1. Packages
  2. Google Cloud Native
  3. API Docs
  4. accesscontextmanager
  5. accesscontextmanager/v1
  6. AccessPolicy

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.accesscontextmanager/v1.AccessPolicy

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

    Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. Syntactic and basic semantic errors are returned in metadata as a BadRequest proto. Auto-naming is currently not supported for this resource.

    Create AccessPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AccessPolicy(name: string, args: AccessPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def AccessPolicy(resource_name: str,
                     args: AccessPolicyArgs,
                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def AccessPolicy(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     parent: Optional[str] = None,
                     title: Optional[str] = None,
                     scopes: Optional[Sequence[str]] = None)
    func NewAccessPolicy(ctx *Context, name string, args AccessPolicyArgs, opts ...ResourceOption) (*AccessPolicy, error)
    public AccessPolicy(string name, AccessPolicyArgs args, CustomResourceOptions? opts = null)
    public AccessPolicy(String name, AccessPolicyArgs args)
    public AccessPolicy(String name, AccessPolicyArgs args, CustomResourceOptions options)
    
    type: google-native:accesscontextmanager/v1:AccessPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AccessPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AccessPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AccessPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AccessPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AccessPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var accessPolicyResource = new GoogleNative.AccessContextManager.V1.AccessPolicy("accessPolicyResource", new()
    {
        Parent = "string",
        Title = "string",
        Scopes = new[]
        {
            "string",
        },
    });
    
    example, err := accesscontextmanager.NewAccessPolicy(ctx, "accessPolicyResource", &accesscontextmanager.AccessPolicyArgs{
    	Parent: pulumi.String("string"),
    	Title:  pulumi.String("string"),
    	Scopes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    })
    
    var accessPolicyResource = new AccessPolicy("accessPolicyResource", AccessPolicyArgs.builder()
        .parent("string")
        .title("string")
        .scopes("string")
        .build());
    
    access_policy_resource = google_native.accesscontextmanager.v1.AccessPolicy("accessPolicyResource",
        parent="string",
        title="string",
        scopes=["string"])
    
    const accessPolicyResource = new google_native.accesscontextmanager.v1.AccessPolicy("accessPolicyResource", {
        parent: "string",
        title: "string",
        scopes: ["string"],
    });
    
    type: google-native:accesscontextmanager/v1:AccessPolicy
    properties:
        parent: string
        scopes:
            - string
        title: string
    

    AccessPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The AccessPolicy resource accepts the following input properties:

    Parent string
    The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}
    Title string
    Human readable title. Does not affect behavior.
    Scopes List<string>
    The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with scopes=["folders/123"] has the following behavior: - ServicePerimeter can only restrict projects within folders/123. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes folders/123 will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
    Parent string
    The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}
    Title string
    Human readable title. Does not affect behavior.
    Scopes []string
    The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with scopes=["folders/123"] has the following behavior: - ServicePerimeter can only restrict projects within folders/123. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes folders/123 will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
    parent String
    The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}
    title String
    Human readable title. Does not affect behavior.
    scopes List<String>
    The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with scopes=["folders/123"] has the following behavior: - ServicePerimeter can only restrict projects within folders/123. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes folders/123 will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
    parent string
    The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}
    title string
    Human readable title. Does not affect behavior.
    scopes string[]
    The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with scopes=["folders/123"] has the following behavior: - ServicePerimeter can only restrict projects within folders/123. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes folders/123 will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
    parent str
    The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}
    title str
    Human readable title. Does not affect behavior.
    scopes Sequence[str]
    The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with scopes=["folders/123"] has the following behavior: - ServicePerimeter can only restrict projects within folders/123. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes folders/123 will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}
    parent String
    The parent of this AccessPolicy in the Cloud Resource Hierarchy. Currently immutable once created. Format: organizations/{organization_id}
    title String
    Human readable title. Does not affect behavior.
    scopes List<String>
    The scopes of the AccessPolicy. Scopes define which resources a policy can restrict and where its resources can be referenced. For example, policy A with scopes=["folders/123"] has the following behavior: - ServicePerimeter can only restrict projects within folders/123. - ServicePerimeter within policy A can only reference access levels defined within policy A. - Only one policy can include a given scope; thus, attempting to create a second policy which includes folders/123 will result in an error. If no scopes are provided, then any resource within the organization can be restricted. Scopes cannot be modified after a policy is created. Policies can only have a single scope. Format: list of folders/{folder_number} or projects/{project_number}

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AccessPolicy resource produces the following output properties:

    Etag string
    An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}
    Etag string
    An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}
    etag String
    An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}
    etag string
    An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}
    etag str
    An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}
    etag String
    An opaque identifier for the current version of the AccessPolicy. This will always be a strongly validated etag, meaning that two Access Polices will be identical if and only if their etags are identical. Clients should not expect this to be in any specific format.
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    Resource name of the AccessPolicy. Format: accessPolicies/{access_policy}

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi