• Home
• org.virtuslab
• pulumi-gcp-kotlin
• 8.12.0.0
• source code
• IamMemberRemoveArgs.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.gcp.projects.kotlin.IamMemberRemoveArgs.kt Maven / Gradle / Ivy

@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.projects.kotlin

import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.projects.IamMemberRemoveArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName

/**
 * Ensures that a member:role pairing does not exist in a project's IAM policy.
 * On create, this resource will modify the policy to remove the `member` from the
 * `role`. If the membership is ever re-added, the next refresh will clear this
 * resource from state, proposing re-adding it to correct the membership. Import is
 * not supported- this resource will acquire the current policy and modify it as
 * part of creating the resource.
 * This resource will conflict with `gcp.projects.IAMPolicy` and
 * `gcp.projects.IAMBinding` resources that share a role, as well as
 * `gcp.projects.IAMMember` resources that target the same membership. When
 * multiple resources conflict the final state is not guaranteed to include or omit
 * the membership. Subsequent `pulumi up` calls will always show a diff
 * until the configuration is corrected.
 * For more information see
 * [the official documentation](https://cloud.google.com/iam/docs/granting-changing-revoking-access)
 * and
 * [API reference](https://cloud.google.com/resource-manager/reference/rest/v1/projects/setIamPolicy).
 * ## Example Usage
 * 
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as gcp from "@pulumi/gcp";
 * const targetProject = gcp.organizations.getProject({});
 * const foo = new gcp.projects.IamMemberRemove("foo", {
 *     role: "roles/editor",
 *     project: targetProjectGoogleProject.projectId,
 *     member: `serviceAccount:${targetProjectGoogleProject.number}[email protected]`,
 * });
 * ```
 * ```python
 * import pulumi
 * import pulumi_gcp as gcp
 * target_project = gcp.organizations.get_project()
 * foo = gcp.projects.IamMemberRemove("foo",
 *     role="roles/editor",
 *     project=target_project_google_project["projectId"],
 *     member=f"serviceAccount:{target_project_google_project['number']}[email protected]")
 * ```
 * ```csharp
 * using System.Collections.Generic;
 * using System.Linq;
 * using Pulumi;
 * using Gcp = Pulumi.Gcp;
 * return await Deployment.RunAsync(() =>
 * {
 *     var targetProject = Gcp.Organizations.GetProject.Invoke();
 *     var foo = new Gcp.Projects.IamMemberRemove("foo", new()
 *     {
 *         Role = "roles/editor",
 *         Project = targetProjectGoogleProject.ProjectId,
 *         Member = $"serviceAccount:{targetProjectGoogleProject.Number}[email protected]",
 *     });
 * });
 * ```
 * ```go
 * package main
 * import (
 * 	"fmt"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
 * 	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/projects"
 * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 * )
 * func main() {
 * 	pulumi.Run(func(ctx *pulumi.Context) error {
 * 		_, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
 * 		if err != nil {
 * 			return err
 * 		}
 * 		_, err = projects.NewIamMemberRemove(ctx, "foo", &projects.IamMemberRemoveArgs{
 * 			Role:    pulumi.String("roles/editor"),
 * 			Project: pulumi.Any(targetProjectGoogleProject.ProjectId),
 * 			Member:  pulumi.Sprintf("serviceAccount:%[email protected]", targetProjectGoogleProject.Number),
 * 		})
 * 		if err != nil {
 * 			return err
 * 		}
 * 		return nil
 * 	})
 * }
 * ```
 * ```java
 * package generated_program;
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.gcp.organizations.OrganizationsFunctions;
 * import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
 * import com.pulumi.gcp.projects.IamMemberRemove;
 * import com.pulumi.gcp.projects.IamMemberRemoveArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 *     public static void stack(Context ctx) {
 *         final var targetProject = OrganizationsFunctions.getProject();
 *         var foo = new IamMemberRemove("foo", IamMemberRemoveArgs.builder()
 *             .role("roles/editor")
 *             .project(targetProjectGoogleProject.projectId())
 *             .member(String.format("serviceAccount:%[email protected]", targetProjectGoogleProject.number()))
 *             .build());
 *     }
 * }
 * ```
 * ```yaml
 * resources:
 *   foo:
 *     type: gcp:projects:IamMemberRemove
 *     properties:
 *       role: roles/editor
 *       project: ${targetProjectGoogleProject.projectId}
 *       member: serviceAccount:${targetProjectGoogleProject.number}[email protected]
 * variables:
 *   targetProject:
 *     fn::invoke:
 *       function: gcp:organizations:getProject
 *       arguments: {}
 * ```
 * 
 * @property member The IAM principal that should not have the target role.
 * Each entry can have one of the following values:
 * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
 * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
 * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
 * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
 * @property project The project id of the target project.
 * @property role The target role that should be removed.
 */
public data class IamMemberRemoveArgs(
    public val member: Output? = null,
    public val project: Output? = null,
    public val role: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.gcp.projects.IamMemberRemoveArgs =
        com.pulumi.gcp.projects.IamMemberRemoveArgs.builder()
            .member(member?.applyValue({ args0 -> args0 }))
            .project(project?.applyValue({ args0 -> args0 }))
            .role(role?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [IamMemberRemoveArgs].
 */
@PulumiTagMarker
public class IamMemberRemoveArgsBuilder internal constructor() {
    private var member: Output? = null

    private var project: Output? = null

    private var role: Output? = null

    /**
     * @param value The IAM principal that should not have the target role.
     * Each entry can have one of the following values:
     * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
     * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
     * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
     * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
     */
    @JvmName("teljruupvikqynfh")
    public suspend fun member(`value`: Output) {
        this.member = value
    }

    /**
     * @param value The project id of the target project.
     */
    @JvmName("ruvhaywrypxcknje")
    public suspend fun project(`value`: Output) {
        this.project = value
    }

    /**
     * @param value The target role that should be removed.
     */
    @JvmName("csabkiyfxxpkuaxi")
    public suspend fun role(`value`: Output) {
        this.role = value
    }

    /**
     * @param value The IAM principal that should not have the target role.
     * Each entry can have one of the following values:
     * * **user:{emailid}**: An email address that represents a specific Google account. For example, [email protected] or [email protected].
     * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, [email protected].
     * * **group:{emailid}**: An email address that represents a Google group. For example, [email protected].
     * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
     */
    @JvmName("icrwueyeqydbjyhc")
    public suspend fun member(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.member = mapped
    }

    /**
     * @param value The project id of the target project.
     */
    @JvmName("ceyfpvkoxxfdjikj")
    public suspend fun project(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.project = mapped
    }

    /**
     * @param value The target role that should be removed.
     */
    @JvmName("yoowohrvpngoxlix")
    public suspend fun role(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.role = mapped
    }

    internal fun build(): IamMemberRemoveArgs = IamMemberRemoveArgs(
        member = member,
        project = project,
        role = role,
    )
}