Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.gkehub/v1.Rbacrolebinding
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Creates a Scope RBACRoleBinding. Auto-naming is currently not supported for this resource.
Create Rbacrolebinding Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Rbacrolebinding(name: string, args: RbacrolebindingArgs, opts?: CustomResourceOptions);
@overload
def Rbacrolebinding(resource_name: str,
args: RbacrolebindingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Rbacrolebinding(resource_name: str,
opts: Optional[ResourceOptions] = None,
rbacrolebinding_id: Optional[str] = None,
role: Optional[RoleArgs] = None,
scope_id: Optional[str] = None,
group: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None,
user: Optional[str] = None)
func NewRbacrolebinding(ctx *Context, name string, args RbacrolebindingArgs, opts ...ResourceOption) (*Rbacrolebinding, error)
public Rbacrolebinding(string name, RbacrolebindingArgs args, CustomResourceOptions? opts = null)
public Rbacrolebinding(String name, RbacrolebindingArgs args)
public Rbacrolebinding(String name, RbacrolebindingArgs args, CustomResourceOptions options)
type: google-native:gkehub/v1:Rbacrolebinding
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RbacrolebindingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RbacrolebindingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RbacrolebindingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RbacrolebindingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RbacrolebindingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var rbacrolebindingResource = new GoogleNative.GKEHub.V1.Rbacrolebinding("rbacrolebindingResource", new()
{
RbacrolebindingId = "string",
Role = new GoogleNative.GKEHub.V1.Inputs.RoleArgs
{
PredefinedRole = GoogleNative.GKEHub.V1.RolePredefinedRole.Unknown,
},
ScopeId = "string",
Group = "string",
Labels =
{
{ "string", "string" },
},
Location = "string",
Name = "string",
Project = "string",
User = "string",
});
example, err := gkehub.NewRbacrolebinding(ctx, "rbacrolebindingResource", &gkehub.RbacrolebindingArgs{
RbacrolebindingId: pulumi.String("string"),
Role: &gkehub.RoleArgs{
PredefinedRole: gkehub.RolePredefinedRoleUnknown,
},
ScopeId: pulumi.String("string"),
Group: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Location: pulumi.String("string"),
Name: pulumi.String("string"),
Project: pulumi.String("string"),
User: pulumi.String("string"),
})
var rbacrolebindingResource = new Rbacrolebinding("rbacrolebindingResource", RbacrolebindingArgs.builder()
.rbacrolebindingId("string")
.role(RoleArgs.builder()
.predefinedRole("UNKNOWN")
.build())
.scopeId("string")
.group("string")
.labels(Map.of("string", "string"))
.location("string")
.name("string")
.project("string")
.user("string")
.build());
rbacrolebinding_resource = google_native.gkehub.v1.Rbacrolebinding("rbacrolebindingResource",
rbacrolebinding_id="string",
role={
"predefined_role": google_native.gkehub.v1.RolePredefinedRole.UNKNOWN,
},
scope_id="string",
group="string",
labels={
"string": "string",
},
location="string",
name="string",
project="string",
user="string")
const rbacrolebindingResource = new google_native.gkehub.v1.Rbacrolebinding("rbacrolebindingResource", {
rbacrolebindingId: "string",
role: {
predefinedRole: google_native.gkehub.v1.RolePredefinedRole.Unknown,
},
scopeId: "string",
group: "string",
labels: {
string: "string",
},
location: "string",
name: "string",
project: "string",
user: "string",
});
type: google-native:gkehub/v1:Rbacrolebinding
properties:
group: string
labels:
string: string
location: string
name: string
project: string
rbacrolebindingId: string
role:
predefinedRole: UNKNOWN
scopeId: string
user: string
Rbacrolebinding Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Rbacrolebinding resource accepts the following input properties:
- Rbacrolebinding
Id string - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - Role
Pulumi.
Google Native. GKEHub. V1. Inputs. Role - Role to bind to the principal
- Scope
Id string - Group string
- group is the group, as seen by the kubernetes cluster.
- Labels Dictionary<string, string>
- Optional. Labels for this RBACRolebinding.
- Location string
- Name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- Project string
- User string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- Rbacrolebinding
Id string - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - Role
Role
Args - Role to bind to the principal
- Scope
Id string - Group string
- group is the group, as seen by the kubernetes cluster.
- Labels map[string]string
- Optional. Labels for this RBACRolebinding.
- Location string
- Name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- Project string
- User string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- rbacrolebinding
Id String - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role Role
- Role to bind to the principal
- scope
Id String - group String
- group is the group, as seen by the kubernetes cluster.
- labels Map<String,String>
- Optional. Labels for this RBACRolebinding.
- location String
- name String
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project String
- user String
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- rbacrolebinding
Id string - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role Role
- Role to bind to the principal
- scope
Id string - group string
- group is the group, as seen by the kubernetes cluster.
- labels {[key: string]: string}
- Optional. Labels for this RBACRolebinding.
- location string
- name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project string
- user string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- rbacrolebinding_
id str - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role
Role
Args - Role to bind to the principal
- scope_
id str - group str
- group is the group, as seen by the kubernetes cluster.
- labels Mapping[str, str]
- Optional. Labels for this RBACRolebinding.
- location str
- name str
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project str
- user str
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- rbacrolebinding
Id String - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role Property Map
- Role to bind to the principal
- scope
Id String - group String
- group is the group, as seen by the kubernetes cluster.
- labels Map<String>
- Optional. Labels for this RBACRolebinding.
- location String
- name String
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project String
- user String
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
Outputs
All input properties are implicitly available as output properties. Additionally, the Rbacrolebinding resource produces the following output properties:
- Create
Time string - When the rbacrolebinding was created.
- Delete
Time string - When the rbacrolebinding was deleted.
- Id string
- The provider-assigned unique ID for this managed resource.
- State
Pulumi.
Google Native. GKEHub. V1. Outputs. RBACRole Binding Lifecycle State Response - State of the rbacrolebinding resource.
- Uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- Update
Time string - When the rbacrolebinding was last updated.
- Create
Time string - When the rbacrolebinding was created.
- Delete
Time string - When the rbacrolebinding was deleted.
- Id string
- The provider-assigned unique ID for this managed resource.
- State
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- Uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- Update
Time string - When the rbacrolebinding was last updated.
- create
Time String - When the rbacrolebinding was created.
- delete
Time String - When the rbacrolebinding was deleted.
- id String
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid String
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time String - When the rbacrolebinding was last updated.
- create
Time string - When the rbacrolebinding was created.
- delete
Time string - When the rbacrolebinding was deleted.
- id string
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time string - When the rbacrolebinding was last updated.
- create_
time str - When the rbacrolebinding was created.
- delete_
time str - When the rbacrolebinding was deleted.
- id str
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid str
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update_
time str - When the rbacrolebinding was last updated.
- create
Time String - When the rbacrolebinding was created.
- delete
Time String - When the rbacrolebinding was deleted.
- id String
- The provider-assigned unique ID for this managed resource.
- state Property Map
- State of the rbacrolebinding resource.
- uid String
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time String - When the rbacrolebinding was last updated.
Supporting Types
RBACRoleBindingLifecycleStateResponse, RBACRoleBindingLifecycleStateResponseArgs
- Code string
- The current state of the rbacrolebinding resource.
- Code string
- The current state of the rbacrolebinding resource.
- code String
- The current state of the rbacrolebinding resource.
- code string
- The current state of the rbacrolebinding resource.
- code str
- The current state of the rbacrolebinding resource.
- code String
- The current state of the rbacrolebinding resource.
Role, RoleArgs
- Predefined
Role Pulumi.Google Native. GKEHub. V1. Role Predefined Role - predefined_role is the Kubernetes default role to use
- Predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined_
role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role "UNKNOWN" | "ADMIN" | "EDIT" | "VIEW" | "ANTHOS_SUPPORT" - predefined_role is the Kubernetes default role to use
RolePredefinedRole, RolePredefinedRoleArgs
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Role
Predefined Role Unknown - UNKNOWNUNKNOWN
- Role
Predefined Role Admin - ADMINADMIN has EDIT and RBAC permissions
- Role
Predefined Role Edit - EDITEDIT can edit all resources except RBAC
- Role
Predefined Role View - VIEWVIEW can only read resources
- Role
Predefined Role Anthos Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- UNKNOWN
- UNKNOWNUNKNOWN
- ADMIN
- ADMINADMIN has EDIT and RBAC permissions
- EDIT
- EDITEDIT can edit all resources except RBAC
- VIEW
- VIEWVIEW can only read resources
- ANTHOS_SUPPORT
- ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- "UNKNOWN"
- UNKNOWNUNKNOWN
- "ADMIN"
- ADMINADMIN has EDIT and RBAC permissions
- "EDIT"
- EDITEDIT can edit all resources except RBAC
- "VIEW"
- VIEWVIEW can only read resources
- "ANTHOS_SUPPORT"
- ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
RoleResponse, RoleResponseArgs
- Predefined
Role string - predefined_role is the Kubernetes default role to use
- Predefined
Role string - predefined_role is the Kubernetes default role to use
- predefined
Role String - predefined_role is the Kubernetes default role to use
- predefined
Role string - predefined_role is the Kubernetes default role to use
- predefined_
role str - predefined_role is the Kubernetes default role to use
- predefined
Role String - predefined_role is the Kubernetes default role to use
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.