference
  3. API
  4. @pulumi/gcp
  5. servicedirectory

Module servicedirectory

This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.

Resources

Others

Resources

Resource Endpoint

class Endpoint extends CustomResource

An individual endpoint that provides a service.

To get more information about Endpoint, see:

Example Usage - Service Directory Endpoint Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const exampleNamespace = new gcp.servicedirectory.Namespace("exampleNamespace", {
    namespaceId: "example-namespace",
    location: "us-central1",
});
const exampleService = new gcp.servicedirectory.Service("exampleService", {
    serviceId: "example-service",
    namespace: exampleNamespace.id,
});
const exampleEndpoint = new gcp.servicedirectory.Endpoint("exampleEndpoint", {
    endpointId: "example-endpoint",
    service: exampleService.id,
    metadata: {
        stage: "prod",
        region: "us-central1",
    },
    address: "1.2.3.4",
    port: 5353,
});

constructor

new Endpoint(name: string, args: EndpointArgs, opts?: pulumi.CustomResourceOptions)

Create a Endpoint resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: EndpointState, opts?: pulumi.CustomResourceOptions): Endpoint

Get an existing Endpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Endpoint

Returns true if the given object is an instance of Endpoint. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property address

public address: pulumi.Output<string | undefined>;

IPv4 or IPv6 address of the endpoint.

property endpointId

public endpointId: pulumi.Output<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property metadata

public metadata: pulumi.Output<{[key: string]: string} | undefined>;

Metadata for the endpoint. This data can be consumed by service clients. The entire metadata dictionary may contain up to 512 characters, spread across all key-value pairs. Metadata that goes beyond any these limits will be rejected.

property name

public name: pulumi.Output<string>;

The resource name for the endpoint in the format ‘projects//locations//namespaces//services//endpoints/*‘.

property port

public port: pulumi.Output<number | undefined>;

Port that the endpoint is running on, must be in the range of [0, 65535]. If unspecified, the default is 0.

property service

public service: pulumi.Output<string>;

The resource name of the service that this endpoint provides.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Namespace

class Namespace extends CustomResource

A container for services. Namespaces allow administrators to group services together and define permissions for a collection of services.

To get more information about Namespace, see:

Example Usage - Service Directory Namespace Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const example = new gcp.servicedirectory.Namespace("example", {
    namespaceId: "example-namespace",
    location: "us-central1",
    labels: {
        key: "value",
        foo: "bar",
    },
});

constructor

new Namespace(name: string, args: NamespaceArgs, opts?: pulumi.CustomResourceOptions)

Create a Namespace resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NamespaceState, opts?: pulumi.CustomResourceOptions): Namespace

Get an existing Namespace resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Namespace

Returns true if the given object is an instance of Namespace. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property labels

public labels: pulumi.Output<{[key: string]: string} | undefined>;

Resource labels associated with this Namespace. No more than 64 user labels can be associated with a given resource. Label keys and values can be no longer than 63 characters.

property location

public location: pulumi.Output<string>;

The location for the Namespace. A full list of valid locations can be found by running gcloud beta service-directory locations list.

property name

public name: pulumi.Output<string>;

The resource name for the namespace in the format ‘projects//locations//namespaces/*‘.

property namespaceId

public namespaceId: pulumi.Output<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NamespaceIamBinding

class NamespaceIamBinding extends CustomResource

Three different resources help you manage your IAM policy for Service Directory Namespace. Each of these resources serves a different use case:

  • gcp.servicedirectory.NamespaceIamPolicy: Authoritative. Sets the IAM policy for the namespace and replaces any existing policy already attached.
  • gcp.servicedirectory.NamespaceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the namespace are preserved.
  • gcp.servicedirectory.NamespaceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the namespace are preserved.

Note: gcp.servicedirectory.NamespaceIamPolicy cannot be used in conjunction with gcp.servicedirectory.NamespaceIamBinding and gcp.servicedirectory.NamespaceIamMember or they will fight over what your policy should be.

Note: gcp.servicedirectory.NamespaceIamBinding resources can be used in conjunction with gcp.servicedirectory.NamespaceIamMember resources only if they do not grant privilege to the same role.

google_service_directory_namespace_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/viewer",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.servicedirectory.NamespaceIamPolicy("policy", {policyData: admin.then(admin => admin.policyData)});

google_service_directory_namespace_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.servicedirectory.NamespaceIamBinding("binding", {
    role: "roles/viewer",
    members: ["user:jane@example.com"],
});

google_service_directory_namespace_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.servicedirectory.NamespaceIamMember("member", {
    role: "roles/viewer",
    member: "user:jane@example.com",
});

constructor

new NamespaceIamBinding(name: string, args: NamespaceIamBindingArgs, opts?: pulumi.CustomResourceOptions)

Create a NamespaceIamBinding resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NamespaceIamBindingState, opts?: pulumi.CustomResourceOptions): NamespaceIamBinding

Get an existing NamespaceIamBinding resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NamespaceIamBinding

Returns true if the given object is an instance of NamespaceIamBinding. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<NamespaceIamBindingCondition | undefined>;

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property members

public members: pulumi.Output<string[]>;

property name

public name: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property role

public role: pulumi.Output<string>;

The role that should be applied. Only one gcp.servicedirectory.NamespaceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NamespaceIamMember

class NamespaceIamMember extends CustomResource

Three different resources help you manage your IAM policy for Service Directory Namespace. Each of these resources serves a different use case:

  • gcp.servicedirectory.NamespaceIamPolicy: Authoritative. Sets the IAM policy for the namespace and replaces any existing policy already attached.
  • gcp.servicedirectory.NamespaceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the namespace are preserved.
  • gcp.servicedirectory.NamespaceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the namespace are preserved.

Note: gcp.servicedirectory.NamespaceIamPolicy cannot be used in conjunction with gcp.servicedirectory.NamespaceIamBinding and gcp.servicedirectory.NamespaceIamMember or they will fight over what your policy should be.

Note: gcp.servicedirectory.NamespaceIamBinding resources can be used in conjunction with gcp.servicedirectory.NamespaceIamMember resources only if they do not grant privilege to the same role.

google_service_directory_namespace_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/viewer",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.servicedirectory.NamespaceIamPolicy("policy", {policyData: admin.then(admin => admin.policyData)});

google_service_directory_namespace_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.servicedirectory.NamespaceIamBinding("binding", {
    role: "roles/viewer",
    members: ["user:jane@example.com"],
});

google_service_directory_namespace_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.servicedirectory.NamespaceIamMember("member", {
    role: "roles/viewer",
    member: "user:jane@example.com",
});

constructor

new NamespaceIamMember(name: string, args: NamespaceIamMemberArgs, opts?: pulumi.CustomResourceOptions)

Create a NamespaceIamMember resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NamespaceIamMemberState, opts?: pulumi.CustomResourceOptions): NamespaceIamMember

Get an existing NamespaceIamMember resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NamespaceIamMember

Returns true if the given object is an instance of NamespaceIamMember. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<NamespaceIamMemberCondition | undefined>;

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property member

public member: pulumi.Output<string>;

property name

public name: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property role

public role: pulumi.Output<string>;

The role that should be applied. Only one gcp.servicedirectory.NamespaceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NamespaceIamPolicy

class NamespaceIamPolicy extends CustomResource

Three different resources help you manage your IAM policy for Service Directory Namespace. Each of these resources serves a different use case:

  • gcp.servicedirectory.NamespaceIamPolicy: Authoritative. Sets the IAM policy for the namespace and replaces any existing policy already attached.
  • gcp.servicedirectory.NamespaceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the namespace are preserved.
  • gcp.servicedirectory.NamespaceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the namespace are preserved.

Note: gcp.servicedirectory.NamespaceIamPolicy cannot be used in conjunction with gcp.servicedirectory.NamespaceIamBinding and gcp.servicedirectory.NamespaceIamMember or they will fight over what your policy should be.

Note: gcp.servicedirectory.NamespaceIamBinding resources can be used in conjunction with gcp.servicedirectory.NamespaceIamMember resources only if they do not grant privilege to the same role.

google_service_directory_namespace_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/viewer",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.servicedirectory.NamespaceIamPolicy("policy", {policyData: admin.then(admin => admin.policyData)});

google_service_directory_namespace_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.servicedirectory.NamespaceIamBinding("binding", {
    role: "roles/viewer",
    members: ["user:jane@example.com"],
});

google_service_directory_namespace_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.servicedirectory.NamespaceIamMember("member", {
    role: "roles/viewer",
    member: "user:jane@example.com",
});

constructor

new NamespaceIamPolicy(name: string, args: NamespaceIamPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a NamespaceIamPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NamespaceIamPolicyState, opts?: pulumi.CustomResourceOptions): NamespaceIamPolicy

Get an existing NamespaceIamPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NamespaceIamPolicy

Returns true if the given object is an instance of NamespaceIamPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

public policyData: pulumi.Output<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Service

class Service extends CustomResource

An individual service. A service contains a name and optional metadata.

To get more information about Service, see:

Example Usage - Service Directory Service Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const exampleNamespace = new gcp.servicedirectory.Namespace("exampleNamespace", {
    namespaceId: "example-namespace",
    location: "us-central1",
});
const exampleService = new gcp.servicedirectory.Service("exampleService", {
    serviceId: "example-service",
    namespace: exampleNamespace.id,
    metadata: {
        stage: "prod",
        region: "us-central1",
    },
});

constructor

new Service(name: string, args: ServiceArgs, opts?: pulumi.CustomResourceOptions)

Create a Service resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ServiceState, opts?: pulumi.CustomResourceOptions): Service

Get an existing Service resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Service

Returns true if the given object is an instance of Service. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property metadata

public metadata: pulumi.Output<{[key: string]: string} | undefined>;

Metadata for the service. This data can be consumed by service clients. The entire metadata dictionary may contain up to 2000 characters, spread across all key-value pairs. Metadata that goes beyond any these limits will be rejected.

property name

public name: pulumi.Output<string>;

The resource name for the service in the format ‘projects//locations//namespaces//services/’.

property namespace

public namespace: pulumi.Output<string>;

The resource name of the namespace this service will belong to.

property serviceId

public serviceId: pulumi.Output<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ServiceIamBinding

class ServiceIamBinding extends CustomResource

Three different resources help you manage your IAM policy for Service Directory Service. Each of these resources serves a different use case:

  • gcp.servicedirectory.ServiceIamPolicy: Authoritative. Sets the IAM policy for the service and replaces any existing policy already attached.
  • gcp.servicedirectory.ServiceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the service are preserved.
  • gcp.servicedirectory.ServiceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the service are preserved.

Note: gcp.servicedirectory.ServiceIamPolicy cannot be used in conjunction with gcp.servicedirectory.ServiceIamBinding and gcp.servicedirectory.ServiceIamMember or they will fight over what your policy should be.

Note: gcp.servicedirectory.ServiceIamBinding resources can be used in conjunction with gcp.servicedirectory.ServiceIamMember resources only if they do not grant privilege to the same role.

google_service_directory_service_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/viewer",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.servicedirectory.ServiceIamPolicy("policy", {policyData: admin.then(admin => admin.policyData)});

google_service_directory_service_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.servicedirectory.ServiceIamBinding("binding", {
    role: "roles/viewer",
    members: ["user:jane@example.com"],
});

google_service_directory_service_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.servicedirectory.ServiceIamMember("member", {
    role: "roles/viewer",
    member: "user:jane@example.com",
});

constructor

new ServiceIamBinding(name: string, args: ServiceIamBindingArgs, opts?: pulumi.CustomResourceOptions)

Create a ServiceIamBinding resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ServiceIamBindingState, opts?: pulumi.CustomResourceOptions): ServiceIamBinding

Get an existing ServiceIamBinding resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ServiceIamBinding

Returns true if the given object is an instance of ServiceIamBinding. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<ServiceIamBindingCondition | undefined>;

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property members

public members: pulumi.Output<string[]>;

property name

public name: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property role

public role: pulumi.Output<string>;

The role that should be applied. Only one gcp.servicedirectory.ServiceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ServiceIamMember

class ServiceIamMember extends CustomResource

Three different resources help you manage your IAM policy for Service Directory Service. Each of these resources serves a different use case:

  • gcp.servicedirectory.ServiceIamPolicy: Authoritative. Sets the IAM policy for the service and replaces any existing policy already attached.
  • gcp.servicedirectory.ServiceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the service are preserved.
  • gcp.servicedirectory.ServiceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the service are preserved.

Note: gcp.servicedirectory.ServiceIamPolicy cannot be used in conjunction with gcp.servicedirectory.ServiceIamBinding and gcp.servicedirectory.ServiceIamMember or they will fight over what your policy should be.

Note: gcp.servicedirectory.ServiceIamBinding resources can be used in conjunction with gcp.servicedirectory.ServiceIamMember resources only if they do not grant privilege to the same role.

google_service_directory_service_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/viewer",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.servicedirectory.ServiceIamPolicy("policy", {policyData: admin.then(admin => admin.policyData)});

google_service_directory_service_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.servicedirectory.ServiceIamBinding("binding", {
    role: "roles/viewer",
    members: ["user:jane@example.com"],
});

google_service_directory_service_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.servicedirectory.ServiceIamMember("member", {
    role: "roles/viewer",
    member: "user:jane@example.com",
});

constructor

new ServiceIamMember(name: string, args: ServiceIamMemberArgs, opts?: pulumi.CustomResourceOptions)

Create a ServiceIamMember resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ServiceIamMemberState, opts?: pulumi.CustomResourceOptions): ServiceIamMember

Get an existing ServiceIamMember resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ServiceIamMember

Returns true if the given object is an instance of ServiceIamMember. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property condition

public condition: pulumi.Output<ServiceIamMemberCondition | undefined>;

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property member

public member: pulumi.Output<string>;

property name

public name: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property role

public role: pulumi.Output<string>;

The role that should be applied. Only one gcp.servicedirectory.ServiceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ServiceIamPolicy

class ServiceIamPolicy extends CustomResource

Three different resources help you manage your IAM policy for Service Directory Service. Each of these resources serves a different use case:

  • gcp.servicedirectory.ServiceIamPolicy: Authoritative. Sets the IAM policy for the service and replaces any existing policy already attached.
  • gcp.servicedirectory.ServiceIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the service are preserved.
  • gcp.servicedirectory.ServiceIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the service are preserved.

Note: gcp.servicedirectory.ServiceIamPolicy cannot be used in conjunction with gcp.servicedirectory.ServiceIamBinding and gcp.servicedirectory.ServiceIamMember or they will fight over what your policy should be.

Note: gcp.servicedirectory.ServiceIamBinding resources can be used in conjunction with gcp.servicedirectory.ServiceIamMember resources only if they do not grant privilege to the same role.

google_service_directory_service_iam_policy

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const admin = gcp.organizations.getIAMPolicy({
    binding: [{
        role: "roles/viewer",
        members: ["user:jane@example.com"],
    }],
});
const policy = new gcp.servicedirectory.ServiceIamPolicy("policy", {policyData: admin.then(admin => admin.policyData)});

google_service_directory_service_iam_binding

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const binding = new gcp.servicedirectory.ServiceIamBinding("binding", {
    role: "roles/viewer",
    members: ["user:jane@example.com"],
});

google_service_directory_service_iam_member

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const member = new gcp.servicedirectory.ServiceIamMember("member", {
    role: "roles/viewer",
    member: "user:jane@example.com",
});

constructor

new ServiceIamPolicy(name: string, args: ServiceIamPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a ServiceIamPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ServiceIamPolicyState, opts?: pulumi.CustomResourceOptions): ServiceIamPolicy

Get an existing ServiceIamPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ServiceIamPolicy

Returns true if the given object is an instance of ServiceIamPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

public policyData: pulumi.Output<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Others

interface EndpointArgs

interface EndpointArgs

The set of arguments for constructing a Endpoint resource.

property address

address?: pulumi.Input<string>;

IPv4 or IPv6 address of the endpoint.

property endpointId

endpointId: pulumi.Input<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Metadata for the endpoint. This data can be consumed by service clients. The entire metadata dictionary may contain up to 512 characters, spread across all key-value pairs. Metadata that goes beyond any these limits will be rejected.

property port

port?: pulumi.Input<number>;

Port that the endpoint is running on, must be in the range of [0, 65535]. If unspecified, the default is 0.

property service

service: pulumi.Input<string>;

The resource name of the service that this endpoint provides.

interface EndpointState

interface EndpointState

Input properties used for looking up and filtering Endpoint resources.

property address

address?: pulumi.Input<string>;

IPv4 or IPv6 address of the endpoint.

property endpointId

endpointId?: pulumi.Input<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Metadata for the endpoint. This data can be consumed by service clients. The entire metadata dictionary may contain up to 512 characters, spread across all key-value pairs. Metadata that goes beyond any these limits will be rejected.

property name

name?: pulumi.Input<string>;

The resource name for the endpoint in the format ‘projects//locations//namespaces//services//endpoints/*‘.

property port

port?: pulumi.Input<number>;

Port that the endpoint is running on, must be in the range of [0, 65535]. If unspecified, the default is 0.

property service

service?: pulumi.Input<string>;

The resource name of the service that this endpoint provides.

interface NamespaceArgs

interface NamespaceArgs

The set of arguments for constructing a Namespace resource.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Resource labels associated with this Namespace. No more than 64 user labels can be associated with a given resource. Label keys and values can be no longer than 63 characters.

property location

location: pulumi.Input<string>;

The location for the Namespace. A full list of valid locations can be found by running gcloud beta service-directory locations list.

property namespaceId

namespaceId: pulumi.Input<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface NamespaceIamBindingArgs

interface NamespaceIamBindingArgs

The set of arguments for constructing a NamespaceIamBinding resource.

property condition

condition?: pulumi.Input<NamespaceIamBindingCondition>;

property members

members: pulumi.Input<pulumi.Input<string>[]>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.NamespaceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface NamespaceIamBindingState

interface NamespaceIamBindingState

Input properties used for looking up and filtering NamespaceIamBinding resources.

property condition

condition?: pulumi.Input<NamespaceIamBindingCondition>;

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property members

members?: pulumi.Input<pulumi.Input<string>[]>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.NamespaceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface NamespaceIamMemberArgs

interface NamespaceIamMemberArgs

The set of arguments for constructing a NamespaceIamMember resource.

property condition

condition?: pulumi.Input<NamespaceIamMemberCondition>;

property member

member: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.NamespaceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface NamespaceIamMemberState

interface NamespaceIamMemberState

Input properties used for looking up and filtering NamespaceIamMember resources.

property condition

condition?: pulumi.Input<NamespaceIamMemberCondition>;

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property member

member?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.NamespaceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface NamespaceIamPolicyArgs

interface NamespaceIamPolicyArgs

The set of arguments for constructing a NamespaceIamPolicy resource.

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

policyData: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

interface NamespaceIamPolicyState

interface NamespaceIamPolicyState

Input properties used for looking up and filtering NamespaceIamPolicy resources.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

policyData?: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

interface NamespaceState

interface NamespaceState

Input properties used for looking up and filtering Namespace resources.

property labels

labels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Resource labels associated with this Namespace. No more than 64 user labels can be associated with a given resource. Label keys and values can be no longer than 63 characters.

property location

location?: pulumi.Input<string>;

The location for the Namespace. A full list of valid locations can be found by running gcloud beta service-directory locations list.

property name

name?: pulumi.Input<string>;

The resource name for the namespace in the format ‘projects//locations//namespaces/*‘.

property namespaceId

namespaceId?: pulumi.Input<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface ServiceArgs

interface ServiceArgs

The set of arguments for constructing a Service resource.

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Metadata for the service. This data can be consumed by service clients. The entire metadata dictionary may contain up to 2000 characters, spread across all key-value pairs. Metadata that goes beyond any these limits will be rejected.

property namespace

namespace: pulumi.Input<string>;

The resource name of the namespace this service will belong to.

property serviceId

serviceId: pulumi.Input<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.

interface ServiceIamBindingArgs

interface ServiceIamBindingArgs

The set of arguments for constructing a ServiceIamBinding resource.

property condition

condition?: pulumi.Input<ServiceIamBindingCondition>;

property members

members: pulumi.Input<pulumi.Input<string>[]>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.ServiceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface ServiceIamBindingState

interface ServiceIamBindingState

Input properties used for looking up and filtering ServiceIamBinding resources.

property condition

condition?: pulumi.Input<ServiceIamBindingCondition>;

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property members

members?: pulumi.Input<pulumi.Input<string>[]>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.ServiceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface ServiceIamMemberArgs

interface ServiceIamMemberArgs

The set of arguments for constructing a ServiceIamMember resource.

property condition

condition?: pulumi.Input<ServiceIamMemberCondition>;

property member

member: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.ServiceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface ServiceIamMemberState

interface ServiceIamMemberState

Input properties used for looking up and filtering ServiceIamMember resources.

property condition

condition?: pulumi.Input<ServiceIamMemberCondition>;

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property member

member?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one gcp.servicedirectory.ServiceIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface ServiceIamPolicyArgs

interface ServiceIamPolicyArgs

The set of arguments for constructing a ServiceIamPolicy resource.

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

policyData: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

interface ServiceIamPolicyState

interface ServiceIamPolicyState

Input properties used for looking up and filtering ServiceIamPolicy resources.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the IAM policy.

property name

name?: pulumi.Input<string>;

Used to find the parent resource to bind the IAM policy to

property policyData

policyData?: pulumi.Input<string>;

The policy data generated by a gcp.organizations.getIAMPolicy data source.

interface ServiceState

interface ServiceState

Input properties used for looking up and filtering Service resources.

property metadata

metadata?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

Metadata for the service. This data can be consumed by service clients. The entire metadata dictionary may contain up to 2000 characters, spread across all key-value pairs. Metadata that goes beyond any these limits will be rejected.

property name

name?: pulumi.Input<string>;

The resource name for the service in the format ‘projects//locations//namespaces//services/’.

property namespace

namespace?: pulumi.Input<string>;

The resource name of the namespace this service will belong to.

property serviceId

serviceId?: pulumi.Input<string>;

The Resource ID must be 1-63 characters long, including digits, lowercase letters or the hyphen character.