@pulumi/gcp 6.44.0 → 6.45.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/alloydb/instance.d.ts +3 -0
- package/alloydb/instance.js +3 -0
- package/alloydb/instance.js.map +1 -1
- package/bigtable/gcpolicy.d.ts +58 -32
- package/bigtable/gcpolicy.js +45 -32
- package/bigtable/gcpolicy.js.map +1 -1
- package/bigtable/instance.d.ts +6 -3
- package/bigtable/instance.js.map +1 -1
- package/certificateauthority/authority.d.ts +3 -2
- package/certificateauthority/authority.js +3 -2
- package/certificateauthority/authority.js.map +1 -1
- package/certificateauthority/certificate.d.ts +12 -5
- package/certificateauthority/certificate.js +12 -5
- package/certificateauthority/certificate.js.map +1 -1
- package/cloudrunv2/index.d.ts +6 -0
- package/cloudrunv2/index.js +27 -0
- package/cloudrunv2/index.js.map +1 -0
- package/cloudrunv2/job.d.ts +501 -0
- package/cloudrunv2/job.js +321 -0
- package/cloudrunv2/job.js.map +1 -0
- package/cloudrunv2/service.d.ts +574 -0
- package/cloudrunv2/service.js +334 -0
- package/cloudrunv2/service.js.map +1 -0
- package/compute/backendService.d.ts +19 -0
- package/compute/backendService.js +19 -0
- package/compute/backendService.js.map +1 -1
- package/compute/forwardingRule.d.ts +21 -30
- package/compute/forwardingRule.js.map +1 -1
- package/compute/instanceGroupManager.d.ts +27 -0
- package/compute/instanceGroupManager.js +2 -0
- package/compute/instanceGroupManager.js.map +1 -1
- package/compute/regionInstanceGroupManager.d.ts +27 -0
- package/compute/regionInstanceGroupManager.js +2 -0
- package/compute/regionInstanceGroupManager.js.map +1 -1
- package/compute/routerInterface.d.ts +52 -31
- package/compute/routerInterface.js +4 -0
- package/compute/routerInterface.js.map +1 -1
- package/compute/securityPolicy.d.ts +83 -0
- package/compute/securityPolicy.js +73 -0
- package/compute/securityPolicy.js.map +1 -1
- package/config/vars.d.ts +3 -0
- package/config/vars.js +18 -0
- package/config/vars.js.map +1 -1
- package/container/cluster.d.ts +7 -4
- package/container/cluster.js.map +1 -1
- package/container/nodePool.d.ts +9 -6
- package/container/nodePool.js.map +1 -1
- package/datafusion/instance.d.ts +97 -5
- package/datafusion/instance.js +52 -5
- package/datafusion/instance.js.map +1 -1
- package/dataproc/metastoreService.d.ts +49 -0
- package/dataproc/metastoreService.js +34 -0
- package/dataproc/metastoreService.js.map +1 -1
- package/datastream/privateConnection.d.ts +16 -0
- package/datastream/privateConnection.js +4 -0
- package/datastream/privateConnection.js.map +1 -1
- package/eventarc/googleChannelConfig.d.ts +142 -0
- package/eventarc/googleChannelConfig.js +110 -0
- package/eventarc/googleChannelConfig.js.map +1 -0
- package/eventarc/index.d.ts +3 -0
- package/eventarc/index.js +6 -1
- package/eventarc/index.js.map +1 -1
- package/firebase/getAndroidApp.d.ts +36 -0
- package/firebase/getAndroidApp.js +22 -0
- package/firebase/getAndroidApp.js.map +1 -0
- package/firebase/index.d.ts +6 -0
- package/firebase/index.js +9 -1
- package/firebase/index.js.map +1 -1
- package/firebase/storageBucket.d.ts +109 -0
- package/firebase/storageBucket.js +91 -0
- package/firebase/storageBucket.js.map +1 -0
- package/gkebackup/backupPlan.d.ts +403 -0
- package/gkebackup/backupPlan.js +259 -0
- package/gkebackup/backupPlan.js.map +1 -0
- package/gkebackup/index.d.ts +3 -0
- package/gkebackup/index.js +22 -0
- package/gkebackup/index.js.map +1 -0
- package/gkehub/featureMembership.d.ts +1 -0
- package/gkehub/featureMembership.js +1 -0
- package/gkehub/featureMembership.js.map +1 -1
- package/iam/index.d.ts +3 -0
- package/iam/index.js +6 -1
- package/iam/index.js.map +1 -1
- package/iam/workforcePoolProvider.d.ts +510 -0
- package/iam/workforcePoolProvider.js +213 -0
- package/iam/workforcePoolProvider.js.map +1 -0
- package/index.d.ts +3 -1
- package/index.js +6 -2
- package/index.js.map +1 -1
- package/logging/billingAccountBucketConfig.d.ts +20 -0
- package/logging/billingAccountBucketConfig.js +2 -0
- package/logging/billingAccountBucketConfig.js.map +1 -1
- package/logging/folderBucketConfig.d.ts +20 -0
- package/logging/folderBucketConfig.js +2 -0
- package/logging/folderBucketConfig.js.map +1 -1
- package/logging/getProjectCmekSettings.d.ts +97 -0
- package/logging/getProjectCmekSettings.js +43 -0
- package/logging/getProjectCmekSettings.js.map +1 -0
- package/logging/index.d.ts +3 -0
- package/logging/index.js +4 -1
- package/logging/index.js.map +1 -1
- package/logging/organizationBucketConfig.d.ts +20 -0
- package/logging/organizationBucketConfig.js +2 -0
- package/logging/organizationBucketConfig.js.map +1 -1
- package/logging/projectBucketConfig.d.ts +48 -2
- package/logging/projectBucketConfig.js +34 -0
- package/logging/projectBucketConfig.js.map +1 -1
- package/networkservices/edgeCacheOrigin.d.ts +55 -1
- package/networkservices/edgeCacheOrigin.js +26 -1
- package/networkservices/edgeCacheOrigin.js.map +1 -1
- package/package.json +2 -2
- package/package.json.dev +2 -2
- package/provider.d.ts +6 -0
- package/provider.js +3 -0
- package/provider.js.map +1 -1
- package/securitycenter/index.d.ts +9 -0
- package/securitycenter/index.js +16 -1
- package/securitycenter/index.js.map +1 -1
- package/securitycenter/instanceIamBinding.d.ts +239 -0
- package/securitycenter/instanceIamBinding.js +218 -0
- package/securitycenter/instanceIamBinding.js.map +1 -0
- package/securitycenter/instanceIamMember.d.ts +239 -0
- package/securitycenter/instanceIamMember.js +218 -0
- package/securitycenter/instanceIamMember.js.map +1 -0
- package/securitycenter/instanceIamPolicy.d.ts +231 -0
- package/securitycenter/instanceIamPolicy.js +211 -0
- package/securitycenter/instanceIamPolicy.js.map +1 -0
- package/sql/database.d.ts +41 -0
- package/sql/database.js +22 -0
- package/sql/database.js.map +1 -1
- package/storage/bucket.d.ts +29 -7
- package/storage/bucket.js +18 -6
- package/storage/bucket.js.map +1 -1
- package/storage/getBucket.d.ts +1 -0
- package/storage/getBucket.js.map +1 -1
- package/types/input.d.ts +1544 -98
- package/types/output.d.ts +1559 -94
- package/vertex/aiFeatureStoreEntityTypeIamBinding.d.ts +119 -0
- package/vertex/aiFeatureStoreEntityTypeIamBinding.js +96 -0
- package/vertex/aiFeatureStoreEntityTypeIamBinding.js.map +1 -0
- package/vertex/aiFeatureStoreEntityTypeIamMember.d.ts +119 -0
- package/vertex/aiFeatureStoreEntityTypeIamMember.js +96 -0
- package/vertex/aiFeatureStoreEntityTypeIamMember.js.map +1 -0
- package/vertex/aiFeatureStoreEntityTypeIamPolicy.d.ts +108 -0
- package/vertex/aiFeatureStoreEntityTypeIamPolicy.js +89 -0
- package/vertex/aiFeatureStoreEntityTypeIamPolicy.js.map +1 -0
- package/vertex/aiFeatureStoreIamBinding.d.ts +53 -43
- package/vertex/aiFeatureStoreIamBinding.js +11 -37
- package/vertex/aiFeatureStoreIamBinding.js.map +1 -1
- package/vertex/aiFeatureStoreIamMember.d.ts +53 -43
- package/vertex/aiFeatureStoreIamMember.js +11 -37
- package/vertex/aiFeatureStoreIamMember.js.map +1 -1
- package/vertex/aiFeatureStoreIamPolicy.d.ts +50 -43
- package/vertex/aiFeatureStoreIamPolicy.js +11 -37
- package/vertex/aiFeatureStoreIamPolicy.js.map +1 -1
- package/vertex/aiIndex.d.ts +314 -0
- package/vertex/aiIndex.js +188 -0
- package/vertex/aiIndex.js.map +1 -0
- package/vertex/aiTensorboard.d.ts +242 -0
- package/vertex/aiTensorboard.js +146 -0
- package/vertex/aiTensorboard.js.map +1 -0
- package/vertex/index.d.ts +15 -0
- package/vertex/index.js +26 -1
- package/vertex/index.js.map +1 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../gkebackup/index.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAK7B,QAAA,UAAU,GAA6C,IAAW,CAAC;AAChF,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;AAG3E,MAAM,OAAO,GAAG;IACZ,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE;IAC/B,SAAS,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,GAAW,EAAmB,EAAE;QACpE,QAAQ,IAAI,EAAE;YACV,KAAK,qCAAqC;gBACtC,OAAO,IAAI,kBAAU,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YACxD;gBACI,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;SACxD;IACL,CAAC;CACJ,CAAC;AACF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,sBAAsB,EAAE,OAAO,CAAC,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"featureMembership.js","sourceRoot":"","sources":["../../gkehub/featureMembership.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"featureMembership.js","sourceRoot":"","sources":["../../gkehub/featureMembership.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoHG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IAmCD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;aAC1D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA5FL,8CA6FC;AA/EG,gBAAgB;AACO,8BAAY,GAAG,gDAAgD,CAAC"}
|
package/iam/index.d.ts
CHANGED
|
@@ -16,6 +16,9 @@ export declare const getWorkloadIdentityPoolProviderOutput: typeof import("./get
|
|
|
16
16
|
export { WorkforcePoolArgs, WorkforcePoolState } from "./workforcePool";
|
|
17
17
|
export type WorkforcePool = import("./workforcePool").WorkforcePool;
|
|
18
18
|
export declare const WorkforcePool: typeof import("./workforcePool").WorkforcePool;
|
|
19
|
+
export { WorkforcePoolProviderArgs, WorkforcePoolProviderState } from "./workforcePoolProvider";
|
|
20
|
+
export type WorkforcePoolProvider = import("./workforcePoolProvider").WorkforcePoolProvider;
|
|
21
|
+
export declare const WorkforcePoolProvider: typeof import("./workforcePoolProvider").WorkforcePoolProvider;
|
|
19
22
|
export { WorkloadIdentityPoolArgs, WorkloadIdentityPoolState } from "./workloadIdentityPool";
|
|
20
23
|
export type WorkloadIdentityPool = import("./workloadIdentityPool").WorkloadIdentityPool;
|
|
21
24
|
export declare const WorkloadIdentityPool: typeof import("./workloadIdentityPool").WorkloadIdentityPool;
|
package/iam/index.js
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
3
|
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
-
exports.WorkloadIdentityPoolProvider = exports.WorkloadIdentityPool = exports.WorkforcePool = exports.getWorkloadIdentityPoolProviderOutput = exports.getWorkloadIdentityPoolProvider = exports.getWorkloadIdentityPoolOutput = exports.getWorkloadIdentityPool = exports.getTestablePermissionsOutput = exports.getTestablePermissions = exports.getRuleOutput = exports.getRule = exports.DenyPolicy = void 0;
|
|
5
|
+
exports.WorkloadIdentityPoolProvider = exports.WorkloadIdentityPool = exports.WorkforcePoolProvider = exports.WorkforcePool = exports.getWorkloadIdentityPoolProviderOutput = exports.getWorkloadIdentityPoolProvider = exports.getWorkloadIdentityPoolOutput = exports.getWorkloadIdentityPool = exports.getTestablePermissionsOutput = exports.getTestablePermissions = exports.getRuleOutput = exports.getRule = exports.DenyPolicy = void 0;
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
exports.DenyPolicy = null;
|
|
@@ -21,6 +21,8 @@ exports.getWorkloadIdentityPoolProviderOutput = null;
|
|
|
21
21
|
utilities.lazyLoad(exports, ["getWorkloadIdentityPoolProvider", "getWorkloadIdentityPoolProviderOutput"], () => require("./getWorkloadIdentityPoolProvider"));
|
|
22
22
|
exports.WorkforcePool = null;
|
|
23
23
|
utilities.lazyLoad(exports, ["WorkforcePool"], () => require("./workforcePool"));
|
|
24
|
+
exports.WorkforcePoolProvider = null;
|
|
25
|
+
utilities.lazyLoad(exports, ["WorkforcePoolProvider"], () => require("./workforcePoolProvider"));
|
|
24
26
|
exports.WorkloadIdentityPool = null;
|
|
25
27
|
utilities.lazyLoad(exports, ["WorkloadIdentityPool"], () => require("./workloadIdentityPool"));
|
|
26
28
|
exports.WorkloadIdentityPoolProvider = null;
|
|
@@ -33,6 +35,8 @@ const _module = {
|
|
|
33
35
|
return new exports.DenyPolicy(name, undefined, { urn });
|
|
34
36
|
case "gcp:iam/workforcePool:WorkforcePool":
|
|
35
37
|
return new exports.WorkforcePool(name, undefined, { urn });
|
|
38
|
+
case "gcp:iam/workforcePoolProvider:WorkforcePoolProvider":
|
|
39
|
+
return new exports.WorkforcePoolProvider(name, undefined, { urn });
|
|
36
40
|
case "gcp:iam/workloadIdentityPool:WorkloadIdentityPool":
|
|
37
41
|
return new exports.WorkloadIdentityPool(name, undefined, { urn });
|
|
38
42
|
case "gcp:iam/workloadIdentityPoolProvider:WorkloadIdentityPoolProvider":
|
|
@@ -44,6 +48,7 @@ const _module = {
|
|
|
44
48
|
};
|
|
45
49
|
pulumi.runtime.registerResourceModule("gcp", "iam/denyPolicy", _module);
|
|
46
50
|
pulumi.runtime.registerResourceModule("gcp", "iam/workforcePool", _module);
|
|
51
|
+
pulumi.runtime.registerResourceModule("gcp", "iam/workforcePoolProvider", _module);
|
|
47
52
|
pulumi.runtime.registerResourceModule("gcp", "iam/workloadIdentityPool", _module);
|
|
48
53
|
pulumi.runtime.registerResourceModule("gcp", "iam/workloadIdentityPoolProvider", _module);
|
|
49
54
|
//# sourceMappingURL=index.js.map
|
package/iam/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../iam/index.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAK7B,QAAA,UAAU,GAA6C,IAAW,CAAC;AAChF,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;AAG9D,QAAA,OAAO,GAAuC,IAAW,CAAC;AAC1D,QAAA,aAAa,GAA6C,IAAW,CAAC;AACnF,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,SAAS,EAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;AAGxE,QAAA,sBAAsB,GAAqE,IAAW,CAAC;AACvG,QAAA,4BAA4B,GAA2E,IAAW,CAAC;AAChI,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,wBAAwB,EAAC,8BAA8B,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,CAAC;AAGrH,QAAA,uBAAuB,GAAuE,IAAW,CAAC;AAC1G,QAAA,6BAA6B,GAA6E,IAAW,CAAC;AACnI,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,yBAAyB,EAAC,+BAA+B,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,2BAA2B,CAAC,CAAC,CAAC;AAGxH,QAAA,+BAA+B,GAAuF,IAAW,CAAC;AAClI,QAAA,qCAAqC,GAA6F,IAAW,CAAC;AAC3J,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,iCAAiC,EAAC,uCAAuC,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAIhJ,QAAA,aAAa,GAAmD,IAAW,CAAC;AACzF,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC;AAIpE,QAAA,oBAAoB,GAAiE,IAAW,CAAC;AAC9G,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,sBAAsB,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC;AAIlF,QAAA,4BAA4B,GAAiF,IAAW,CAAC;AACtI,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,8BAA8B,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,gCAAgC,CAAC,CAAC,CAAC;AAG/G,MAAM,OAAO,GAAG;IACZ,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE;IAC/B,SAAS,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,GAAW,EAAmB,EAAE;QACpE,QAAQ,IAAI,EAAE;YACV,KAAK,+BAA+B;gBAChC,OAAO,IAAI,kBAAU,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YACxD,KAAK,qCAAqC;gBACtC,OAAO,IAAI,qBAAa,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC3D,KAAK,mDAAmD;gBACpD,OAAO,IAAI,4BAAoB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAClE,KAAK,mEAAmE;gBACpE,OAAO,IAAI,oCAA4B,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC1E;gBACI,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;SACxD;IACL,CAAC;CACJ,CAAC;AACF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,gBAAgB,EAAE,OAAO,CAAC,CAAA;AACvE,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,mBAAmB,EAAE,OAAO,CAAC,CAAA;AAC1E,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,0BAA0B,EAAE,OAAO,CAAC,CAAA;AACjF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,kCAAkC,EAAE,OAAO,CAAC,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../iam/index.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAK7B,QAAA,UAAU,GAA6C,IAAW,CAAC;AAChF,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;AAG9D,QAAA,OAAO,GAAuC,IAAW,CAAC;AAC1D,QAAA,aAAa,GAA6C,IAAW,CAAC;AACnF,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,SAAS,EAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;AAGxE,QAAA,sBAAsB,GAAqE,IAAW,CAAC;AACvG,QAAA,4BAA4B,GAA2E,IAAW,CAAC;AAChI,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,wBAAwB,EAAC,8BAA8B,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,CAAC;AAGrH,QAAA,uBAAuB,GAAuE,IAAW,CAAC;AAC1G,QAAA,6BAA6B,GAA6E,IAAW,CAAC;AACnI,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,yBAAyB,EAAC,+BAA+B,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,2BAA2B,CAAC,CAAC,CAAC;AAGxH,QAAA,+BAA+B,GAAuF,IAAW,CAAC;AAClI,QAAA,qCAAqC,GAA6F,IAAW,CAAC;AAC3J,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,iCAAiC,EAAC,uCAAuC,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC,CAAC;AAIhJ,QAAA,aAAa,GAAmD,IAAW,CAAC;AACzF,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC;AAIpE,QAAA,qBAAqB,GAAmE,IAAW,CAAC;AACjH,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,uBAAuB,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC,CAAC;AAIpF,QAAA,oBAAoB,GAAiE,IAAW,CAAC;AAC9G,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,sBAAsB,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC;AAIlF,QAAA,4BAA4B,GAAiF,IAAW,CAAC;AACtI,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,8BAA8B,CAAC,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,gCAAgC,CAAC,CAAC,CAAC;AAG/G,MAAM,OAAO,GAAG;IACZ,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE;IAC/B,SAAS,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,GAAW,EAAmB,EAAE;QACpE,QAAQ,IAAI,EAAE;YACV,KAAK,+BAA+B;gBAChC,OAAO,IAAI,kBAAU,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YACxD,KAAK,qCAAqC;gBACtC,OAAO,IAAI,qBAAa,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC3D,KAAK,qDAAqD;gBACtD,OAAO,IAAI,6BAAqB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YACnE,KAAK,mDAAmD;gBACpD,OAAO,IAAI,4BAAoB,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAClE,KAAK,mEAAmE;gBACpE,OAAO,IAAI,oCAA4B,CAAC,IAAI,EAAO,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;YAC1E;gBACI,MAAM,IAAI,KAAK,CAAC,yBAAyB,IAAI,EAAE,CAAC,CAAC;SACxD;IACL,CAAC;CACJ,CAAC;AACF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,gBAAgB,EAAE,OAAO,CAAC,CAAA;AACvE,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,mBAAmB,EAAE,OAAO,CAAC,CAAA;AAC1E,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,2BAA2B,EAAE,OAAO,CAAC,CAAA;AAClF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,0BAA0B,EAAE,OAAO,CAAC,CAAA;AACjF,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,kCAAkC,EAAE,OAAO,CAAC,CAAA"}
|
|
@@ -0,0 +1,510 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
import * as inputs from "../types/input";
|
|
3
|
+
import * as outputs from "../types/output";
|
|
4
|
+
/**
|
|
5
|
+
* ## Example Usage
|
|
6
|
+
* ### Iam Workforce Pool Provider Saml Basic
|
|
7
|
+
*
|
|
8
|
+
* ```typescript
|
|
9
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
10
|
+
* import * as gcp from "@pulumi/gcp";
|
|
11
|
+
*
|
|
12
|
+
* const pool = new gcp.iam.WorkforcePool("pool", {
|
|
13
|
+
* workforcePoolId: "example-pool",
|
|
14
|
+
* parent: "organizations/123456789",
|
|
15
|
+
* location: "global",
|
|
16
|
+
* }, {
|
|
17
|
+
* provider: google_beta,
|
|
18
|
+
* });
|
|
19
|
+
* const example = new gcp.iam.WorkforcePoolProvider("example", {
|
|
20
|
+
* workforcePoolId: pool.workforcePoolId,
|
|
21
|
+
* location: pool.location,
|
|
22
|
+
* providerId: "example-prvdr",
|
|
23
|
+
* attributeMapping: {
|
|
24
|
+
* "google.subject": "assertion.sub",
|
|
25
|
+
* },
|
|
26
|
+
* saml: {
|
|
27
|
+
* idpMetadataXml: "<?xml version=\"1.0\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"https://test.com\"><md:IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"> <md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>MIIDpDCCAoygAwIBAgIGAX7/5qPhMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi00NTg0MjExHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMjIwMjE2MDAxOTEyWhcNMzIwMjE2MDAyMDEyWjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtNDU4NDIxMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrBl7GKz52cRpxF9xCsirnRuMxnhFBaUrsHqAQrLqWmdlpNYZTVg+T9iQ+aq/iE68L+BRZcZniKIvW58wqqS0ltXVvIkXuDSvnvnkkI5yMIVErR20K8jSOKQm1FmK+fgAJ4koshFiu9oLiqu0Ejc0DuL3/XRsb4RuxjktKTb1khgBBtb+7idEk0sFR0RPefAweXImJkDHDm7SxjDwGJUubbqpdTxasPr0W+AHI1VUzsUsTiHAoyb0XDkYqHfDzhj/ZdIEl4zHQ3bEZvlD984ztAnmX2SuFLLKfXeAAGHei8MMixJvwxYkkPeYZ/5h8WgBZPP4heS2CPjwYExt29L8QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQARjJFz++a9Z5IQGFzsZMrX2EDR5ML4xxUiQkbhld1S1PljOLcYFARDmUC2YYHOueU4ee8Jid9nPGEUebV/4Jok+b+oQh+dWMgiWjSLI7h5q4OYZ3VJtdlVwgMFt2iz+/4yBKMUZ50g3Qgg36vE34us+eKitg759JgCNsibxn0qtJgSPm0sgP2L6yTaLnoEUbXBRxCwynTSkp9ZijZqEzbhN0e2dWv7Rx/nfpohpDP6vEiFImKFHpDSv3M/5de1ytQzPFrZBYt9WlzlYwE1aD9FHCxdd+rWgYMVVoRaRmndpV/Rq3QUuDuFJtaoX11bC7ExkOpg9KstZzA63i3VcfYv</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://test.com/sso\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
|
|
28
|
+
* },
|
|
29
|
+
* }, {
|
|
30
|
+
* provider: google_beta,
|
|
31
|
+
* });
|
|
32
|
+
* ```
|
|
33
|
+
* ### Iam Workforce Pool Provider Saml Full
|
|
34
|
+
*
|
|
35
|
+
* ```typescript
|
|
36
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
37
|
+
* import * as gcp from "@pulumi/gcp";
|
|
38
|
+
*
|
|
39
|
+
* const pool = new gcp.iam.WorkforcePool("pool", {
|
|
40
|
+
* workforcePoolId: "example-pool",
|
|
41
|
+
* parent: "organizations/123456789",
|
|
42
|
+
* location: "global",
|
|
43
|
+
* }, {
|
|
44
|
+
* provider: google_beta,
|
|
45
|
+
* });
|
|
46
|
+
* const example = new gcp.iam.WorkforcePoolProvider("example", {
|
|
47
|
+
* workforcePoolId: pool.workforcePoolId,
|
|
48
|
+
* location: pool.location,
|
|
49
|
+
* providerId: "example-prvdr",
|
|
50
|
+
* attributeMapping: {
|
|
51
|
+
* "google.subject": "assertion.sub",
|
|
52
|
+
* },
|
|
53
|
+
* saml: {
|
|
54
|
+
* idpMetadataXml: "<?xml version=\"1.0\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"https://test.com\"><md:IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"> <md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>MIIDpDCCAoygAwIBAgIGAX7/5qPhMA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi00NTg0MjExHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMjIwMjE2MDAxOTEyWhcNMzIwMjE2MDAyMDEyWjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtNDU4NDIxMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrBl7GKz52cRpxF9xCsirnRuMxnhFBaUrsHqAQrLqWmdlpNYZTVg+T9iQ+aq/iE68L+BRZcZniKIvW58wqqS0ltXVvIkXuDSvnvnkkI5yMIVErR20K8jSOKQm1FmK+fgAJ4koshFiu9oLiqu0Ejc0DuL3/XRsb4RuxjktKTb1khgBBtb+7idEk0sFR0RPefAweXImJkDHDm7SxjDwGJUubbqpdTxasPr0W+AHI1VUzsUsTiHAoyb0XDkYqHfDzhj/ZdIEl4zHQ3bEZvlD984ztAnmX2SuFLLKfXeAAGHei8MMixJvwxYkkPeYZ/5h8WgBZPP4heS2CPjwYExt29L8QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQARjJFz++a9Z5IQGFzsZMrX2EDR5ML4xxUiQkbhld1S1PljOLcYFARDmUC2YYHOueU4ee8Jid9nPGEUebV/4Jok+b+oQh+dWMgiWjSLI7h5q4OYZ3VJtdlVwgMFt2iz+/4yBKMUZ50g3Qgg36vE34us+eKitg759JgCNsibxn0qtJgSPm0sgP2L6yTaLnoEUbXBRxCwynTSkp9ZijZqEzbhN0e2dWv7Rx/nfpohpDP6vEiFImKFHpDSv3M/5de1ytQzPFrZBYt9WlzlYwE1aD9FHCxdd+rWgYMVVoRaRmndpV/Rq3QUuDuFJtaoX11bC7ExkOpg9KstZzA63i3VcfYv</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://test.com/sso\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
|
|
55
|
+
* },
|
|
56
|
+
* displayName: "Display name",
|
|
57
|
+
* description: "A sample SAML workforce pool provider.",
|
|
58
|
+
* disabled: false,
|
|
59
|
+
* attributeCondition: "true",
|
|
60
|
+
* }, {
|
|
61
|
+
* provider: google_beta,
|
|
62
|
+
* });
|
|
63
|
+
* ```
|
|
64
|
+
* ### Iam Workforce Pool Provider Oidc Basic
|
|
65
|
+
*
|
|
66
|
+
* ```typescript
|
|
67
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
68
|
+
* import * as gcp from "@pulumi/gcp";
|
|
69
|
+
*
|
|
70
|
+
* const pool = new gcp.iam.WorkforcePool("pool", {
|
|
71
|
+
* workforcePoolId: "example-pool",
|
|
72
|
+
* parent: "organizations/123456789",
|
|
73
|
+
* location: "global",
|
|
74
|
+
* }, {
|
|
75
|
+
* provider: google_beta,
|
|
76
|
+
* });
|
|
77
|
+
* const example = new gcp.iam.WorkforcePoolProvider("example", {
|
|
78
|
+
* workforcePoolId: pool.workforcePoolId,
|
|
79
|
+
* location: pool.location,
|
|
80
|
+
* providerId: "example-prvdr",
|
|
81
|
+
* attributeMapping: {
|
|
82
|
+
* "google.subject": "assertion.sub",
|
|
83
|
+
* },
|
|
84
|
+
* oidc: {
|
|
85
|
+
* issuerUri: "https://accounts.google.com",
|
|
86
|
+
* clientId: "client-id",
|
|
87
|
+
* },
|
|
88
|
+
* }, {
|
|
89
|
+
* provider: google_beta,
|
|
90
|
+
* });
|
|
91
|
+
* ```
|
|
92
|
+
* ### Iam Workforce Pool Provider Oidc Full
|
|
93
|
+
*
|
|
94
|
+
* ```typescript
|
|
95
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
96
|
+
* import * as gcp from "@pulumi/gcp";
|
|
97
|
+
*
|
|
98
|
+
* const pool = new gcp.iam.WorkforcePool("pool", {
|
|
99
|
+
* workforcePoolId: "example-pool",
|
|
100
|
+
* parent: "organizations/123456789",
|
|
101
|
+
* location: "global",
|
|
102
|
+
* }, {
|
|
103
|
+
* provider: google_beta,
|
|
104
|
+
* });
|
|
105
|
+
* const example = new gcp.iam.WorkforcePoolProvider("example", {
|
|
106
|
+
* workforcePoolId: pool.workforcePoolId,
|
|
107
|
+
* location: pool.location,
|
|
108
|
+
* providerId: "example-prvdr",
|
|
109
|
+
* attributeMapping: {
|
|
110
|
+
* "google.subject": "assertion.sub",
|
|
111
|
+
* },
|
|
112
|
+
* oidc: {
|
|
113
|
+
* issuerUri: "https://accounts.google.com",
|
|
114
|
+
* clientId: "client-id",
|
|
115
|
+
* },
|
|
116
|
+
* displayName: "Display name",
|
|
117
|
+
* description: "A sample OIDC workforce pool provider.",
|
|
118
|
+
* disabled: false,
|
|
119
|
+
* attributeCondition: "true",
|
|
120
|
+
* }, {
|
|
121
|
+
* provider: google_beta,
|
|
122
|
+
* });
|
|
123
|
+
* ```
|
|
124
|
+
*
|
|
125
|
+
* ## Import
|
|
126
|
+
*
|
|
127
|
+
* WorkforcePoolProvider can be imported using any of these accepted formats
|
|
128
|
+
*
|
|
129
|
+
* ```sh
|
|
130
|
+
* $ pulumi import gcp:iam/workforcePoolProvider:WorkforcePoolProvider default locations/{{location}}/workforcePools/{{workforce_pool_id}}/providers/{{provider_id}}
|
|
131
|
+
* ```
|
|
132
|
+
*
|
|
133
|
+
* ```sh
|
|
134
|
+
* $ pulumi import gcp:iam/workforcePoolProvider:WorkforcePoolProvider default {{location}}/{{workforce_pool_id}}/{{provider_id}}
|
|
135
|
+
* ```
|
|
136
|
+
*/
|
|
137
|
+
export declare class WorkforcePoolProvider extends pulumi.CustomResource {
|
|
138
|
+
/**
|
|
139
|
+
* Get an existing WorkforcePoolProvider resource's state with the given name, ID, and optional extra
|
|
140
|
+
* properties used to qualify the lookup.
|
|
141
|
+
*
|
|
142
|
+
* @param name The _unique_ name of the resulting resource.
|
|
143
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
144
|
+
* @param state Any extra arguments used during the lookup.
|
|
145
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
146
|
+
*/
|
|
147
|
+
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: WorkforcePoolProviderState, opts?: pulumi.CustomResourceOptions): WorkforcePoolProvider;
|
|
148
|
+
/**
|
|
149
|
+
* Returns true if the given object is an instance of WorkforcePoolProvider. This is designed to work even
|
|
150
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
151
|
+
*/
|
|
152
|
+
static isInstance(obj: any): obj is WorkforcePoolProvider;
|
|
153
|
+
/**
|
|
154
|
+
* A [Common Expression Language](https://opensource.google/projects/cel) expression, in
|
|
155
|
+
* plain text, to restrict what otherwise valid authentication credentials issued by the
|
|
156
|
+
* provider should not be accepted.
|
|
157
|
+
* The expression must output a boolean representing whether to allow the federation.
|
|
158
|
+
* The following keywords may be referenced in the expressions:
|
|
159
|
+
* * `assertion`: JSON representing the authentication credential issued by the provider.
|
|
160
|
+
* * `google`: The Google attributes mapped from the assertion in the `attributeMappings`.
|
|
161
|
+
* `google.profile_photo` and `google.display_name` are not supported.
|
|
162
|
+
* * `attribute`: The custom attributes mapped from the assertion in the `attributeMappings`.
|
|
163
|
+
* The maximum length of the attribute condition expression is 4096 characters.
|
|
164
|
+
* If unspecified, all valid authentication credentials will be accepted.
|
|
165
|
+
* The following example shows how to only allow credentials with a mapped `google.groups` value of `admins`:
|
|
166
|
+
* ```typescript
|
|
167
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
168
|
+
* ```
|
|
169
|
+
*/
|
|
170
|
+
readonly attributeCondition: pulumi.Output<string | undefined>;
|
|
171
|
+
/**
|
|
172
|
+
* Maps attributes from the authentication credentials issued by an external identity provider
|
|
173
|
+
* to Google Cloud attributes, such as `subject` and `segment`.
|
|
174
|
+
* Each key must be a string specifying the Google Cloud IAM attribute to map to.
|
|
175
|
+
* The following keys are supported:
|
|
176
|
+
* * `google.subject`: The principal IAM is authenticating. You can reference this value in IAM bindings.
|
|
177
|
+
* This is also the subject that appears in Cloud Logging logs. This is a required field and
|
|
178
|
+
* the mapped subject cannot exceed 127 bytes.
|
|
179
|
+
* * `google.groups`: Groups the authenticating user belongs to. You can grant groups access to
|
|
180
|
+
* resources using an IAM `principalSet` binding; access applies to all members of the group.
|
|
181
|
+
* * `google.display_name`: The name of the authenticated user. This is an optional field and
|
|
182
|
+
* the mapped display name cannot exceed 100 bytes. If not set, `google.subject` will be displayed instead.
|
|
183
|
+
* This attribute cannot be referenced in IAM bindings.
|
|
184
|
+
* * `google.profile_photo`: The URL that specifies the authenticated user's thumbnail photo.
|
|
185
|
+
* This is an optional field. When set, the image will be visible as the user's profile picture.
|
|
186
|
+
* If not set, a generic user icon will be displayed instead.
|
|
187
|
+
* This attribute cannot be referenced in IAM bindings.
|
|
188
|
+
* You can also provide custom attributes by specifying `attribute.{custom_attribute}`, where {custom_attribute}
|
|
189
|
+
* is the name of the custom attribute to be mapped. You can define a maximum of 50 custom attributes.
|
|
190
|
+
* The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_].
|
|
191
|
+
* You can reference these attributes in IAM policies to define fine-grained access for a workforce pool
|
|
192
|
+
* to Google Cloud resources. For example:
|
|
193
|
+
* * `google.subject`:
|
|
194
|
+
* `principal://iam.googleapis.com/locations/{location}/workforcePools/{pool}/subject/{value}`
|
|
195
|
+
* * `google.groups`:
|
|
196
|
+
* `principalSet://iam.googleapis.com/locations/{location}/workforcePools/{pool}/group/{value}`
|
|
197
|
+
* * `attribute.{custom_attribute}`:
|
|
198
|
+
* `principalSet://iam.googleapis.com/locations/{location}/workforcePools/{pool}/attribute.{custom_attribute}/{value}`
|
|
199
|
+
* Each value must be a [Common Expression Language](https://opensource.google/projects/cel)
|
|
200
|
+
* function that maps an identity provider credential to the normalized attribute specified
|
|
201
|
+
* by the corresponding map key.
|
|
202
|
+
* You can use the `assertion` keyword in the expression to access a JSON representation of
|
|
203
|
+
* the authentication credential issued by the provider.
|
|
204
|
+
* The maximum length of an attribute mapping expression is 2048 characters. When evaluated,
|
|
205
|
+
* the total size of all mapped attributes must not exceed 8KB.
|
|
206
|
+
* For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
207
|
+
* For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
208
|
+
* on a Google token:
|
|
209
|
+
* ```typescript
|
|
210
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
211
|
+
* ```
|
|
212
|
+
* An object containing a list of `"key": value` pairs.
|
|
213
|
+
* Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
214
|
+
*/
|
|
215
|
+
readonly attributeMapping: pulumi.Output<{
|
|
216
|
+
[key: string]: string;
|
|
217
|
+
} | undefined>;
|
|
218
|
+
/**
|
|
219
|
+
* A user-specified description of the provider. Cannot exceed 256 characters.
|
|
220
|
+
*/
|
|
221
|
+
readonly description: pulumi.Output<string | undefined>;
|
|
222
|
+
/**
|
|
223
|
+
* Whether the provider is disabled. You cannot use a disabled provider to exchange tokens.
|
|
224
|
+
* However, existing tokens still grant access.
|
|
225
|
+
*/
|
|
226
|
+
readonly disabled: pulumi.Output<boolean | undefined>;
|
|
227
|
+
/**
|
|
228
|
+
* A user-specified display name for the provider. Cannot exceed 32 characters.
|
|
229
|
+
*/
|
|
230
|
+
readonly displayName: pulumi.Output<string | undefined>;
|
|
231
|
+
/**
|
|
232
|
+
* The location for the resource.
|
|
233
|
+
*/
|
|
234
|
+
readonly location: pulumi.Output<string>;
|
|
235
|
+
/**
|
|
236
|
+
* Output only. The resource name of the provider. Format:
|
|
237
|
+
* 'locations/{location}/workforcePools/{workforcePoolId}/providers/{providerId}'
|
|
238
|
+
*/
|
|
239
|
+
readonly name: pulumi.Output<string>;
|
|
240
|
+
/**
|
|
241
|
+
* Represents an OpenId Connect 1.0 identity provider.
|
|
242
|
+
* Structure is documented below.
|
|
243
|
+
*/
|
|
244
|
+
readonly oidc: pulumi.Output<outputs.iam.WorkforcePoolProviderOidc | undefined>;
|
|
245
|
+
/**
|
|
246
|
+
* The ID for the provider, which becomes the final component of the resource name.
|
|
247
|
+
* This value must be 4-32 characters, and may contain the characters [a-z0-9-].
|
|
248
|
+
* The prefix `gcp-` is reserved for use by Google, and may not be specified.
|
|
249
|
+
*/
|
|
250
|
+
readonly providerId: pulumi.Output<string>;
|
|
251
|
+
/**
|
|
252
|
+
* Represents a SAML identity provider.
|
|
253
|
+
* Structure is documented below.
|
|
254
|
+
*/
|
|
255
|
+
readonly saml: pulumi.Output<outputs.iam.WorkforcePoolProviderSaml | undefined>;
|
|
256
|
+
/**
|
|
257
|
+
* The current state of the provider. * STATE_UNSPECIFIED: State unspecified. * ACTIVE: The provider is active and may be
|
|
258
|
+
* used to validate authentication credentials. * DELETED: The provider is soft-deleted. Soft-deleted providers are
|
|
259
|
+
* permanently deleted after approximately 30 days. You can restore a soft-deleted provider using
|
|
260
|
+
* [providers.undelete](https://cloud.google.com/iam/docs/reference/rest/v1/locations.workforcePools.providers/undelete#google.iam.admin.v1.WorkforcePools.UndeleteWorkforcePoolProvider).
|
|
261
|
+
*/
|
|
262
|
+
readonly state: pulumi.Output<string>;
|
|
263
|
+
/**
|
|
264
|
+
* The ID to use for the pool, which becomes the final component of the resource name.
|
|
265
|
+
* The IDs must be a globally unique string of 6 to 63 lowercase letters, digits, or hyphens.
|
|
266
|
+
* It must start with a letter, and cannot have a trailing hyphen.
|
|
267
|
+
* The prefix `gcp-` is reserved for use by Google, and may not be specified.
|
|
268
|
+
*/
|
|
269
|
+
readonly workforcePoolId: pulumi.Output<string>;
|
|
270
|
+
/**
|
|
271
|
+
* Create a WorkforcePoolProvider resource with the given unique name, arguments, and options.
|
|
272
|
+
*
|
|
273
|
+
* @param name The _unique_ name of the resource.
|
|
274
|
+
* @param args The arguments to use to populate this resource's properties.
|
|
275
|
+
* @param opts A bag of options that control this resource's behavior.
|
|
276
|
+
*/
|
|
277
|
+
constructor(name: string, args: WorkforcePoolProviderArgs, opts?: pulumi.CustomResourceOptions);
|
|
278
|
+
}
|
|
279
|
+
/**
|
|
280
|
+
* Input properties used for looking up and filtering WorkforcePoolProvider resources.
|
|
281
|
+
*/
|
|
282
|
+
export interface WorkforcePoolProviderState {
|
|
283
|
+
/**
|
|
284
|
+
* A [Common Expression Language](https://opensource.google/projects/cel) expression, in
|
|
285
|
+
* plain text, to restrict what otherwise valid authentication credentials issued by the
|
|
286
|
+
* provider should not be accepted.
|
|
287
|
+
* The expression must output a boolean representing whether to allow the federation.
|
|
288
|
+
* The following keywords may be referenced in the expressions:
|
|
289
|
+
* * `assertion`: JSON representing the authentication credential issued by the provider.
|
|
290
|
+
* * `google`: The Google attributes mapped from the assertion in the `attributeMappings`.
|
|
291
|
+
* `google.profile_photo` and `google.display_name` are not supported.
|
|
292
|
+
* * `attribute`: The custom attributes mapped from the assertion in the `attributeMappings`.
|
|
293
|
+
* The maximum length of the attribute condition expression is 4096 characters.
|
|
294
|
+
* If unspecified, all valid authentication credentials will be accepted.
|
|
295
|
+
* The following example shows how to only allow credentials with a mapped `google.groups` value of `admins`:
|
|
296
|
+
* ```typescript
|
|
297
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
298
|
+
* ```
|
|
299
|
+
*/
|
|
300
|
+
attributeCondition?: pulumi.Input<string>;
|
|
301
|
+
/**
|
|
302
|
+
* Maps attributes from the authentication credentials issued by an external identity provider
|
|
303
|
+
* to Google Cloud attributes, such as `subject` and `segment`.
|
|
304
|
+
* Each key must be a string specifying the Google Cloud IAM attribute to map to.
|
|
305
|
+
* The following keys are supported:
|
|
306
|
+
* * `google.subject`: The principal IAM is authenticating. You can reference this value in IAM bindings.
|
|
307
|
+
* This is also the subject that appears in Cloud Logging logs. This is a required field and
|
|
308
|
+
* the mapped subject cannot exceed 127 bytes.
|
|
309
|
+
* * `google.groups`: Groups the authenticating user belongs to. You can grant groups access to
|
|
310
|
+
* resources using an IAM `principalSet` binding; access applies to all members of the group.
|
|
311
|
+
* * `google.display_name`: The name of the authenticated user. This is an optional field and
|
|
312
|
+
* the mapped display name cannot exceed 100 bytes. If not set, `google.subject` will be displayed instead.
|
|
313
|
+
* This attribute cannot be referenced in IAM bindings.
|
|
314
|
+
* * `google.profile_photo`: The URL that specifies the authenticated user's thumbnail photo.
|
|
315
|
+
* This is an optional field. When set, the image will be visible as the user's profile picture.
|
|
316
|
+
* If not set, a generic user icon will be displayed instead.
|
|
317
|
+
* This attribute cannot be referenced in IAM bindings.
|
|
318
|
+
* You can also provide custom attributes by specifying `attribute.{custom_attribute}`, where {custom_attribute}
|
|
319
|
+
* is the name of the custom attribute to be mapped. You can define a maximum of 50 custom attributes.
|
|
320
|
+
* The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_].
|
|
321
|
+
* You can reference these attributes in IAM policies to define fine-grained access for a workforce pool
|
|
322
|
+
* to Google Cloud resources. For example:
|
|
323
|
+
* * `google.subject`:
|
|
324
|
+
* `principal://iam.googleapis.com/locations/{location}/workforcePools/{pool}/subject/{value}`
|
|
325
|
+
* * `google.groups`:
|
|
326
|
+
* `principalSet://iam.googleapis.com/locations/{location}/workforcePools/{pool}/group/{value}`
|
|
327
|
+
* * `attribute.{custom_attribute}`:
|
|
328
|
+
* `principalSet://iam.googleapis.com/locations/{location}/workforcePools/{pool}/attribute.{custom_attribute}/{value}`
|
|
329
|
+
* Each value must be a [Common Expression Language](https://opensource.google/projects/cel)
|
|
330
|
+
* function that maps an identity provider credential to the normalized attribute specified
|
|
331
|
+
* by the corresponding map key.
|
|
332
|
+
* You can use the `assertion` keyword in the expression to access a JSON representation of
|
|
333
|
+
* the authentication credential issued by the provider.
|
|
334
|
+
* The maximum length of an attribute mapping expression is 2048 characters. When evaluated,
|
|
335
|
+
* the total size of all mapped attributes must not exceed 8KB.
|
|
336
|
+
* For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
337
|
+
* For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
338
|
+
* on a Google token:
|
|
339
|
+
* ```typescript
|
|
340
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
341
|
+
* ```
|
|
342
|
+
* An object containing a list of `"key": value` pairs.
|
|
343
|
+
* Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
344
|
+
*/
|
|
345
|
+
attributeMapping?: pulumi.Input<{
|
|
346
|
+
[key: string]: pulumi.Input<string>;
|
|
347
|
+
}>;
|
|
348
|
+
/**
|
|
349
|
+
* A user-specified description of the provider. Cannot exceed 256 characters.
|
|
350
|
+
*/
|
|
351
|
+
description?: pulumi.Input<string>;
|
|
352
|
+
/**
|
|
353
|
+
* Whether the provider is disabled. You cannot use a disabled provider to exchange tokens.
|
|
354
|
+
* However, existing tokens still grant access.
|
|
355
|
+
*/
|
|
356
|
+
disabled?: pulumi.Input<boolean>;
|
|
357
|
+
/**
|
|
358
|
+
* A user-specified display name for the provider. Cannot exceed 32 characters.
|
|
359
|
+
*/
|
|
360
|
+
displayName?: pulumi.Input<string>;
|
|
361
|
+
/**
|
|
362
|
+
* The location for the resource.
|
|
363
|
+
*/
|
|
364
|
+
location?: pulumi.Input<string>;
|
|
365
|
+
/**
|
|
366
|
+
* Output only. The resource name of the provider. Format:
|
|
367
|
+
* 'locations/{location}/workforcePools/{workforcePoolId}/providers/{providerId}'
|
|
368
|
+
*/
|
|
369
|
+
name?: pulumi.Input<string>;
|
|
370
|
+
/**
|
|
371
|
+
* Represents an OpenId Connect 1.0 identity provider.
|
|
372
|
+
* Structure is documented below.
|
|
373
|
+
*/
|
|
374
|
+
oidc?: pulumi.Input<inputs.iam.WorkforcePoolProviderOidc>;
|
|
375
|
+
/**
|
|
376
|
+
* The ID for the provider, which becomes the final component of the resource name.
|
|
377
|
+
* This value must be 4-32 characters, and may contain the characters [a-z0-9-].
|
|
378
|
+
* The prefix `gcp-` is reserved for use by Google, and may not be specified.
|
|
379
|
+
*/
|
|
380
|
+
providerId?: pulumi.Input<string>;
|
|
381
|
+
/**
|
|
382
|
+
* Represents a SAML identity provider.
|
|
383
|
+
* Structure is documented below.
|
|
384
|
+
*/
|
|
385
|
+
saml?: pulumi.Input<inputs.iam.WorkforcePoolProviderSaml>;
|
|
386
|
+
/**
|
|
387
|
+
* The current state of the provider. * STATE_UNSPECIFIED: State unspecified. * ACTIVE: The provider is active and may be
|
|
388
|
+
* used to validate authentication credentials. * DELETED: The provider is soft-deleted. Soft-deleted providers are
|
|
389
|
+
* permanently deleted after approximately 30 days. You can restore a soft-deleted provider using
|
|
390
|
+
* [providers.undelete](https://cloud.google.com/iam/docs/reference/rest/v1/locations.workforcePools.providers/undelete#google.iam.admin.v1.WorkforcePools.UndeleteWorkforcePoolProvider).
|
|
391
|
+
*/
|
|
392
|
+
state?: pulumi.Input<string>;
|
|
393
|
+
/**
|
|
394
|
+
* The ID to use for the pool, which becomes the final component of the resource name.
|
|
395
|
+
* The IDs must be a globally unique string of 6 to 63 lowercase letters, digits, or hyphens.
|
|
396
|
+
* It must start with a letter, and cannot have a trailing hyphen.
|
|
397
|
+
* The prefix `gcp-` is reserved for use by Google, and may not be specified.
|
|
398
|
+
*/
|
|
399
|
+
workforcePoolId?: pulumi.Input<string>;
|
|
400
|
+
}
|
|
401
|
+
/**
|
|
402
|
+
* The set of arguments for constructing a WorkforcePoolProvider resource.
|
|
403
|
+
*/
|
|
404
|
+
export interface WorkforcePoolProviderArgs {
|
|
405
|
+
/**
|
|
406
|
+
* A [Common Expression Language](https://opensource.google/projects/cel) expression, in
|
|
407
|
+
* plain text, to restrict what otherwise valid authentication credentials issued by the
|
|
408
|
+
* provider should not be accepted.
|
|
409
|
+
* The expression must output a boolean representing whether to allow the federation.
|
|
410
|
+
* The following keywords may be referenced in the expressions:
|
|
411
|
+
* * `assertion`: JSON representing the authentication credential issued by the provider.
|
|
412
|
+
* * `google`: The Google attributes mapped from the assertion in the `attributeMappings`.
|
|
413
|
+
* `google.profile_photo` and `google.display_name` are not supported.
|
|
414
|
+
* * `attribute`: The custom attributes mapped from the assertion in the `attributeMappings`.
|
|
415
|
+
* The maximum length of the attribute condition expression is 4096 characters.
|
|
416
|
+
* If unspecified, all valid authentication credentials will be accepted.
|
|
417
|
+
* The following example shows how to only allow credentials with a mapped `google.groups` value of `admins`:
|
|
418
|
+
* ```typescript
|
|
419
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
420
|
+
* ```
|
|
421
|
+
*/
|
|
422
|
+
attributeCondition?: pulumi.Input<string>;
|
|
423
|
+
/**
|
|
424
|
+
* Maps attributes from the authentication credentials issued by an external identity provider
|
|
425
|
+
* to Google Cloud attributes, such as `subject` and `segment`.
|
|
426
|
+
* Each key must be a string specifying the Google Cloud IAM attribute to map to.
|
|
427
|
+
* The following keys are supported:
|
|
428
|
+
* * `google.subject`: The principal IAM is authenticating. You can reference this value in IAM bindings.
|
|
429
|
+
* This is also the subject that appears in Cloud Logging logs. This is a required field and
|
|
430
|
+
* the mapped subject cannot exceed 127 bytes.
|
|
431
|
+
* * `google.groups`: Groups the authenticating user belongs to. You can grant groups access to
|
|
432
|
+
* resources using an IAM `principalSet` binding; access applies to all members of the group.
|
|
433
|
+
* * `google.display_name`: The name of the authenticated user. This is an optional field and
|
|
434
|
+
* the mapped display name cannot exceed 100 bytes. If not set, `google.subject` will be displayed instead.
|
|
435
|
+
* This attribute cannot be referenced in IAM bindings.
|
|
436
|
+
* * `google.profile_photo`: The URL that specifies the authenticated user's thumbnail photo.
|
|
437
|
+
* This is an optional field. When set, the image will be visible as the user's profile picture.
|
|
438
|
+
* If not set, a generic user icon will be displayed instead.
|
|
439
|
+
* This attribute cannot be referenced in IAM bindings.
|
|
440
|
+
* You can also provide custom attributes by specifying `attribute.{custom_attribute}`, where {custom_attribute}
|
|
441
|
+
* is the name of the custom attribute to be mapped. You can define a maximum of 50 custom attributes.
|
|
442
|
+
* The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_].
|
|
443
|
+
* You can reference these attributes in IAM policies to define fine-grained access for a workforce pool
|
|
444
|
+
* to Google Cloud resources. For example:
|
|
445
|
+
* * `google.subject`:
|
|
446
|
+
* `principal://iam.googleapis.com/locations/{location}/workforcePools/{pool}/subject/{value}`
|
|
447
|
+
* * `google.groups`:
|
|
448
|
+
* `principalSet://iam.googleapis.com/locations/{location}/workforcePools/{pool}/group/{value}`
|
|
449
|
+
* * `attribute.{custom_attribute}`:
|
|
450
|
+
* `principalSet://iam.googleapis.com/locations/{location}/workforcePools/{pool}/attribute.{custom_attribute}/{value}`
|
|
451
|
+
* Each value must be a [Common Expression Language](https://opensource.google/projects/cel)
|
|
452
|
+
* function that maps an identity provider credential to the normalized attribute specified
|
|
453
|
+
* by the corresponding map key.
|
|
454
|
+
* You can use the `assertion` keyword in the expression to access a JSON representation of
|
|
455
|
+
* the authentication credential issued by the provider.
|
|
456
|
+
* The maximum length of an attribute mapping expression is 2048 characters. When evaluated,
|
|
457
|
+
* the total size of all mapped attributes must not exceed 8KB.
|
|
458
|
+
* For OIDC providers, you must supply a custom mapping that includes the `google.subject` attribute.
|
|
459
|
+
* For example, the following maps the sub claim of the incoming credential to the `subject` attribute
|
|
460
|
+
* on a Google token:
|
|
461
|
+
* ```typescript
|
|
462
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
463
|
+
* ```
|
|
464
|
+
* An object containing a list of `"key": value` pairs.
|
|
465
|
+
* Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
|
|
466
|
+
*/
|
|
467
|
+
attributeMapping?: pulumi.Input<{
|
|
468
|
+
[key: string]: pulumi.Input<string>;
|
|
469
|
+
}>;
|
|
470
|
+
/**
|
|
471
|
+
* A user-specified description of the provider. Cannot exceed 256 characters.
|
|
472
|
+
*/
|
|
473
|
+
description?: pulumi.Input<string>;
|
|
474
|
+
/**
|
|
475
|
+
* Whether the provider is disabled. You cannot use a disabled provider to exchange tokens.
|
|
476
|
+
* However, existing tokens still grant access.
|
|
477
|
+
*/
|
|
478
|
+
disabled?: pulumi.Input<boolean>;
|
|
479
|
+
/**
|
|
480
|
+
* A user-specified display name for the provider. Cannot exceed 32 characters.
|
|
481
|
+
*/
|
|
482
|
+
displayName?: pulumi.Input<string>;
|
|
483
|
+
/**
|
|
484
|
+
* The location for the resource.
|
|
485
|
+
*/
|
|
486
|
+
location: pulumi.Input<string>;
|
|
487
|
+
/**
|
|
488
|
+
* Represents an OpenId Connect 1.0 identity provider.
|
|
489
|
+
* Structure is documented below.
|
|
490
|
+
*/
|
|
491
|
+
oidc?: pulumi.Input<inputs.iam.WorkforcePoolProviderOidc>;
|
|
492
|
+
/**
|
|
493
|
+
* The ID for the provider, which becomes the final component of the resource name.
|
|
494
|
+
* This value must be 4-32 characters, and may contain the characters [a-z0-9-].
|
|
495
|
+
* The prefix `gcp-` is reserved for use by Google, and may not be specified.
|
|
496
|
+
*/
|
|
497
|
+
providerId: pulumi.Input<string>;
|
|
498
|
+
/**
|
|
499
|
+
* Represents a SAML identity provider.
|
|
500
|
+
* Structure is documented below.
|
|
501
|
+
*/
|
|
502
|
+
saml?: pulumi.Input<inputs.iam.WorkforcePoolProviderSaml>;
|
|
503
|
+
/**
|
|
504
|
+
* The ID to use for the pool, which becomes the final component of the resource name.
|
|
505
|
+
* The IDs must be a globally unique string of 6 to 63 lowercase letters, digits, or hyphens.
|
|
506
|
+
* It must start with a letter, and cannot have a trailing hyphen.
|
|
507
|
+
* The prefix `gcp-` is reserved for use by Google, and may not be specified.
|
|
508
|
+
*/
|
|
509
|
+
workforcePoolId: pulumi.Input<string>;
|
|
510
|
+
}
|