com.pulumi.gcp.iam.kotlin.FoldersPolicyBinding.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.iam.kotlin
import com.pulumi.core.Output
import com.pulumi.gcp.iam.kotlin.outputs.FoldersPolicyBindingCondition
import com.pulumi.gcp.iam.kotlin.outputs.FoldersPolicyBindingTarget
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.Map
import com.pulumi.gcp.iam.kotlin.outputs.FoldersPolicyBindingCondition.Companion.toKotlin as foldersPolicyBindingConditionToKotlin
import com.pulumi.gcp.iam.kotlin.outputs.FoldersPolicyBindingTarget.Companion.toKotlin as foldersPolicyBindingTargetToKotlin
/**
* Builder for [FoldersPolicyBinding].
*/
@PulumiTagMarker
public class FoldersPolicyBindingResourceBuilder internal constructor() {
public var name: String? = null
public var args: FoldersPolicyBindingArgs = FoldersPolicyBindingArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend FoldersPolicyBindingArgsBuilder.() -> Unit) {
val builder = FoldersPolicyBindingArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): FoldersPolicyBinding {
val builtJavaResource = com.pulumi.gcp.iam.FoldersPolicyBinding(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return FoldersPolicyBinding(builtJavaResource)
}
}
/**
* A policy binding to a folder
* To get more information about FoldersPolicyBinding, see:
* * [API documentation](https://cloud.google.com/iam/docs/reference/rest/v3/folders.locations.policyBindings)
* * How-to Guides
* * [Apply a policy binding](https://cloud.google.com/iam/docs/principal-access-boundary-policies-create#create_binding)
* ## Example Usage
* ### Iam Folders Policy Binding
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as time from "@pulumi/time";
* const pabPolicy = new gcp.iam.PrincipalAccessBoundaryPolicy("pab_policy", {
* organization: "123456789",
* location: "global",
* displayName: "test folder binding",
* principalAccessBoundaryPolicyId: "my-pab-policy",
* });
* const folder = new gcp.organizations.Folder("folder", {
* displayName: "test folder",
* parent: "organizations/123456789",
* deletionProtection: false,
* });
* const wait120s = new time.index.Sleep("wait_120s", {createDuration: "120s"}, {
* dependsOn: [folder],
* });
* const my_folder_binding = new gcp.iam.FoldersPolicyBinding("my-folder-binding", {
* folder: folder.folderId,
* location: "global",
* displayName: "test folder binding",
* policyKind: "PRINCIPAL_ACCESS_BOUNDARY",
* policyBindingId: "test-folder-binding",
* policy: pulumi.interpolate`organizations/123456789/locations/global/principalAccessBoundaryPolicies/${pabPolicy.principalAccessBoundaryPolicyId}`,
* target: {
* principalSet: pulumi.interpolate`//cloudresourcemanager.googleapis.com/folders/${folder.folderId}`,
* },
* }, {
* dependsOn: [wait120s],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_time as time
* pab_policy = gcp.iam.PrincipalAccessBoundaryPolicy("pab_policy",
* organization="123456789",
* location="global",
* display_name="test folder binding",
* principal_access_boundary_policy_id="my-pab-policy")
* folder = gcp.organizations.Folder("folder",
* display_name="test folder",
* parent="organizations/123456789",
* deletion_protection=False)
* wait120s = time.index.Sleep("wait_120s", create_duration=120s,
* opts = pulumi.ResourceOptions(depends_on=[folder]))
* my_folder_binding = gcp.iam.FoldersPolicyBinding("my-folder-binding",
* folder=folder.folder_id,
* location="global",
* display_name="test folder binding",
* policy_kind="PRINCIPAL_ACCESS_BOUNDARY",
* policy_binding_id="test-folder-binding",
* policy=pab_policy.principal_access_boundary_policy_id.apply(lambda principal_access_boundary_policy_id: f"organizations/123456789/locations/global/principalAccessBoundaryPolicies/{principal_access_boundary_policy_id}"),
* target={
* "principal_set": folder.folder_id.apply(lambda folder_id: f"//cloudresourcemanager.googleapis.com/folders/{folder_id}"),
* },
* opts = pulumi.ResourceOptions(depends_on=[wait120s]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Time = Pulumi.Time;
* return await Deployment.RunAsync(() =>
* {
* var pabPolicy = new Gcp.Iam.PrincipalAccessBoundaryPolicy("pab_policy", new()
* {
* Organization = "123456789",
* Location = "global",
* DisplayName = "test folder binding",
* PrincipalAccessBoundaryPolicyId = "my-pab-policy",
* });
* var folder = new Gcp.Organizations.Folder("folder", new()
* {
* DisplayName = "test folder",
* Parent = "organizations/123456789",
* DeletionProtection = false,
* });
* var wait120s = new Time.Index.Sleep("wait_120s", new()
* {
* CreateDuration = "120s",
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* folder,
* },
* });
* var my_folder_binding = new Gcp.Iam.FoldersPolicyBinding("my-folder-binding", new()
* {
* Folder = folder.FolderId,
* Location = "global",
* DisplayName = "test folder binding",
* PolicyKind = "PRINCIPAL_ACCESS_BOUNDARY",
* PolicyBindingId = "test-folder-binding",
* Policy = pabPolicy.PrincipalAccessBoundaryPolicyId.Apply(principalAccessBoundaryPolicyId => $"organizations/123456789/locations/global/principalAccessBoundaryPolicies/{principalAccessBoundaryPolicyId}"),
* Target = new Gcp.Iam.Inputs.FoldersPolicyBindingTargetArgs
* {
* PrincipalSet = folder.FolderId.Apply(folderId => $"//cloudresourcemanager.googleapis.com/folders/{folderId}"),
* },
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* wait120s,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/iam"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
* "github.com/pulumi/pulumi-time/sdk/go/time"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* pabPolicy, err := iam.NewPrincipalAccessBoundaryPolicy(ctx, "pab_policy", &iam.PrincipalAccessBoundaryPolicyArgs{
* Organization: pulumi.String("123456789"),
* Location: pulumi.String("global"),
* DisplayName: pulumi.String("test folder binding"),
* PrincipalAccessBoundaryPolicyId: pulumi.String("my-pab-policy"),
* })
* if err != nil {
* return err
* }
* folder, err := organizations.NewFolder(ctx, "folder", &organizations.FolderArgs{
* DisplayName: pulumi.String("test folder"),
* Parent: pulumi.String("organizations/123456789"),
* DeletionProtection: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* wait120s, err := time.NewSleep(ctx, "wait_120s", &time.SleepArgs{
* CreateDuration: "120s",
* }, pulumi.DependsOn([]pulumi.Resource{
* folder,
* }))
* if err != nil {
* return err
* }
* _, err = iam.NewFoldersPolicyBinding(ctx, "my-folder-binding", &iam.FoldersPolicyBindingArgs{
* Folder: folder.FolderId,
* Location: pulumi.String("global"),
* DisplayName: pulumi.String("test folder binding"),
* PolicyKind: pulumi.String("PRINCIPAL_ACCESS_BOUNDARY"),
* PolicyBindingId: pulumi.String("test-folder-binding"),
* Policy: pabPolicy.PrincipalAccessBoundaryPolicyId.ApplyT(func(principalAccessBoundaryPolicyId string) (string, error) {
* return fmt.Sprintf("organizations/123456789/locations/global/principalAccessBoundaryPolicies/%v", principalAccessBoundaryPolicyId), nil
* }).(pulumi.StringOutput),
* Target: &iam.FoldersPolicyBindingTargetArgs{
* PrincipalSet: folder.FolderId.ApplyT(func(folderId string) (string, error) {
* return fmt.Sprintf("//cloudresourcemanager.googleapis.com/folders/%v", folderId), nil
* }).(pulumi.StringOutput),
* },
* }, pulumi.DependsOn([]pulumi.Resource{
* wait120s,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.iam.PrincipalAccessBoundaryPolicy;
* import com.pulumi.gcp.iam.PrincipalAccessBoundaryPolicyArgs;
* import com.pulumi.gcp.organizations.Folder;
* import com.pulumi.gcp.organizations.FolderArgs;
* import com.pulumi.time.sleep;
* import com.pulumi.time.SleepArgs;
* import com.pulumi.gcp.iam.FoldersPolicyBinding;
* import com.pulumi.gcp.iam.FoldersPolicyBindingArgs;
* import com.pulumi.gcp.iam.inputs.FoldersPolicyBindingTargetArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var pabPolicy = new PrincipalAccessBoundaryPolicy("pabPolicy", PrincipalAccessBoundaryPolicyArgs.builder()
* .organization("123456789")
* .location("global")
* .displayName("test folder binding")
* .principalAccessBoundaryPolicyId("my-pab-policy")
* .build());
* var folder = new Folder("folder", FolderArgs.builder()
* .displayName("test folder")
* .parent("organizations/123456789")
* .deletionProtection(false)
* .build());
* var wait120s = new Sleep("wait120s", SleepArgs.builder()
* .createDuration("120s")
* .build(), CustomResourceOptions.builder()
* .dependsOn(folder)
* .build());
* var my_folder_binding = new FoldersPolicyBinding("my-folder-binding", FoldersPolicyBindingArgs.builder()
* .folder(folder.folderId())
* .location("global")
* .displayName("test folder binding")
* .policyKind("PRINCIPAL_ACCESS_BOUNDARY")
* .policyBindingId("test-folder-binding")
* .policy(pabPolicy.principalAccessBoundaryPolicyId().applyValue(principalAccessBoundaryPolicyId -> String.format("organizations/123456789/locations/global/principalAccessBoundaryPolicies/%s", principalAccessBoundaryPolicyId)))
* .target(FoldersPolicyBindingTargetArgs.builder()
* .principalSet(folder.folderId().applyValue(folderId -> String.format("//cloudresourcemanager.googleapis.com/folders/%s", folderId)))
* .build())
* .build(), CustomResourceOptions.builder()
* .dependsOn(wait120s)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* pabPolicy:
* type: gcp:iam:PrincipalAccessBoundaryPolicy
* name: pab_policy
* properties:
* organization: '123456789'
* location: global
* displayName: test folder binding
* principalAccessBoundaryPolicyId: my-pab-policy
* folder:
* type: gcp:organizations:Folder
* properties:
* displayName: test folder
* parent: organizations/123456789
* deletionProtection: false
* wait120s:
* type: time:sleep
* name: wait_120s
* properties:
* createDuration: 120s
* options:
* dependsOn:
* - ${folder}
* my-folder-binding:
* type: gcp:iam:FoldersPolicyBinding
* properties:
* folder: ${folder.folderId}
* location: global
* displayName: test folder binding
* policyKind: PRINCIPAL_ACCESS_BOUNDARY
* policyBindingId: test-folder-binding
* policy: organizations/123456789/locations/global/principalAccessBoundaryPolicies/${pabPolicy.principalAccessBoundaryPolicyId}
* target:
* principalSet: //cloudresourcemanager.googleapis.com/folders/${folder.folderId}
* options:
* dependsOn:
* - ${wait120s}
* ```
*
* ## Import
* FoldersPolicyBinding can be imported using any of these accepted formats:
* * `folders/{{folder}}/locations/{{location}}/policyBindings/{{policy_binding_id}}`
* * `{{folder}}/{{location}}/{{policy_binding_id}}`
* When using the `pulumi import` command, FoldersPolicyBinding can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:iam/foldersPolicyBinding:FoldersPolicyBinding default folders/{{folder}}/locations/{{location}}/policyBindings/{{policy_binding_id}}
* ```
* ```sh
* $ pulumi import gcp:iam/foldersPolicyBinding:FoldersPolicyBinding default {{folder}}/{{location}}/{{policy_binding_id}}
* ```
*/
public class FoldersPolicyBinding internal constructor(
override val javaResource: com.pulumi.gcp.iam.FoldersPolicyBinding,
) : KotlinCustomResource(javaResource, FoldersPolicyBindingMapper) {
/**
* Optional. User defined annotations. See https://google.aip.dev/148#annotations for more details such as format and size
* limitations **Note**: This field is non-authoritative, and will only manage the annotations present in your
* configuration. Please refer to the field 'effective_annotations' for all of the annotations present on the resource.
*/
public val annotations: Output>?
get() = javaResource.annotations().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}).orElse(null)
})
/**
* Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The
* syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary
* size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() <
* 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\"
* expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description:
* \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type
* != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string
* with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and
* functions that may be referenced within an expression are determined by the service that evaluates it. See the service
* documentation for additional information.
*/
public val condition: Output?
get() = javaResource.condition().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
foldersPolicyBindingConditionToKotlin(args0)
})
}).orElse(null)
})
/**
* Output only. The time when the policy binding was created.
*/
public val createTime: Output
get() = javaResource.createTime().applyValue({ args0 -> args0 })
/**
* Optional. The description of the policy binding. Must be less than or equal to 63 characters.
*/
public val displayName: Output?
get() = javaResource.displayName().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
public val effectiveAnnotations: Output>
get() = javaResource.effectiveAnnotations().applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
})
/**
* Optional. The etag for the policy binding. If this is provided on update, it must match the server's etag.
*/
public val etag: Output
get() = javaResource.etag().applyValue({ args0 -> args0 })
/**
* The parent folder for the PolicyBinding.
*/
public val folder: Output
get() = javaResource.folder().applyValue({ args0 -> args0 })
/**
* The location of the PolicyBinding.
*/
public val location: Output
get() = javaResource.location().applyValue({ args0 -> args0 })
/**
* The name of the policy binding in the format `{binding_parent/locations/{location}/policyBindings/{policy_binding_id}`
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* Required. Immutable. The resource name of the policy to be bound. The binding parent and policy must belong to the same Organization (or Project).
*/
public val policy: Output
get() = javaResource.policy().applyValue({ args0 -> args0 })
/**
* The Policy Binding ID.
*/
public val policyBindingId: Output
get() = javaResource.policyBindingId().applyValue({ args0 -> args0 })
/**
* Immutable. The kind of the policy to attach in this binding. This field must be one of the following: - Left empty (will
* be automatically set to the policy kind) - The input policy kind Possible values: POLICY_KIND_UNSPECIFIED
* PRINCIPAL_ACCESS_BOUNDARY ACCESS
*/
public val policyKind: Output?
get() = javaResource.policyKind().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Output only. The globally unique ID of the policy to be bound.
*/
public val policyUid: Output
get() = javaResource.policyUid().applyValue({ args0 -> args0 })
/**
* Target is the full resource name of the resource to which the policy will be bound. Immutable once set.
* Structure is documented below.
*/
public val target: Output
get() = javaResource.target().applyValue({ args0 ->
args0.let({ args0 ->
foldersPolicyBindingTargetToKotlin(args0)
})
})
/**
* Output only. The globally unique ID of the policy binding. Assigned when the policy binding is created.
*/
public val uid: Output
get() = javaResource.uid().applyValue({ args0 -> args0 })
/**
* Output only. The time when the policy binding was most recently updated.
*/
public val updateTime: Output
get() = javaResource.updateTime().applyValue({ args0 -> args0 })
}
public object FoldersPolicyBindingMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.gcp.iam.FoldersPolicyBinding::class == javaResource::class
override fun map(javaResource: Resource): FoldersPolicyBinding = FoldersPolicyBinding(
javaResource
as com.pulumi.gcp.iam.FoldersPolicyBinding,
)
}
/**
* @see [FoldersPolicyBinding].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [FoldersPolicyBinding].
*/
public suspend fun foldersPolicyBinding(
name: String,
block: suspend FoldersPolicyBindingResourceBuilder.() -> Unit,
): FoldersPolicyBinding {
val builder = FoldersPolicyBindingResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [FoldersPolicyBinding].
* @param name The _unique_ name of the resulting resource.
*/
public fun foldersPolicyBinding(name: String): FoldersPolicyBinding {
val builder = FoldersPolicyBindingResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy