pulumi-gcp 7.35.0a1722924350__py3-none-any.whl → 7.36.0__py3-none-any.whl

pulumi_gcp/iap/web_type_app_enging_iam_policy.py

@@ -273,6 +273,27 @@ class WebTypeAppEngingIamPolicy(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeAppEngine
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeAppEngine. Each of these resources serves a different use case:
+
+        * `iap.WebTypeAppEngingIamPolicy`: Authoritative. Sets the IAM policy for the webtypeappengine and replaces any existing policy already attached.
+        * `iap.WebTypeAppEngingIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypeappengine are preserved.
+        * `iap.WebTypeAppEngingIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypeappengine are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeAppEngingIamPolicy`: Retrieves the IAM policy for the webtypeappengine
+
+        > **Note:** `iap.WebTypeAppEngingIamPolicy` **cannot** be used in conjunction with `iap.WebTypeAppEngingIamBinding` and `iap.WebTypeAppEngingIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeAppEngingIamBinding` resources **can be** used in conjunction with `iap.WebTypeAppEngingIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeAppEngingIamPolicy
 
         ```python
@@ -534,6 +555,27 @@ class WebTypeAppEngingIamPolicy(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeAppEngine
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeAppEngine. Each of these resources serves a different use case:
+
+        * `iap.WebTypeAppEngingIamPolicy`: Authoritative. Sets the IAM policy for the webtypeappengine and replaces any existing policy already attached.
+        * `iap.WebTypeAppEngingIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypeappengine are preserved.
+        * `iap.WebTypeAppEngingIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypeappengine are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeAppEngingIamPolicy`: Retrieves the IAM policy for the webtypeappengine
+
+        > **Note:** `iap.WebTypeAppEngingIamPolicy` **cannot** be used in conjunction with `iap.WebTypeAppEngingIamBinding` and `iap.WebTypeAppEngingIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeAppEngingIamBinding` resources **can be** used in conjunction with `iap.WebTypeAppEngingIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeAppEngingIamPolicy
 
         ```python

pulumi_gcp/iap/web_type_compute_iam_binding.py

@@ -350,6 +350,27 @@ class WebTypeComputeIamBinding(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeCompute
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeCompute. Each of these resources serves a different use case:
+
+        * `iap.WebTypeComputeIamPolicy`: Authoritative. Sets the IAM policy for the webtypecompute and replaces any existing policy already attached.
+        * `iap.WebTypeComputeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypecompute are preserved.
+        * `iap.WebTypeComputeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypecompute are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeComputeIamPolicy`: Retrieves the IAM policy for the webtypecompute
+
+        > **Note:** `iap.WebTypeComputeIamPolicy` **cannot** be used in conjunction with `iap.WebTypeComputeIamBinding` and `iap.WebTypeComputeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeComputeIamBinding` resources **can be** used in conjunction with `iap.WebTypeComputeIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeComputeIamPolicy
 
         ```python
@@ -610,6 +631,27 @@ class WebTypeComputeIamBinding(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeCompute
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeCompute. Each of these resources serves a different use case:
+
+        * `iap.WebTypeComputeIamPolicy`: Authoritative. Sets the IAM policy for the webtypecompute and replaces any existing policy already attached.
+        * `iap.WebTypeComputeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypecompute are preserved.
+        * `iap.WebTypeComputeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypecompute are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeComputeIamPolicy`: Retrieves the IAM policy for the webtypecompute
+
+        > **Note:** `iap.WebTypeComputeIamPolicy` **cannot** be used in conjunction with `iap.WebTypeComputeIamBinding` and `iap.WebTypeComputeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeComputeIamBinding` resources **can be** used in conjunction with `iap.WebTypeComputeIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeComputeIamPolicy
 
         ```python

pulumi_gcp/iap/web_type_compute_iam_member.py

@@ -350,6 +350,27 @@ class WebTypeComputeIamMember(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeCompute
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeCompute. Each of these resources serves a different use case:
+
+        * `iap.WebTypeComputeIamPolicy`: Authoritative. Sets the IAM policy for the webtypecompute and replaces any existing policy already attached.
+        * `iap.WebTypeComputeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypecompute are preserved.
+        * `iap.WebTypeComputeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypecompute are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeComputeIamPolicy`: Retrieves the IAM policy for the webtypecompute
+
+        > **Note:** `iap.WebTypeComputeIamPolicy` **cannot** be used in conjunction with `iap.WebTypeComputeIamBinding` and `iap.WebTypeComputeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeComputeIamBinding` resources **can be** used in conjunction with `iap.WebTypeComputeIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeComputeIamPolicy
 
         ```python
@@ -610,6 +631,27 @@ class WebTypeComputeIamMember(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeCompute
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeCompute. Each of these resources serves a different use case:
+
+        * `iap.WebTypeComputeIamPolicy`: Authoritative. Sets the IAM policy for the webtypecompute and replaces any existing policy already attached.
+        * `iap.WebTypeComputeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypecompute are preserved.
+        * `iap.WebTypeComputeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypecompute are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeComputeIamPolicy`: Retrieves the IAM policy for the webtypecompute
+
+        > **Note:** `iap.WebTypeComputeIamPolicy` **cannot** be used in conjunction with `iap.WebTypeComputeIamBinding` and `iap.WebTypeComputeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeComputeIamBinding` resources **can be** used in conjunction with `iap.WebTypeComputeIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeComputeIamPolicy
 
         ```python

pulumi_gcp/iap/web_type_compute_iam_policy.py

@@ -235,6 +235,27 @@ class WebTypeComputeIamPolicy(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeCompute
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeCompute. Each of these resources serves a different use case:
+
+        * `iap.WebTypeComputeIamPolicy`: Authoritative. Sets the IAM policy for the webtypecompute and replaces any existing policy already attached.
+        * `iap.WebTypeComputeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypecompute are preserved.
+        * `iap.WebTypeComputeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypecompute are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeComputeIamPolicy`: Retrieves the IAM policy for the webtypecompute
+
+        > **Note:** `iap.WebTypeComputeIamPolicy` **cannot** be used in conjunction with `iap.WebTypeComputeIamBinding` and `iap.WebTypeComputeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeComputeIamBinding` resources **can be** used in conjunction with `iap.WebTypeComputeIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeComputeIamPolicy
 
         ```python
@@ -481,6 +502,27 @@ class WebTypeComputeIamPolicy(pulumi.CustomResource):
             })
         ```
 
+        ## This resource supports User Project Overrides.
+
+        - 
+
+        # IAM policy for Identity-Aware Proxy WebTypeCompute
+        Three different resources help you manage your IAM policy for Identity-Aware Proxy WebTypeCompute. Each of these resources serves a different use case:
+
+        * `iap.WebTypeComputeIamPolicy`: Authoritative. Sets the IAM policy for the webtypecompute and replaces any existing policy already attached.
+        * `iap.WebTypeComputeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the webtypecompute are preserved.
+        * `iap.WebTypeComputeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the webtypecompute are preserved.
+
+        A data source can be used to retrieve policy data in advent you do not need creation
+
+        * `iap.WebTypeComputeIamPolicy`: Retrieves the IAM policy for the webtypecompute
+
+        > **Note:** `iap.WebTypeComputeIamPolicy` **cannot** be used in conjunction with `iap.WebTypeComputeIamBinding` and `iap.WebTypeComputeIamMember` or they will fight over what your policy should be.
+
+        > **Note:** `iap.WebTypeComputeIamBinding` resources **can be** used in conjunction with `iap.WebTypeComputeIamMember` resources **only if** they do not grant privilege to the same role.
+
+        > **Note:**  This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.
+
         ## iap.WebTypeComputeIamPolicy
 
         ```python

pulumi_gcp/kms/key_handle.py

@@ -31,7 +31,7 @@ class KeyHandleArgs:
                
                - - -
         :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources.
-               For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`
+               For example, `storage.googleapis.com/Bucket`.
         :param pulumi.Input[str] name: The resource name for the KeyHandle.
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
@@ -64,7 +64,7 @@ class KeyHandleArgs:
     def resource_type_selector(self) -> pulumi.Input[str]:
         """
         Selector of the resource type where we want to protect resources.
-        For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`
+        For example, `storage.googleapis.com/Bucket`.
         """
         return pulumi.get(self, "resource_type_selector")
 
@@ -120,7 +120,7 @@ class _KeyHandleState:
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources.
-               For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`
+               For example, `storage.googleapis.com/Bucket`.
         """
         if kms_key is not None:
             pulumi.set(__self__, "kms_key", kms_key)
@@ -193,7 +193,7 @@ class _KeyHandleState:
     def resource_type_selector(self) -> Optional[pulumi.Input[str]]:
         """
         Selector of the resource type where we want to protect resources.
-        For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`
+        For example, `storage.googleapis.com/Bucket`.
         """
         return pulumi.get(self, "resource_type_selector")
 
@@ -317,7 +317,7 @@ class KeyHandle(pulumi.CustomResource):
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources.
-               For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`
+               For example, `storage.googleapis.com/Bucket`.
         """
         ...
     @overload
@@ -490,7 +490,7 @@ class KeyHandle(pulumi.CustomResource):
         :param pulumi.Input[str] project: The ID of the project in which the resource belongs.
                If it is not provided, the provider project is used.
         :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources.
-               For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`
+               For example, `storage.googleapis.com/Bucket`.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
 
@@ -547,7 +547,7 @@ class KeyHandle(pulumi.CustomResource):
     def resource_type_selector(self) -> pulumi.Output[str]:
         """
         Selector of the resource type where we want to protect resources.
-        For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`
+        For example, `storage.googleapis.com/Bucket`.
         """
         return pulumi.get(self, "resource_type_selector")
 

pulumi_gcp/kms/key_ring_iam_binding.py

@@ -347,47 +347,6 @@ class KeyRingIAMBinding(pulumi.CustomResource):
             })
         ```
 
-        ## kms.KeyRingIAMPolicy
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
         ## kms.KeyRingIAMBinding
 
         ```python
@@ -608,47 +567,6 @@ class KeyRingIAMBinding(pulumi.CustomResource):
             })
         ```
 
-        ## kms.KeyRingIAMPolicy
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
         ## kms.KeyRingIAMBinding
 
         ```python

pulumi_gcp/kms/key_ring_iam_member.py

@@ -347,47 +347,6 @@ class KeyRingIAMMember(pulumi.CustomResource):
             })
         ```
 
-        ## kms.KeyRingIAMPolicy
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
         ## kms.KeyRingIAMBinding
 
         ```python
@@ -608,47 +567,6 @@ class KeyRingIAMMember(pulumi.CustomResource):
             })
         ```
 
-        ## kms.KeyRingIAMPolicy
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
         ## kms.KeyRingIAMBinding
 
         ```python

pulumi_gcp/kms/key_ring_iam_policy.py

@@ -244,47 +244,6 @@ class KeyRingIAMPolicy(pulumi.CustomResource):
             })
         ```
 
-        ## kms.KeyRingIAMPolicy
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
         ## kms.KeyRingIAMBinding
 
         ```python
@@ -494,47 +453,6 @@ class KeyRingIAMPolicy(pulumi.CustomResource):
             })
         ```
 
-        ## kms.KeyRingIAMPolicy
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
-        With IAM Conditions:
-
-        ```python
-        import pulumi
-        import pulumi_gcp as gcp
-
-        keyring = gcp.kms.KeyRing("keyring",
-            name="keyring-example",
-            location="global")
-        admin = gcp.organizations.get_iam_policy(bindings=[{
-            "role": "roles/editor",
-            "members": ["user:jane@example.com"],
-            "condition": {
-                "title": "expires_after_2019_12_31",
-                "description": "Expiring at midnight of 2019-12-31",
-                "expression": "request.time < timestamp(\\"2020-01-01T00:00:00Z\\")",
-            },
-        }])
-        key_ring = gcp.kms.KeyRingIAMPolicy("key_ring",
-            key_ring_id=keyring.id,
-            policy_data=admin.policy_data)
-        ```
-
         ## kms.KeyRingIAMBinding
 
         ```python