@pulumi/gcp 6.15.0 → 6.15.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/billing/accountIamBinding.d.ts +105 -0
- package/billing/accountIamBinding.js +75 -0
- package/billing/accountIamBinding.js.map +1 -1
- package/billing/accountIamMember.d.ts +105 -0
- package/billing/accountIamMember.js +75 -0
- package/billing/accountIamMember.js.map +1 -1
- package/billing/accountIamPolicy.d.ts +99 -0
- package/billing/accountIamPolicy.js +75 -0
- package/billing/accountIamPolicy.js.map +1 -1
- package/cloudfunctions/functionIamBinding.d.ts +142 -0
- package/cloudfunctions/functionIamBinding.js +85 -0
- package/cloudfunctions/functionIamBinding.js.map +1 -1
- package/cloudfunctions/functionIamMember.d.ts +142 -0
- package/cloudfunctions/functionIamMember.js +85 -0
- package/cloudfunctions/functionIamMember.js.map +1 -1
- package/cloudfunctions/functionIamPolicy.d.ts +139 -0
- package/cloudfunctions/functionIamPolicy.js +85 -0
- package/cloudfunctions/functionIamPolicy.js.map +1 -1
- package/compute/backendServiceIamBinding.d.ts +79 -0
- package/compute/backendServiceIamBinding.js +25 -0
- package/compute/backendServiceIamBinding.js.map +1 -1
- package/compute/backendServiceIamMember.d.ts +79 -0
- package/compute/backendServiceIamMember.js +25 -0
- package/compute/backendServiceIamMember.js.map +1 -1
- package/compute/backendServiceIamPolicy.d.ts +64 -0
- package/compute/backendServiceIamPolicy.js +25 -0
- package/compute/backendServiceIamPolicy.js.map +1 -1
- package/compute/mangedSslCertificate.d.ts +157 -27
- package/compute/mangedSslCertificate.js +97 -0
- package/compute/mangedSslCertificate.js.map +1 -1
- package/compute/regionBackendServiceIamBinding.d.ts +100 -0
- package/compute/regionBackendServiceIamBinding.js +25 -0
- package/compute/regionBackendServiceIamBinding.js.map +1 -1
- package/compute/regionBackendServiceIamMember.d.ts +100 -0
- package/compute/regionBackendServiceIamMember.js +25 -0
- package/compute/regionBackendServiceIamMember.js.map +1 -1
- package/compute/regionBackendServiceIamPolicy.d.ts +85 -0
- package/compute/regionBackendServiceIamPolicy.js +25 -0
- package/compute/regionBackendServiceIamPolicy.js.map +1 -1
- package/datacatalog/tagTemplateIamBinding.d.ts +121 -0
- package/datacatalog/tagTemplateIamBinding.js +79 -0
- package/datacatalog/tagTemplateIamBinding.js.map +1 -1
- package/datacatalog/tagTemplateIamMember.d.ts +121 -0
- package/datacatalog/tagTemplateIamMember.js +79 -0
- package/datacatalog/tagTemplateIamMember.js.map +1 -1
- package/datacatalog/tagTemplateIamPolicy.d.ts +118 -0
- package/datacatalog/tagTemplateIamPolicy.js +79 -0
- package/datacatalog/tagTemplateIamPolicy.js.map +1 -1
- package/folder/iamAuditConfig.d.ts +200 -8
- package/folder/iamAuditConfig.js +183 -0
- package/folder/iamAuditConfig.js.map +1 -1
- package/folder/iammember.d.ts +225 -0
- package/folder/iammember.js +183 -0
- package/folder/iammember.js.map +1 -1
- package/folder/iampolicy.d.ts +213 -0
- package/folder/iampolicy.js +183 -0
- package/folder/iampolicy.js.map +1 -1
- package/kms/registry.d.ts +149 -18
- package/kms/registry.js +89 -0
- package/kms/registry.js.map +1 -1
- package/monitoring/getSecretVersion.d.ts +52 -0
- package/monitoring/getSecretVersion.js +14 -0
- package/monitoring/getSecretVersion.js.map +1 -1
- package/organizations/iammember.d.ts +228 -3
- package/organizations/iammember.js +186 -0
- package/organizations/iammember.js.map +1 -1
- package/organizations/iampolicy.d.ts +216 -3
- package/organizations/iampolicy.js +186 -0
- package/organizations/iampolicy.js.map +1 -1
- package/package.json +2 -2
- package/package.json.dev +2 -2
- package/sourcerepo/getRepository.d.ts +29 -0
- package/sourcerepo/getRepository.js +17 -0
- package/sourcerepo/getRepository.js.map +1 -1
- package/types/input.d.ts +77 -0
- package/types/output.d.ts +77 -0
|
@@ -1,4 +1,29 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
/**
|
|
3
|
+
* ## Import
|
|
4
|
+
*
|
|
5
|
+
* For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendServices/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration. Compute Engine backendservice IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.
|
|
6
|
+
*
|
|
7
|
+
* ```sh
|
|
8
|
+
* $ pulumi import gcp:compute/backendServiceIamPolicy:BackendServiceIamPolicy editor "projects/{{project}}/global/backendServices/{{backend_service}} roles/compute.admin user:jane@example.com"
|
|
9
|
+
* ```
|
|
10
|
+
*
|
|
11
|
+
* IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.
|
|
12
|
+
*
|
|
13
|
+
* ```sh
|
|
14
|
+
* $ pulumi import gcp:compute/backendServiceIamPolicy:BackendServiceIamPolicy editor "projects/{{project}}/global/backendServices/{{backend_service}} roles/compute.admin"
|
|
15
|
+
* ```
|
|
16
|
+
*
|
|
17
|
+
* IAM policy imports use the identifier of the resource in question, e.g.
|
|
18
|
+
*
|
|
19
|
+
* ```sh
|
|
20
|
+
* $ pulumi import gcp:compute/backendServiceIamPolicy:BackendServiceIamPolicy editor projects/{{project}}/global/backendServices/{{backend_service}}
|
|
21
|
+
* ```
|
|
22
|
+
*
|
|
23
|
+
* -> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the
|
|
24
|
+
*
|
|
25
|
+
* full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
|
|
26
|
+
*/
|
|
2
27
|
export declare class BackendServiceIamPolicy extends pulumi.CustomResource {
|
|
3
28
|
/**
|
|
4
29
|
* Get an existing BackendServiceIamPolicy resource's state with the given name, ID, and optional extra
|
|
@@ -15,9 +40,23 @@ export declare class BackendServiceIamPolicy extends pulumi.CustomResource {
|
|
|
15
40
|
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
16
41
|
*/
|
|
17
42
|
static isInstance(obj: any): obj is BackendServiceIamPolicy;
|
|
43
|
+
/**
|
|
44
|
+
* (Computed) The etag of the IAM policy.
|
|
45
|
+
*/
|
|
18
46
|
readonly etag: pulumi.Output<string>;
|
|
47
|
+
/**
|
|
48
|
+
* Used to find the parent resource to bind the IAM policy to
|
|
49
|
+
*/
|
|
19
50
|
readonly name: pulumi.Output<string>;
|
|
51
|
+
/**
|
|
52
|
+
* The policy data generated by
|
|
53
|
+
* a `gcp.organizations.getIAMPolicy` data source.
|
|
54
|
+
*/
|
|
20
55
|
readonly policyData: pulumi.Output<string>;
|
|
56
|
+
/**
|
|
57
|
+
* The ID of the project in which the resource belongs.
|
|
58
|
+
* If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
|
|
59
|
+
*/
|
|
21
60
|
readonly project: pulumi.Output<string>;
|
|
22
61
|
/**
|
|
23
62
|
* Create a BackendServiceIamPolicy resource with the given unique name, arguments, and options.
|
|
@@ -32,16 +71,41 @@ export declare class BackendServiceIamPolicy extends pulumi.CustomResource {
|
|
|
32
71
|
* Input properties used for looking up and filtering BackendServiceIamPolicy resources.
|
|
33
72
|
*/
|
|
34
73
|
export interface BackendServiceIamPolicyState {
|
|
74
|
+
/**
|
|
75
|
+
* (Computed) The etag of the IAM policy.
|
|
76
|
+
*/
|
|
35
77
|
etag?: pulumi.Input<string>;
|
|
78
|
+
/**
|
|
79
|
+
* Used to find the parent resource to bind the IAM policy to
|
|
80
|
+
*/
|
|
36
81
|
name?: pulumi.Input<string>;
|
|
82
|
+
/**
|
|
83
|
+
* The policy data generated by
|
|
84
|
+
* a `gcp.organizations.getIAMPolicy` data source.
|
|
85
|
+
*/
|
|
37
86
|
policyData?: pulumi.Input<string>;
|
|
87
|
+
/**
|
|
88
|
+
* The ID of the project in which the resource belongs.
|
|
89
|
+
* If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
|
|
90
|
+
*/
|
|
38
91
|
project?: pulumi.Input<string>;
|
|
39
92
|
}
|
|
40
93
|
/**
|
|
41
94
|
* The set of arguments for constructing a BackendServiceIamPolicy resource.
|
|
42
95
|
*/
|
|
43
96
|
export interface BackendServiceIamPolicyArgs {
|
|
97
|
+
/**
|
|
98
|
+
* Used to find the parent resource to bind the IAM policy to
|
|
99
|
+
*/
|
|
44
100
|
name?: pulumi.Input<string>;
|
|
101
|
+
/**
|
|
102
|
+
* The policy data generated by
|
|
103
|
+
* a `gcp.organizations.getIAMPolicy` data source.
|
|
104
|
+
*/
|
|
45
105
|
policyData: pulumi.Input<string>;
|
|
106
|
+
/**
|
|
107
|
+
* The ID of the project in which the resource belongs.
|
|
108
|
+
* If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
|
|
109
|
+
*/
|
|
46
110
|
project?: pulumi.Input<string>;
|
|
47
111
|
}
|
|
@@ -5,6 +5,31 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
5
5
|
exports.BackendServiceIamPolicy = void 0;
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
|
+
/**
|
|
9
|
+
* ## Import
|
|
10
|
+
*
|
|
11
|
+
* For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/global/backendServices/{{name}} * {{project}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration. Compute Engine backendservice IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.
|
|
12
|
+
*
|
|
13
|
+
* ```sh
|
|
14
|
+
* $ pulumi import gcp:compute/backendServiceIamPolicy:BackendServiceIamPolicy editor "projects/{{project}}/global/backendServices/{{backend_service}} roles/compute.admin user:jane@example.com"
|
|
15
|
+
* ```
|
|
16
|
+
*
|
|
17
|
+
* IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.
|
|
18
|
+
*
|
|
19
|
+
* ```sh
|
|
20
|
+
* $ pulumi import gcp:compute/backendServiceIamPolicy:BackendServiceIamPolicy editor "projects/{{project}}/global/backendServices/{{backend_service}} roles/compute.admin"
|
|
21
|
+
* ```
|
|
22
|
+
*
|
|
23
|
+
* IAM policy imports use the identifier of the resource in question, e.g.
|
|
24
|
+
*
|
|
25
|
+
* ```sh
|
|
26
|
+
* $ pulumi import gcp:compute/backendServiceIamPolicy:BackendServiceIamPolicy editor projects/{{project}}/global/backendServices/{{backend_service}}
|
|
27
|
+
* ```
|
|
28
|
+
*
|
|
29
|
+
* -> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the
|
|
30
|
+
*
|
|
31
|
+
* full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
|
|
32
|
+
*/
|
|
8
33
|
class BackendServiceIamPolicy extends pulumi.CustomResource {
|
|
9
34
|
constructor(name, argsOrState, opts) {
|
|
10
35
|
let resourceInputs = {};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"backendServiceIamPolicy.js","sourceRoot":"","sources":["../../compute/backendServiceIamPolicy.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C,MAAa,uBAAwB,SAAQ,MAAM,CAAC,cAAc;
|
|
1
|
+
{"version":3,"file":"backendServiceIamPolicy.js","sourceRoot":"","sources":["../../compute/backendServiceIamPolicy.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAa,uBAAwB,SAAQ,MAAM,CAAC,cAAc;IAuD9D,YAAY,IAAY,EAAE,WAAwE,EAAE,IAAmC;QACnI,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAuD,CAAC;YACtE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;aAAM;YACH,MAAM,IAAI,GAAG,WAAsD,CAAC;YACpE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC9C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,uBAAuB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC5E,CAAC;IA3ED;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAoC,EAAE,IAAmC;QAClI,OAAO,IAAI,uBAAuB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC9E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,uBAAuB,CAAC,YAAY,CAAC;IACxE,CAAC;;AA1BL,0DA6EC;AA/DG,gBAAgB;AACO,oCAAY,GAAG,6DAA6D,CAAC"}
|
|
@@ -1,6 +1,103 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
import { input as inputs, output as outputs } from "../types";
|
|
3
3
|
/**
|
|
4
|
+
* An SslCertificate resource, used for HTTPS load balancing. This resource
|
|
5
|
+
* represents a certificate for which the certificate secrets are created and
|
|
6
|
+
* managed by Google.
|
|
7
|
+
*
|
|
8
|
+
* For a resource where you provide the key, see the
|
|
9
|
+
* SSL Certificate resource.
|
|
10
|
+
*
|
|
11
|
+
* To get more information about ManagedSslCertificate, see:
|
|
12
|
+
*
|
|
13
|
+
* * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates)
|
|
14
|
+
* * How-to Guides
|
|
15
|
+
* * [Official Documentation](https://cloud.google.com/load-balancing/docs/ssl-certificates)
|
|
16
|
+
*
|
|
17
|
+
* > **Warning:** This resource should be used with extreme caution! Provisioning an SSL
|
|
18
|
+
* certificate is complex. Ensure that you understand the lifecycle of a
|
|
19
|
+
* certificate before attempting complex tasks like cert rotation automatically.
|
|
20
|
+
* This resource will "return" as soon as the certificate object is created,
|
|
21
|
+
* but post-creation the certificate object will go through a "provisioning"
|
|
22
|
+
* process. The provisioning process can complete only when the domain name
|
|
23
|
+
* for which the certificate is created points to a target pool which, itself,
|
|
24
|
+
* points at the certificate. Depending on your DNS provider, this may take
|
|
25
|
+
* some time, and migrating from self-managed certificates to Google-managed
|
|
26
|
+
* certificates may entail some downtime while the certificate provisions.
|
|
27
|
+
*
|
|
28
|
+
* In conclusion: Be extremely cautious.
|
|
29
|
+
*
|
|
30
|
+
* ## Example Usage
|
|
31
|
+
* ### Managed Ssl Certificate Basic
|
|
32
|
+
*
|
|
33
|
+
* ```typescript
|
|
34
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
35
|
+
* import * as gcp from "@pulumi/gcp";
|
|
36
|
+
*
|
|
37
|
+
* const defaultManagedSslCertificate = new gcp.compute.ManagedSslCertificate("defaultManagedSslCertificate", {managed: {
|
|
38
|
+
* domains: ["sslcert.tf-test.club."],
|
|
39
|
+
* }});
|
|
40
|
+
* const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", {
|
|
41
|
+
* requestPath: "/",
|
|
42
|
+
* checkIntervalSec: 1,
|
|
43
|
+
* timeoutSec: 1,
|
|
44
|
+
* });
|
|
45
|
+
* const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
|
|
46
|
+
* portName: "http",
|
|
47
|
+
* protocol: "HTTP",
|
|
48
|
+
* timeoutSec: 10,
|
|
49
|
+
* healthChecks: [defaultHttpHealthCheck.id],
|
|
50
|
+
* });
|
|
51
|
+
* const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", {
|
|
52
|
+
* description: "a description",
|
|
53
|
+
* defaultService: defaultBackendService.id,
|
|
54
|
+
* hostRules: [{
|
|
55
|
+
* hosts: ["sslcert.tf-test.club"],
|
|
56
|
+
* pathMatcher: "allpaths",
|
|
57
|
+
* }],
|
|
58
|
+
* pathMatchers: [{
|
|
59
|
+
* name: "allpaths",
|
|
60
|
+
* defaultService: defaultBackendService.id,
|
|
61
|
+
* pathRules: [{
|
|
62
|
+
* paths: ["/*"],
|
|
63
|
+
* service: defaultBackendService.id,
|
|
64
|
+
* }],
|
|
65
|
+
* }],
|
|
66
|
+
* });
|
|
67
|
+
* const defaultTargetHttpsProxy = new gcp.compute.TargetHttpsProxy("defaultTargetHttpsProxy", {
|
|
68
|
+
* urlMap: defaultURLMap.id,
|
|
69
|
+
* sslCertificates: [defaultManagedSslCertificate.id],
|
|
70
|
+
* });
|
|
71
|
+
* const zone = new gcp.dns.ManagedZone("zone", {dnsName: "sslcert.tf-test.club."});
|
|
72
|
+
* const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", {
|
|
73
|
+
* target: defaultTargetHttpsProxy.id,
|
|
74
|
+
* portRange: 443,
|
|
75
|
+
* });
|
|
76
|
+
* const set = new gcp.dns.RecordSet("set", {
|
|
77
|
+
* name: "sslcert.tf-test.club.",
|
|
78
|
+
* type: "A",
|
|
79
|
+
* ttl: 3600,
|
|
80
|
+
* managedZone: zone.name,
|
|
81
|
+
* rrdatas: [defaultGlobalForwardingRule.ipAddress],
|
|
82
|
+
* });
|
|
83
|
+
* ```
|
|
84
|
+
*
|
|
85
|
+
* ## Import
|
|
86
|
+
*
|
|
87
|
+
* ManagedSslCertificate can be imported using any of these accepted formats
|
|
88
|
+
*
|
|
89
|
+
* ```sh
|
|
90
|
+
* $ pulumi import gcp:compute/mangedSslCertificate:MangedSslCertificate default projects/{{project}}/global/sslCertificates/{{name}}
|
|
91
|
+
* ```
|
|
92
|
+
*
|
|
93
|
+
* ```sh
|
|
94
|
+
* $ pulumi import gcp:compute/mangedSslCertificate:MangedSslCertificate default {{project}}/{{name}}
|
|
95
|
+
* ```
|
|
96
|
+
*
|
|
97
|
+
* ```sh
|
|
98
|
+
* $ pulumi import gcp:compute/mangedSslCertificate:MangedSslCertificate default {{name}}
|
|
99
|
+
* ```
|
|
100
|
+
*
|
|
4
101
|
* @deprecated gcp.compute.MangedSslCertificate has been deprecated in favor of gcp.compute.ManagedSslCertificate
|
|
5
102
|
*/
|
|
6
103
|
export declare class MangedSslCertificate extends pulumi.CustomResource {
|
|
@@ -36,27 +133,39 @@ export declare class MangedSslCertificate extends pulumi.CustomResource {
|
|
|
36
133
|
*/
|
|
37
134
|
readonly expireTime: pulumi.Output<string>;
|
|
38
135
|
/**
|
|
39
|
-
* Properties relevant to a managed certificate.
|
|
40
|
-
* of
|
|
136
|
+
* Properties relevant to a managed certificate. These will be used if the
|
|
137
|
+
* certificate is managed (as indicated by a value of `MANAGED` in `type`).
|
|
138
|
+
* Structure is documented below.
|
|
41
139
|
*/
|
|
42
140
|
readonly managed: pulumi.Output<outputs.compute.MangedSslCertificateManaged | undefined>;
|
|
43
141
|
/**
|
|
44
|
-
* Name of the resource. Provided by the client when the resource is
|
|
45
|
-
*
|
|
46
|
-
*
|
|
47
|
-
*
|
|
48
|
-
*
|
|
142
|
+
* Name of the resource. Provided by the client when the resource is
|
|
143
|
+
* created. The name must be 1-63 characters long, and comply with
|
|
144
|
+
* RFC1035. Specifically, the name must be 1-63 characters long and match
|
|
145
|
+
* the regular expression `a-z?` which means the
|
|
146
|
+
* first character must be a lowercase letter, and all following
|
|
147
|
+
* characters must be a dash, lowercase letter, or digit, except the last
|
|
148
|
+
* character, which cannot be a dash.
|
|
49
149
|
*/
|
|
50
150
|
readonly name: pulumi.Output<string>;
|
|
151
|
+
/**
|
|
152
|
+
* The ID of the project in which the resource belongs.
|
|
153
|
+
* If it is not provided, the provider project is used.
|
|
154
|
+
*/
|
|
51
155
|
readonly project: pulumi.Output<string>;
|
|
156
|
+
/**
|
|
157
|
+
* The URI of the created resource.
|
|
158
|
+
*/
|
|
52
159
|
readonly selfLink: pulumi.Output<string>;
|
|
53
160
|
/**
|
|
54
161
|
* Domains associated with the certificate via Subject Alternative Name.
|
|
55
162
|
*/
|
|
56
163
|
readonly subjectAlternativeNames: pulumi.Output<string[]>;
|
|
57
164
|
/**
|
|
58
|
-
* Enum field whose value is always
|
|
59
|
-
*
|
|
165
|
+
* Enum field whose value is always `MANAGED` - used to signal to the API
|
|
166
|
+
* which type this is.
|
|
167
|
+
* Default value is `MANAGED`.
|
|
168
|
+
* Possible values are `MANAGED`.
|
|
60
169
|
*/
|
|
61
170
|
readonly type: pulumi.Output<string | undefined>;
|
|
62
171
|
/**
|
|
@@ -90,27 +199,39 @@ export interface MangedSslCertificateState {
|
|
|
90
199
|
*/
|
|
91
200
|
expireTime?: pulumi.Input<string>;
|
|
92
201
|
/**
|
|
93
|
-
* Properties relevant to a managed certificate.
|
|
94
|
-
* of
|
|
202
|
+
* Properties relevant to a managed certificate. These will be used if the
|
|
203
|
+
* certificate is managed (as indicated by a value of `MANAGED` in `type`).
|
|
204
|
+
* Structure is documented below.
|
|
95
205
|
*/
|
|
96
206
|
managed?: pulumi.Input<inputs.compute.MangedSslCertificateManaged>;
|
|
97
207
|
/**
|
|
98
|
-
* Name of the resource. Provided by the client when the resource is
|
|
99
|
-
*
|
|
100
|
-
*
|
|
101
|
-
*
|
|
102
|
-
*
|
|
208
|
+
* Name of the resource. Provided by the client when the resource is
|
|
209
|
+
* created. The name must be 1-63 characters long, and comply with
|
|
210
|
+
* RFC1035. Specifically, the name must be 1-63 characters long and match
|
|
211
|
+
* the regular expression `a-z?` which means the
|
|
212
|
+
* first character must be a lowercase letter, and all following
|
|
213
|
+
* characters must be a dash, lowercase letter, or digit, except the last
|
|
214
|
+
* character, which cannot be a dash.
|
|
103
215
|
*/
|
|
104
216
|
name?: pulumi.Input<string>;
|
|
217
|
+
/**
|
|
218
|
+
* The ID of the project in which the resource belongs.
|
|
219
|
+
* If it is not provided, the provider project is used.
|
|
220
|
+
*/
|
|
105
221
|
project?: pulumi.Input<string>;
|
|
222
|
+
/**
|
|
223
|
+
* The URI of the created resource.
|
|
224
|
+
*/
|
|
106
225
|
selfLink?: pulumi.Input<string>;
|
|
107
226
|
/**
|
|
108
227
|
* Domains associated with the certificate via Subject Alternative Name.
|
|
109
228
|
*/
|
|
110
229
|
subjectAlternativeNames?: pulumi.Input<pulumi.Input<string>[]>;
|
|
111
230
|
/**
|
|
112
|
-
* Enum field whose value is always
|
|
113
|
-
*
|
|
231
|
+
* Enum field whose value is always `MANAGED` - used to signal to the API
|
|
232
|
+
* which type this is.
|
|
233
|
+
* Default value is `MANAGED`.
|
|
234
|
+
* Possible values are `MANAGED`.
|
|
114
235
|
*/
|
|
115
236
|
type?: pulumi.Input<string>;
|
|
116
237
|
}
|
|
@@ -127,22 +248,31 @@ export interface MangedSslCertificateArgs {
|
|
|
127
248
|
*/
|
|
128
249
|
description?: pulumi.Input<string>;
|
|
129
250
|
/**
|
|
130
|
-
* Properties relevant to a managed certificate.
|
|
131
|
-
* of
|
|
251
|
+
* Properties relevant to a managed certificate. These will be used if the
|
|
252
|
+
* certificate is managed (as indicated by a value of `MANAGED` in `type`).
|
|
253
|
+
* Structure is documented below.
|
|
132
254
|
*/
|
|
133
255
|
managed?: pulumi.Input<inputs.compute.MangedSslCertificateManaged>;
|
|
134
256
|
/**
|
|
135
|
-
* Name of the resource. Provided by the client when the resource is
|
|
136
|
-
*
|
|
137
|
-
*
|
|
138
|
-
*
|
|
139
|
-
*
|
|
257
|
+
* Name of the resource. Provided by the client when the resource is
|
|
258
|
+
* created. The name must be 1-63 characters long, and comply with
|
|
259
|
+
* RFC1035. Specifically, the name must be 1-63 characters long and match
|
|
260
|
+
* the regular expression `a-z?` which means the
|
|
261
|
+
* first character must be a lowercase letter, and all following
|
|
262
|
+
* characters must be a dash, lowercase letter, or digit, except the last
|
|
263
|
+
* character, which cannot be a dash.
|
|
140
264
|
*/
|
|
141
265
|
name?: pulumi.Input<string>;
|
|
266
|
+
/**
|
|
267
|
+
* The ID of the project in which the resource belongs.
|
|
268
|
+
* If it is not provided, the provider project is used.
|
|
269
|
+
*/
|
|
142
270
|
project?: pulumi.Input<string>;
|
|
143
271
|
/**
|
|
144
|
-
* Enum field whose value is always
|
|
145
|
-
*
|
|
272
|
+
* Enum field whose value is always `MANAGED` - used to signal to the API
|
|
273
|
+
* which type this is.
|
|
274
|
+
* Default value is `MANAGED`.
|
|
275
|
+
* Possible values are `MANAGED`.
|
|
146
276
|
*/
|
|
147
277
|
type?: pulumi.Input<string>;
|
|
148
278
|
}
|
|
@@ -6,6 +6,103 @@ exports.MangedSslCertificate = void 0;
|
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
/**
|
|
9
|
+
* An SslCertificate resource, used for HTTPS load balancing. This resource
|
|
10
|
+
* represents a certificate for which the certificate secrets are created and
|
|
11
|
+
* managed by Google.
|
|
12
|
+
*
|
|
13
|
+
* For a resource where you provide the key, see the
|
|
14
|
+
* SSL Certificate resource.
|
|
15
|
+
*
|
|
16
|
+
* To get more information about ManagedSslCertificate, see:
|
|
17
|
+
*
|
|
18
|
+
* * [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/sslCertificates)
|
|
19
|
+
* * How-to Guides
|
|
20
|
+
* * [Official Documentation](https://cloud.google.com/load-balancing/docs/ssl-certificates)
|
|
21
|
+
*
|
|
22
|
+
* > **Warning:** This resource should be used with extreme caution! Provisioning an SSL
|
|
23
|
+
* certificate is complex. Ensure that you understand the lifecycle of a
|
|
24
|
+
* certificate before attempting complex tasks like cert rotation automatically.
|
|
25
|
+
* This resource will "return" as soon as the certificate object is created,
|
|
26
|
+
* but post-creation the certificate object will go through a "provisioning"
|
|
27
|
+
* process. The provisioning process can complete only when the domain name
|
|
28
|
+
* for which the certificate is created points to a target pool which, itself,
|
|
29
|
+
* points at the certificate. Depending on your DNS provider, this may take
|
|
30
|
+
* some time, and migrating from self-managed certificates to Google-managed
|
|
31
|
+
* certificates may entail some downtime while the certificate provisions.
|
|
32
|
+
*
|
|
33
|
+
* In conclusion: Be extremely cautious.
|
|
34
|
+
*
|
|
35
|
+
* ## Example Usage
|
|
36
|
+
* ### Managed Ssl Certificate Basic
|
|
37
|
+
*
|
|
38
|
+
* ```typescript
|
|
39
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
40
|
+
* import * as gcp from "@pulumi/gcp";
|
|
41
|
+
*
|
|
42
|
+
* const defaultManagedSslCertificate = new gcp.compute.ManagedSslCertificate("defaultManagedSslCertificate", {managed: {
|
|
43
|
+
* domains: ["sslcert.tf-test.club."],
|
|
44
|
+
* }});
|
|
45
|
+
* const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("defaultHttpHealthCheck", {
|
|
46
|
+
* requestPath: "/",
|
|
47
|
+
* checkIntervalSec: 1,
|
|
48
|
+
* timeoutSec: 1,
|
|
49
|
+
* });
|
|
50
|
+
* const defaultBackendService = new gcp.compute.BackendService("defaultBackendService", {
|
|
51
|
+
* portName: "http",
|
|
52
|
+
* protocol: "HTTP",
|
|
53
|
+
* timeoutSec: 10,
|
|
54
|
+
* healthChecks: [defaultHttpHealthCheck.id],
|
|
55
|
+
* });
|
|
56
|
+
* const defaultURLMap = new gcp.compute.URLMap("defaultURLMap", {
|
|
57
|
+
* description: "a description",
|
|
58
|
+
* defaultService: defaultBackendService.id,
|
|
59
|
+
* hostRules: [{
|
|
60
|
+
* hosts: ["sslcert.tf-test.club"],
|
|
61
|
+
* pathMatcher: "allpaths",
|
|
62
|
+
* }],
|
|
63
|
+
* pathMatchers: [{
|
|
64
|
+
* name: "allpaths",
|
|
65
|
+
* defaultService: defaultBackendService.id,
|
|
66
|
+
* pathRules: [{
|
|
67
|
+
* paths: ["/*"],
|
|
68
|
+
* service: defaultBackendService.id,
|
|
69
|
+
* }],
|
|
70
|
+
* }],
|
|
71
|
+
* });
|
|
72
|
+
* const defaultTargetHttpsProxy = new gcp.compute.TargetHttpsProxy("defaultTargetHttpsProxy", {
|
|
73
|
+
* urlMap: defaultURLMap.id,
|
|
74
|
+
* sslCertificates: [defaultManagedSslCertificate.id],
|
|
75
|
+
* });
|
|
76
|
+
* const zone = new gcp.dns.ManagedZone("zone", {dnsName: "sslcert.tf-test.club."});
|
|
77
|
+
* const defaultGlobalForwardingRule = new gcp.compute.GlobalForwardingRule("defaultGlobalForwardingRule", {
|
|
78
|
+
* target: defaultTargetHttpsProxy.id,
|
|
79
|
+
* portRange: 443,
|
|
80
|
+
* });
|
|
81
|
+
* const set = new gcp.dns.RecordSet("set", {
|
|
82
|
+
* name: "sslcert.tf-test.club.",
|
|
83
|
+
* type: "A",
|
|
84
|
+
* ttl: 3600,
|
|
85
|
+
* managedZone: zone.name,
|
|
86
|
+
* rrdatas: [defaultGlobalForwardingRule.ipAddress],
|
|
87
|
+
* });
|
|
88
|
+
* ```
|
|
89
|
+
*
|
|
90
|
+
* ## Import
|
|
91
|
+
*
|
|
92
|
+
* ManagedSslCertificate can be imported using any of these accepted formats
|
|
93
|
+
*
|
|
94
|
+
* ```sh
|
|
95
|
+
* $ pulumi import gcp:compute/mangedSslCertificate:MangedSslCertificate default projects/{{project}}/global/sslCertificates/{{name}}
|
|
96
|
+
* ```
|
|
97
|
+
*
|
|
98
|
+
* ```sh
|
|
99
|
+
* $ pulumi import gcp:compute/mangedSslCertificate:MangedSslCertificate default {{project}}/{{name}}
|
|
100
|
+
* ```
|
|
101
|
+
*
|
|
102
|
+
* ```sh
|
|
103
|
+
* $ pulumi import gcp:compute/mangedSslCertificate:MangedSslCertificate default {{name}}
|
|
104
|
+
* ```
|
|
105
|
+
*
|
|
9
106
|
* @deprecated gcp.compute.MangedSslCertificate has been deprecated in favor of gcp.compute.ManagedSslCertificate
|
|
10
107
|
*/
|
|
11
108
|
class MangedSslCertificate extends pulumi.CustomResource {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mangedSslCertificate.js","sourceRoot":"","sources":["../../compute/mangedSslCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"mangedSslCertificate.js","sourceRoot":"","sources":["../../compute/mangedSslCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmGG;AACH,MAAa,oBAAqB,SAAQ,MAAM,CAAC,cAAc;IA2F3D,qHAAqH;IACrH,YAAY,IAAY,EAAE,WAAkE,EAAE,IAAmC;QAC7H,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,wIAAwI,CAAC,CAAA;QACzJ,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAoD,CAAC;YACnE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAmD,CAAC;YACjE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,mBAAmB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACxD,cAAc,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACjD,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,yBAAyB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACjE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,oBAAoB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACzE,CAAC;IA1HD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAiC,EAAE,IAAmC;QAC/H,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,wIAAwI,CAAC,CAAA;QACzJ,OAAO,IAAI,oBAAoB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC3E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,oBAAoB,CAAC,YAAY,CAAC;IACrE,CAAC;;AA3BL,oDA4HC;AA7GG,gBAAgB;AACO,iCAAY,GAAG,uDAAuD,CAAC"}
|
|
@@ -1,5 +1,30 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
import { input as inputs, output as outputs } from "../types";
|
|
3
|
+
/**
|
|
4
|
+
* ## Import
|
|
5
|
+
*
|
|
6
|
+
* For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/regions/{{region}}/backendServices/{{name}} * {{project}}/{{region}}/{{name}} * {{region}}/{{name}} * {{name}} Any variables not passed in the import command will be taken from the provider configuration. Compute Engine regionbackendservice IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.
|
|
7
|
+
*
|
|
8
|
+
* ```sh
|
|
9
|
+
* $ pulumi import gcp:compute/regionBackendServiceIamBinding:RegionBackendServiceIamBinding editor "projects/{{project}}/regions/{{region}}/backendServices/{{region_backend_service}} roles/compute.admin user:jane@example.com"
|
|
10
|
+
* ```
|
|
11
|
+
*
|
|
12
|
+
* IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.
|
|
13
|
+
*
|
|
14
|
+
* ```sh
|
|
15
|
+
* $ pulumi import gcp:compute/regionBackendServiceIamBinding:RegionBackendServiceIamBinding editor "projects/{{project}}/regions/{{region}}/backendServices/{{region_backend_service}} roles/compute.admin"
|
|
16
|
+
* ```
|
|
17
|
+
*
|
|
18
|
+
* IAM policy imports use the identifier of the resource in question, e.g.
|
|
19
|
+
*
|
|
20
|
+
* ```sh
|
|
21
|
+
* $ pulumi import gcp:compute/regionBackendServiceIamBinding:RegionBackendServiceIamBinding editor projects/{{project}}/regions/{{region}}/backendServices/{{region_backend_service}}
|
|
22
|
+
* ```
|
|
23
|
+
*
|
|
24
|
+
* -> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the
|
|
25
|
+
*
|
|
26
|
+
* full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
|
|
27
|
+
*/
|
|
3
28
|
export declare class RegionBackendServiceIamBinding extends pulumi.CustomResource {
|
|
4
29
|
/**
|
|
5
30
|
* Get an existing RegionBackendServiceIamBinding resource's state with the given name, ID, and optional extra
|
|
@@ -16,12 +41,38 @@ export declare class RegionBackendServiceIamBinding extends pulumi.CustomResourc
|
|
|
16
41
|
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
17
42
|
*/
|
|
18
43
|
static isInstance(obj: any): obj is RegionBackendServiceIamBinding;
|
|
44
|
+
/**
|
|
45
|
+
* ) An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
|
|
46
|
+
* Structure is documented below.
|
|
47
|
+
*/
|
|
19
48
|
readonly condition: pulumi.Output<outputs.compute.RegionBackendServiceIamBindingCondition | undefined>;
|
|
49
|
+
/**
|
|
50
|
+
* (Computed) The etag of the IAM policy.
|
|
51
|
+
*/
|
|
20
52
|
readonly etag: pulumi.Output<string>;
|
|
21
53
|
readonly members: pulumi.Output<string[]>;
|
|
54
|
+
/**
|
|
55
|
+
* Used to find the parent resource to bind the IAM policy to
|
|
56
|
+
*/
|
|
22
57
|
readonly name: pulumi.Output<string>;
|
|
58
|
+
/**
|
|
59
|
+
* The ID of the project in which the resource belongs.
|
|
60
|
+
* If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
|
|
61
|
+
*/
|
|
23
62
|
readonly project: pulumi.Output<string>;
|
|
63
|
+
/**
|
|
64
|
+
* The Region in which the created backend service should reside.
|
|
65
|
+
* If it is not provided, the provider region is used.
|
|
66
|
+
* Used to find the parent resource to bind the IAM policy to. If not specified,
|
|
67
|
+
* the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no
|
|
68
|
+
* region is specified, it is taken from the provider configuration.
|
|
69
|
+
*/
|
|
24
70
|
readonly region: pulumi.Output<string>;
|
|
71
|
+
/**
|
|
72
|
+
* The role that should be applied. Only one
|
|
73
|
+
* `gcp.compute.RegionBackendServiceIamBinding` can be used per role. Note that custom roles must be of the format
|
|
74
|
+
* `[projects|organizations]/{parent-name}/roles/{role-name}`.
|
|
75
|
+
*/
|
|
25
76
|
readonly role: pulumi.Output<string>;
|
|
26
77
|
/**
|
|
27
78
|
* Create a RegionBackendServiceIamBinding resource with the given unique name, arguments, and options.
|
|
@@ -36,22 +87,71 @@ export declare class RegionBackendServiceIamBinding extends pulumi.CustomResourc
|
|
|
36
87
|
* Input properties used for looking up and filtering RegionBackendServiceIamBinding resources.
|
|
37
88
|
*/
|
|
38
89
|
export interface RegionBackendServiceIamBindingState {
|
|
90
|
+
/**
|
|
91
|
+
* ) An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
|
|
92
|
+
* Structure is documented below.
|
|
93
|
+
*/
|
|
39
94
|
condition?: pulumi.Input<inputs.compute.RegionBackendServiceIamBindingCondition>;
|
|
95
|
+
/**
|
|
96
|
+
* (Computed) The etag of the IAM policy.
|
|
97
|
+
*/
|
|
40
98
|
etag?: pulumi.Input<string>;
|
|
41
99
|
members?: pulumi.Input<pulumi.Input<string>[]>;
|
|
100
|
+
/**
|
|
101
|
+
* Used to find the parent resource to bind the IAM policy to
|
|
102
|
+
*/
|
|
42
103
|
name?: pulumi.Input<string>;
|
|
104
|
+
/**
|
|
105
|
+
* The ID of the project in which the resource belongs.
|
|
106
|
+
* If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
|
|
107
|
+
*/
|
|
43
108
|
project?: pulumi.Input<string>;
|
|
109
|
+
/**
|
|
110
|
+
* The Region in which the created backend service should reside.
|
|
111
|
+
* If it is not provided, the provider region is used.
|
|
112
|
+
* Used to find the parent resource to bind the IAM policy to. If not specified,
|
|
113
|
+
* the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no
|
|
114
|
+
* region is specified, it is taken from the provider configuration.
|
|
115
|
+
*/
|
|
44
116
|
region?: pulumi.Input<string>;
|
|
117
|
+
/**
|
|
118
|
+
* The role that should be applied. Only one
|
|
119
|
+
* `gcp.compute.RegionBackendServiceIamBinding` can be used per role. Note that custom roles must be of the format
|
|
120
|
+
* `[projects|organizations]/{parent-name}/roles/{role-name}`.
|
|
121
|
+
*/
|
|
45
122
|
role?: pulumi.Input<string>;
|
|
46
123
|
}
|
|
47
124
|
/**
|
|
48
125
|
* The set of arguments for constructing a RegionBackendServiceIamBinding resource.
|
|
49
126
|
*/
|
|
50
127
|
export interface RegionBackendServiceIamBindingArgs {
|
|
128
|
+
/**
|
|
129
|
+
* ) An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
|
|
130
|
+
* Structure is documented below.
|
|
131
|
+
*/
|
|
51
132
|
condition?: pulumi.Input<inputs.compute.RegionBackendServiceIamBindingCondition>;
|
|
52
133
|
members: pulumi.Input<pulumi.Input<string>[]>;
|
|
134
|
+
/**
|
|
135
|
+
* Used to find the parent resource to bind the IAM policy to
|
|
136
|
+
*/
|
|
53
137
|
name?: pulumi.Input<string>;
|
|
138
|
+
/**
|
|
139
|
+
* The ID of the project in which the resource belongs.
|
|
140
|
+
* If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
|
|
141
|
+
*/
|
|
54
142
|
project?: pulumi.Input<string>;
|
|
143
|
+
/**
|
|
144
|
+
* The Region in which the created backend service should reside.
|
|
145
|
+
* If it is not provided, the provider region is used.
|
|
146
|
+
* Used to find the parent resource to bind the IAM policy to. If not specified,
|
|
147
|
+
* the value will be parsed from the identifier of the parent resource. If no region is provided in the parent identifier and no
|
|
148
|
+
* region is specified, it is taken from the provider configuration.
|
|
149
|
+
*/
|
|
55
150
|
region?: pulumi.Input<string>;
|
|
151
|
+
/**
|
|
152
|
+
* The role that should be applied. Only one
|
|
153
|
+
* `gcp.compute.RegionBackendServiceIamBinding` can be used per role. Note that custom roles must be of the format
|
|
154
|
+
* `[projects|organizations]/{parent-name}/roles/{role-name}`.
|
|
155
|
+
*/
|
|
56
156
|
role: pulumi.Input<string>;
|
|
57
157
|
}
|