com.pulumi.gcp.projects.kotlin.ServiceIdentityArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.projects.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.projects.ServiceIdentityArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName
/**
* Generate service identity for a service.
* > **Note:** Once created, this resource cannot be updated or destroyed. These
* actions are a no-op.
* > **Note:** This resource can be used to retrieve the emails of the [Google-managed service accounts](https://cloud.google.com/iam/docs/service-agents)
* of the APIs that Google has configured with a Service Identity. You can run `gcloud beta services identity create --service SERVICE_NAME.googleapis.com` to
* verify if an API supports this.
* To get more information about Service Identity, see:
* * [API documentation](https://cloud.google.com/service-usage/docs/reference/rest/v1beta1/services/generateServiceIdentity)
* ## Example Usage
* ### Service Identity Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const project = gcp.organizations.getProject({});
* const hcSa = new gcp.projects.ServiceIdentity("hc_sa", {
* project: project.then(project => project.projectId),
* service: "healthcare.googleapis.com",
* });
* const hcSaBqJobuser = new gcp.projects.IAMMember("hc_sa_bq_jobuser", {
* project: project.then(project => project.projectId),
* role: "roles/bigquery.jobUser",
* member: pulumi.interpolate`serviceAccount:${hcSa.email}`,
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* project = gcp.organizations.get_project()
* hc_sa = gcp.projects.ServiceIdentity("hc_sa",
* project=project.project_id,
* service="healthcare.googleapis.com")
* hc_sa_bq_jobuser = gcp.projects.IAMMember("hc_sa_bq_jobuser",
* project=project.project_id,
* role="roles/bigquery.jobUser",
* member=hc_sa.email.apply(lambda email: f"serviceAccount:{email}"))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var project = Gcp.Organizations.GetProject.Invoke();
* var hcSa = new Gcp.Projects.ServiceIdentity("hc_sa", new()
* {
* Project = project.Apply(getProjectResult => getProjectResult.ProjectId),
* Service = "healthcare.googleapis.com",
* });
* var hcSaBqJobuser = new Gcp.Projects.IAMMember("hc_sa_bq_jobuser", new()
* {
* Project = project.Apply(getProjectResult => getProjectResult.ProjectId),
* Role = "roles/bigquery.jobUser",
* Member = hcSa.Email.Apply(email => $"serviceAccount:{email}"),
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* project, err := organizations.LookupProject(ctx, nil, nil)
* if err != nil {
* return err
* }
* hcSa, err := projects.NewServiceIdentity(ctx, "hc_sa", &projects.ServiceIdentityArgs{
* Project: pulumi.String(project.ProjectId),
* Service: pulumi.String("healthcare.googleapis.com"),
* })
* if err != nil {
* return err
* }
* _, err = projects.NewIAMMember(ctx, "hc_sa_bq_jobuser", &projects.IAMMemberArgs{
* Project: pulumi.String(project.ProjectId),
* Role: pulumi.String("roles/bigquery.jobUser"),
* Member: hcSa.Email.ApplyT(func(email string) (string, error) {
* return fmt.Sprintf("serviceAccount:%v", email), nil
* }).(pulumi.StringOutput),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.organizations.OrganizationsFunctions;
* import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
* import com.pulumi.gcp.projects.ServiceIdentity;
* import com.pulumi.gcp.projects.ServiceIdentityArgs;
* import com.pulumi.gcp.projects.IAMMember;
* import com.pulumi.gcp.projects.IAMMemberArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var project = OrganizationsFunctions.getProject();
* var hcSa = new ServiceIdentity("hcSa", ServiceIdentityArgs.builder()
* .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
* .service("healthcare.googleapis.com")
* .build());
* var hcSaBqJobuser = new IAMMember("hcSaBqJobuser", IAMMemberArgs.builder()
* .project(project.applyValue(getProjectResult -> getProjectResult.projectId()))
* .role("roles/bigquery.jobUser")
* .member(hcSa.email().applyValue(email -> String.format("serviceAccount:%s", email)))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* hcSa:
* type: gcp:projects:ServiceIdentity
* name: hc_sa
* properties:
* project: ${project.projectId}
* service: healthcare.googleapis.com
* hcSaBqJobuser:
* type: gcp:projects:IAMMember
* name: hc_sa_bq_jobuser
* properties:
* project: ${project.projectId}
* role: roles/bigquery.jobUser
* member: serviceAccount:${hcSa.email}
* variables:
* project:
* fn::invoke:
* Function: gcp:organizations:getProject
* Arguments: {}
* ```
*
* ## Import
* This resource does not support import.
* @property project The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
* @property service The service to generate identity for.
* - - -
*/
public data class ServiceIdentityArgs(
public val project: Output? = null,
public val service: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.projects.ServiceIdentityArgs =
com.pulumi.gcp.projects.ServiceIdentityArgs.builder()
.project(project?.applyValue({ args0 -> args0 }))
.service(service?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [ServiceIdentityArgs].
*/
@PulumiTagMarker
public class ServiceIdentityArgsBuilder internal constructor() {
private var project: Output? = null
private var service: Output? = null
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("dhrwqkgrwcandqcu")
public suspend fun project(`value`: Output) {
this.project = value
}
/**
* @param value The service to generate identity for.
* - - -
*/
@JvmName("uioxdgegtvtsvtnb")
public suspend fun service(`value`: Output) {
this.service = value
}
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("ihdvhwlwcpgaoeiv")
public suspend fun project(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.project = mapped
}
/**
* @param value The service to generate identity for.
* - - -
*/
@JvmName("irwmwkncqvdecpoi")
public suspend fun service(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.service = mapped
}
internal fun build(): ServiceIdentityArgs = ServiceIdentityArgs(
project = project,
service = service,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy