folder

class pulumi_gcp.folder.IAMBinding(resource_name, opts=None, folder=None, members=None, role=None, __name__=None, __opts__=None)

Allows creation and management of a single binding within IAM policy for an existing Google Cloud Platform folder.

Note: This resource must not be used in conjunction with
google_folder_iam_policy or they will fight over what your policy should be.
Note: On create, this resource will overwrite members of any existing roles.
Use terraform import and inspect the terraform plan output to ensure your existing members are preserved.
Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • folder (pulumi.Input[str]) – The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
  • members (pulumi.Input[list]) – An array of identites that will be granted the privilege in the role. Each entry can have one of the following values:
Parameters:role (pulumi.Input[str]) – The role that should be applied. Only one google_folder_iam_binding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.
etag = None

(Computed) The etag of the folder’s IAM policy.

folder = None

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

members = None

An array of identites that will be granted the privilege in the role. Each entry can have one of the following values:

role = None

The role that should be applied. Only one google_folder_iam_binding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_gcp.folder.IAMMember(resource_name, opts=None, folder=None, member=None, role=None, __name__=None, __opts__=None)

Allows creation and management of a single member for a single binding within the IAM policy for an existing Google Cloud Platform folder.

Note: This resource must not be used in conjunction with
google_folder_iam_policy or they will fight over what your policy should be. Similarly, roles controlled by google_folder_iam_binding should not be assigned to using google_folder_iam_member.
Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • folder (pulumi.Input[str]) – The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
  • member (pulumi.Input[str]) – The identity that will be granted the privilege in the role. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding This field can have one of the following values:
Parameters:role (pulumi.Input[str]) – The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.
etag = None

(Computed) The etag of the folder’s IAM policy.

folder = None

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

member = None

The identity that will be granted the privilege in the role. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding This field can have one of the following values:

  • user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
  • domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
role = None

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_gcp.folder.IAMPolicy(resource_name, opts=None, folder=None, policy_data=None, __name__=None, __opts__=None)

Allows creation and management of the IAM policy for an existing Google Cloud Platform folder.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • folder (pulumi.Input[str]) – The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.
  • policy_data (pulumi.Input[str]) – The google_iam_policy data source that represents the IAM policy that will be applied to the folder. This policy overrides any existing policy applied to the folder.
etag = None

(Computed) The etag of the folder’s IAM policy. etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

folder = None

The resource name of the folder the policy is attached to. Its format is folders/{folder_id}.

policy_data = None

The google_iam_policy data source that represents the IAM policy that will be applied to the folder. This policy overrides any existing policy applied to the folder.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_gcp.folder.OrganizationPolicy(resource_name, opts=None, boolean_policy=None, constraint=None, folder=None, list_policy=None, restore_policy=None, version=None, __name__=None, __opts__=None)

Allows management of Organization policies for a Google Folder. For more information see the official documentation and API.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • boolean_policy (pulumi.Input[dict]) – A boolean policy is a constraint that is either enforced or not. Structure is documented below.
  • constraint (pulumi.Input[str]) – The name of the Constraint the Policy is configuring, for example, serviceuser.services. Check out the complete list of available constraints.
  • folder (pulumi.Input[str]) – The resource name of the folder to set the policy for. Its format is folders/{folder_id}.
  • list_policy (pulumi.Input[dict]) – A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
  • restore_policy (pulumi.Input[dict]) – A restore policy is a constraint to restore the default policy. Structure is documented below.
  • version (pulumi.Input[float]) – Version of the Policy. Default version is 0.
boolean_policy = None

A boolean policy is a constraint that is either enforced or not. Structure is documented below.

constraint = None

The name of the Constraint the Policy is configuring, for example, serviceuser.services. Check out the complete list of available constraints.

etag = None

(Computed) The etag of the organization policy. etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

folder = None

The resource name of the folder to set the policy for. Its format is folders/{folder_id}.

list_policy = None

A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.

restore_policy = None

A restore policy is a constraint to restore the default policy. Structure is documented below.

update_time = None

(Computed) The timestamp in RFC3339 UTC “Zulu” format, accurate to nanoseconds, representing when the variable was last updated. Example: “2016-10-09T12:33:37.578138407Z”.

version = None

Version of the Policy. Default version is 0.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str