Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.accesscontextmanager/v1.GcpUserAccessBinding
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Creates a GcpUserAccessBinding. If the client specifies a name, the server ignores it. Fails if a resource already exists with the same group_key. Completion of this long-running operation does not necessarily signify that the new binding is deployed onto all affected users, which may take more time.
Create GcpUserAccessBinding Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GcpUserAccessBinding(name: string, args: GcpUserAccessBindingArgs, opts?: CustomResourceOptions);
@overload
def GcpUserAccessBinding(resource_name: str,
args: GcpUserAccessBindingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GcpUserAccessBinding(resource_name: str,
opts: Optional[ResourceOptions] = None,
group_key: Optional[str] = None,
organization_id: Optional[str] = None,
access_levels: Optional[Sequence[str]] = None,
dry_run_access_levels: Optional[Sequence[str]] = None,
name: Optional[str] = None)
func NewGcpUserAccessBinding(ctx *Context, name string, args GcpUserAccessBindingArgs, opts ...ResourceOption) (*GcpUserAccessBinding, error)
public GcpUserAccessBinding(string name, GcpUserAccessBindingArgs args, CustomResourceOptions? opts = null)
public GcpUserAccessBinding(String name, GcpUserAccessBindingArgs args)
public GcpUserAccessBinding(String name, GcpUserAccessBindingArgs args, CustomResourceOptions options)
type: google-native:accesscontextmanager/v1:GcpUserAccessBinding
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GcpUserAccessBindingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GcpUserAccessBindingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GcpUserAccessBindingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GcpUserAccessBindingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GcpUserAccessBindingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var gcpUserAccessBindingResource = new GoogleNative.AccessContextManager.V1.GcpUserAccessBinding("gcpUserAccessBindingResource", new()
{
GroupKey = "string",
OrganizationId = "string",
AccessLevels = new[]
{
"string",
},
DryRunAccessLevels = new[]
{
"string",
},
Name = "string",
});
example, err := accesscontextmanager.NewGcpUserAccessBinding(ctx, "gcpUserAccessBindingResource", &accesscontextmanager.GcpUserAccessBindingArgs{
GroupKey: pulumi.String("string"),
OrganizationId: pulumi.String("string"),
AccessLevels: pulumi.StringArray{
pulumi.String("string"),
},
DryRunAccessLevels: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
})
var gcpUserAccessBindingResource = new GcpUserAccessBinding("gcpUserAccessBindingResource", GcpUserAccessBindingArgs.builder()
.groupKey("string")
.organizationId("string")
.accessLevels("string")
.dryRunAccessLevels("string")
.name("string")
.build());
gcp_user_access_binding_resource = google_native.accesscontextmanager.v1.GcpUserAccessBinding("gcpUserAccessBindingResource",
group_key="string",
organization_id="string",
access_levels=["string"],
dry_run_access_levels=["string"],
name="string")
const gcpUserAccessBindingResource = new google_native.accesscontextmanager.v1.GcpUserAccessBinding("gcpUserAccessBindingResource", {
groupKey: "string",
organizationId: "string",
accessLevels: ["string"],
dryRunAccessLevels: ["string"],
name: "string",
});
type: google-native:accesscontextmanager/v1:GcpUserAccessBinding
properties:
accessLevels:
- string
dryRunAccessLevels:
- string
groupKey: string
name: string
organizationId: string
GcpUserAccessBinding Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The GcpUserAccessBinding resource accepts the following input properties:
- Group
Key string - Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
- Organization
Id string - Access
Levels List<string> - Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- Dry
Run List<string>Access Levels - Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- Name string
- Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
- Group
Key string - Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
- Organization
Id string - Access
Levels []string - Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- Dry
Run []stringAccess Levels - Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- Name string
- Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
- group
Key String - Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
- organization
Id String - access
Levels List<String> - Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- dry
Run List<String>Access Levels - Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- name String
- Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
- group
Key string - Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
- organization
Id string - access
Levels string[] - Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- dry
Run string[]Access Levels - Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- name string
- Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
- group_
key str - Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
- organization_
id str - access_
levels Sequence[str] - Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- dry_
run_ Sequence[str]access_ levels - Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- name str
- Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
- group
Key String - Immutable. Google Group id whose members are subject to this binding's restrictions. See "id" in the [G Suite Directory API's Groups resource] (https://developers.google.com/admin-sdk/directory/v1/reference/groups#resource). If a group's email address/alias is changed, this resource will continue to point at the changed group. This field does not accept group email addresses or aliases. Example: "01d520gv4vjcrht"
- organization
Id String - access
Levels List<String> - Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- dry
Run List<String>Access Levels - Optional. Dry run access level that will be evaluated but will not be enforced. The access denial based on dry run policy will be logged. Only one access level is supported, not multiple. This list must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted"
- name String
- Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by RFC 3986 Section 2.3). Should not be specified by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N"
Outputs
All input properties are implicitly available as output properties. Additionally, the GcpUserAccessBinding resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.