All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.artifactregistry.kotlin.RepositoryIamBindingArgs.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.artifactregistry.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.artifactregistry.RepositoryIamBindingArgs.builder
import com.pulumi.gcp.artifactregistry.kotlin.inputs.RepositoryIamBindingConditionArgs
import com.pulumi.gcp.artifactregistry.kotlin.inputs.RepositoryIamBindingConditionArgsBuilder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName

/**
 * Three different resources help you manage your IAM policy for Artifact Registry Repository. Each of these resources serves a different use case:
 * * `gcp.artifactregistry.RepositoryIamPolicy`: Authoritative. Sets the IAM policy for the repository and replaces any existing policy already attached.
 * * `gcp.artifactregistry.RepositoryIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the repository are preserved.
 * * `gcp.artifactregistry.RepositoryIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the repository are preserved.
 * A data source can be used to retrieve policy data in advent you do not need creation
 * * `gcp.artifactregistry.RepositoryIamPolicy`: Retrieves the IAM policy for the repository
 * > **Note:** `gcp.artifactregistry.RepositoryIamPolicy` **cannot** be used in conjunction with `gcp.artifactregistry.RepositoryIamBinding` and `gcp.artifactregistry.RepositoryIamMember` or they will fight over what your policy should be.
 * > **Note:** `gcp.artifactregistry.RepositoryIamBinding` resources **can be** used in conjunction with `gcp.artifactregistry.RepositoryIamMember` resources **only if** they do not grant privilege to the same role.
 * ## gcp.artifactregistry.RepositoryIamPolicy
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const admin = gcp.organizations.getIAMPolicy({
 *     bindings: [{
 *         role: "roles/artifactregistry.reader",
 *         members: ["user:jane@example.com"],
 *     }],
 * });
 * const policy = new gcp.artifactregistry.RepositoryIamPolicy("policy", {
 *     project: my_repo.project,
 *     location: my_repo.location,
 *     repository: my_repo.name,
 *     policyData: admin.then(admin => admin.policyData),
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(
 *     role="roles/artifactregistry.reader",
 *     members=["user:jane@example.com"],
 * )])
 * policy = gcp.artifactregistry.RepositoryIamPolicy("policy",
 *     project=my_repo["project"],
 *     location=my_repo["location"],
 *     repository=my_repo["name"],
 *     policy_data=admin.policy_data)
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()
 *     {
 *         Bindings = new[]
 *         {
 *             new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs
 *             {
 *                 Role = "roles/artifactregistry.reader",
 *                 Members = new[]
 *                 {
 *                     "user:[email protected]",
 *                 },
 *             },
 *         },
 *     });
 *     var policy = new Gcp.ArtifactRegistry.RepositoryIamPolicy("policy", new()
 *     {
 *         Project = my_repo.Project,
 *         Location = my_repo.Location,
 *         Repository = my_repo.Name,
 *         PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData),
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
 * 			Bindings: []organizations.GetIAMPolicyBinding{
 * 				{
 * 					Role: "roles/artifactregistry.reader",
 * 					Members: []string{
 * 						"user:[email protected]",
 * 					},
 * 				},
 * 			},
 * 		}, nil)
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = artifactregistry.NewRepositoryIamPolicy(ctx, "policy", &artifactregistry.RepositoryIamPolicyArgs{
 * 			Project:    pulumi.Any(my_repo.Project),
 * 			Location:   pulumi.Any(my_repo.Location),
 * 			Repository: pulumi.Any(my_repo.Name),
 * 			PolicyData: pulumi.String(admin.PolicyData),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.organizations.OrganizationsFunctions;
 * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamPolicy;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamPolicyArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
 *             .bindings(GetIAMPolicyBindingArgs.builder()
 *                 .role("roles/artifactregistry.reader")
 *                 .members("user:[email protected]")
 *                 .build())
 *             .build());
 *         var policy = new RepositoryIamPolicy("policy", RepositoryIamPolicyArgs.builder()
 *             .project(my_repo.project())
 *             .location(my_repo.location())
 *             .repository(my_repo.name())
 *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   policy:
 *     type: gcp:artifactregistry:RepositoryIamPolicy
 *     properties:
 *       project: ${["my-repo"].project}
 *       location: ${["my-repo"].location}
 *       repository: ${["my-repo"].name}
 *       policyData: ${admin.policyData}
 * variables:
 *   admin:
 *     fn::invoke:
 *       Function: gcp:organizations:getIAMPolicy
 *       Arguments:
 *         bindings:
 *           - role: roles/artifactregistry.reader
 *             members:
 *               - user:[email protected]
 * ```
 * 
 * ## gcp.artifactregistry.RepositoryIamBinding
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const binding = new gcp.artifactregistry.RepositoryIamBinding("binding", {
 *     project: my_repo.project,
 *     location: my_repo.location,
 *     repository: my_repo.name,
 *     role: "roles/artifactregistry.reader",
 *     members: ["user:jane@example.com"],
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * binding = gcp.artifactregistry.RepositoryIamBinding("binding",
 *     project=my_repo["project"],
 *     location=my_repo["location"],
 *     repository=my_repo["name"],
 *     role="roles/artifactregistry.reader",
 *     members=["user:jane@example.com"])
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var binding = new Gcp.ArtifactRegistry.RepositoryIamBinding("binding", new()
 *     {
 *         Project = my_repo.Project,
 *         Location = my_repo.Location,
 *         Repository = my_repo.Name,
 *         Role = "roles/artifactregistry.reader",
 *         Members = new[]
 *         {
 *             "user:[email protected]",
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := artifactregistry.NewRepositoryIamBinding(ctx, "binding", &artifactregistry.RepositoryIamBindingArgs{
 * 			Project:    pulumi.Any(my_repo.Project),
 * 			Location:   pulumi.Any(my_repo.Location),
 * 			Repository: pulumi.Any(my_repo.Name),
 * 			Role:       pulumi.String("roles/artifactregistry.reader"),
 * 			Members: pulumi.StringArray{
 * 				pulumi.String("user:[email protected]"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamBinding;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamBindingArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var binding = new RepositoryIamBinding("binding", RepositoryIamBindingArgs.builder()
 *             .project(my_repo.project())
 *             .location(my_repo.location())
 *             .repository(my_repo.name())
 *             .role("roles/artifactregistry.reader")
 *             .members("user:[email protected]")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   binding:
 *     type: gcp:artifactregistry:RepositoryIamBinding
 *     properties:
 *       project: ${["my-repo"].project}
 *       location: ${["my-repo"].location}
 *       repository: ${["my-repo"].name}
 *       role: roles/artifactregistry.reader
 *       members:
 *         - user:[email protected]
 * ```
 * 
 * ## gcp.artifactregistry.RepositoryIamMember
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const member = new gcp.artifactregistry.RepositoryIamMember("member", {
 *     project: my_repo.project,
 *     location: my_repo.location,
 *     repository: my_repo.name,
 *     role: "roles/artifactregistry.reader",
 *     member: "user:[email protected]",
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * member = gcp.artifactregistry.RepositoryIamMember("member",
 *     project=my_repo["project"],
 *     location=my_repo["location"],
 *     repository=my_repo["name"],
 *     role="roles/artifactregistry.reader",
 *     member="user:[email protected]")
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var member = new Gcp.ArtifactRegistry.RepositoryIamMember("member", new()
 *     {
 *         Project = my_repo.Project,
 *         Location = my_repo.Location,
 *         Repository = my_repo.Name,
 *         Role = "roles/artifactregistry.reader",
 *         Member = "user:[email protected]",
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := artifactregistry.NewRepositoryIamMember(ctx, "member", &artifactregistry.RepositoryIamMemberArgs{
 * 			Project:    pulumi.Any(my_repo.Project),
 * 			Location:   pulumi.Any(my_repo.Location),
 * 			Repository: pulumi.Any(my_repo.Name),
 * 			Role:       pulumi.String("roles/artifactregistry.reader"),
 * 			Member:     pulumi.String("user:[email protected]"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamMember;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamMemberArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var member = new RepositoryIamMember("member", RepositoryIamMemberArgs.builder()
 *             .project(my_repo.project())
 *             .location(my_repo.location())
 *             .repository(my_repo.name())
 *             .role("roles/artifactregistry.reader")
 *             .member("user:[email protected]")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   member:
 *     type: gcp:artifactregistry:RepositoryIamMember
 *     properties:
 *       project: ${["my-repo"].project}
 *       location: ${["my-repo"].location}
 *       repository: ${["my-repo"].name}
 *       role: roles/artifactregistry.reader
 *       member: user:[email protected]
 * ```
 * 
 * ## gcp.artifactregistry.RepositoryIamPolicy
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const admin = gcp.organizations.getIAMPolicy({
 *     bindings: [{
 *         role: "roles/artifactregistry.reader",
 *         members: ["user:jane@example.com"],
 *     }],
 * });
 * const policy = new gcp.artifactregistry.RepositoryIamPolicy("policy", {
 *     project: my_repo.project,
 *     location: my_repo.location,
 *     repository: my_repo.name,
 *     policyData: admin.then(admin => admin.policyData),
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(
 *     role="roles/artifactregistry.reader",
 *     members=["user:jane@example.com"],
 * )])
 * policy = gcp.artifactregistry.RepositoryIamPolicy("policy",
 *     project=my_repo["project"],
 *     location=my_repo["location"],
 *     repository=my_repo["name"],
 *     policy_data=admin.policy_data)
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()
 *     {
 *         Bindings = new[]
 *         {
 *             new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs
 *             {
 *                 Role = "roles/artifactregistry.reader",
 *                 Members = new[]
 *                 {
 *                     "user:[email protected]",
 *                 },
 *             },
 *         },
 *     });
 *     var policy = new Gcp.ArtifactRegistry.RepositoryIamPolicy("policy", new()
 *     {
 *         Project = my_repo.Project,
 *         Location = my_repo.Location,
 *         Repository = my_repo.Name,
 *         PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData),
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
 * 			Bindings: []organizations.GetIAMPolicyBinding{
 * 				{
 * 					Role: "roles/artifactregistry.reader",
 * 					Members: []string{
 * 						"user:[email protected]",
 * 					},
 * 				},
 * 			},
 * 		}, nil)
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = artifactregistry.NewRepositoryIamPolicy(ctx, "policy", &artifactregistry.RepositoryIamPolicyArgs{
 * 			Project:    pulumi.Any(my_repo.Project),
 * 			Location:   pulumi.Any(my_repo.Location),
 * 			Repository: pulumi.Any(my_repo.Name),
 * 			PolicyData: pulumi.String(admin.PolicyData),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.organizations.OrganizationsFunctions;
 * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamPolicy;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamPolicyArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
 *             .bindings(GetIAMPolicyBindingArgs.builder()
 *                 .role("roles/artifactregistry.reader")
 *                 .members("user:[email protected]")
 *                 .build())
 *             .build());
 *         var policy = new RepositoryIamPolicy("policy", RepositoryIamPolicyArgs.builder()
 *             .project(my_repo.project())
 *             .location(my_repo.location())
 *             .repository(my_repo.name())
 *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   policy:
 *     type: gcp:artifactregistry:RepositoryIamPolicy
 *     properties:
 *       project: ${["my-repo"].project}
 *       location: ${["my-repo"].location}
 *       repository: ${["my-repo"].name}
 *       policyData: ${admin.policyData}
 * variables:
 *   admin:
 *     fn::invoke:
 *       Function: gcp:organizations:getIAMPolicy
 *       Arguments:
 *         bindings:
 *           - role: roles/artifactregistry.reader
 *             members:
 *               - user:[email protected]
 * ```
 * 
 * ## gcp.artifactregistry.RepositoryIamBinding
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const binding = new gcp.artifactregistry.RepositoryIamBinding("binding", {
 *     project: my_repo.project,
 *     location: my_repo.location,
 *     repository: my_repo.name,
 *     role: "roles/artifactregistry.reader",
 *     members: ["user:jane@example.com"],
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * binding = gcp.artifactregistry.RepositoryIamBinding("binding",
 *     project=my_repo["project"],
 *     location=my_repo["location"],
 *     repository=my_repo["name"],
 *     role="roles/artifactregistry.reader",
 *     members=["user:jane@example.com"])
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var binding = new Gcp.ArtifactRegistry.RepositoryIamBinding("binding", new()
 *     {
 *         Project = my_repo.Project,
 *         Location = my_repo.Location,
 *         Repository = my_repo.Name,
 *         Role = "roles/artifactregistry.reader",
 *         Members = new[]
 *         {
 *             "user:[email protected]",
 *         },
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := artifactregistry.NewRepositoryIamBinding(ctx, "binding", &artifactregistry.RepositoryIamBindingArgs{
 * 			Project:    pulumi.Any(my_repo.Project),
 * 			Location:   pulumi.Any(my_repo.Location),
 * 			Repository: pulumi.Any(my_repo.Name),
 * 			Role:       pulumi.String("roles/artifactregistry.reader"),
 * 			Members: pulumi.StringArray{
 * 				pulumi.String("user:[email protected]"),
 * 			},
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamBinding;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamBindingArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var binding = new RepositoryIamBinding("binding", RepositoryIamBindingArgs.builder()
 *             .project(my_repo.project())
 *             .location(my_repo.location())
 *             .repository(my_repo.name())
 *             .role("roles/artifactregistry.reader")
 *             .members("user:[email protected]")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   binding:
 *     type: gcp:artifactregistry:RepositoryIamBinding
 *     properties:
 *       project: ${["my-repo"].project}
 *       location: ${["my-repo"].location}
 *       repository: ${["my-repo"].name}
 *       role: roles/artifactregistry.reader
 *       members:
 *         - user:[email protected]
 * ```
 * 
 * ## gcp.artifactregistry.RepositoryIamMember
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const member = new gcp.artifactregistry.RepositoryIamMember("member", {
 *     project: my_repo.project,
 *     location: my_repo.location,
 *     repository: my_repo.name,
 *     role: "roles/artifactregistry.reader",
 *     member: "user:[email protected]",
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * member = gcp.artifactregistry.RepositoryIamMember("member",
 *     project=my_repo["project"],
 *     location=my_repo["location"],
 *     repository=my_repo["name"],
 *     role="roles/artifactregistry.reader",
 *     member="user:[email protected]")
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var member = new Gcp.ArtifactRegistry.RepositoryIamMember("member", new()
 *     {
 *         Project = my_repo.Project,
 *         Location = my_repo.Location,
 *         Repository = my_repo.Name,
 *         Role = "roles/artifactregistry.reader",
 *         Member = "user:[email protected]",
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := artifactregistry.NewRepositoryIamMember(ctx, "member", &artifactregistry.RepositoryIamMemberArgs{
 * 			Project:    pulumi.Any(my_repo.Project),
 * 			Location:   pulumi.Any(my_repo.Location),
 * 			Repository: pulumi.Any(my_repo.Name),
 * 			Role:       pulumi.String("roles/artifactregistry.reader"),
 * 			Member:     pulumi.String("user:[email protected]"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamMember;
 * import com.pulumi.gcp.artifactregistry.RepositoryIamMemberArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         var member = new RepositoryIamMember("member", RepositoryIamMemberArgs.builder()
 *             .project(my_repo.project())
 *             .location(my_repo.location())
 *             .repository(my_repo.name())
 *             .role("roles/artifactregistry.reader")
 *             .member("user:[email protected]")
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   member:
 *     type: gcp:artifactregistry:RepositoryIamMember
 *     properties:
 *       project: ${["my-repo"].project}
 *       location: ${["my-repo"].location}
 *       repository: ${["my-repo"].name}
 *       role: roles/artifactregistry.reader
 *       member: user:[email protected]
 * ```
 * 
 * ## Import
 * For all import syntaxes, the "resource in question" can take any of the following forms:
 * * projects/{{project}}/locations/{{location}}/repositories/{{repository}}
 * * {{project}}/{{location}}/{{repository}}
 * * {{location}}/{{repository}}
 * * {{repository}}
 * Any variables not passed in the import command will be taken from the provider configuration.
 * Artifact Registry repository IAM resources can be imported using the resource identifiers, role, and member.
 * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.
 * ```sh
 * $ pulumi import gcp:artifactregistry/repositoryIamBinding:RepositoryIamBinding editor "projects/{{project}}/locations/{{location}}/repositories/{{repository}} roles/artifactregistry.reader user:[email protected]"
 * ```
 * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.
 * ```sh
 * $ pulumi import gcp:artifactregistry/repositoryIamBinding:RepositoryIamBinding editor "projects/{{project}}/locations/{{location}}/repositories/{{repository}} roles/artifactregistry.reader"
 * ```
 * IAM policy imports use the identifier of the resource in question, e.g.
 * ```sh
 * $ pulumi import gcp:artifactregistry/repositoryIamBinding:RepositoryIamBinding editor projects/{{project}}/locations/{{location}}/repositories/{{repository}}
 * ```
 * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the
 *  full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
 * @property condition
 * @property location The name of the location this repository is located in.
 * Used to find the parent resource to bind the IAM policy to
 * @property members Identities that will be granted the privilege in `role`.
 * Each entry can have one of the following values:
 * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
 * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
 * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
 * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
 * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
 * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
 * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
 * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
 * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
 * @property project The ID of the project in which the resource belongs.
 * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
 * @property repository Used to find the parent resource to bind the IAM policy to
 * @property role The role that should be applied. Only one
 * `gcp.artifactregistry.RepositoryIamBinding` can be used per role. Note that custom roles must be of the format
 * `[projects|organizations]/{parent-name}/roles/{role-name}`.
 */
public data class RepositoryIamBindingArgs(
    public val condition: Output? = null,
    public val location: Output? = null,
    public val members: Output>? = null,
    public val project: Output? = null,
    public val repository: Output? = null,
    public val role: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.artifactregistry.RepositoryIamBindingArgs =
        com.pulumi.gcp.artifactregistry.RepositoryIamBindingArgs.builder()
            .condition(condition?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .location(location?.applyValue({ args0 -> args0 }))
            .members(members?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
            .project(project?.applyValue({ args0 -> args0 }))
            .repository(repository?.applyValue({ args0 -> args0 }))
            .role(role?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [RepositoryIamBindingArgs].
 */
@PulumiTagMarker
public class RepositoryIamBindingArgsBuilder internal constructor() {
    private var condition: Output? = null

    private var location: Output? = null

    private var members: Output>? = null

    private var project: Output? = null

    private var repository: Output? = null

    private var role: Output? = null

    /**
     * @param value
     */
    @JvmName("lwfysxsvtnburdav")
    public suspend fun condition(`value`: Output) {
        this.condition = value
    }

    /**
     * @param value The name of the location this repository is located in.
     * Used to find the parent resource to bind the IAM policy to
     */
    @JvmName("goddukwgsqbkyeyx")
    public suspend fun location(`value`: Output) {
        this.location = value
    }

    /**
     * @param value Identities that will be granted the privilege in `role`.
     * Each entry can have one of the following values:
     * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
     * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
     * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
     * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
     * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
     * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
     * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
     * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
     * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
     */
    @JvmName("vxjepkgfglakynsi")
    public suspend fun members(`value`: Output>) {
        this.members = value
    }

    @JvmName("qetewoswfjjlcnex")
    public suspend fun members(vararg values: Output) {
        this.members = Output.all(values.asList())
    }

    /**
     * @param values Identities that will be granted the privilege in `role`.
     * Each entry can have one of the following values:
     * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
     * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
     * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
     * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
     * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
     * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
     * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
     * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
     * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
     */
    @JvmName("yvorntsiaqivkoon")
    public suspend fun members(values: List>) {
        this.members = Output.all(values)
    }

    /**
     * @param value The ID of the project in which the resource belongs.
     * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
     */
    @JvmName("feeybswqdigresvc")
    public suspend fun project(`value`: Output) {
        this.project = value
    }

    /**
     * @param value Used to find the parent resource to bind the IAM policy to
     */
    @JvmName("qefbbullkitawwsm")
    public suspend fun repository(`value`: Output) {
        this.repository = value
    }

    /**
     * @param value The role that should be applied. Only one
     * `gcp.artifactregistry.RepositoryIamBinding` can be used per role. Note that custom roles must be of the format
     * `[projects|organizations]/{parent-name}/roles/{role-name}`.
     */
    @JvmName("cfgxoymiyayewxfd")
    public suspend fun role(`value`: Output) {
        this.role = value
    }

    /**
     * @param value
     */
    @JvmName("slevslhirrhpfbwh")
    public suspend fun condition(`value`: RepositoryIamBindingConditionArgs?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.condition = mapped
    }

    /**
     * @param argument
     */
    @JvmName("ajrpfmkrlglxlauv")
    public suspend fun condition(argument: suspend RepositoryIamBindingConditionArgsBuilder.() -> Unit) {
        val toBeMapped = RepositoryIamBindingConditionArgsBuilder().applySuspend { argument() }.build()
        val mapped = of(toBeMapped)
        this.condition = mapped
    }

    /**
     * @param value The name of the location this repository is located in.
     * Used to find the parent resource to bind the IAM policy to
     */
    @JvmName("fpkqbqriooeejntq")
    public suspend fun location(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.location = mapped
    }

    /**
     * @param value Identities that will be granted the privilege in `role`.
     * Each entry can have one of the following values:
     * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
     * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
     * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
     * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
     * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
     * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
     * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
     * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
     * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
     */
    @JvmName("wudjiyvfntbsakde")
    public suspend fun members(`value`: List?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.members = mapped
    }

    /**
     * @param values Identities that will be granted the privilege in `role`.
     * Each entry can have one of the following values:
     * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
     * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
     * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
     * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
     * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
     * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
     * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
     * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
     * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
     */
    @JvmName("hpqyfekffjvqmymd")
    public suspend fun members(vararg values: String) {
        val toBeMapped = values.toList()
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.members = mapped
    }

    /**
     * @param value The ID of the project in which the resource belongs.
     * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
     */
    @JvmName("gadxlvjxfvevynqq")
    public suspend fun project(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.project = mapped
    }

    /**
     * @param value Used to find the parent resource to bind the IAM policy to
     */
    @JvmName("kqrtofspqjcpgssf")
    public suspend fun repository(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.repository = mapped
    }

    /**
     * @param value The role that should be applied. Only one
     * `gcp.artifactregistry.RepositoryIamBinding` can be used per role. Note that custom roles must be of the format
     * `[projects|organizations]/{parent-name}/roles/{role-name}`.
     */
    @JvmName("kdsleohumpxxtrre")
    public suspend fun role(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.role = mapped
    }

    internal fun build(): RepositoryIamBindingArgs = RepositoryIamBindingArgs(
        condition = condition,
        location = location,
        members = members,
        project = project,
        repository = repository,
        role = role,
    )
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy