com.pulumi.gcp.accesscontextmanager.kotlin.AccessPolicyArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.accesscontextmanager.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName
/**
* AccessPolicy is a container for AccessLevels (which define the necessary
* attributes to use GCP services) and ServicePerimeters (which define
* regions of services able to freely pass data within a perimeter). An
* access policy is globally visible within an organization, and the
* restrictions it specifies apply to all projects within an organization.
* To get more information about AccessPolicy, see:
* * [API documentation](https://cloud.google.com/access-context-manager/docs/reference/rest/v1/accessPolicies)
* * How-to Guides
* * [Access Policy Quickstart](https://cloud.google.com/access-context-manager/docs/quickstart)
* > **Warning:** If you are using User ADCs (Application Default Credentials) with this resource,
* you must specify a `billing_project` and set `user_project_override` to true
* in the provider configuration. Otherwise the ACM API will return a 403 error.
* Your account must have the `serviceusage.services.use` permission on the
* `billing_project` you defined.
* ## Example Usage
* ### Access Context Manager Access Policy Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const access_policy = new gcp.accesscontextmanager.AccessPolicy("access-policy", {
* parent: "organizations/123456789",
* title: "Org Access Policy",
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* access_policy = gcp.accesscontextmanager.AccessPolicy("access-policy",
* parent="organizations/123456789",
* title="Org Access Policy")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var access_policy = new Gcp.AccessContextManager.AccessPolicy("access-policy", new()
* {
* Parent = "organizations/123456789",
* Title = "Org Access Policy",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/accesscontextmanager"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := accesscontextmanager.NewAccessPolicy(ctx, "access-policy", &accesscontextmanager.AccessPolicyArgs{
* Parent: pulumi.String("organizations/123456789"),
* Title: pulumi.String("Org Access Policy"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
* import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var access_policy = new AccessPolicy("access-policy", AccessPolicyArgs.builder()
* .parent("organizations/123456789")
* .title("Org Access Policy")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* access-policy:
* type: gcp:accesscontextmanager:AccessPolicy
* properties:
* parent: organizations/123456789
* title: Org Access Policy
* ```
*
* ### Access Context Manager Access Policy Scoped
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const project = new gcp.organizations.Project("project", {
* projectId: "my-project-name",
* name: "my-project-name",
* orgId: "123456789",
* });
* const access_policy = new gcp.accesscontextmanager.AccessPolicy("access-policy", {
* parent: "organizations/123456789",
* title: "Scoped Access Policy",
* scopes: pulumi.interpolate`projects/${project.number}`,
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* project = gcp.organizations.Project("project",
* project_id="my-project-name",
* name="my-project-name",
* org_id="123456789")
* access_policy = gcp.accesscontextmanager.AccessPolicy("access-policy",
* parent="organizations/123456789",
* title="Scoped Access Policy",
* scopes=project.number.apply(lambda number: f"projects/{number}"))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var project = new Gcp.Organizations.Project("project", new()
* {
* ProjectId = "my-project-name",
* Name = "my-project-name",
* OrgId = "123456789",
* });
* var access_policy = new Gcp.AccessContextManager.AccessPolicy("access-policy", new()
* {
* Parent = "organizations/123456789",
* Title = "Scoped Access Policy",
* Scopes = project.Number.Apply(number => $"projects/{number}"),
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/accesscontextmanager"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* project, err := organizations.NewProject(ctx, "project", &organizations.ProjectArgs{
* ProjectId: pulumi.String("my-project-name"),
* Name: pulumi.String("my-project-name"),
* OrgId: pulumi.String("123456789"),
* })
* if err != nil {
* return err
* }
* _, err = accesscontextmanager.NewAccessPolicy(ctx, "access-policy", &accesscontextmanager.AccessPolicyArgs{
* Parent: pulumi.String("organizations/123456789"),
* Title: pulumi.String("Scoped Access Policy"),
* Scopes: project.Number.ApplyT(func(number string) (string, error) {
* return fmt.Sprintf("projects/%v", number), nil
* }).(pulumi.StringOutput),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.organizations.Project;
* import com.pulumi.gcp.organizations.ProjectArgs;
* import com.pulumi.gcp.accesscontextmanager.AccessPolicy;
* import com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var project = new Project("project", ProjectArgs.builder()
* .projectId("my-project-name")
* .name("my-project-name")
* .orgId("123456789")
* .build());
* var access_policy = new AccessPolicy("access-policy", AccessPolicyArgs.builder()
* .parent("organizations/123456789")
* .title("Scoped Access Policy")
* .scopes(project.number().applyValue(number -> String.format("projects/%s", number)))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* project:
* type: gcp:organizations:Project
* properties:
* projectId: my-project-name
* name: my-project-name
* orgId: '123456789'
* access-policy:
* type: gcp:accesscontextmanager:AccessPolicy
* properties:
* parent: organizations/123456789
* title: Scoped Access Policy
* scopes: projects/${project.number}
* ```
*
* ## Import
* AccessPolicy can be imported using any of these accepted formats:
* * `{{name}}`
* When using the `pulumi import` command, AccessPolicy can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:accesscontextmanager/accessPolicy:AccessPolicy default {{name}}
* ```
* @property parent The parent of this AccessPolicy in the Cloud Resource Hierarchy.
* Format: organizations/{organization_id}
* @property scopes Folder or project on which this policy is applicable.
* Format: folders/{{folder_id}} or projects/{{project_id}}
* @property title Human readable title. Does not affect behavior.
* - - -
*/
public data class AccessPolicyArgs(
public val parent: Output? = null,
public val scopes: Output? = null,
public val title: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs =
com.pulumi.gcp.accesscontextmanager.AccessPolicyArgs.builder()
.parent(parent?.applyValue({ args0 -> args0 }))
.scopes(scopes?.applyValue({ args0 -> args0 }))
.title(title?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [AccessPolicyArgs].
*/
@PulumiTagMarker
public class AccessPolicyArgsBuilder internal constructor() {
private var parent: Output? = null
private var scopes: Output? = null
private var title: Output? = null
/**
* @param value The parent of this AccessPolicy in the Cloud Resource Hierarchy.
* Format: organizations/{organization_id}
*/
@JvmName("ajrbjnhfaqcqtggo")
public suspend fun parent(`value`: Output) {
this.parent = value
}
/**
* @param value Folder or project on which this policy is applicable.
* Format: folders/{{folder_id}} or projects/{{project_id}}
*/
@JvmName("flqborgcivghquoe")
public suspend fun scopes(`value`: Output) {
this.scopes = value
}
/**
* @param value Human readable title. Does not affect behavior.
* - - -
*/
@JvmName("rgfkqmrgofyyomwl")
public suspend fun title(`value`: Output) {
this.title = value
}
/**
* @param value The parent of this AccessPolicy in the Cloud Resource Hierarchy.
* Format: organizations/{organization_id}
*/
@JvmName("jvcqqnomagxvsqcy")
public suspend fun parent(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.parent = mapped
}
/**
* @param value Folder or project on which this policy is applicable.
* Format: folders/{{folder_id}} or projects/{{project_id}}
*/
@JvmName("bbjrnnykmpfaxfub")
public suspend fun scopes(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.scopes = mapped
}
/**
* @param value Human readable title. Does not affect behavior.
* - - -
*/
@JvmName("tjhdatbkjulgeghi")
public suspend fun title(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.title = mapped
}
internal fun build(): AccessPolicyArgs = AccessPolicyArgs(
parent = parent,
scopes = scopes,
title = title,
)
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy