com.pulumi.gcp.storage.kotlin.BucketACLArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.storage.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.storage.BucketACLArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Authoritatively manages a bucket's ACLs in Google cloud storage service (GCS). For more information see
* [the official documentation](https://cloud.google.com/storage/docs/access-control/lists)
* and
* [API](https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls).
* Bucket ACLs can be managed non authoritatively using the `storage_bucket_access_control` resource. Do not use these two resources in conjunction to manage the same bucket.
* Permissions can be granted either by ACLs or Cloud IAM policies. In general, permissions granted by Cloud IAM policies do not appear in ACLs, and permissions granted by ACLs do not appear in Cloud IAM policies. The only exception is for ACLs applied directly on a bucket and certain bucket-level Cloud IAM policies, as described in [Cloud IAM relation to ACLs](https://cloud.google.com/storage/docs/access-control/iam#acls).
* **NOTE** This resource will not remove the `project-owners-` entity from the `OWNER` role.
* ## Example Usage
* Example creating an ACL on a bucket with one owner, and one reader.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* const image_store = new gcp.storage.Bucket("image-store", {
* name: "image-store-bucket",
* location: "EU",
* });
* const image_store_acl = new gcp.storage.BucketACL("image-store-acl", {
* bucket: image_store.name,
* roleEntities: [
* "OWNER:[email protected]",
* "READER:group-mygroup",
* ],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* image_store = gcp.storage.Bucket("image-store",
* name="image-store-bucket",
* location="EU")
* image_store_acl = gcp.storage.BucketACL("image-store-acl",
* bucket=image_store.name,
* role_entities=[
* "OWNER:[email protected]",
* "READER:group-mygroup",
* ])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* return await Deployment.RunAsync(() =>
* {
* var image_store = new Gcp.Storage.Bucket("image-store", new()
* {
* Name = "image-store-bucket",
* Location = "EU",
* });
* var image_store_acl = new Gcp.Storage.BucketACL("image-store-acl", new()
* {
* Bucket = image_store.Name,
* RoleEntities = new[]
* {
* "OWNER:[email protected]",
* "READER:group-mygroup",
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := storage.NewBucket(ctx, "image-store", &storage.BucketArgs{
* Name: pulumi.String("image-store-bucket"),
* Location: pulumi.String("EU"),
* })
* if err != nil {
* return err
* }
* _, err = storage.NewBucketACL(ctx, "image-store-acl", &storage.BucketACLArgs{
* Bucket: image_store.Name,
* RoleEntities: pulumi.StringArray{
* pulumi.String("OWNER:[email protected]"),
* pulumi.String("READER:group-mygroup"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.storage.Bucket;
* import com.pulumi.gcp.storage.BucketArgs;
* import com.pulumi.gcp.storage.BucketACL;
* import com.pulumi.gcp.storage.BucketACLArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var image_store = new Bucket("image-store", BucketArgs.builder()
* .name("image-store-bucket")
* .location("EU")
* .build());
* var image_store_acl = new BucketACL("image-store-acl", BucketACLArgs.builder()
* .bucket(image_store.name())
* .roleEntities(
* "OWNER:[email protected]",
* "READER:group-mygroup")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* image-store:
* type: gcp:storage:Bucket
* properties:
* name: image-store-bucket
* location: EU
* image-store-acl:
* type: gcp:storage:BucketACL
* properties:
* bucket: ${["image-store"].name}
* roleEntities:
* - OWNER:[email protected]
* - READER:group-mygroup
* ```
*
* ## Import
* This resource does not support import.
* @property bucket The name of the bucket it applies to.
* - - -
* @property defaultAcl Configure this ACL to be the default ACL.
* @property predefinedAcl The [canned GCS ACL](https://cloud.google.com/storage/docs/access-control/lists#predefined-acl) to apply. Must be set if `role_entity` is not.
* @property roleEntities List of role/entity pairs in the form `ROLE:entity`. See [GCS Bucket ACL documentation](https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls) for more details. Must be set if `predefined_acl` is not.
*/
public data class BucketACLArgs(
public val bucket: Output? = null,
public val defaultAcl: Output? = null,
public val predefinedAcl: Output? = null,
public val roleEntities: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.storage.BucketACLArgs =
com.pulumi.gcp.storage.BucketACLArgs.builder()
.bucket(bucket?.applyValue({ args0 -> args0 }))
.defaultAcl(defaultAcl?.applyValue({ args0 -> args0 }))
.predefinedAcl(predefinedAcl?.applyValue({ args0 -> args0 }))
.roleEntities(roleEntities?.applyValue({ args0 -> args0.map({ args0 -> args0 }) })).build()
}
/**
* Builder for [BucketACLArgs].
*/
@PulumiTagMarker
public class BucketACLArgsBuilder internal constructor() {
private var bucket: Output? = null
private var defaultAcl: Output? = null
private var predefinedAcl: Output? = null
private var roleEntities: Output>? = null
/**
* @param value The name of the bucket it applies to.
* - - -
*/
@JvmName("duhxvhunlftupgkq")
public suspend fun bucket(`value`: Output) {
this.bucket = value
}
/**
* @param value Configure this ACL to be the default ACL.
*/
@JvmName("leobflncjnkoptxr")
public suspend fun defaultAcl(`value`: Output) {
this.defaultAcl = value
}
/**
* @param value The [canned GCS ACL](https://cloud.google.com/storage/docs/access-control/lists#predefined-acl) to apply. Must be set if `role_entity` is not.
*/
@JvmName("jtyuqoxgbprnvfrq")
public suspend fun predefinedAcl(`value`: Output) {
this.predefinedAcl = value
}
/**
* @param value List of role/entity pairs in the form `ROLE:entity`. See [GCS Bucket ACL documentation](https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls) for more details. Must be set if `predefined_acl` is not.
*/
@JvmName("vcmyphyqlqsxvrmi")
public suspend fun roleEntities(`value`: Output>) {
this.roleEntities = value
}
@JvmName("dxaxftdvmyokuttp")
public suspend fun roleEntities(vararg values: Output) {
this.roleEntities = Output.all(values.asList())
}
/**
* @param values List of role/entity pairs in the form `ROLE:entity`. See [GCS Bucket ACL documentation](https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls) for more details. Must be set if `predefined_acl` is not.
*/
@JvmName("hafkcpdyxxtkvqhf")
public suspend fun roleEntities(values: List
© 2015 - 2024 Weber Informatics LLC | Privacy Policy