com.pulumi.gcp.accessapproval.kotlin.AccessapprovalFunctions.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.accessapproval.kotlin
import com.pulumi.gcp.accessapproval.AccessapprovalFunctions.getFolderServiceAccountPlain
import com.pulumi.gcp.accessapproval.AccessapprovalFunctions.getOrganizationServiceAccountPlain
import com.pulumi.gcp.accessapproval.AccessapprovalFunctions.getProjectServiceAccountPlain
import com.pulumi.gcp.accessapproval.kotlin.inputs.GetFolderServiceAccountPlainArgs
import com.pulumi.gcp.accessapproval.kotlin.inputs.GetFolderServiceAccountPlainArgsBuilder
import com.pulumi.gcp.accessapproval.kotlin.inputs.GetOrganizationServiceAccountPlainArgs
import com.pulumi.gcp.accessapproval.kotlin.inputs.GetOrganizationServiceAccountPlainArgsBuilder
import com.pulumi.gcp.accessapproval.kotlin.inputs.GetProjectServiceAccountPlainArgs
import com.pulumi.gcp.accessapproval.kotlin.inputs.GetProjectServiceAccountPlainArgsBuilder
import com.pulumi.gcp.accessapproval.kotlin.outputs.GetFolderServiceAccountResult
import com.pulumi.gcp.accessapproval.kotlin.outputs.GetOrganizationServiceAccountResult
import com.pulumi.gcp.accessapproval.kotlin.outputs.GetProjectServiceAccountResult
import kotlinx.coroutines.future.await
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import com.pulumi.gcp.accessapproval.kotlin.outputs.GetFolderServiceAccountResult.Companion.toKotlin as getFolderServiceAccountResultToKotlin
import com.pulumi.gcp.accessapproval.kotlin.outputs.GetOrganizationServiceAccountResult.Companion.toKotlin as getOrganizationServiceAccountResultToKotlin
import com.pulumi.gcp.accessapproval.kotlin.outputs.GetProjectServiceAccountResult.Companion.toKotlin as getProjectServiceAccountResultToKotlin
public object AccessapprovalFunctions {
/**
* Get the email address of a folder's Access Approval service account.
* Each Google Cloud folder has a unique service account used by Access Approval.
* When using Access Approval with a
* [custom signing key](https://cloud.google.com/cloud-provider-access-management/access-approval/docs/review-approve-access-requests-custom-keys),
* this account needs to be granted the `cloudkms.signerVerifier` IAM role on the
* Cloud KMS key used to sign approvals.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const serviceAccount = gcp.accessapproval.getFolderServiceAccount({
* folderId: "my-folder",
* });
* const iam = new gcp.kms.CryptoKeyIAMMember("iam", {
* cryptoKeyId: cryptoKey.id,
* role: "roles/cloudkms.signerVerifier",
* member: serviceAccount.then(serviceAccount => `serviceAccount:${serviceAccount.accountEmail}`),
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* service_account = gcp.accessapproval.get_folder_service_account(folder_id="my-folder")
* iam = gcp.kms.CryptoKeyIAMMember("iam",
* crypto_key_id=crypto_key["id"],
* role="roles/cloudkms.signerVerifier",
* member=f"serviceAccount:{service_account.account_email}")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var serviceAccount = Gcp.AccessApproval.GetFolderServiceAccount.Invoke(new()
* {
* FolderId = "my-folder",
* });
* var iam = new Gcp.Kms.CryptoKeyIAMMember("iam", new()
* {
* CryptoKeyId = cryptoKey.Id,
* Role = "roles/cloudkms.signerVerifier",
* Member = $"serviceAccount:{serviceAccount.Apply(getFolderServiceAccountResult => getFolderServiceAccountResult.AccountEmail)}",
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/accessapproval"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* serviceAccount, err := accessapproval.GetFolderServiceAccount(ctx, &accessapproval.GetFolderServiceAccountArgs{
* FolderId: "my-folder",
* }, nil)
* if err != nil {
* return err
* }
* _, err = kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{
* CryptoKeyId: pulumi.Any(cryptoKey.Id),
* Role: pulumi.String("roles/cloudkms.signerVerifier"),
* Member: pulumi.String(fmt.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail)),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.accessapproval.AccessapprovalFunctions;
* import com.pulumi.gcp.accessapproval.inputs.GetFolderServiceAccountArgs;
* import com.pulumi.gcp.kms.CryptoKeyIAMMember;
* import com.pulumi.gcp.kms.CryptoKeyIAMMemberArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var serviceAccount = AccessapprovalFunctions.getFolderServiceAccount(GetFolderServiceAccountArgs.builder()
* .folderId("my-folder")
* .build());
* var iam = new CryptoKeyIAMMember("iam", CryptoKeyIAMMemberArgs.builder()
* .cryptoKeyId(cryptoKey.id())
* .role("roles/cloudkms.signerVerifier")
* .member(String.format("serviceAccount:%s", serviceAccount.applyValue(getFolderServiceAccountResult -> getFolderServiceAccountResult.accountEmail())))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* iam:
* type: gcp:kms:CryptoKeyIAMMember
* properties:
* cryptoKeyId: ${cryptoKey.id}
* role: roles/cloudkms.signerVerifier
* member: serviceAccount:${serviceAccount.accountEmail}
* variables:
* serviceAccount:
* fn::invoke:
* Function: gcp:accessapproval:getFolderServiceAccount
* Arguments:
* folderId: my-folder
* ```
*
* @param argument A collection of arguments for invoking getFolderServiceAccount.
* @return A collection of values returned by getFolderServiceAccount.
*/
public suspend fun getFolderServiceAccount(argument: GetFolderServiceAccountPlainArgs): GetFolderServiceAccountResult =
getFolderServiceAccountResultToKotlin(getFolderServiceAccountPlain(argument.toJava()).await())
/**
* @see [getFolderServiceAccount].
* @param folderId The folder ID the service account was created for.
* @return A collection of values returned by getFolderServiceAccount.
*/
public suspend fun getFolderServiceAccount(folderId: String): GetFolderServiceAccountResult {
val argument = GetFolderServiceAccountPlainArgs(
folderId = folderId,
)
return getFolderServiceAccountResultToKotlin(getFolderServiceAccountPlain(argument.toJava()).await())
}
/**
* @see [getFolderServiceAccount].
* @param argument Builder for [com.pulumi.gcp.accessapproval.kotlin.inputs.GetFolderServiceAccountPlainArgs].
* @return A collection of values returned by getFolderServiceAccount.
*/
public suspend fun getFolderServiceAccount(argument: suspend GetFolderServiceAccountPlainArgsBuilder.() -> Unit): GetFolderServiceAccountResult {
val builder = GetFolderServiceAccountPlainArgsBuilder()
builder.argument()
val builtArgument = builder.build()
return getFolderServiceAccountResultToKotlin(getFolderServiceAccountPlain(builtArgument.toJava()).await())
}
/**
* Get the email address of an organization's Access Approval service account.
* Each Google Cloud organization has a unique service account used by Access Approval.
* When using Access Approval with a
* [custom signing key](https://cloud.google.com/cloud-provider-access-management/access-approval/docs/review-approve-access-requests-custom-keys),
* this account needs to be granted the `cloudkms.signerVerifier` IAM role on the
* Cloud KMS key used to sign approvals.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const serviceAccount = gcp.accessapproval.getOrganizationServiceAccount({
* organizationId: "my-organization",
* });
* const iam = new gcp.kms.CryptoKeyIAMMember("iam", {
* cryptoKeyId: cryptoKey.id,
* role: "roles/cloudkms.signerVerifier",
* member: serviceAccount.then(serviceAccount => `serviceAccount:${serviceAccount.accountEmail}`),
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* service_account = gcp.accessapproval.get_organization_service_account(organization_id="my-organization")
* iam = gcp.kms.CryptoKeyIAMMember("iam",
* crypto_key_id=crypto_key["id"],
* role="roles/cloudkms.signerVerifier",
* member=f"serviceAccount:{service_account.account_email}")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var serviceAccount = Gcp.AccessApproval.GetOrganizationServiceAccount.Invoke(new()
* {
* OrganizationId = "my-organization",
* });
* var iam = new Gcp.Kms.CryptoKeyIAMMember("iam", new()
* {
* CryptoKeyId = cryptoKey.Id,
* Role = "roles/cloudkms.signerVerifier",
* Member = $"serviceAccount:{serviceAccount.Apply(getOrganizationServiceAccountResult => getOrganizationServiceAccountResult.AccountEmail)}",
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/accessapproval"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* serviceAccount, err := accessapproval.GetOrganizationServiceAccount(ctx, &accessapproval.GetOrganizationServiceAccountArgs{
* OrganizationId: "my-organization",
* }, nil)
* if err != nil {
* return err
* }
* _, err = kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{
* CryptoKeyId: pulumi.Any(cryptoKey.Id),
* Role: pulumi.String("roles/cloudkms.signerVerifier"),
* Member: pulumi.String(fmt.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail)),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.accessapproval.AccessapprovalFunctions;
* import com.pulumi.gcp.accessapproval.inputs.GetOrganizationServiceAccountArgs;
* import com.pulumi.gcp.kms.CryptoKeyIAMMember;
* import com.pulumi.gcp.kms.CryptoKeyIAMMemberArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var serviceAccount = AccessapprovalFunctions.getOrganizationServiceAccount(GetOrganizationServiceAccountArgs.builder()
* .organizationId("my-organization")
* .build());
* var iam = new CryptoKeyIAMMember("iam", CryptoKeyIAMMemberArgs.builder()
* .cryptoKeyId(cryptoKey.id())
* .role("roles/cloudkms.signerVerifier")
* .member(String.format("serviceAccount:%s", serviceAccount.applyValue(getOrganizationServiceAccountResult -> getOrganizationServiceAccountResult.accountEmail())))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* iam:
* type: gcp:kms:CryptoKeyIAMMember
* properties:
* cryptoKeyId: ${cryptoKey.id}
* role: roles/cloudkms.signerVerifier
* member: serviceAccount:${serviceAccount.accountEmail}
* variables:
* serviceAccount:
* fn::invoke:
* Function: gcp:accessapproval:getOrganizationServiceAccount
* Arguments:
* organizationId: my-organization
* ```
*
* @param argument A collection of arguments for invoking getOrganizationServiceAccount.
* @return A collection of values returned by getOrganizationServiceAccount.
*/
public suspend fun getOrganizationServiceAccount(argument: GetOrganizationServiceAccountPlainArgs): GetOrganizationServiceAccountResult =
getOrganizationServiceAccountResultToKotlin(getOrganizationServiceAccountPlain(argument.toJava()).await())
/**
* @see [getOrganizationServiceAccount].
* @param organizationId The organization ID the service account was created for.
* @return A collection of values returned by getOrganizationServiceAccount.
*/
public suspend fun getOrganizationServiceAccount(organizationId: String): GetOrganizationServiceAccountResult {
val argument = GetOrganizationServiceAccountPlainArgs(
organizationId = organizationId,
)
return getOrganizationServiceAccountResultToKotlin(getOrganizationServiceAccountPlain(argument.toJava()).await())
}
/**
* @see [getOrganizationServiceAccount].
* @param argument Builder for [com.pulumi.gcp.accessapproval.kotlin.inputs.GetOrganizationServiceAccountPlainArgs].
* @return A collection of values returned by getOrganizationServiceAccount.
*/
public suspend fun getOrganizationServiceAccount(argument: suspend GetOrganizationServiceAccountPlainArgsBuilder.() -> Unit): GetOrganizationServiceAccountResult {
val builder = GetOrganizationServiceAccountPlainArgsBuilder()
builder.argument()
val builtArgument = builder.build()
return getOrganizationServiceAccountResultToKotlin(getOrganizationServiceAccountPlain(builtArgument.toJava()).await())
}
/**
* Get the email address of a project's Access Approval service account.
* Each Google Cloud project has a unique service account used by Access Approval.
* When using Access Approval with a
* [custom signing key](https://cloud.google.com/cloud-provider-access-management/access-approval/docs/review-approve-access-requests-custom-keys),
* this account needs to be granted the `cloudkms.signerVerifier` IAM role on the
* Cloud KMS key used to sign approvals.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const serviceAccount = gcp.accessapproval.getProjectServiceAccount({
* projectId: "my-project",
* });
* const iam = new gcp.kms.CryptoKeyIAMMember("iam", {
* cryptoKeyId: cryptoKey.id,
* role: "roles/cloudkms.signerVerifier",
* member: serviceAccount.then(serviceAccount => `serviceAccount:${serviceAccount.accountEmail}`),
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* service_account = gcp.accessapproval.get_project_service_account(project_id="my-project")
* iam = gcp.kms.CryptoKeyIAMMember("iam",
* crypto_key_id=crypto_key["id"],
* role="roles/cloudkms.signerVerifier",
* member=f"serviceAccount:{service_account.account_email}")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var serviceAccount = Gcp.AccessApproval.GetProjectServiceAccount.Invoke(new()
* {
* ProjectId = "my-project",
* });
* var iam = new Gcp.Kms.CryptoKeyIAMMember("iam", new()
* {
* CryptoKeyId = cryptoKey.Id,
* Role = "roles/cloudkms.signerVerifier",
* Member = $"serviceAccount:{serviceAccount.Apply(getProjectServiceAccountResult => getProjectServiceAccountResult.AccountEmail)}",
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/accessapproval"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* serviceAccount, err := accessapproval.GetProjectServiceAccount(ctx, &accessapproval.GetProjectServiceAccountArgs{
* ProjectId: "my-project",
* }, nil)
* if err != nil {
* return err
* }
* _, err = kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{
* CryptoKeyId: pulumi.Any(cryptoKey.Id),
* Role: pulumi.String("roles/cloudkms.signerVerifier"),
* Member: pulumi.String(fmt.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail)),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.accessapproval.AccessapprovalFunctions;
* import com.pulumi.gcp.accessapproval.inputs.GetProjectServiceAccountArgs;
* import com.pulumi.gcp.kms.CryptoKeyIAMMember;
* import com.pulumi.gcp.kms.CryptoKeyIAMMemberArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var serviceAccount = AccessapprovalFunctions.getProjectServiceAccount(GetProjectServiceAccountArgs.builder()
* .projectId("my-project")
* .build());
* var iam = new CryptoKeyIAMMember("iam", CryptoKeyIAMMemberArgs.builder()
* .cryptoKeyId(cryptoKey.id())
* .role("roles/cloudkms.signerVerifier")
* .member(String.format("serviceAccount:%s", serviceAccount.applyValue(getProjectServiceAccountResult -> getProjectServiceAccountResult.accountEmail())))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* iam:
* type: gcp:kms:CryptoKeyIAMMember
* properties:
* cryptoKeyId: ${cryptoKey.id}
* role: roles/cloudkms.signerVerifier
* member: serviceAccount:${serviceAccount.accountEmail}
* variables:
* serviceAccount:
* fn::invoke:
* Function: gcp:accessapproval:getProjectServiceAccount
* Arguments:
* projectId: my-project
* ```
*
* @param argument A collection of arguments for invoking getProjectServiceAccount.
* @return A collection of values returned by getProjectServiceAccount.
*/
public suspend fun getProjectServiceAccount(argument: GetProjectServiceAccountPlainArgs): GetProjectServiceAccountResult =
getProjectServiceAccountResultToKotlin(getProjectServiceAccountPlain(argument.toJava()).await())
/**
* @see [getProjectServiceAccount].
* @param projectId The project ID the service account was created for.
* @return A collection of values returned by getProjectServiceAccount.
*/
public suspend fun getProjectServiceAccount(projectId: String): GetProjectServiceAccountResult {
val argument = GetProjectServiceAccountPlainArgs(
projectId = projectId,
)
return getProjectServiceAccountResultToKotlin(getProjectServiceAccountPlain(argument.toJava()).await())
}
/**
* @see [getProjectServiceAccount].
* @param argument Builder for [com.pulumi.gcp.accessapproval.kotlin.inputs.GetProjectServiceAccountPlainArgs].
* @return A collection of values returned by getProjectServiceAccount.
*/
public suspend fun getProjectServiceAccount(argument: suspend GetProjectServiceAccountPlainArgsBuilder.() -> Unit): GetProjectServiceAccountResult {
val builder = GetProjectServiceAccountPlainArgsBuilder()
builder.argument()
val builtArgument = builder.build()
return getProjectServiceAccountResultToKotlin(getProjectServiceAccountPlain(builtArgument.toJava()).await())
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy