com.pulumi.gcp.projects.kotlin.ServiceIdentity.kt Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
There is a newer version: 8.12.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.projects.kotlin

import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit

/**
 * Builder for [ServiceIdentity].
 */
@PulumiTagMarker
public class ServiceIdentityResourceBuilder internal constructor() {
    public var name: String? = null

    public var args: ServiceIdentityArgs = ServiceIdentityArgs()

    public var opts: CustomResourceOptions = CustomResourceOptions()

    /**
     * @param name The _unique_ name of the resulting resource.
     */
    public fun name(`value`: String) {
        this.name = value
    }

    /**
     * @param block The arguments to use to populate this resource's properties.
     */
    public suspend fun args(block: suspend ServiceIdentityArgsBuilder.() -> Unit) {
        val builder = ServiceIdentityArgsBuilder()
        block(builder)
        this.args = builder.build()
    }

    /**
     * @param block A bag of options that control this resource's behavior.
     */
    public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
        this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
    }

    internal fun build(): ServiceIdentity {
        val builtJavaResource = com.pulumi.gcp.projects.ServiceIdentity(
            this.name,
            this.args.toJava(),
            this.opts.toJava(),
        )
        return ServiceIdentity(builtJavaResource)
    }
}

/**
 * Generate service identity for a service.
 * > **Note:** Once created, this resource cannot be updated or destroyed. These
 * actions are a no-op.
 * > **Note:** This resource can be used to retrieve the emails of the [Google-managed service accounts](https://cloud.google.com/iam/docs/service-agents)
 * of the APIs that Google has configured with a Service Identity. You can run `gcloud beta services identity create --service SERVICE_NAME.googleapis.com` to
 * verify if an API supports this.
 * To get more information about Service Identity, see:
 * * [API documentation](https://cloud.google.com/service-usage/docs/reference/rest/v1beta1/services/generateServiceIdentity)
 * ## Example Usage
 * ### Service Identity Basic
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const project = gcp.organizations.getProject({});
 * const hcSa = new gcp.projects.ServiceIdentity("hc_sa", {
 *     project: project.then(project => project.projectId),
 *     service: "healthcare.googleapis.com",
 * });
 * const hcSaBqJobuser = new gcp.projects.IAMMember("hc_sa_bq_jobuser", {
 *     project: project.then(project => project.projectId),
 *     role: "roles/bigquery.jobUser",
 *     member: pulumi.interpolate`serviceAccount:${hcSa.email}`,
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * project = gcp.organizations.get_project()
 * hc_sa = gcp.projects.ServiceIdentity("hc_sa",
 *     project=project.project_id,
 *     service="healthcare.googleapis.com")
 * hc_sa_bq_jobuser = gcp.projects.IAMMember("hc_sa_bq_jobuser",
 *     project=project.project_id,
 *     role="roles/bigquery.jobUser",
 *     member=hc_sa.email.apply(lambda email: f"serviceAccount:{email}"))
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var project = Gcp.Organizations.GetProject.Invoke();
 *     var hcSa = new Gcp.Projects.ServiceIdentity("hc_sa", new()
 *     {
 *         Project = project.Apply(getProjectResult => getProjectResult.ProjectId),
 *         Service = "healthcare.googleapis.com",
 *     });
 *     var hcSaBqJobuser = new Gcp.Projects.IAMMember("hc_sa_bq_jobuser", new()
 *     {
 *         Project = project.Apply(getProjectResult => getProjectResult.ProjectId),
 *         Role = "roles/bigquery.jobUser",
 *         Member = hcSa.Email.Apply(email => $"serviceAccount:{email}"),
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"fmt"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		project, err := organizations.LookupProject(ctx, nil, nil)
 * 		if err != nil {
 * 			return err
 * 		}
 * 		hcSa, err := projects.NewServiceIdentity(ctx, "hc_sa", &projects.ServiceIdentityArgs{
 * 			Project: pulumi.String(project.ProjectId),
 * 			Service: pulumi.String("healthcare.googleapis.com"),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = projects.NewIAMMember(ctx, "hc_sa_bq_jobuser", &projects.IAMMemberArgs{
 * 			Project: pulumi.String(project.ProjectId),
 * 			Role:    pulumi.String("roles/bigquery.jobUser"),
 * 			Member: hcSa.Email.ApplyT(func(email string) (string, error) {
 * 				return fmt.Sprintf("serviceAccount:%v", email), nil
 * 			}).(pulumi.StringOutput),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.organizations.OrganizationsFunctions;
 * import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
 * import com.pulumi.gcp.projects.ServiceIdentity;
 * import com.pulumi.gcp.projects.ServiceIdentityArgs;
 * import com.pulumi.gcp.projects.IAMMember;
 * import com.pulumi.gcp.projects.IAMMemberArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         final var project = OrganizationsFunctions.getProject();
 *         var hcSa = new ServiceIdentity("hcSa", ServiceIdentityArgs.builder()
 *             .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
 *             .service("healthcare.googleapis.com")
 *             .build());
 *         var hcSaBqJobuser = new IAMMember("hcSaBqJobuser", IAMMemberArgs.builder()
 *             .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
 *             .role("roles/bigquery.jobUser")
 *             .member(hcSa.email().applyValue(email -> String.format("serviceAccount:%s", email)))
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   hcSa:
 *     type: gcp:projects:ServiceIdentity
 *     name: hc_sa
 *     properties:
 *       project: ${project.projectId}
 *       service: healthcare.googleapis.com
 *   hcSaBqJobuser:
 *     type: gcp:projects:IAMMember
 *     name: hc_sa_bq_jobuser
 *     properties:
 *       project: ${project.projectId}
 *       role: roles/bigquery.jobUser
 *       member: serviceAccount:${hcSa.email}
 * variables:
 *   project:
 *     fn::invoke:
 *       Function: gcp:organizations:getProject
 *       Arguments: {}
 * ```
 * 
 * ## Import
 * This resource does not support import.
 */
public class ServiceIdentity internal constructor(
    override val javaResource: com.pulumi.gcp.projects.ServiceIdentity,
) : KotlinCustomResource(javaResource, ServiceIdentityMapper) {
    /**
     * The email address of the Google managed service account.
     */
    public val email: Output
        get() = javaResource.email().applyValue({ args0 -> args0 })

    /**
     * The ID of the project in which the resource belongs.
     * If it is not provided, the provider project is used.
     */
    public val project: Output
        get() = javaResource.project().applyValue({ args0 -> args0 })

    /**
     * The service to generate identity for.
     * - - -
     */
    public val service: Output
        get() = javaResource.service().applyValue({ args0 -> args0 })
}

public object ServiceIdentityMapper : ResourceMapper {
    override fun supportsMappingOfType(javaResource: Resource): Boolean =
        com.pulumi.gcp.projects.ServiceIdentity::class == javaResource::class

    override fun map(javaResource: Resource): ServiceIdentity = ServiceIdentity(
        javaResource as
            com.pulumi.gcp.projects.ServiceIdentity,
    )
}

/**
 * @see [ServiceIdentity].
 * @param name The _unique_ name of the resulting resource.
 * @param block Builder for [ServiceIdentity].
 */
public suspend fun serviceIdentity(
    name: String,
    block: suspend ServiceIdentityResourceBuilder.() -> Unit,
): ServiceIdentity {
    val builder = ServiceIdentityResourceBuilder()
    builder.name(name)
    block(builder)
    return builder.build()
}

/**
 * @see [ServiceIdentity].
 * @param name The _unique_ name of the resulting resource.
 */
public fun serviceIdentity(name: String): ServiceIdentity {
    val builder = ServiceIdentityResourceBuilder()
    builder.name(name)
    return builder.build()
}