@pulumi/gcp 6.34.0-alpha.1660763172 → 6.35.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cloudfunctionsv2/function.d.ts +7 -33
- package/cloudfunctionsv2/function.js +7 -33
- package/cloudfunctionsv2/function.js.map +1 -1
- package/cloudfunctionsv2/functionIamBinding.d.ts +60 -0
- package/cloudfunctionsv2/functionIamBinding.js +60 -0
- package/cloudfunctionsv2/functionIamBinding.js.map +1 -1
- package/cloudfunctionsv2/functionIamMember.d.ts +60 -0
- package/cloudfunctionsv2/functionIamMember.js +60 -0
- package/cloudfunctionsv2/functionIamMember.js.map +1 -1
- package/cloudfunctionsv2/functionIamPolicy.d.ts +60 -0
- package/cloudfunctionsv2/functionIamPolicy.js +60 -0
- package/cloudfunctionsv2/functionIamPolicy.js.map +1 -1
- package/dataflow/job.d.ts +5 -1
- package/dataflow/job.js +5 -1
- package/dataflow/job.js.map +1 -1
- package/dataproc/metastoreFederation.d.ts +2 -2
- package/dataproc/metastoreFederation.js +2 -2
- package/dataproc/metastoreService.d.ts +12 -0
- package/dataproc/metastoreService.js +2 -0
- package/dataproc/metastoreService.js.map +1 -1
- package/dns/getManagedZone.d.ts +1 -0
- package/dns/getManagedZone.js.map +1 -1
- package/monitoring/uptimeCheckConfig.d.ts +45 -0
- package/monitoring/uptimeCheckConfig.js +45 -0
- package/monitoring/uptimeCheckConfig.js.map +1 -1
- package/package.json +2 -2
- package/package.json.dev +2 -2
- package/serviceaccount/iambinding.d.ts +6 -9
- package/serviceaccount/iambinding.js +6 -9
- package/serviceaccount/iambinding.js.map +1 -1
- package/serviceaccount/iammember.d.ts +6 -9
- package/serviceaccount/iammember.js +6 -9
- package/serviceaccount/iammember.js.map +1 -1
- package/serviceaccount/iampolicy.d.ts +6 -9
- package/serviceaccount/iampolicy.js +6 -9
- package/serviceaccount/iampolicy.js.map +1 -1
- package/serviceusage/consumerQuotaOverride.d.ts +6 -0
- package/serviceusage/consumerQuotaOverride.js.map +1 -1
- package/sql/databaseInstance.d.ts +3 -3
- package/types/input.d.ts +77 -3
- package/types/output.d.ts +86 -3
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
import { input as inputs, output as outputs } from "../types";
|
|
3
3
|
/**
|
|
4
|
+
* A Cloud Function that contains user computation executed in response to an event.
|
|
5
|
+
*
|
|
6
|
+
* To get more information about function, see:
|
|
7
|
+
*
|
|
8
|
+
* * [API documentation](https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions)
|
|
9
|
+
*
|
|
4
10
|
* ## Example Usage
|
|
5
11
|
* ### Cloudfunctions2 Basic Gcs
|
|
6
12
|
*
|
|
@@ -12,21 +18,15 @@ import { input as inputs, output as outputs } from "../types";
|
|
|
12
18
|
* const source_bucket = new gcp.storage.Bucket("source-bucket", {
|
|
13
19
|
* location: "US",
|
|
14
20
|
* uniformBucketLevelAccess: true,
|
|
15
|
-
* }, {
|
|
16
|
-
* provider: google_beta,
|
|
17
21
|
* });
|
|
18
22
|
* const object = new gcp.storage.BucketObject("object", {
|
|
19
23
|
* bucket: source_bucket.name,
|
|
20
24
|
* source: new pulumi.asset.FileAsset("function-source.zip"),
|
|
21
|
-
* }, {
|
|
22
|
-
* provider: google_beta,
|
|
23
25
|
* });
|
|
24
26
|
* // Add path to the zipped function source code
|
|
25
27
|
* const trigger_bucket = new gcp.storage.Bucket("trigger-bucket", {
|
|
26
28
|
* location: "us-central1",
|
|
27
29
|
* uniformBucketLevelAccess: true,
|
|
28
|
-
* }, {
|
|
29
|
-
* provider: google_beta,
|
|
30
30
|
* });
|
|
31
31
|
* const gcsAccount = gcp.storage.getProjectServiceAccount({});
|
|
32
32
|
* // To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.
|
|
@@ -35,36 +35,26 @@ import { input as inputs, output as outputs } from "../types";
|
|
|
35
35
|
* project: "my-project-name",
|
|
36
36
|
* role: "roles/pubsub.publisher",
|
|
37
37
|
* member: gcsAccount.then(gcsAccount => `serviceAccount:${gcsAccount.emailAddress}`),
|
|
38
|
-
* }, {
|
|
39
|
-
* provider: google_beta,
|
|
40
38
|
* });
|
|
41
39
|
* const account = new gcp.serviceaccount.Account("account", {
|
|
42
|
-
* accountId: "
|
|
40
|
+
* accountId: "sa",
|
|
43
41
|
* displayName: "Test Service Account - used for both the cloud function and eventarc trigger in the test",
|
|
44
|
-
* }, {
|
|
45
|
-
* provider: google_beta,
|
|
46
42
|
* });
|
|
47
43
|
* // Permissions on the service account used by the function and Eventarc trigger
|
|
48
44
|
* const invoking = new gcp.projects.IAMMember("invoking", {
|
|
49
45
|
* project: "my-project-name",
|
|
50
46
|
* role: "roles/run.invoker",
|
|
51
47
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
52
|
-
* }, {
|
|
53
|
-
* provider: google_beta,
|
|
54
48
|
* });
|
|
55
49
|
* const event_receiving = new gcp.projects.IAMMember("event-receiving", {
|
|
56
50
|
* project: "my-project-name",
|
|
57
51
|
* role: "roles/eventarc.eventReceiver",
|
|
58
52
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
59
|
-
* }, {
|
|
60
|
-
* provider: google_beta,
|
|
61
53
|
* });
|
|
62
54
|
* const artifactregistry_reader = new gcp.projects.IAMMember("artifactregistry-reader", {
|
|
63
55
|
* project: "my-project-name",
|
|
64
56
|
* role: "roles/artifactregistry.reader",
|
|
65
57
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
66
|
-
* }, {
|
|
67
|
-
* provider: google_beta,
|
|
68
58
|
* });
|
|
69
59
|
* const _function = new gcp.cloudfunctionsv2.Function("function", {
|
|
70
60
|
* location: "us-central1",
|
|
@@ -105,7 +95,6 @@ import { input as inputs, output as outputs } from "../types";
|
|
|
105
95
|
* }],
|
|
106
96
|
* },
|
|
107
97
|
* }, {
|
|
108
|
-
* provider: google_beta,
|
|
109
98
|
* dependsOn: [
|
|
110
99
|
* event_receiving,
|
|
111
100
|
* artifactregistry_reader,
|
|
@@ -126,21 +115,15 @@ import { input as inputs, output as outputs } from "../types";
|
|
|
126
115
|
* const source_bucket = new gcp.storage.Bucket("source-bucket", {
|
|
127
116
|
* location: "US",
|
|
128
117
|
* uniformBucketLevelAccess: true,
|
|
129
|
-
* }, {
|
|
130
|
-
* provider: google_beta,
|
|
131
118
|
* });
|
|
132
119
|
* const object = new gcp.storage.BucketObject("object", {
|
|
133
120
|
* bucket: source_bucket.name,
|
|
134
121
|
* source: new pulumi.asset.FileAsset("function-source.zip"),
|
|
135
|
-
* }, {
|
|
136
|
-
* provider: google_beta,
|
|
137
122
|
* });
|
|
138
123
|
* // Add path to the zipped function source code
|
|
139
124
|
* const account = new gcp.serviceaccount.Account("account", {
|
|
140
125
|
* accountId: "gcf-sa",
|
|
141
126
|
* displayName: "Test Service Account - used for both the cloud function and eventarc trigger in the test",
|
|
142
|
-
* }, {
|
|
143
|
-
* provider: google_beta,
|
|
144
127
|
* });
|
|
145
128
|
* // Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.
|
|
146
129
|
* // Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of
|
|
@@ -148,30 +131,22 @@ import { input as inputs, output as outputs } from "../types";
|
|
|
148
131
|
* const audit_log_bucket = new gcp.storage.Bucket("audit-log-bucket", {
|
|
149
132
|
* location: "us-central1",
|
|
150
133
|
* uniformBucketLevelAccess: true,
|
|
151
|
-
* }, {
|
|
152
|
-
* provider: google_beta,
|
|
153
134
|
* });
|
|
154
135
|
* // Permissions on the service account used by the function and Eventarc trigger
|
|
155
136
|
* const invoking = new gcp.projects.IAMMember("invoking", {
|
|
156
137
|
* project: "my-project-name",
|
|
157
138
|
* role: "roles/run.invoker",
|
|
158
139
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
159
|
-
* }, {
|
|
160
|
-
* provider: google_beta,
|
|
161
140
|
* });
|
|
162
141
|
* const event_receiving = new gcp.projects.IAMMember("event-receiving", {
|
|
163
142
|
* project: "my-project-name",
|
|
164
143
|
* role: "roles/eventarc.eventReceiver",
|
|
165
144
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
166
|
-
* }, {
|
|
167
|
-
* provider: google_beta,
|
|
168
145
|
* });
|
|
169
146
|
* const artifactregistry_reader = new gcp.projects.IAMMember("artifactregistry-reader", {
|
|
170
147
|
* project: "my-project-name",
|
|
171
148
|
* role: "roles/artifactregistry.reader",
|
|
172
149
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
173
|
-
* }, {
|
|
174
|
-
* provider: google_beta,
|
|
175
150
|
* });
|
|
176
151
|
* const _function = new gcp.cloudfunctionsv2.Function("function", {
|
|
177
152
|
* location: "us-central1",
|
|
@@ -223,7 +198,6 @@ import { input as inputs, output as outputs } from "../types";
|
|
|
223
198
|
* ],
|
|
224
199
|
* },
|
|
225
200
|
* }, {
|
|
226
|
-
* provider: google_beta,
|
|
227
201
|
* dependsOn: [
|
|
228
202
|
* event_receiving,
|
|
229
203
|
* artifactregistry_reader,
|
|
@@ -6,6 +6,12 @@ exports.Function = void 0;
|
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
/**
|
|
9
|
+
* A Cloud Function that contains user computation executed in response to an event.
|
|
10
|
+
*
|
|
11
|
+
* To get more information about function, see:
|
|
12
|
+
*
|
|
13
|
+
* * [API documentation](https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions)
|
|
14
|
+
*
|
|
9
15
|
* ## Example Usage
|
|
10
16
|
* ### Cloudfunctions2 Basic Gcs
|
|
11
17
|
*
|
|
@@ -17,21 +23,15 @@ const utilities = require("../utilities");
|
|
|
17
23
|
* const source_bucket = new gcp.storage.Bucket("source-bucket", {
|
|
18
24
|
* location: "US",
|
|
19
25
|
* uniformBucketLevelAccess: true,
|
|
20
|
-
* }, {
|
|
21
|
-
* provider: google_beta,
|
|
22
26
|
* });
|
|
23
27
|
* const object = new gcp.storage.BucketObject("object", {
|
|
24
28
|
* bucket: source_bucket.name,
|
|
25
29
|
* source: new pulumi.asset.FileAsset("function-source.zip"),
|
|
26
|
-
* }, {
|
|
27
|
-
* provider: google_beta,
|
|
28
30
|
* });
|
|
29
31
|
* // Add path to the zipped function source code
|
|
30
32
|
* const trigger_bucket = new gcp.storage.Bucket("trigger-bucket", {
|
|
31
33
|
* location: "us-central1",
|
|
32
34
|
* uniformBucketLevelAccess: true,
|
|
33
|
-
* }, {
|
|
34
|
-
* provider: google_beta,
|
|
35
35
|
* });
|
|
36
36
|
* const gcsAccount = gcp.storage.getProjectServiceAccount({});
|
|
37
37
|
* // To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.
|
|
@@ -40,36 +40,26 @@ const utilities = require("../utilities");
|
|
|
40
40
|
* project: "my-project-name",
|
|
41
41
|
* role: "roles/pubsub.publisher",
|
|
42
42
|
* member: gcsAccount.then(gcsAccount => `serviceAccount:${gcsAccount.emailAddress}`),
|
|
43
|
-
* }, {
|
|
44
|
-
* provider: google_beta,
|
|
45
43
|
* });
|
|
46
44
|
* const account = new gcp.serviceaccount.Account("account", {
|
|
47
|
-
* accountId: "
|
|
45
|
+
* accountId: "sa",
|
|
48
46
|
* displayName: "Test Service Account - used for both the cloud function and eventarc trigger in the test",
|
|
49
|
-
* }, {
|
|
50
|
-
* provider: google_beta,
|
|
51
47
|
* });
|
|
52
48
|
* // Permissions on the service account used by the function and Eventarc trigger
|
|
53
49
|
* const invoking = new gcp.projects.IAMMember("invoking", {
|
|
54
50
|
* project: "my-project-name",
|
|
55
51
|
* role: "roles/run.invoker",
|
|
56
52
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
57
|
-
* }, {
|
|
58
|
-
* provider: google_beta,
|
|
59
53
|
* });
|
|
60
54
|
* const event_receiving = new gcp.projects.IAMMember("event-receiving", {
|
|
61
55
|
* project: "my-project-name",
|
|
62
56
|
* role: "roles/eventarc.eventReceiver",
|
|
63
57
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
64
|
-
* }, {
|
|
65
|
-
* provider: google_beta,
|
|
66
58
|
* });
|
|
67
59
|
* const artifactregistry_reader = new gcp.projects.IAMMember("artifactregistry-reader", {
|
|
68
60
|
* project: "my-project-name",
|
|
69
61
|
* role: "roles/artifactregistry.reader",
|
|
70
62
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
71
|
-
* }, {
|
|
72
|
-
* provider: google_beta,
|
|
73
63
|
* });
|
|
74
64
|
* const _function = new gcp.cloudfunctionsv2.Function("function", {
|
|
75
65
|
* location: "us-central1",
|
|
@@ -110,7 +100,6 @@ const utilities = require("../utilities");
|
|
|
110
100
|
* }],
|
|
111
101
|
* },
|
|
112
102
|
* }, {
|
|
113
|
-
* provider: google_beta,
|
|
114
103
|
* dependsOn: [
|
|
115
104
|
* event_receiving,
|
|
116
105
|
* artifactregistry_reader,
|
|
@@ -131,21 +120,15 @@ const utilities = require("../utilities");
|
|
|
131
120
|
* const source_bucket = new gcp.storage.Bucket("source-bucket", {
|
|
132
121
|
* location: "US",
|
|
133
122
|
* uniformBucketLevelAccess: true,
|
|
134
|
-
* }, {
|
|
135
|
-
* provider: google_beta,
|
|
136
123
|
* });
|
|
137
124
|
* const object = new gcp.storage.BucketObject("object", {
|
|
138
125
|
* bucket: source_bucket.name,
|
|
139
126
|
* source: new pulumi.asset.FileAsset("function-source.zip"),
|
|
140
|
-
* }, {
|
|
141
|
-
* provider: google_beta,
|
|
142
127
|
* });
|
|
143
128
|
* // Add path to the zipped function source code
|
|
144
129
|
* const account = new gcp.serviceaccount.Account("account", {
|
|
145
130
|
* accountId: "gcf-sa",
|
|
146
131
|
* displayName: "Test Service Account - used for both the cloud function and eventarc trigger in the test",
|
|
147
|
-
* }, {
|
|
148
|
-
* provider: google_beta,
|
|
149
132
|
* });
|
|
150
133
|
* // Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.
|
|
151
134
|
* // Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of
|
|
@@ -153,30 +136,22 @@ const utilities = require("../utilities");
|
|
|
153
136
|
* const audit_log_bucket = new gcp.storage.Bucket("audit-log-bucket", {
|
|
154
137
|
* location: "us-central1",
|
|
155
138
|
* uniformBucketLevelAccess: true,
|
|
156
|
-
* }, {
|
|
157
|
-
* provider: google_beta,
|
|
158
139
|
* });
|
|
159
140
|
* // Permissions on the service account used by the function and Eventarc trigger
|
|
160
141
|
* const invoking = new gcp.projects.IAMMember("invoking", {
|
|
161
142
|
* project: "my-project-name",
|
|
162
143
|
* role: "roles/run.invoker",
|
|
163
144
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
164
|
-
* }, {
|
|
165
|
-
* provider: google_beta,
|
|
166
145
|
* });
|
|
167
146
|
* const event_receiving = new gcp.projects.IAMMember("event-receiving", {
|
|
168
147
|
* project: "my-project-name",
|
|
169
148
|
* role: "roles/eventarc.eventReceiver",
|
|
170
149
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
171
|
-
* }, {
|
|
172
|
-
* provider: google_beta,
|
|
173
150
|
* });
|
|
174
151
|
* const artifactregistry_reader = new gcp.projects.IAMMember("artifactregistry-reader", {
|
|
175
152
|
* project: "my-project-name",
|
|
176
153
|
* role: "roles/artifactregistry.reader",
|
|
177
154
|
* member: pulumi.interpolate`serviceAccount:${account.email}`,
|
|
178
|
-
* }, {
|
|
179
|
-
* provider: google_beta,
|
|
180
155
|
* });
|
|
181
156
|
* const _function = new gcp.cloudfunctionsv2.Function("function", {
|
|
182
157
|
* location: "us-central1",
|
|
@@ -228,7 +203,6 @@ const utilities = require("../utilities");
|
|
|
228
203
|
* ],
|
|
229
204
|
* },
|
|
230
205
|
* }, {
|
|
231
|
-
* provider: google_beta,
|
|
232
206
|
* dependsOn: [
|
|
233
207
|
* event_receiving,
|
|
234
208
|
* artifactregistry_reader,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"function.js","sourceRoot":"","sources":["../../cloudfunctionsv2/function.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"function.js","sourceRoot":"","sources":["../../cloudfunctionsv2/function.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4NG;AACH,MAAa,QAAS,SAAQ,MAAM,CAAC,cAAc;IAwF/C,YAAY,IAAY,EAAE,WAA0C,EAAE,IAAmC;QACrG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAwC,CAAC;YACvD,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;SACvE;aAAM;YACH,MAAM,IAAI,GAAG,WAAuC,CAAC;YACrD,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAClD,cAAc,CAAC,OAAO,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC5C,cAAc,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACpD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,QAAQ,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC7D,CAAC;IAvHD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAqB,EAAE,IAAmC;QACnH,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC/D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,QAAQ,CAAC,YAAY,CAAC;IACzD,CAAC;;AA1BL,4BAyHC;AA3GG,gBAAgB;AACO,qBAAY,GAAG,wCAAwC,CAAC"}
|
|
@@ -1,6 +1,66 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
import { input as inputs, output as outputs } from "../types";
|
|
3
3
|
/**
|
|
4
|
+
* Three different resources help you manage your IAM policy for Cloud Functions (2nd gen) function. Each of these resources serves a different use case:
|
|
5
|
+
*
|
|
6
|
+
* * `gcp.cloudfunctionsv2.FunctionIamPolicy`: Authoritative. Sets the IAM policy for the function and replaces any existing policy already attached.
|
|
7
|
+
* * `gcp.cloudfunctionsv2.FunctionIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the function are preserved.
|
|
8
|
+
* * `gcp.cloudfunctionsv2.FunctionIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the function are preserved.
|
|
9
|
+
*
|
|
10
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamPolicy` **cannot** be used in conjunction with `gcp.cloudfunctionsv2.FunctionIamBinding` and `gcp.cloudfunctionsv2.FunctionIamMember` or they will fight over what your policy should be.
|
|
11
|
+
*
|
|
12
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamBinding` resources **can be** used in conjunction with `gcp.cloudfunctionsv2.FunctionIamMember` resources **only if** they do not grant privilege to the same role.
|
|
13
|
+
*
|
|
14
|
+
* ## google\_cloudfunctions2\_function\_iam\_policy
|
|
15
|
+
*
|
|
16
|
+
* ```typescript
|
|
17
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
18
|
+
* import * as gcp from "@pulumi/gcp";
|
|
19
|
+
*
|
|
20
|
+
* const admin = gcp.organizations.getIAMPolicy({
|
|
21
|
+
* bindings: [{
|
|
22
|
+
* role: "roles/viewer",
|
|
23
|
+
* members: ["user:jane@example.com"],
|
|
24
|
+
* }],
|
|
25
|
+
* });
|
|
26
|
+
* const policy = new gcp.cloudfunctionsv2.FunctionIamPolicy("policy", {
|
|
27
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
28
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
29
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
30
|
+
* policyData: admin.then(admin => admin.policyData),
|
|
31
|
+
* });
|
|
32
|
+
* ```
|
|
33
|
+
*
|
|
34
|
+
* ## google\_cloudfunctions2\_function\_iam\_binding
|
|
35
|
+
*
|
|
36
|
+
* ```typescript
|
|
37
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
38
|
+
* import * as gcp from "@pulumi/gcp";
|
|
39
|
+
*
|
|
40
|
+
* const binding = new gcp.cloudfunctionsv2.FunctionIamBinding("binding", {
|
|
41
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
42
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
43
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
44
|
+
* role: "roles/viewer",
|
|
45
|
+
* members: ["user:jane@example.com"],
|
|
46
|
+
* });
|
|
47
|
+
* ```
|
|
48
|
+
*
|
|
49
|
+
* ## google\_cloudfunctions2\_function\_iam\_member
|
|
50
|
+
*
|
|
51
|
+
* ```typescript
|
|
52
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
53
|
+
* import * as gcp from "@pulumi/gcp";
|
|
54
|
+
*
|
|
55
|
+
* const member = new gcp.cloudfunctionsv2.FunctionIamMember("member", {
|
|
56
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
57
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
58
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
59
|
+
* role: "roles/viewer",
|
|
60
|
+
* member: "user:jane@example.com",
|
|
61
|
+
* });
|
|
62
|
+
* ```
|
|
63
|
+
*
|
|
4
64
|
* ## Import
|
|
5
65
|
*
|
|
6
66
|
* For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/locations/{{location}}/functions/{{cloud_function}} * {{project}}/{{location}}/{{cloud_function}} * {{location}}/{{cloud_function}} * {{cloud_function}} Any variables not passed in the import command will be taken from the provider configuration. Cloud Functions (2nd gen) function IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.
|
|
@@ -6,6 +6,66 @@ exports.FunctionIamBinding = void 0;
|
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
/**
|
|
9
|
+
* Three different resources help you manage your IAM policy for Cloud Functions (2nd gen) function. Each of these resources serves a different use case:
|
|
10
|
+
*
|
|
11
|
+
* * `gcp.cloudfunctionsv2.FunctionIamPolicy`: Authoritative. Sets the IAM policy for the function and replaces any existing policy already attached.
|
|
12
|
+
* * `gcp.cloudfunctionsv2.FunctionIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the function are preserved.
|
|
13
|
+
* * `gcp.cloudfunctionsv2.FunctionIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the function are preserved.
|
|
14
|
+
*
|
|
15
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamPolicy` **cannot** be used in conjunction with `gcp.cloudfunctionsv2.FunctionIamBinding` and `gcp.cloudfunctionsv2.FunctionIamMember` or they will fight over what your policy should be.
|
|
16
|
+
*
|
|
17
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamBinding` resources **can be** used in conjunction with `gcp.cloudfunctionsv2.FunctionIamMember` resources **only if** they do not grant privilege to the same role.
|
|
18
|
+
*
|
|
19
|
+
* ## google\_cloudfunctions2\_function\_iam\_policy
|
|
20
|
+
*
|
|
21
|
+
* ```typescript
|
|
22
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
23
|
+
* import * as gcp from "@pulumi/gcp";
|
|
24
|
+
*
|
|
25
|
+
* const admin = gcp.organizations.getIAMPolicy({
|
|
26
|
+
* bindings: [{
|
|
27
|
+
* role: "roles/viewer",
|
|
28
|
+
* members: ["user:jane@example.com"],
|
|
29
|
+
* }],
|
|
30
|
+
* });
|
|
31
|
+
* const policy = new gcp.cloudfunctionsv2.FunctionIamPolicy("policy", {
|
|
32
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
33
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
34
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
35
|
+
* policyData: admin.then(admin => admin.policyData),
|
|
36
|
+
* });
|
|
37
|
+
* ```
|
|
38
|
+
*
|
|
39
|
+
* ## google\_cloudfunctions2\_function\_iam\_binding
|
|
40
|
+
*
|
|
41
|
+
* ```typescript
|
|
42
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
43
|
+
* import * as gcp from "@pulumi/gcp";
|
|
44
|
+
*
|
|
45
|
+
* const binding = new gcp.cloudfunctionsv2.FunctionIamBinding("binding", {
|
|
46
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
47
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
48
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
49
|
+
* role: "roles/viewer",
|
|
50
|
+
* members: ["user:jane@example.com"],
|
|
51
|
+
* });
|
|
52
|
+
* ```
|
|
53
|
+
*
|
|
54
|
+
* ## google\_cloudfunctions2\_function\_iam\_member
|
|
55
|
+
*
|
|
56
|
+
* ```typescript
|
|
57
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
58
|
+
* import * as gcp from "@pulumi/gcp";
|
|
59
|
+
*
|
|
60
|
+
* const member = new gcp.cloudfunctionsv2.FunctionIamMember("member", {
|
|
61
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
62
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
63
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
64
|
+
* role: "roles/viewer",
|
|
65
|
+
* member: "user:jane@example.com",
|
|
66
|
+
* });
|
|
67
|
+
* ```
|
|
68
|
+
*
|
|
9
69
|
* ## Import
|
|
10
70
|
*
|
|
11
71
|
* For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/locations/{{location}}/functions/{{cloud_function}} * {{project}}/{{location}}/{{cloud_function}} * {{location}}/{{cloud_function}} * {{cloud_function}} Any variables not passed in the import command will be taken from the provider configuration. Cloud Functions (2nd gen) function IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"functionIamBinding.js","sourceRoot":"","sources":["../../cloudfunctionsv2/functionIamBinding.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"functionIamBinding.js","sourceRoot":"","sources":["../../cloudfunctionsv2/functionIamBinding.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoFG;AACH,MAAa,kBAAmB,SAAQ,MAAM,CAAC,cAAc;IA8DzD,YAAY,IAAY,EAAE,WAA8D,EAAE,IAAmC;QACzH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAkD,CAAC;YACjE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAiD,CAAC;YAC/D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC9C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,kBAAkB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACvE,CAAC;IA9FD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA+B,EAAE,IAAmC;QAC7H,OAAO,IAAI,kBAAkB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACzE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,kBAAkB,CAAC,YAAY,CAAC;IACnE,CAAC;;AA1BL,gDAgGC;AAlFG,gBAAgB;AACO,+BAAY,GAAG,4DAA4D,CAAC"}
|
|
@@ -1,6 +1,66 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
import { input as inputs, output as outputs } from "../types";
|
|
3
3
|
/**
|
|
4
|
+
* Three different resources help you manage your IAM policy for Cloud Functions (2nd gen) function. Each of these resources serves a different use case:
|
|
5
|
+
*
|
|
6
|
+
* * `gcp.cloudfunctionsv2.FunctionIamPolicy`: Authoritative. Sets the IAM policy for the function and replaces any existing policy already attached.
|
|
7
|
+
* * `gcp.cloudfunctionsv2.FunctionIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the function are preserved.
|
|
8
|
+
* * `gcp.cloudfunctionsv2.FunctionIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the function are preserved.
|
|
9
|
+
*
|
|
10
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamPolicy` **cannot** be used in conjunction with `gcp.cloudfunctionsv2.FunctionIamBinding` and `gcp.cloudfunctionsv2.FunctionIamMember` or they will fight over what your policy should be.
|
|
11
|
+
*
|
|
12
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamBinding` resources **can be** used in conjunction with `gcp.cloudfunctionsv2.FunctionIamMember` resources **only if** they do not grant privilege to the same role.
|
|
13
|
+
*
|
|
14
|
+
* ## google\_cloudfunctions2\_function\_iam\_policy
|
|
15
|
+
*
|
|
16
|
+
* ```typescript
|
|
17
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
18
|
+
* import * as gcp from "@pulumi/gcp";
|
|
19
|
+
*
|
|
20
|
+
* const admin = gcp.organizations.getIAMPolicy({
|
|
21
|
+
* bindings: [{
|
|
22
|
+
* role: "roles/viewer",
|
|
23
|
+
* members: ["user:jane@example.com"],
|
|
24
|
+
* }],
|
|
25
|
+
* });
|
|
26
|
+
* const policy = new gcp.cloudfunctionsv2.FunctionIamPolicy("policy", {
|
|
27
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
28
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
29
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
30
|
+
* policyData: admin.then(admin => admin.policyData),
|
|
31
|
+
* });
|
|
32
|
+
* ```
|
|
33
|
+
*
|
|
34
|
+
* ## google\_cloudfunctions2\_function\_iam\_binding
|
|
35
|
+
*
|
|
36
|
+
* ```typescript
|
|
37
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
38
|
+
* import * as gcp from "@pulumi/gcp";
|
|
39
|
+
*
|
|
40
|
+
* const binding = new gcp.cloudfunctionsv2.FunctionIamBinding("binding", {
|
|
41
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
42
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
43
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
44
|
+
* role: "roles/viewer",
|
|
45
|
+
* members: ["user:jane@example.com"],
|
|
46
|
+
* });
|
|
47
|
+
* ```
|
|
48
|
+
*
|
|
49
|
+
* ## google\_cloudfunctions2\_function\_iam\_member
|
|
50
|
+
*
|
|
51
|
+
* ```typescript
|
|
52
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
53
|
+
* import * as gcp from "@pulumi/gcp";
|
|
54
|
+
*
|
|
55
|
+
* const member = new gcp.cloudfunctionsv2.FunctionIamMember("member", {
|
|
56
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
57
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
58
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
59
|
+
* role: "roles/viewer",
|
|
60
|
+
* member: "user:jane@example.com",
|
|
61
|
+
* });
|
|
62
|
+
* ```
|
|
63
|
+
*
|
|
4
64
|
* ## Import
|
|
5
65
|
*
|
|
6
66
|
* For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/locations/{{location}}/functions/{{cloud_function}} * {{project}}/{{location}}/{{cloud_function}} * {{location}}/{{cloud_function}} * {{cloud_function}} Any variables not passed in the import command will be taken from the provider configuration. Cloud Functions (2nd gen) function IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.
|
|
@@ -6,6 +6,66 @@ exports.FunctionIamMember = void 0;
|
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
/**
|
|
9
|
+
* Three different resources help you manage your IAM policy for Cloud Functions (2nd gen) function. Each of these resources serves a different use case:
|
|
10
|
+
*
|
|
11
|
+
* * `gcp.cloudfunctionsv2.FunctionIamPolicy`: Authoritative. Sets the IAM policy for the function and replaces any existing policy already attached.
|
|
12
|
+
* * `gcp.cloudfunctionsv2.FunctionIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the function are preserved.
|
|
13
|
+
* * `gcp.cloudfunctionsv2.FunctionIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the function are preserved.
|
|
14
|
+
*
|
|
15
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamPolicy` **cannot** be used in conjunction with `gcp.cloudfunctionsv2.FunctionIamBinding` and `gcp.cloudfunctionsv2.FunctionIamMember` or they will fight over what your policy should be.
|
|
16
|
+
*
|
|
17
|
+
* > **Note:** `gcp.cloudfunctionsv2.FunctionIamBinding` resources **can be** used in conjunction with `gcp.cloudfunctionsv2.FunctionIamMember` resources **only if** they do not grant privilege to the same role.
|
|
18
|
+
*
|
|
19
|
+
* ## google\_cloudfunctions2\_function\_iam\_policy
|
|
20
|
+
*
|
|
21
|
+
* ```typescript
|
|
22
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
23
|
+
* import * as gcp from "@pulumi/gcp";
|
|
24
|
+
*
|
|
25
|
+
* const admin = gcp.organizations.getIAMPolicy({
|
|
26
|
+
* bindings: [{
|
|
27
|
+
* role: "roles/viewer",
|
|
28
|
+
* members: ["user:jane@example.com"],
|
|
29
|
+
* }],
|
|
30
|
+
* });
|
|
31
|
+
* const policy = new gcp.cloudfunctionsv2.FunctionIamPolicy("policy", {
|
|
32
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
33
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
34
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
35
|
+
* policyData: admin.then(admin => admin.policyData),
|
|
36
|
+
* });
|
|
37
|
+
* ```
|
|
38
|
+
*
|
|
39
|
+
* ## google\_cloudfunctions2\_function\_iam\_binding
|
|
40
|
+
*
|
|
41
|
+
* ```typescript
|
|
42
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
43
|
+
* import * as gcp from "@pulumi/gcp";
|
|
44
|
+
*
|
|
45
|
+
* const binding = new gcp.cloudfunctionsv2.FunctionIamBinding("binding", {
|
|
46
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
47
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
48
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
49
|
+
* role: "roles/viewer",
|
|
50
|
+
* members: ["user:jane@example.com"],
|
|
51
|
+
* });
|
|
52
|
+
* ```
|
|
53
|
+
*
|
|
54
|
+
* ## google\_cloudfunctions2\_function\_iam\_member
|
|
55
|
+
*
|
|
56
|
+
* ```typescript
|
|
57
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
58
|
+
* import * as gcp from "@pulumi/gcp";
|
|
59
|
+
*
|
|
60
|
+
* const member = new gcp.cloudfunctionsv2.FunctionIamMember("member", {
|
|
61
|
+
* project: google_cloudfunctions2_function["function"].project,
|
|
62
|
+
* location: google_cloudfunctions2_function["function"].location,
|
|
63
|
+
* cloudFunction: google_cloudfunctions2_function["function"].name,
|
|
64
|
+
* role: "roles/viewer",
|
|
65
|
+
* member: "user:jane@example.com",
|
|
66
|
+
* });
|
|
67
|
+
* ```
|
|
68
|
+
*
|
|
9
69
|
* ## Import
|
|
10
70
|
*
|
|
11
71
|
* For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/locations/{{location}}/functions/{{cloud_function}} * {{project}}/{{location}}/{{cloud_function}} * {{location}}/{{cloud_function}} * {{cloud_function}} Any variables not passed in the import command will be taken from the provider configuration. Cloud Functions (2nd gen) function IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"functionIamMember.js","sourceRoot":"","sources":["../../cloudfunctionsv2/functionIamMember.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"functionIamMember.js","sourceRoot":"","sources":["../../cloudfunctionsv2/functionIamMember.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoFG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IA8DxD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC9C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;IA9FD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;;AA1BL,8CAgGC;AAlFG,gBAAgB;AACO,8BAAY,GAAG,0DAA0D,CAAC"}
|