Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.iam/v1.ServiceAccount
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Creates a ServiceAccount. Auto-naming is currently not supported for this resource.
Create ServiceAccount Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ServiceAccount(name: string, args: ServiceAccountArgs, opts?: CustomResourceOptions);
@overload
def ServiceAccount(resource_name: str,
args: ServiceAccountArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ServiceAccount(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
etag: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None)
func NewServiceAccount(ctx *Context, name string, args ServiceAccountArgs, opts ...ResourceOption) (*ServiceAccount, error)
public ServiceAccount(string name, ServiceAccountArgs args, CustomResourceOptions? opts = null)
public ServiceAccount(String name, ServiceAccountArgs args)
public ServiceAccount(String name, ServiceAccountArgs args, CustomResourceOptions options)
type: google-native:iam/v1:ServiceAccount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ServiceAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ServiceAccountArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ServiceAccountArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ServiceAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ServiceAccountArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var serviceAccountResource = new GoogleNative.IAM.V1.ServiceAccount("serviceAccountResource", new()
{
AccountId = "string",
Description = "string",
DisplayName = "string",
Name = "string",
Project = "string",
});
example, err := iam.NewServiceAccount(ctx, "serviceAccountResource", &iam.ServiceAccountArgs{
AccountId: pulumi.String("string"),
Description: pulumi.String("string"),
DisplayName: pulumi.String("string"),
Name: pulumi.String("string"),
Project: pulumi.String("string"),
})
var serviceAccountResource = new ServiceAccount("serviceAccountResource", ServiceAccountArgs.builder()
.accountId("string")
.description("string")
.displayName("string")
.name("string")
.project("string")
.build());
service_account_resource = google_native.iam.v1.ServiceAccount("serviceAccountResource",
account_id="string",
description="string",
display_name="string",
name="string",
project="string")
const serviceAccountResource = new google_native.iam.v1.ServiceAccount("serviceAccountResource", {
accountId: "string",
description: "string",
displayName: "string",
name: "string",
project: "string",
});
type: google-native:iam/v1:ServiceAccount
properties:
accountId: string
description: string
displayName: string
name: string
project: string
ServiceAccount Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ServiceAccount resource accepts the following input properties:
- Account
Id string - The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])
to comply with RFC1035. - Description string
- Optional. A user-specified, human-readable description of the service account. The maximum length is 256 UTF-8 bytes.
- Display
Name string - Optional. A user-specified, human-readable name for the service account. The maximum length is 100 UTF-8 bytes.
- Etag string
- Deprecated. Do not use.
- Name string
- The resource name of the service account. Use one of the following formats: *
projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}
*projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}
As an alternative, you can use the-
wildcard character instead of the project ID: *projects/-/serviceAccounts/{EMAIL_ADDRESS}
*projects/-/serviceAccounts/{UNIQUE_ID}
When possible, avoid using the-
wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service accountprojects/-/serviceAccounts/fake@example.com
, which does not exist, the response contains an HTTP403 Forbidden
error instead of a404 Not Found
error. - Project string
- Account
Id string - The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])
to comply with RFC1035. - Description string
- Optional. A user-specified, human-readable description of the service account. The maximum length is 256 UTF-8 bytes.
- Display
Name string - Optional. A user-specified, human-readable name for the service account. The maximum length is 100 UTF-8 bytes.
- Etag string
- Deprecated. Do not use.
- Name string
- The resource name of the service account. Use one of the following formats: *
projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}
*projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}
As an alternative, you can use the-
wildcard character instead of the project ID: *projects/-/serviceAccounts/{EMAIL_ADDRESS}
*projects/-/serviceAccounts/{UNIQUE_ID}
When possible, avoid using the-
wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service accountprojects/-/serviceAccounts/fake@example.com
, which does not exist, the response contains an HTTP403 Forbidden
error instead of a404 Not Found
error. - Project string
- account
Id String - The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])
to comply with RFC1035. - description String
- Optional. A user-specified, human-readable description of the service account. The maximum length is 256 UTF-8 bytes.
- display
Name String - Optional. A user-specified, human-readable name for the service account. The maximum length is 100 UTF-8 bytes.
- etag String
- Deprecated. Do not use.
- name String
- The resource name of the service account. Use one of the following formats: *
projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}
*projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}
As an alternative, you can use the-
wildcard character instead of the project ID: *projects/-/serviceAccounts/{EMAIL_ADDRESS}
*projects/-/serviceAccounts/{UNIQUE_ID}
When possible, avoid using the-
wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service accountprojects/-/serviceAccounts/fake@example.com
, which does not exist, the response contains an HTTP403 Forbidden
error instead of a404 Not Found
error. - project String
- account
Id string - The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])
to comply with RFC1035. - description string
- Optional. A user-specified, human-readable description of the service account. The maximum length is 256 UTF-8 bytes.
- display
Name string - Optional. A user-specified, human-readable name for the service account. The maximum length is 100 UTF-8 bytes.
- etag string
- Deprecated. Do not use.
- name string
- The resource name of the service account. Use one of the following formats: *
projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}
*projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}
As an alternative, you can use the-
wildcard character instead of the project ID: *projects/-/serviceAccounts/{EMAIL_ADDRESS}
*projects/-/serviceAccounts/{UNIQUE_ID}
When possible, avoid using the-
wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service accountprojects/-/serviceAccounts/fake@example.com
, which does not exist, the response contains an HTTP403 Forbidden
error instead of a404 Not Found
error. - project string
- account_
id str - The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])
to comply with RFC1035. - description str
- Optional. A user-specified, human-readable description of the service account. The maximum length is 256 UTF-8 bytes.
- display_
name str - Optional. A user-specified, human-readable name for the service account. The maximum length is 100 UTF-8 bytes.
- etag str
- Deprecated. Do not use.
- name str
- The resource name of the service account. Use one of the following formats: *
projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}
*projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}
As an alternative, you can use the-
wildcard character instead of the project ID: *projects/-/serviceAccounts/{EMAIL_ADDRESS}
*projects/-/serviceAccounts/{UNIQUE_ID}
When possible, avoid using the-
wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service accountprojects/-/serviceAccounts/fake@example.com
, which does not exist, the response contains an HTTP403 Forbidden
error instead of a404 Not Found
error. - project str
- account
Id String - The account id that is used to generate the service account email address and a stable unique id. It is unique within a project, must be 6-30 characters long, and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])
to comply with RFC1035. - description String
- Optional. A user-specified, human-readable description of the service account. The maximum length is 256 UTF-8 bytes.
- display
Name String - Optional. A user-specified, human-readable name for the service account. The maximum length is 100 UTF-8 bytes.
- etag String
- Deprecated. Do not use.
- name String
- The resource name of the service account. Use one of the following formats: *
projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}
*projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}
As an alternative, you can use the-
wildcard character instead of the project ID: *projects/-/serviceAccounts/{EMAIL_ADDRESS}
*projects/-/serviceAccounts/{UNIQUE_ID}
When possible, avoid using the-
wildcard character, because it can cause response messages to contain misleading error codes. For example, if you try to access the service accountprojects/-/serviceAccounts/fake@example.com
, which does not exist, the response contains an HTTP403 Forbidden
error instead of a404 Not Found
error. - project String
Outputs
All input properties are implicitly available as output properties. Additionally, the ServiceAccount resource produces the following output properties:
- Disabled bool
- Whether the service account is disabled.
- Email string
- The email address of the service account.
- Id string
- The provider-assigned unique ID for this managed resource.
- Oauth2Client
Id string - The OAuth 2.0 client ID for the service account.
- Unique
Id string - The unique, stable numeric ID for the service account. Each service account retains its unique ID even if you delete the service account. For example, if you delete a service account, then create a new service account with the same name, the new service account has a different unique ID than the deleted service account.
- Disabled bool
- Whether the service account is disabled.
- Email string
- The email address of the service account.
- Id string
- The provider-assigned unique ID for this managed resource.
- Oauth2Client
Id string - The OAuth 2.0 client ID for the service account.
- Unique
Id string - The unique, stable numeric ID for the service account. Each service account retains its unique ID even if you delete the service account. For example, if you delete a service account, then create a new service account with the same name, the new service account has a different unique ID than the deleted service account.
- disabled Boolean
- Whether the service account is disabled.
- email String
- The email address of the service account.
- id String
- The provider-assigned unique ID for this managed resource.
- oauth2Client
Id String - The OAuth 2.0 client ID for the service account.
- unique
Id String - The unique, stable numeric ID for the service account. Each service account retains its unique ID even if you delete the service account. For example, if you delete a service account, then create a new service account with the same name, the new service account has a different unique ID than the deleted service account.
- disabled boolean
- Whether the service account is disabled.
- email string
- The email address of the service account.
- id string
- The provider-assigned unique ID for this managed resource.
- oauth2Client
Id string - The OAuth 2.0 client ID for the service account.
- unique
Id string - The unique, stable numeric ID for the service account. Each service account retains its unique ID even if you delete the service account. For example, if you delete a service account, then create a new service account with the same name, the new service account has a different unique ID than the deleted service account.
- disabled bool
- Whether the service account is disabled.
- email str
- The email address of the service account.
- id str
- The provider-assigned unique ID for this managed resource.
- oauth2_
client_ strid - The OAuth 2.0 client ID for the service account.
- unique_
id str - The unique, stable numeric ID for the service account. Each service account retains its unique ID even if you delete the service account. For example, if you delete a service account, then create a new service account with the same name, the new service account has a different unique ID than the deleted service account.
- disabled Boolean
- Whether the service account is disabled.
- email String
- The email address of the service account.
- id String
- The provider-assigned unique ID for this managed resource.
- oauth2Client
Id String - The OAuth 2.0 client ID for the service account.
- unique
Id String - The unique, stable numeric ID for the service account. Each service account retains its unique ID even if you delete the service account. For example, if you delete a service account, then create a new service account with the same name, the new service account has a different unique ID than the deleted service account.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.