Module folder

@pulumi/gcp > folder

Index

folder/iAMBinding.ts folder/iAMMember.ts folder/iAMPolicy.ts folder/organizationPolicy.ts

class IAMBinding

Allows creation and management of a single binding within IAM policy for an existing Google Cloud Platform folder.

~> Note: This resource must not be used in conjunction with google_folder_iam_policy or they will fight over what your policy should be.

constructor

new IAMBinding(name: string, args: IAMBindingArgs, opts?: pulumi.CustomResourceOptions)

Create a IAMBinding resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IAMBindingState): IAMBinding

Get an existing IAMBinding resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the folder’s IAM policy.

property folder

public folder: pulumi.Output<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property members

public members: pulumi.Output<string[]>;

An array of identites that will be granted the privilege in the role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

property role

public role: pulumi.Output<string>;

The role that should be applied. Only one google_folder_iam_binding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class IAMMember

Allows creation and management of a single member for a single binding within the IAM policy for an existing Google Cloud Platform folder.

~> Note: This resource must not be used in conjunction with google_folder_iam_policy or they will fight over what your policy should be. Similarly, roles controlled by google_folder_iam_binding should not be assigned to using google_folder_iam_member.

constructor

new IAMMember(name: string, args: IAMMemberArgs, opts?: pulumi.CustomResourceOptions)

Create a IAMMember resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IAMMemberState): IAMMember

Get an existing IAMMember resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the folder’s IAM policy.

property folder

public folder: pulumi.Output<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property member

public member: pulumi.Output<string>;

The identity that will be granted the privilege in the role. This field can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

property role

public role: pulumi.Output<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class IAMPolicy

Allows creation and management of the IAM policy for an existing Google Cloud Platform folder.

constructor

new IAMPolicy(name: string, args: IAMPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a IAMPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IAMPolicyState): IAMPolicy

Get an existing IAMPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the folder’s IAM policy. etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

property folder

public folder: pulumi.Output<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policyData

public policyData: pulumi.Output<string>;

The google_iam_policy data source that represents the IAM policy that will be applied to the folder. This policy overrides any existing policy applied to the folder.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class OrganizationPolicy

Allows management of Organization policies for a Google Folder. For more information see the official documentation and API.

constructor

new OrganizationPolicy(name: string, args: OrganizationPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a OrganizationPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: OrganizationPolicyState): OrganizationPolicy

Get an existing OrganizationPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property booleanPolicy

public booleanPolicy: pulumi.Output<{ ... } | undefined>;

A boolean policy is a constraint that is either enforced or not. Structure is documented below.

property constraint

public constraint: pulumi.Output<string>;

The name of the Constraint the Policy is configuring, for example, serviceuser.services. Check out the complete list of available constraints.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the organization policy. etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

property folder

public folder: pulumi.Output<string>;

The resource name of the folder to set the policy for. Its format is folders/{folder_id}.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property listPolicy

public listPolicy: pulumi.Output<{ ... } | undefined>;

A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.

property restorePolicy

public restorePolicy: pulumi.Output<{ ... } | undefined>;

A restore policy is a constraint to restore the default policy. Structure is documented below.

property updateTime

public updateTime: pulumi.Output<string>;

(Computed) The timestamp in RFC3339 UTC “Zulu” format, accurate to nanoseconds, representing when the variable was last updated. Example: “2016-10-09T12:33:37.578138407Z”.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property version

public version: pulumi.Output<number>;

Version of the Policy. Default version is 0.

interface IAMBindingArgs

The set of arguments for constructing a IAMBinding resource.

property folder

folder: pulumi.Input<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property members

members: pulumi.Input<pulumi.Input<string>[]>;

An array of identites that will be granted the privilege in the role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

property role

role: pulumi.Input<string>;

The role that should be applied. Only one google_folder_iam_binding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface IAMBindingState

Input properties used for looking up and filtering IAMBinding resources.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the folder’s IAM policy.

property folder

folder?: pulumi.Input<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property members

members?: pulumi.Input<pulumi.Input<string>[]>;

An array of identites that will be granted the privilege in the role. Each entry can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

property role

role?: pulumi.Input<string>;

The role that should be applied. Only one google_folder_iam_binding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface IAMMemberArgs

The set of arguments for constructing a IAMMember resource.

property folder

folder: pulumi.Input<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property member

member: pulumi.Input<string>;

The identity that will be granted the privilege in the role. This field can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

property role

role: pulumi.Input<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface IAMMemberState

Input properties used for looking up and filtering IAMMember resources.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the folder’s IAM policy.

property folder

folder?: pulumi.Input<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property member

member?: pulumi.Input<string>;

The identity that will be granted the privilege in the role. This field can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

property role

role?: pulumi.Input<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface IAMPolicyArgs

The set of arguments for constructing a IAMPolicy resource.

property folder

folder: pulumi.Input<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property policyData

policyData: pulumi.Input<string>;

The google_iam_policy data source that represents the IAM policy that will be applied to the folder. This policy overrides any existing policy applied to the folder.

interface IAMPolicyState

Input properties used for looking up and filtering IAMPolicy resources.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the folder’s IAM policy. etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

property folder

folder?: pulumi.Input<string>;

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

property policyData

policyData?: pulumi.Input<string>;

The google_iam_policy data source that represents the IAM policy that will be applied to the folder. This policy overrides any existing policy applied to the folder.

interface OrganizationPolicyArgs

The set of arguments for constructing a OrganizationPolicy resource.

property booleanPolicy

booleanPolicy?: pulumi.Input<{ ... }>;

A boolean policy is a constraint that is either enforced or not. Structure is documented below.

property constraint

constraint: pulumi.Input<string>;

The name of the Constraint the Policy is configuring, for example, serviceuser.services. Check out the complete list of available constraints.

property folder

folder: pulumi.Input<string>;

The resource name of the folder to set the policy for. Its format is folders/{folder_id}.

property listPolicy

listPolicy?: pulumi.Input<{ ... }>;

A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.

property restorePolicy

restorePolicy?: pulumi.Input<{ ... }>;

A restore policy is a constraint to restore the default policy. Structure is documented below.

property version

version?: pulumi.Input<number>;

Version of the Policy. Default version is 0.

interface OrganizationPolicyState

Input properties used for looking up and filtering OrganizationPolicy resources.

property booleanPolicy

booleanPolicy?: pulumi.Input<{ ... }>;

A boolean policy is a constraint that is either enforced or not. Structure is documented below.

property constraint

constraint?: pulumi.Input<string>;

The name of the Constraint the Policy is configuring, for example, serviceuser.services. Check out the complete list of available constraints.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the organization policy. etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

property folder

folder?: pulumi.Input<string>;

The resource name of the folder to set the policy for. Its format is folders/{folder_id}.

property listPolicy

listPolicy?: pulumi.Input<{ ... }>;

A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.

property restorePolicy

restorePolicy?: pulumi.Input<{ ... }>;

A restore policy is a constraint to restore the default policy. Structure is documented below.

property updateTime

updateTime?: pulumi.Input<string>;

(Computed) The timestamp in RFC3339 UTC “Zulu” format, accurate to nanoseconds, representing when the variable was last updated. Example: “2016-10-09T12:33:37.578138407Z”.

property version

version?: pulumi.Input<number>;

Version of the Policy. Default version is 0.