bigquerydatapolicy

package
v6.67.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 4, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DataPolicy 

type DataPolicy struct {
	pulumi.CustomResourceState

	// The data masking policy that specifies the data masking rule to use.
	// Structure is documented below.
	DataMaskingPolicy DataPolicyDataMaskingPolicyPtrOutput `pulumi:"dataMaskingPolicy"`
	// User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name.
	DataPolicyId pulumi.StringOutput `pulumi:"dataPolicyId"`
	// The enrollment level of the service.
	// Possible values are: `COLUMN_LEVEL_SECURITY_POLICY`, `DATA_MASKING_POLICY`.
	//
	// ***
	DataPolicyType pulumi.StringOutput `pulumi:"dataPolicyType"`
	// The name of the location of the data policy.
	Location pulumi.StringOutput `pulumi:"location"`
	// Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}.
	Name pulumi.StringOutput `pulumi:"name"`
	// Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}.
	PolicyTag pulumi.StringOutput `pulumi:"policyTag"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
}

A BigQuery Data Policy

To get more information about DataPolicy, see:

* [API documentation](https://cloud.google.com/bigquery/docs/reference/bigquerydatapolicy/rest/v1beta1/projects.locations.dataPolicies/create) * How-to Guides

## Example Usage ### Bigquery Datapolicy Data Policy Basic

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/datacatalog"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		taxonomy, err := datacatalog.NewTaxonomy(ctx, "taxonomy", &datacatalog.TaxonomyArgs{
			Region:      pulumi.String("us-central1"),
			DisplayName: pulumi.String("taxonomy"),
			Description: pulumi.String("A collection of policy tags"),
			ActivatedPolicyTypes: pulumi.StringArray{
				pulumi.String("FINE_GRAINED_ACCESS_CONTROL"),
			},
		})
		if err != nil {
			return err
		}
		policyTag, err := datacatalog.NewPolicyTag(ctx, "policyTag", &datacatalog.PolicyTagArgs{
			Taxonomy:    taxonomy.ID(),
			DisplayName: pulumi.String("Low security"),
			Description: pulumi.String("A policy tag normally associated with low security items"),
		})
		if err != nil {
			return err
		}
		_, err = bigquerydatapolicy.NewDataPolicy(ctx, "dataPolicy", &bigquerydatapolicy.DataPolicyArgs{
			Location:       pulumi.String("us-central1"),
			DataPolicyId:   pulumi.String("data_policy"),
			PolicyTag:      policyTag.Name,
			DataPolicyType: pulumi.String("COLUMN_LEVEL_SECURITY_POLICY"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

DataPolicy can be imported using any of these accepted formats

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicy:DataPolicy default projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}

```

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicy:DataPolicy default {{project}}/{{location}}/{{data_policy_id}}

```

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicy:DataPolicy default {{location}}/{{data_policy_id}}

```

func GetDataPolicy 

func GetDataPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DataPolicyState, opts ...pulumi.ResourceOption) (*DataPolicy, error)

GetDataPolicy gets an existing DataPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDataPolicy 

func NewDataPolicy(ctx *pulumi.Context,
	name string, args *DataPolicyArgs, opts ...pulumi.ResourceOption) (*DataPolicy, error)

NewDataPolicy registers a new resource with the given unique name, arguments, and options.

func (*DataPolicy) ElementType 

func (*DataPolicy) ElementType() reflect.Type

func (*DataPolicy) ToDataPolicyOutput 

func (i *DataPolicy) ToDataPolicyOutput() DataPolicyOutput

func (*DataPolicy) ToDataPolicyOutputWithContext 

func (i *DataPolicy) ToDataPolicyOutputWithContext(ctx context.Context) DataPolicyOutput

func (*DataPolicy) ToOutput added in v6.65.1 

func (i *DataPolicy) ToOutput(ctx context.Context) pulumix.Output[*DataPolicy]

type DataPolicyArgs 

type DataPolicyArgs struct {
	// The data masking policy that specifies the data masking rule to use.
	// Structure is documented below.
	DataMaskingPolicy DataPolicyDataMaskingPolicyPtrInput
	// User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name.
	DataPolicyId pulumi.StringInput
	// The enrollment level of the service.
	// Possible values are: `COLUMN_LEVEL_SECURITY_POLICY`, `DATA_MASKING_POLICY`.
	//
	// ***
	DataPolicyType pulumi.StringInput
	// The name of the location of the data policy.
	Location pulumi.StringInput
	// Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}.
	PolicyTag pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a DataPolicy resource.

func (DataPolicyArgs) ElementType 

func (DataPolicyArgs) ElementType() reflect.Type

type DataPolicyArray 

type DataPolicyArray []DataPolicyInput

func (DataPolicyArray) ElementType 

func (DataPolicyArray) ElementType() reflect.Type

func (DataPolicyArray) ToDataPolicyArrayOutput 

func (i DataPolicyArray) ToDataPolicyArrayOutput() DataPolicyArrayOutput

func (DataPolicyArray) ToDataPolicyArrayOutputWithContext 

func (i DataPolicyArray) ToDataPolicyArrayOutputWithContext(ctx context.Context) DataPolicyArrayOutput

func (DataPolicyArray) ToOutput added in v6.65.1 

func (i DataPolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicy]

type DataPolicyArrayInput 

type DataPolicyArrayInput interface {
	pulumi.Input

	ToDataPolicyArrayOutput() DataPolicyArrayOutput
	ToDataPolicyArrayOutputWithContext(context.Context) DataPolicyArrayOutput
}

DataPolicyArrayInput is an input type that accepts DataPolicyArray and DataPolicyArrayOutput values. You can construct a concrete instance of `DataPolicyArrayInput` via: 

DataPolicyArray{ DataPolicyArgs{...} }

type DataPolicyArrayOutput 

type DataPolicyArrayOutput struct{ *pulumi.OutputState }

func (DataPolicyArrayOutput) ElementType 

func (DataPolicyArrayOutput) ElementType() reflect.Type

func (DataPolicyArrayOutput) Index 

func (o DataPolicyArrayOutput) Index(i pulumi.IntInput) DataPolicyOutput

func (DataPolicyArrayOutput) ToDataPolicyArrayOutput 

func (o DataPolicyArrayOutput) ToDataPolicyArrayOutput() DataPolicyArrayOutput

func (DataPolicyArrayOutput) ToDataPolicyArrayOutputWithContext 

func (o DataPolicyArrayOutput) ToDataPolicyArrayOutputWithContext(ctx context.Context) DataPolicyArrayOutput

func (DataPolicyArrayOutput) ToOutput added in v6.65.1 

func (o DataPolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicy]

type DataPolicyDataMaskingPolicy 

type DataPolicyDataMaskingPolicy struct {
	// The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options.
	// Possible values are: `SHA256`, `ALWAYS_NULL`, `DEFAULT_MASKING_VALUE`, `LAST_FOUR_CHARACTERS`, `FIRST_FOUR_CHARACTERS`, `EMAIL_MASK`, `DATE_YEAR_MASK`.
	PredefinedExpression string `pulumi:"predefinedExpression"`
}

type DataPolicyDataMaskingPolicyArgs 

type DataPolicyDataMaskingPolicyArgs struct {
	// The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options.
	// Possible values are: `SHA256`, `ALWAYS_NULL`, `DEFAULT_MASKING_VALUE`, `LAST_FOUR_CHARACTERS`, `FIRST_FOUR_CHARACTERS`, `EMAIL_MASK`, `DATE_YEAR_MASK`.
	PredefinedExpression pulumi.StringInput `pulumi:"predefinedExpression"`
}

func (DataPolicyDataMaskingPolicyArgs) ElementType 

func (DataPolicyDataMaskingPolicyArgs) ElementType() reflect.Type

func (DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyOutput 

func (i DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyOutput() DataPolicyDataMaskingPolicyOutput

func (DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyOutputWithContext 

func (i DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyOutputWithContext(ctx context.Context) DataPolicyDataMaskingPolicyOutput

func (DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyPtrOutput 

func (i DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyPtrOutput() DataPolicyDataMaskingPolicyPtrOutput

func (DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyPtrOutputWithContext 

func (i DataPolicyDataMaskingPolicyArgs) ToDataPolicyDataMaskingPolicyPtrOutputWithContext(ctx context.Context) DataPolicyDataMaskingPolicyPtrOutput

func (DataPolicyDataMaskingPolicyArgs) ToOutput added in v6.65.1 

func (i DataPolicyDataMaskingPolicyArgs) ToOutput(ctx context.Context) pulumix.Output[DataPolicyDataMaskingPolicy]

type DataPolicyDataMaskingPolicyInput 

type DataPolicyDataMaskingPolicyInput interface {
	pulumi.Input

	ToDataPolicyDataMaskingPolicyOutput() DataPolicyDataMaskingPolicyOutput
	ToDataPolicyDataMaskingPolicyOutputWithContext(context.Context) DataPolicyDataMaskingPolicyOutput
}

DataPolicyDataMaskingPolicyInput is an input type that accepts DataPolicyDataMaskingPolicyArgs and DataPolicyDataMaskingPolicyOutput values. You can construct a concrete instance of `DataPolicyDataMaskingPolicyInput` via: 

DataPolicyDataMaskingPolicyArgs{...}

type DataPolicyDataMaskingPolicyOutput 

type DataPolicyDataMaskingPolicyOutput struct{ *pulumi.OutputState }

func (DataPolicyDataMaskingPolicyOutput) ElementType 

func (DataPolicyDataMaskingPolicyOutput) ElementType() reflect.Type

func (DataPolicyDataMaskingPolicyOutput) PredefinedExpression 

func (o DataPolicyDataMaskingPolicyOutput) PredefinedExpression() pulumi.StringOutput

The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. Possible values are: `SHA256`, `ALWAYS_NULL`, `DEFAULT_MASKING_VALUE`, `LAST_FOUR_CHARACTERS`, `FIRST_FOUR_CHARACTERS`, `EMAIL_MASK`, `DATE_YEAR_MASK`.

func (DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyOutput 

func (o DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyOutput() DataPolicyDataMaskingPolicyOutput

func (DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyOutputWithContext 

func (o DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyOutputWithContext(ctx context.Context) DataPolicyDataMaskingPolicyOutput

func (DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyPtrOutput 

func (o DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyPtrOutput() DataPolicyDataMaskingPolicyPtrOutput

func (DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyPtrOutputWithContext 

func (o DataPolicyDataMaskingPolicyOutput) ToDataPolicyDataMaskingPolicyPtrOutputWithContext(ctx context.Context) DataPolicyDataMaskingPolicyPtrOutput

func (DataPolicyDataMaskingPolicyOutput) ToOutput added in v6.65.1 

func (o DataPolicyDataMaskingPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[DataPolicyDataMaskingPolicy]

type DataPolicyDataMaskingPolicyPtrInput 

type DataPolicyDataMaskingPolicyPtrInput interface {
	pulumi.Input

	ToDataPolicyDataMaskingPolicyPtrOutput() DataPolicyDataMaskingPolicyPtrOutput
	ToDataPolicyDataMaskingPolicyPtrOutputWithContext(context.Context) DataPolicyDataMaskingPolicyPtrOutput
}

DataPolicyDataMaskingPolicyPtrInput is an input type that accepts DataPolicyDataMaskingPolicyArgs, DataPolicyDataMaskingPolicyPtr and DataPolicyDataMaskingPolicyPtrOutput values. You can construct a concrete instance of `DataPolicyDataMaskingPolicyPtrInput` via: 

        DataPolicyDataMaskingPolicyArgs{...}

or:

        nil

func DataPolicyDataMaskingPolicyPtr 

func DataPolicyDataMaskingPolicyPtr(v *DataPolicyDataMaskingPolicyArgs) DataPolicyDataMaskingPolicyPtrInput

type DataPolicyDataMaskingPolicyPtrOutput 

type DataPolicyDataMaskingPolicyPtrOutput struct{ *pulumi.OutputState }

func (DataPolicyDataMaskingPolicyPtrOutput) Elem 

func (o DataPolicyDataMaskingPolicyPtrOutput) Elem() DataPolicyDataMaskingPolicyOutput

func (DataPolicyDataMaskingPolicyPtrOutput) ElementType 

func (DataPolicyDataMaskingPolicyPtrOutput) ElementType() reflect.Type

func (DataPolicyDataMaskingPolicyPtrOutput) PredefinedExpression 

func (o DataPolicyDataMaskingPolicyPtrOutput) PredefinedExpression() pulumi.StringPtrOutput

The available masking rules. Learn more here: https://cloud.google.com/bigquery/docs/column-data-masking-intro#masking_options. Possible values are: `SHA256`, `ALWAYS_NULL`, `DEFAULT_MASKING_VALUE`, `LAST_FOUR_CHARACTERS`, `FIRST_FOUR_CHARACTERS`, `EMAIL_MASK`, `DATE_YEAR_MASK`.

func (DataPolicyDataMaskingPolicyPtrOutput) ToDataPolicyDataMaskingPolicyPtrOutput 

func (o DataPolicyDataMaskingPolicyPtrOutput) ToDataPolicyDataMaskingPolicyPtrOutput() DataPolicyDataMaskingPolicyPtrOutput

func (DataPolicyDataMaskingPolicyPtrOutput) ToDataPolicyDataMaskingPolicyPtrOutputWithContext 

func (o DataPolicyDataMaskingPolicyPtrOutput) ToDataPolicyDataMaskingPolicyPtrOutputWithContext(ctx context.Context) DataPolicyDataMaskingPolicyPtrOutput

func (DataPolicyDataMaskingPolicyPtrOutput) ToOutput added in v6.65.1 

func (o DataPolicyDataMaskingPolicyPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyDataMaskingPolicy]

type DataPolicyIamBinding 

type DataPolicyIamBinding struct {
	pulumi.CustomResourceState

	Condition    DataPolicyIamBindingConditionPtrOutput `pulumi:"condition"`
	DataPolicyId pulumi.StringOutput                    `pulumi:"dataPolicyId"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringOutput      `pulumi:"location"`
	Members  pulumi.StringArrayOutput `pulumi:"members"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for BigQuery Data Policy DataPolicy. Each of these resources serves a different use case:

* `bigquerydatapolicy.DataPolicyIamPolicy`: Authoritative. Sets the IAM policy for the datapolicy and replaces any existing policy already attached. * `bigquerydatapolicy.DataPolicyIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the datapolicy are preserved. * `bigquerydatapolicy.DataPolicyIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the datapolicy are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `bigquerydatapolicy.DataPolicyIamPolicy`: Retrieves the IAM policy for the datapolicy

> **Note:** `bigquerydatapolicy.DataPolicyIamPolicy` **cannot** be used in conjunction with `bigquerydatapolicy.DataPolicyIamBinding` and `bigquerydatapolicy.DataPolicyIamMember` or they will fight over what your policy should be.

> **Note:** `bigquerydatapolicy.DataPolicyIamBinding` resources **can be** used in conjunction with `bigquerydatapolicy.DataPolicyIamMember` resources **only if** they do not grant privilege to the same role.

## google\_bigquery\_datapolicy\_data\_policy\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/viewer",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = bigquerydatapolicy.NewDataPolicyIamPolicy(ctx, "policy", &bigquerydatapolicy.DataPolicyIamPolicyArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			PolicyData:   *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_bigquery\_datapolicy\_data\_policy\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := bigquerydatapolicy.NewDataPolicyIamBinding(ctx, "binding", &bigquerydatapolicy.DataPolicyIamBindingArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			Role:         pulumi.String("roles/viewer"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_bigquery\_datapolicy\_data\_policy\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := bigquerydatapolicy.NewDataPolicyIamMember(ctx, "member", &bigquerydatapolicy.DataPolicyIamMemberArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			Role:         pulumi.String("roles/viewer"),
			Member:       pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} * {{project}}/{{location}}/{{data_policy_id}} * {{location}}/{{data_policy_id}} * {{data_policy_id}} Any variables not passed in the import command will be taken from the provider configuration. BigQuery Data Policy datapolicy IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamBinding:DataPolicyIamBinding editor "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} roles/viewer user:jane@example.com"

``` 

IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamBinding:DataPolicyIamBinding editor "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamBinding:DataPolicyIamBinding editor projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetDataPolicyIamBinding 

func GetDataPolicyIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DataPolicyIamBindingState, opts ...pulumi.ResourceOption) (*DataPolicyIamBinding, error)

GetDataPolicyIamBinding gets an existing DataPolicyIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDataPolicyIamBinding 

func NewDataPolicyIamBinding(ctx *pulumi.Context,
	name string, args *DataPolicyIamBindingArgs, opts ...pulumi.ResourceOption) (*DataPolicyIamBinding, error)

NewDataPolicyIamBinding registers a new resource with the given unique name, arguments, and options.

func (*DataPolicyIamBinding) ElementType 

func (*DataPolicyIamBinding) ElementType() reflect.Type

func (*DataPolicyIamBinding) ToDataPolicyIamBindingOutput 

func (i *DataPolicyIamBinding) ToDataPolicyIamBindingOutput() DataPolicyIamBindingOutput

func (*DataPolicyIamBinding) ToDataPolicyIamBindingOutputWithContext 

func (i *DataPolicyIamBinding) ToDataPolicyIamBindingOutputWithContext(ctx context.Context) DataPolicyIamBindingOutput

func (*DataPolicyIamBinding) ToOutput added in v6.65.1 

func (i *DataPolicyIamBinding) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamBinding]

type DataPolicyIamBindingArgs 

type DataPolicyIamBindingArgs struct {
	Condition    DataPolicyIamBindingConditionPtrInput
	DataPolicyId pulumi.StringInput
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringPtrInput
	Members  pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a DataPolicyIamBinding resource.

func (DataPolicyIamBindingArgs) ElementType 

func (DataPolicyIamBindingArgs) ElementType() reflect.Type

type DataPolicyIamBindingArray 

type DataPolicyIamBindingArray []DataPolicyIamBindingInput

func (DataPolicyIamBindingArray) ElementType 

func (DataPolicyIamBindingArray) ElementType() reflect.Type

func (DataPolicyIamBindingArray) ToDataPolicyIamBindingArrayOutput 

func (i DataPolicyIamBindingArray) ToDataPolicyIamBindingArrayOutput() DataPolicyIamBindingArrayOutput

func (DataPolicyIamBindingArray) ToDataPolicyIamBindingArrayOutputWithContext 

func (i DataPolicyIamBindingArray) ToDataPolicyIamBindingArrayOutputWithContext(ctx context.Context) DataPolicyIamBindingArrayOutput

func (DataPolicyIamBindingArray) ToOutput added in v6.65.1 

func (i DataPolicyIamBindingArray) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicyIamBinding]

type DataPolicyIamBindingArrayInput 

type DataPolicyIamBindingArrayInput interface {
	pulumi.Input

	ToDataPolicyIamBindingArrayOutput() DataPolicyIamBindingArrayOutput
	ToDataPolicyIamBindingArrayOutputWithContext(context.Context) DataPolicyIamBindingArrayOutput
}

DataPolicyIamBindingArrayInput is an input type that accepts DataPolicyIamBindingArray and DataPolicyIamBindingArrayOutput values. You can construct a concrete instance of `DataPolicyIamBindingArrayInput` via: 

DataPolicyIamBindingArray{ DataPolicyIamBindingArgs{...} }

type DataPolicyIamBindingArrayOutput 

type DataPolicyIamBindingArrayOutput struct{ *pulumi.OutputState }

func (DataPolicyIamBindingArrayOutput) ElementType 

func (DataPolicyIamBindingArrayOutput) ElementType() reflect.Type

func (DataPolicyIamBindingArrayOutput) Index 

func (o DataPolicyIamBindingArrayOutput) Index(i pulumi.IntInput) DataPolicyIamBindingOutput

func (DataPolicyIamBindingArrayOutput) ToDataPolicyIamBindingArrayOutput 

func (o DataPolicyIamBindingArrayOutput) ToDataPolicyIamBindingArrayOutput() DataPolicyIamBindingArrayOutput

func (DataPolicyIamBindingArrayOutput) ToDataPolicyIamBindingArrayOutputWithContext 

func (o DataPolicyIamBindingArrayOutput) ToDataPolicyIamBindingArrayOutputWithContext(ctx context.Context) DataPolicyIamBindingArrayOutput

func (DataPolicyIamBindingArrayOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamBindingArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicyIamBinding]

type DataPolicyIamBindingCondition 

type DataPolicyIamBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type DataPolicyIamBindingConditionArgs 

type DataPolicyIamBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (DataPolicyIamBindingConditionArgs) ElementType 

func (DataPolicyIamBindingConditionArgs) ElementType() reflect.Type

func (DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionOutput 

func (i DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionOutput() DataPolicyIamBindingConditionOutput

func (DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionOutputWithContext 

func (i DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionOutputWithContext(ctx context.Context) DataPolicyIamBindingConditionOutput

func (DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionPtrOutput 

func (i DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionPtrOutput() DataPolicyIamBindingConditionPtrOutput

func (DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionPtrOutputWithContext 

func (i DataPolicyIamBindingConditionArgs) ToDataPolicyIamBindingConditionPtrOutputWithContext(ctx context.Context) DataPolicyIamBindingConditionPtrOutput

func (DataPolicyIamBindingConditionArgs) ToOutput added in v6.65.1 

func (i DataPolicyIamBindingConditionArgs) ToOutput(ctx context.Context) pulumix.Output[DataPolicyIamBindingCondition]

type DataPolicyIamBindingConditionInput 

type DataPolicyIamBindingConditionInput interface {
	pulumi.Input

	ToDataPolicyIamBindingConditionOutput() DataPolicyIamBindingConditionOutput
	ToDataPolicyIamBindingConditionOutputWithContext(context.Context) DataPolicyIamBindingConditionOutput
}

DataPolicyIamBindingConditionInput is an input type that accepts DataPolicyIamBindingConditionArgs and DataPolicyIamBindingConditionOutput values. You can construct a concrete instance of `DataPolicyIamBindingConditionInput` via: 

DataPolicyIamBindingConditionArgs{...}

type DataPolicyIamBindingConditionOutput 

type DataPolicyIamBindingConditionOutput struct{ *pulumi.OutputState }

func (DataPolicyIamBindingConditionOutput) Description 

func (o DataPolicyIamBindingConditionOutput) Description() pulumi.StringPtrOutput

func (DataPolicyIamBindingConditionOutput) ElementType 

func (DataPolicyIamBindingConditionOutput) ElementType() reflect.Type

func (DataPolicyIamBindingConditionOutput) Expression 

func (o DataPolicyIamBindingConditionOutput) Expression() pulumi.StringOutput

func (DataPolicyIamBindingConditionOutput) Title 

func (o DataPolicyIamBindingConditionOutput) Title() pulumi.StringOutput

func (DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionOutput 

func (o DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionOutput() DataPolicyIamBindingConditionOutput

func (DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionOutputWithContext 

func (o DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionOutputWithContext(ctx context.Context) DataPolicyIamBindingConditionOutput

func (DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionPtrOutput 

func (o DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionPtrOutput() DataPolicyIamBindingConditionPtrOutput

func (DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionPtrOutputWithContext 

func (o DataPolicyIamBindingConditionOutput) ToDataPolicyIamBindingConditionPtrOutputWithContext(ctx context.Context) DataPolicyIamBindingConditionPtrOutput

func (DataPolicyIamBindingConditionOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamBindingConditionOutput) ToOutput(ctx context.Context) pulumix.Output[DataPolicyIamBindingCondition]

type DataPolicyIamBindingConditionPtrInput 

type DataPolicyIamBindingConditionPtrInput interface {
	pulumi.Input

	ToDataPolicyIamBindingConditionPtrOutput() DataPolicyIamBindingConditionPtrOutput
	ToDataPolicyIamBindingConditionPtrOutputWithContext(context.Context) DataPolicyIamBindingConditionPtrOutput
}

DataPolicyIamBindingConditionPtrInput is an input type that accepts DataPolicyIamBindingConditionArgs, DataPolicyIamBindingConditionPtr and DataPolicyIamBindingConditionPtrOutput values. You can construct a concrete instance of `DataPolicyIamBindingConditionPtrInput` via: 

        DataPolicyIamBindingConditionArgs{...}

or:

        nil

func DataPolicyIamBindingConditionPtr 

func DataPolicyIamBindingConditionPtr(v *DataPolicyIamBindingConditionArgs) DataPolicyIamBindingConditionPtrInput

type DataPolicyIamBindingConditionPtrOutput 

type DataPolicyIamBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (DataPolicyIamBindingConditionPtrOutput) Description 

func (o DataPolicyIamBindingConditionPtrOutput) Description() pulumi.StringPtrOutput

func (DataPolicyIamBindingConditionPtrOutput) Elem 

func (o DataPolicyIamBindingConditionPtrOutput) Elem() DataPolicyIamBindingConditionOutput

func (DataPolicyIamBindingConditionPtrOutput) ElementType 

func (DataPolicyIamBindingConditionPtrOutput) ElementType() reflect.Type

func (DataPolicyIamBindingConditionPtrOutput) Expression 

func (o DataPolicyIamBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (DataPolicyIamBindingConditionPtrOutput) Title 

func (o DataPolicyIamBindingConditionPtrOutput) Title() pulumi.StringPtrOutput

func (DataPolicyIamBindingConditionPtrOutput) ToDataPolicyIamBindingConditionPtrOutput 

func (o DataPolicyIamBindingConditionPtrOutput) ToDataPolicyIamBindingConditionPtrOutput() DataPolicyIamBindingConditionPtrOutput

func (DataPolicyIamBindingConditionPtrOutput) ToDataPolicyIamBindingConditionPtrOutputWithContext 

func (o DataPolicyIamBindingConditionPtrOutput) ToDataPolicyIamBindingConditionPtrOutputWithContext(ctx context.Context) DataPolicyIamBindingConditionPtrOutput

func (DataPolicyIamBindingConditionPtrOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamBindingConditionPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamBindingCondition]

type DataPolicyIamBindingInput 

type DataPolicyIamBindingInput interface {
	pulumi.Input

	ToDataPolicyIamBindingOutput() DataPolicyIamBindingOutput
	ToDataPolicyIamBindingOutputWithContext(ctx context.Context) DataPolicyIamBindingOutput
}

type DataPolicyIamBindingMap 

type DataPolicyIamBindingMap map[string]DataPolicyIamBindingInput

func (DataPolicyIamBindingMap) ElementType 

func (DataPolicyIamBindingMap) ElementType() reflect.Type

func (DataPolicyIamBindingMap) ToDataPolicyIamBindingMapOutput 

func (i DataPolicyIamBindingMap) ToDataPolicyIamBindingMapOutput() DataPolicyIamBindingMapOutput

func (DataPolicyIamBindingMap) ToDataPolicyIamBindingMapOutputWithContext 

func (i DataPolicyIamBindingMap) ToDataPolicyIamBindingMapOutputWithContext(ctx context.Context) DataPolicyIamBindingMapOutput

func (DataPolicyIamBindingMap) ToOutput added in v6.65.1 

func (i DataPolicyIamBindingMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicyIamBinding]

type DataPolicyIamBindingMapInput 

type DataPolicyIamBindingMapInput interface {
	pulumi.Input

	ToDataPolicyIamBindingMapOutput() DataPolicyIamBindingMapOutput
	ToDataPolicyIamBindingMapOutputWithContext(context.Context) DataPolicyIamBindingMapOutput
}

DataPolicyIamBindingMapInput is an input type that accepts DataPolicyIamBindingMap and DataPolicyIamBindingMapOutput values. You can construct a concrete instance of `DataPolicyIamBindingMapInput` via: 

DataPolicyIamBindingMap{ "key": DataPolicyIamBindingArgs{...} }

type DataPolicyIamBindingMapOutput 

type DataPolicyIamBindingMapOutput struct{ *pulumi.OutputState }

func (DataPolicyIamBindingMapOutput) ElementType 

func (DataPolicyIamBindingMapOutput) ElementType() reflect.Type

func (DataPolicyIamBindingMapOutput) MapIndex 

func (o DataPolicyIamBindingMapOutput) MapIndex(k pulumi.StringInput) DataPolicyIamBindingOutput

func (DataPolicyIamBindingMapOutput) ToDataPolicyIamBindingMapOutput 

func (o DataPolicyIamBindingMapOutput) ToDataPolicyIamBindingMapOutput() DataPolicyIamBindingMapOutput

func (DataPolicyIamBindingMapOutput) ToDataPolicyIamBindingMapOutputWithContext 

func (o DataPolicyIamBindingMapOutput) ToDataPolicyIamBindingMapOutputWithContext(ctx context.Context) DataPolicyIamBindingMapOutput

func (DataPolicyIamBindingMapOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamBindingMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicyIamBinding]

type DataPolicyIamBindingOutput 

type DataPolicyIamBindingOutput struct{ *pulumi.OutputState }

func (DataPolicyIamBindingOutput) Condition 

func (o DataPolicyIamBindingOutput) Condition() DataPolicyIamBindingConditionPtrOutput

func (DataPolicyIamBindingOutput) DataPolicyId 

func (o DataPolicyIamBindingOutput) DataPolicyId() pulumi.StringOutput

func (DataPolicyIamBindingOutput) ElementType 

func (DataPolicyIamBindingOutput) ElementType() reflect.Type

func (DataPolicyIamBindingOutput) Etag 

func (o DataPolicyIamBindingOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (DataPolicyIamBindingOutput) Location 

func (o DataPolicyIamBindingOutput) Location() pulumi.StringOutput

The name of the location of the data policy. Used to find the parent resource to bind the IAM policy to

func (DataPolicyIamBindingOutput) Members 

func (o DataPolicyIamBindingOutput) Members() pulumi.StringArrayOutput

func (DataPolicyIamBindingOutput) Project 

func (o DataPolicyIamBindingOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • `member/members` - (Required) Identities that will be granted the privilege in `role`. Each entry can have one of the following values:
  • **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
  • **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
  • **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
  • **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
  • **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
  • **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
  • **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (DataPolicyIamBindingOutput) Role 

func (o DataPolicyIamBindingOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (DataPolicyIamBindingOutput) ToDataPolicyIamBindingOutput 

func (o DataPolicyIamBindingOutput) ToDataPolicyIamBindingOutput() DataPolicyIamBindingOutput

func (DataPolicyIamBindingOutput) ToDataPolicyIamBindingOutputWithContext 

func (o DataPolicyIamBindingOutput) ToDataPolicyIamBindingOutputWithContext(ctx context.Context) DataPolicyIamBindingOutput

func (DataPolicyIamBindingOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamBindingOutput) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamBinding]

type DataPolicyIamBindingState 

type DataPolicyIamBindingState struct {
	Condition    DataPolicyIamBindingConditionPtrInput
	DataPolicyId pulumi.StringPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringPtrInput
	Members  pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (DataPolicyIamBindingState) ElementType 

func (DataPolicyIamBindingState) ElementType() reflect.Type

type DataPolicyIamMember 

type DataPolicyIamMember struct {
	pulumi.CustomResourceState

	Condition    DataPolicyIamMemberConditionPtrOutput `pulumi:"condition"`
	DataPolicyId pulumi.StringOutput                   `pulumi:"dataPolicyId"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringOutput `pulumi:"location"`
	Member   pulumi.StringOutput `pulumi:"member"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Three different resources help you manage your IAM policy for BigQuery Data Policy DataPolicy. Each of these resources serves a different use case:

* `bigquerydatapolicy.DataPolicyIamPolicy`: Authoritative. Sets the IAM policy for the datapolicy and replaces any existing policy already attached. * `bigquerydatapolicy.DataPolicyIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the datapolicy are preserved. * `bigquerydatapolicy.DataPolicyIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the datapolicy are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `bigquerydatapolicy.DataPolicyIamPolicy`: Retrieves the IAM policy for the datapolicy

> **Note:** `bigquerydatapolicy.DataPolicyIamPolicy` **cannot** be used in conjunction with `bigquerydatapolicy.DataPolicyIamBinding` and `bigquerydatapolicy.DataPolicyIamMember` or they will fight over what your policy should be.

> **Note:** `bigquerydatapolicy.DataPolicyIamBinding` resources **can be** used in conjunction with `bigquerydatapolicy.DataPolicyIamMember` resources **only if** they do not grant privilege to the same role.

## google\_bigquery\_datapolicy\_data\_policy\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/viewer",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = bigquerydatapolicy.NewDataPolicyIamPolicy(ctx, "policy", &bigquerydatapolicy.DataPolicyIamPolicyArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			PolicyData:   *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_bigquery\_datapolicy\_data\_policy\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := bigquerydatapolicy.NewDataPolicyIamBinding(ctx, "binding", &bigquerydatapolicy.DataPolicyIamBindingArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			Role:         pulumi.String("roles/viewer"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_bigquery\_datapolicy\_data\_policy\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := bigquerydatapolicy.NewDataPolicyIamMember(ctx, "member", &bigquerydatapolicy.DataPolicyIamMemberArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			Role:         pulumi.String("roles/viewer"),
			Member:       pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} * {{project}}/{{location}}/{{data_policy_id}} * {{location}}/{{data_policy_id}} * {{data_policy_id}} Any variables not passed in the import command will be taken from the provider configuration. BigQuery Data Policy datapolicy IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamMember:DataPolicyIamMember editor "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} roles/viewer user:jane@example.com"

``` 

IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamMember:DataPolicyIamMember editor "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamMember:DataPolicyIamMember editor projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetDataPolicyIamMember 

func GetDataPolicyIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DataPolicyIamMemberState, opts ...pulumi.ResourceOption) (*DataPolicyIamMember, error)

GetDataPolicyIamMember gets an existing DataPolicyIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDataPolicyIamMember 

func NewDataPolicyIamMember(ctx *pulumi.Context,
	name string, args *DataPolicyIamMemberArgs, opts ...pulumi.ResourceOption) (*DataPolicyIamMember, error)

NewDataPolicyIamMember registers a new resource with the given unique name, arguments, and options.

func (*DataPolicyIamMember) ElementType 

func (*DataPolicyIamMember) ElementType() reflect.Type

func (*DataPolicyIamMember) ToDataPolicyIamMemberOutput 

func (i *DataPolicyIamMember) ToDataPolicyIamMemberOutput() DataPolicyIamMemberOutput

func (*DataPolicyIamMember) ToDataPolicyIamMemberOutputWithContext 

func (i *DataPolicyIamMember) ToDataPolicyIamMemberOutputWithContext(ctx context.Context) DataPolicyIamMemberOutput

func (*DataPolicyIamMember) ToOutput added in v6.65.1 

func (i *DataPolicyIamMember) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamMember]

type DataPolicyIamMemberArgs 

type DataPolicyIamMemberArgs struct {
	Condition    DataPolicyIamMemberConditionPtrInput
	DataPolicyId pulumi.StringInput
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringPtrInput
	Member   pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a DataPolicyIamMember resource.

func (DataPolicyIamMemberArgs) ElementType 

func (DataPolicyIamMemberArgs) ElementType() reflect.Type

type DataPolicyIamMemberArray 

type DataPolicyIamMemberArray []DataPolicyIamMemberInput

func (DataPolicyIamMemberArray) ElementType 

func (DataPolicyIamMemberArray) ElementType() reflect.Type

func (DataPolicyIamMemberArray) ToDataPolicyIamMemberArrayOutput 

func (i DataPolicyIamMemberArray) ToDataPolicyIamMemberArrayOutput() DataPolicyIamMemberArrayOutput

func (DataPolicyIamMemberArray) ToDataPolicyIamMemberArrayOutputWithContext 

func (i DataPolicyIamMemberArray) ToDataPolicyIamMemberArrayOutputWithContext(ctx context.Context) DataPolicyIamMemberArrayOutput

func (DataPolicyIamMemberArray) ToOutput added in v6.65.1 

func (i DataPolicyIamMemberArray) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicyIamMember]

type DataPolicyIamMemberArrayInput 

type DataPolicyIamMemberArrayInput interface {
	pulumi.Input

	ToDataPolicyIamMemberArrayOutput() DataPolicyIamMemberArrayOutput
	ToDataPolicyIamMemberArrayOutputWithContext(context.Context) DataPolicyIamMemberArrayOutput
}

DataPolicyIamMemberArrayInput is an input type that accepts DataPolicyIamMemberArray and DataPolicyIamMemberArrayOutput values. You can construct a concrete instance of `DataPolicyIamMemberArrayInput` via: 

DataPolicyIamMemberArray{ DataPolicyIamMemberArgs{...} }

type DataPolicyIamMemberArrayOutput 

type DataPolicyIamMemberArrayOutput struct{ *pulumi.OutputState }

func (DataPolicyIamMemberArrayOutput) ElementType 

func (DataPolicyIamMemberArrayOutput) ElementType() reflect.Type

func (DataPolicyIamMemberArrayOutput) Index 

func (o DataPolicyIamMemberArrayOutput) Index(i pulumi.IntInput) DataPolicyIamMemberOutput

func (DataPolicyIamMemberArrayOutput) ToDataPolicyIamMemberArrayOutput 

func (o DataPolicyIamMemberArrayOutput) ToDataPolicyIamMemberArrayOutput() DataPolicyIamMemberArrayOutput

func (DataPolicyIamMemberArrayOutput) ToDataPolicyIamMemberArrayOutputWithContext 

func (o DataPolicyIamMemberArrayOutput) ToDataPolicyIamMemberArrayOutputWithContext(ctx context.Context) DataPolicyIamMemberArrayOutput

func (DataPolicyIamMemberArrayOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamMemberArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicyIamMember]

type DataPolicyIamMemberCondition 

type DataPolicyIamMemberCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type DataPolicyIamMemberConditionArgs 

type DataPolicyIamMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (DataPolicyIamMemberConditionArgs) ElementType 

func (DataPolicyIamMemberConditionArgs) ElementType() reflect.Type

func (DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionOutput 

func (i DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionOutput() DataPolicyIamMemberConditionOutput

func (DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionOutputWithContext 

func (i DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionOutputWithContext(ctx context.Context) DataPolicyIamMemberConditionOutput

func (DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionPtrOutput 

func (i DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionPtrOutput() DataPolicyIamMemberConditionPtrOutput

func (DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionPtrOutputWithContext 

func (i DataPolicyIamMemberConditionArgs) ToDataPolicyIamMemberConditionPtrOutputWithContext(ctx context.Context) DataPolicyIamMemberConditionPtrOutput

func (DataPolicyIamMemberConditionArgs) ToOutput added in v6.65.1 

func (i DataPolicyIamMemberConditionArgs) ToOutput(ctx context.Context) pulumix.Output[DataPolicyIamMemberCondition]

type DataPolicyIamMemberConditionInput 

type DataPolicyIamMemberConditionInput interface {
	pulumi.Input

	ToDataPolicyIamMemberConditionOutput() DataPolicyIamMemberConditionOutput
	ToDataPolicyIamMemberConditionOutputWithContext(context.Context) DataPolicyIamMemberConditionOutput
}

DataPolicyIamMemberConditionInput is an input type that accepts DataPolicyIamMemberConditionArgs and DataPolicyIamMemberConditionOutput values. You can construct a concrete instance of `DataPolicyIamMemberConditionInput` via: 

DataPolicyIamMemberConditionArgs{...}

type DataPolicyIamMemberConditionOutput 

type DataPolicyIamMemberConditionOutput struct{ *pulumi.OutputState }

func (DataPolicyIamMemberConditionOutput) Description 

func (o DataPolicyIamMemberConditionOutput) Description() pulumi.StringPtrOutput

func (DataPolicyIamMemberConditionOutput) ElementType 

func (DataPolicyIamMemberConditionOutput) ElementType() reflect.Type

func (DataPolicyIamMemberConditionOutput) Expression 

func (o DataPolicyIamMemberConditionOutput) Expression() pulumi.StringOutput

func (DataPolicyIamMemberConditionOutput) Title 

func (o DataPolicyIamMemberConditionOutput) Title() pulumi.StringOutput

func (DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionOutput 

func (o DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionOutput() DataPolicyIamMemberConditionOutput

func (DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionOutputWithContext 

func (o DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionOutputWithContext(ctx context.Context) DataPolicyIamMemberConditionOutput

func (DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionPtrOutput 

func (o DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionPtrOutput() DataPolicyIamMemberConditionPtrOutput

func (DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionPtrOutputWithContext 

func (o DataPolicyIamMemberConditionOutput) ToDataPolicyIamMemberConditionPtrOutputWithContext(ctx context.Context) DataPolicyIamMemberConditionPtrOutput

func (DataPolicyIamMemberConditionOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamMemberConditionOutput) ToOutput(ctx context.Context) pulumix.Output[DataPolicyIamMemberCondition]

type DataPolicyIamMemberConditionPtrInput 

type DataPolicyIamMemberConditionPtrInput interface {
	pulumi.Input

	ToDataPolicyIamMemberConditionPtrOutput() DataPolicyIamMemberConditionPtrOutput
	ToDataPolicyIamMemberConditionPtrOutputWithContext(context.Context) DataPolicyIamMemberConditionPtrOutput
}

DataPolicyIamMemberConditionPtrInput is an input type that accepts DataPolicyIamMemberConditionArgs, DataPolicyIamMemberConditionPtr and DataPolicyIamMemberConditionPtrOutput values. You can construct a concrete instance of `DataPolicyIamMemberConditionPtrInput` via: 

        DataPolicyIamMemberConditionArgs{...}

or:

        nil

func DataPolicyIamMemberConditionPtr 

func DataPolicyIamMemberConditionPtr(v *DataPolicyIamMemberConditionArgs) DataPolicyIamMemberConditionPtrInput

type DataPolicyIamMemberConditionPtrOutput 

type DataPolicyIamMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (DataPolicyIamMemberConditionPtrOutput) Description 

func (o DataPolicyIamMemberConditionPtrOutput) Description() pulumi.StringPtrOutput

func (DataPolicyIamMemberConditionPtrOutput) Elem 

func (o DataPolicyIamMemberConditionPtrOutput) Elem() DataPolicyIamMemberConditionOutput

func (DataPolicyIamMemberConditionPtrOutput) ElementType 

func (DataPolicyIamMemberConditionPtrOutput) ElementType() reflect.Type

func (DataPolicyIamMemberConditionPtrOutput) Expression 

func (o DataPolicyIamMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (DataPolicyIamMemberConditionPtrOutput) Title 

func (o DataPolicyIamMemberConditionPtrOutput) Title() pulumi.StringPtrOutput

func (DataPolicyIamMemberConditionPtrOutput) ToDataPolicyIamMemberConditionPtrOutput 

func (o DataPolicyIamMemberConditionPtrOutput) ToDataPolicyIamMemberConditionPtrOutput() DataPolicyIamMemberConditionPtrOutput

func (DataPolicyIamMemberConditionPtrOutput) ToDataPolicyIamMemberConditionPtrOutputWithContext 

func (o DataPolicyIamMemberConditionPtrOutput) ToDataPolicyIamMemberConditionPtrOutputWithContext(ctx context.Context) DataPolicyIamMemberConditionPtrOutput

func (DataPolicyIamMemberConditionPtrOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamMemberConditionPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamMemberCondition]

type DataPolicyIamMemberInput 

type DataPolicyIamMemberInput interface {
	pulumi.Input

	ToDataPolicyIamMemberOutput() DataPolicyIamMemberOutput
	ToDataPolicyIamMemberOutputWithContext(ctx context.Context) DataPolicyIamMemberOutput
}

type DataPolicyIamMemberMap 

type DataPolicyIamMemberMap map[string]DataPolicyIamMemberInput

func (DataPolicyIamMemberMap) ElementType 

func (DataPolicyIamMemberMap) ElementType() reflect.Type

func (DataPolicyIamMemberMap) ToDataPolicyIamMemberMapOutput 

func (i DataPolicyIamMemberMap) ToDataPolicyIamMemberMapOutput() DataPolicyIamMemberMapOutput

func (DataPolicyIamMemberMap) ToDataPolicyIamMemberMapOutputWithContext 

func (i DataPolicyIamMemberMap) ToDataPolicyIamMemberMapOutputWithContext(ctx context.Context) DataPolicyIamMemberMapOutput

func (DataPolicyIamMemberMap) ToOutput added in v6.65.1 

func (i DataPolicyIamMemberMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicyIamMember]

type DataPolicyIamMemberMapInput 

type DataPolicyIamMemberMapInput interface {
	pulumi.Input

	ToDataPolicyIamMemberMapOutput() DataPolicyIamMemberMapOutput
	ToDataPolicyIamMemberMapOutputWithContext(context.Context) DataPolicyIamMemberMapOutput
}

DataPolicyIamMemberMapInput is an input type that accepts DataPolicyIamMemberMap and DataPolicyIamMemberMapOutput values. You can construct a concrete instance of `DataPolicyIamMemberMapInput` via: 

DataPolicyIamMemberMap{ "key": DataPolicyIamMemberArgs{...} }

type DataPolicyIamMemberMapOutput 

type DataPolicyIamMemberMapOutput struct{ *pulumi.OutputState }

func (DataPolicyIamMemberMapOutput) ElementType 

func (DataPolicyIamMemberMapOutput) ElementType() reflect.Type

func (DataPolicyIamMemberMapOutput) MapIndex 

func (o DataPolicyIamMemberMapOutput) MapIndex(k pulumi.StringInput) DataPolicyIamMemberOutput

func (DataPolicyIamMemberMapOutput) ToDataPolicyIamMemberMapOutput 

func (o DataPolicyIamMemberMapOutput) ToDataPolicyIamMemberMapOutput() DataPolicyIamMemberMapOutput

func (DataPolicyIamMemberMapOutput) ToDataPolicyIamMemberMapOutputWithContext 

func (o DataPolicyIamMemberMapOutput) ToDataPolicyIamMemberMapOutputWithContext(ctx context.Context) DataPolicyIamMemberMapOutput

func (DataPolicyIamMemberMapOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamMemberMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicyIamMember]

type DataPolicyIamMemberOutput 

type DataPolicyIamMemberOutput struct{ *pulumi.OutputState }

func (DataPolicyIamMemberOutput) Condition 

func (o DataPolicyIamMemberOutput) Condition() DataPolicyIamMemberConditionPtrOutput

func (DataPolicyIamMemberOutput) DataPolicyId 

func (o DataPolicyIamMemberOutput) DataPolicyId() pulumi.StringOutput

func (DataPolicyIamMemberOutput) ElementType 

func (DataPolicyIamMemberOutput) ElementType() reflect.Type

func (DataPolicyIamMemberOutput) Etag 

func (o DataPolicyIamMemberOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (DataPolicyIamMemberOutput) Location 

func (o DataPolicyIamMemberOutput) Location() pulumi.StringOutput

The name of the location of the data policy. Used to find the parent resource to bind the IAM policy to

func (DataPolicyIamMemberOutput) Member 

func (o DataPolicyIamMemberOutput) Member() pulumi.StringOutput

func (DataPolicyIamMemberOutput) Project 

func (o DataPolicyIamMemberOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • `member/members` - (Required) Identities that will be granted the privilege in `role`. Each entry can have one of the following values:
  • **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
  • **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
  • **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
  • **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
  • **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
  • **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
  • **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (DataPolicyIamMemberOutput) Role 

func (o DataPolicyIamMemberOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (DataPolicyIamMemberOutput) ToDataPolicyIamMemberOutput 

func (o DataPolicyIamMemberOutput) ToDataPolicyIamMemberOutput() DataPolicyIamMemberOutput

func (DataPolicyIamMemberOutput) ToDataPolicyIamMemberOutputWithContext 

func (o DataPolicyIamMemberOutput) ToDataPolicyIamMemberOutputWithContext(ctx context.Context) DataPolicyIamMemberOutput

func (DataPolicyIamMemberOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamMemberOutput) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamMember]

type DataPolicyIamMemberState 

type DataPolicyIamMemberState struct {
	Condition    DataPolicyIamMemberConditionPtrInput
	DataPolicyId pulumi.StringPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringPtrInput
	Member   pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `bigquerydatapolicy.DataPolicyIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (DataPolicyIamMemberState) ElementType 

func (DataPolicyIamMemberState) ElementType() reflect.Type

type DataPolicyIamPolicy 

type DataPolicyIamPolicy struct {
	pulumi.CustomResourceState

	DataPolicyId pulumi.StringOutput `pulumi:"dataPolicyId"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringOutput `pulumi:"location"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringOutput `pulumi:"project"`
}

Three different resources help you manage your IAM policy for BigQuery Data Policy DataPolicy. Each of these resources serves a different use case:

* `bigquerydatapolicy.DataPolicyIamPolicy`: Authoritative. Sets the IAM policy for the datapolicy and replaces any existing policy already attached. * `bigquerydatapolicy.DataPolicyIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the datapolicy are preserved. * `bigquerydatapolicy.DataPolicyIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the datapolicy are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `bigquerydatapolicy.DataPolicyIamPolicy`: Retrieves the IAM policy for the datapolicy

> **Note:** `bigquerydatapolicy.DataPolicyIamPolicy` **cannot** be used in conjunction with `bigquerydatapolicy.DataPolicyIamBinding` and `bigquerydatapolicy.DataPolicyIamMember` or they will fight over what your policy should be.

> **Note:** `bigquerydatapolicy.DataPolicyIamBinding` resources **can be** used in conjunction with `bigquerydatapolicy.DataPolicyIamMember` resources **only if** they do not grant privilege to the same role.

## google\_bigquery\_datapolicy\_data\_policy\_iam\_policy

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/viewer",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = bigquerydatapolicy.NewDataPolicyIamPolicy(ctx, "policy", &bigquerydatapolicy.DataPolicyIamPolicyArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			PolicyData:   *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_bigquery\_datapolicy\_data\_policy\_iam\_binding

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := bigquerydatapolicy.NewDataPolicyIamBinding(ctx, "binding", &bigquerydatapolicy.DataPolicyIamBindingArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			Role:         pulumi.String("roles/viewer"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_bigquery\_datapolicy\_data\_policy\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := bigquerydatapolicy.NewDataPolicyIamMember(ctx, "member", &bigquerydatapolicy.DataPolicyIamMemberArgs{
			Project:      pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: pulumi.Any(google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id),
			Role:         pulumi.String("roles/viewer"),
			Member:       pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} * {{project}}/{{location}}/{{data_policy_id}} * {{location}}/{{data_policy_id}} * {{data_policy_id}} Any variables not passed in the import command will be taken from the provider configuration. BigQuery Data Policy datapolicy IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamPolicy:DataPolicyIamPolicy editor "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} roles/viewer user:jane@example.com"

``` 

IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamPolicy:DataPolicyIamPolicy editor "projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}} roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question, e.g.

```sh 

$ pulumi import gcp:bigquerydatapolicy/dataPolicyIamPolicy:DataPolicyIamPolicy editor projects/{{project}}/locations/{{location}}/dataPolicies/{{data_policy_id}}

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetDataPolicyIamPolicy 

func GetDataPolicyIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DataPolicyIamPolicyState, opts ...pulumi.ResourceOption) (*DataPolicyIamPolicy, error)

GetDataPolicyIamPolicy gets an existing DataPolicyIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDataPolicyIamPolicy 

func NewDataPolicyIamPolicy(ctx *pulumi.Context,
	name string, args *DataPolicyIamPolicyArgs, opts ...pulumi.ResourceOption) (*DataPolicyIamPolicy, error)

NewDataPolicyIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*DataPolicyIamPolicy) ElementType 

func (*DataPolicyIamPolicy) ElementType() reflect.Type

func (*DataPolicyIamPolicy) ToDataPolicyIamPolicyOutput 

func (i *DataPolicyIamPolicy) ToDataPolicyIamPolicyOutput() DataPolicyIamPolicyOutput

func (*DataPolicyIamPolicy) ToDataPolicyIamPolicyOutputWithContext 

func (i *DataPolicyIamPolicy) ToDataPolicyIamPolicyOutputWithContext(ctx context.Context) DataPolicyIamPolicyOutput

func (*DataPolicyIamPolicy) ToOutput added in v6.65.1 

func (i *DataPolicyIamPolicy) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamPolicy]

type DataPolicyIamPolicyArgs 

type DataPolicyIamPolicyArgs struct {
	DataPolicyId pulumi.StringInput
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
}

The set of arguments for constructing a DataPolicyIamPolicy resource.

func (DataPolicyIamPolicyArgs) ElementType 

func (DataPolicyIamPolicyArgs) ElementType() reflect.Type

type DataPolicyIamPolicyArray 

type DataPolicyIamPolicyArray []DataPolicyIamPolicyInput

func (DataPolicyIamPolicyArray) ElementType 

func (DataPolicyIamPolicyArray) ElementType() reflect.Type

func (DataPolicyIamPolicyArray) ToDataPolicyIamPolicyArrayOutput 

func (i DataPolicyIamPolicyArray) ToDataPolicyIamPolicyArrayOutput() DataPolicyIamPolicyArrayOutput

func (DataPolicyIamPolicyArray) ToDataPolicyIamPolicyArrayOutputWithContext 

func (i DataPolicyIamPolicyArray) ToDataPolicyIamPolicyArrayOutputWithContext(ctx context.Context) DataPolicyIamPolicyArrayOutput

func (DataPolicyIamPolicyArray) ToOutput added in v6.65.1 

func (i DataPolicyIamPolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicyIamPolicy]

type DataPolicyIamPolicyArrayInput 

type DataPolicyIamPolicyArrayInput interface {
	pulumi.Input

	ToDataPolicyIamPolicyArrayOutput() DataPolicyIamPolicyArrayOutput
	ToDataPolicyIamPolicyArrayOutputWithContext(context.Context) DataPolicyIamPolicyArrayOutput
}

DataPolicyIamPolicyArrayInput is an input type that accepts DataPolicyIamPolicyArray and DataPolicyIamPolicyArrayOutput values. You can construct a concrete instance of `DataPolicyIamPolicyArrayInput` via: 

DataPolicyIamPolicyArray{ DataPolicyIamPolicyArgs{...} }

type DataPolicyIamPolicyArrayOutput 

type DataPolicyIamPolicyArrayOutput struct{ *pulumi.OutputState }

func (DataPolicyIamPolicyArrayOutput) ElementType 

func (DataPolicyIamPolicyArrayOutput) ElementType() reflect.Type

func (DataPolicyIamPolicyArrayOutput) Index 

func (o DataPolicyIamPolicyArrayOutput) Index(i pulumi.IntInput) DataPolicyIamPolicyOutput

func (DataPolicyIamPolicyArrayOutput) ToDataPolicyIamPolicyArrayOutput 

func (o DataPolicyIamPolicyArrayOutput) ToDataPolicyIamPolicyArrayOutput() DataPolicyIamPolicyArrayOutput

func (DataPolicyIamPolicyArrayOutput) ToDataPolicyIamPolicyArrayOutputWithContext 

func (o DataPolicyIamPolicyArrayOutput) ToDataPolicyIamPolicyArrayOutputWithContext(ctx context.Context) DataPolicyIamPolicyArrayOutput

func (DataPolicyIamPolicyArrayOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamPolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*DataPolicyIamPolicy]

type DataPolicyIamPolicyInput 

type DataPolicyIamPolicyInput interface {
	pulumi.Input

	ToDataPolicyIamPolicyOutput() DataPolicyIamPolicyOutput
	ToDataPolicyIamPolicyOutputWithContext(ctx context.Context) DataPolicyIamPolicyOutput
}

type DataPolicyIamPolicyMap 

type DataPolicyIamPolicyMap map[string]DataPolicyIamPolicyInput

func (DataPolicyIamPolicyMap) ElementType 

func (DataPolicyIamPolicyMap) ElementType() reflect.Type

func (DataPolicyIamPolicyMap) ToDataPolicyIamPolicyMapOutput 

func (i DataPolicyIamPolicyMap) ToDataPolicyIamPolicyMapOutput() DataPolicyIamPolicyMapOutput

func (DataPolicyIamPolicyMap) ToDataPolicyIamPolicyMapOutputWithContext 

func (i DataPolicyIamPolicyMap) ToDataPolicyIamPolicyMapOutputWithContext(ctx context.Context) DataPolicyIamPolicyMapOutput

func (DataPolicyIamPolicyMap) ToOutput added in v6.65.1 

func (i DataPolicyIamPolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicyIamPolicy]

type DataPolicyIamPolicyMapInput 

type DataPolicyIamPolicyMapInput interface {
	pulumi.Input

	ToDataPolicyIamPolicyMapOutput() DataPolicyIamPolicyMapOutput
	ToDataPolicyIamPolicyMapOutputWithContext(context.Context) DataPolicyIamPolicyMapOutput
}

DataPolicyIamPolicyMapInput is an input type that accepts DataPolicyIamPolicyMap and DataPolicyIamPolicyMapOutput values. You can construct a concrete instance of `DataPolicyIamPolicyMapInput` via: 

DataPolicyIamPolicyMap{ "key": DataPolicyIamPolicyArgs{...} }

type DataPolicyIamPolicyMapOutput 

type DataPolicyIamPolicyMapOutput struct{ *pulumi.OutputState }

func (DataPolicyIamPolicyMapOutput) ElementType 

func (DataPolicyIamPolicyMapOutput) ElementType() reflect.Type

func (DataPolicyIamPolicyMapOutput) MapIndex 

func (o DataPolicyIamPolicyMapOutput) MapIndex(k pulumi.StringInput) DataPolicyIamPolicyOutput

func (DataPolicyIamPolicyMapOutput) ToDataPolicyIamPolicyMapOutput 

func (o DataPolicyIamPolicyMapOutput) ToDataPolicyIamPolicyMapOutput() DataPolicyIamPolicyMapOutput

func (DataPolicyIamPolicyMapOutput) ToDataPolicyIamPolicyMapOutputWithContext 

func (o DataPolicyIamPolicyMapOutput) ToDataPolicyIamPolicyMapOutputWithContext(ctx context.Context) DataPolicyIamPolicyMapOutput

func (DataPolicyIamPolicyMapOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamPolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicyIamPolicy]

type DataPolicyIamPolicyOutput 

type DataPolicyIamPolicyOutput struct{ *pulumi.OutputState }

func (DataPolicyIamPolicyOutput) DataPolicyId 

func (o DataPolicyIamPolicyOutput) DataPolicyId() pulumi.StringOutput

func (DataPolicyIamPolicyOutput) ElementType 

func (DataPolicyIamPolicyOutput) ElementType() reflect.Type

func (DataPolicyIamPolicyOutput) Etag 

func (o DataPolicyIamPolicyOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (DataPolicyIamPolicyOutput) Location 

func (o DataPolicyIamPolicyOutput) Location() pulumi.StringOutput

The name of the location of the data policy. Used to find the parent resource to bind the IAM policy to

func (DataPolicyIamPolicyOutput) PolicyData 

func (o DataPolicyIamPolicyOutput) PolicyData() pulumi.StringOutput

The policy data generated by a `organizations.getIAMPolicy` data source.

func (DataPolicyIamPolicyOutput) Project 

func (o DataPolicyIamPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • `member/members` - (Required) Identities that will be granted the privilege in `role`. Each entry can have one of the following values:
  • **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
  • **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
  • **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
  • **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
  • **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
  • **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
  • **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (DataPolicyIamPolicyOutput) ToDataPolicyIamPolicyOutput 

func (o DataPolicyIamPolicyOutput) ToDataPolicyIamPolicyOutput() DataPolicyIamPolicyOutput

func (DataPolicyIamPolicyOutput) ToDataPolicyIamPolicyOutputWithContext 

func (o DataPolicyIamPolicyOutput) ToDataPolicyIamPolicyOutputWithContext(ctx context.Context) DataPolicyIamPolicyOutput

func (DataPolicyIamPolicyOutput) ToOutput added in v6.65.1 

func (o DataPolicyIamPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*DataPolicyIamPolicy]

type DataPolicyIamPolicyState 

type DataPolicyIamPolicyState struct {
	DataPolicyId pulumi.StringPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
}

func (DataPolicyIamPolicyState) ElementType 

func (DataPolicyIamPolicyState) ElementType() reflect.Type

type DataPolicyInput 

type DataPolicyInput interface {
	pulumi.Input

	ToDataPolicyOutput() DataPolicyOutput
	ToDataPolicyOutputWithContext(ctx context.Context) DataPolicyOutput
}

type DataPolicyMap 

type DataPolicyMap map[string]DataPolicyInput

func (DataPolicyMap) ElementType 

func (DataPolicyMap) ElementType() reflect.Type

func (DataPolicyMap) ToDataPolicyMapOutput 

func (i DataPolicyMap) ToDataPolicyMapOutput() DataPolicyMapOutput

func (DataPolicyMap) ToDataPolicyMapOutputWithContext 

func (i DataPolicyMap) ToDataPolicyMapOutputWithContext(ctx context.Context) DataPolicyMapOutput

func (DataPolicyMap) ToOutput added in v6.65.1 

func (i DataPolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicy]

type DataPolicyMapInput 

type DataPolicyMapInput interface {
	pulumi.Input

	ToDataPolicyMapOutput() DataPolicyMapOutput
	ToDataPolicyMapOutputWithContext(context.Context) DataPolicyMapOutput
}

DataPolicyMapInput is an input type that accepts DataPolicyMap and DataPolicyMapOutput values. You can construct a concrete instance of `DataPolicyMapInput` via: 

DataPolicyMap{ "key": DataPolicyArgs{...} }

type DataPolicyMapOutput 

type DataPolicyMapOutput struct{ *pulumi.OutputState }

func (DataPolicyMapOutput) ElementType 

func (DataPolicyMapOutput) ElementType() reflect.Type

func (DataPolicyMapOutput) MapIndex 

func (o DataPolicyMapOutput) MapIndex(k pulumi.StringInput) DataPolicyOutput

func (DataPolicyMapOutput) ToDataPolicyMapOutput 

func (o DataPolicyMapOutput) ToDataPolicyMapOutput() DataPolicyMapOutput

func (DataPolicyMapOutput) ToDataPolicyMapOutputWithContext 

func (o DataPolicyMapOutput) ToDataPolicyMapOutputWithContext(ctx context.Context) DataPolicyMapOutput

func (DataPolicyMapOutput) ToOutput added in v6.65.1 

func (o DataPolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*DataPolicy]

type DataPolicyOutput 

type DataPolicyOutput struct{ *pulumi.OutputState }

func (DataPolicyOutput) DataMaskingPolicy 

func (o DataPolicyOutput) DataMaskingPolicy() DataPolicyDataMaskingPolicyPtrOutput

The data masking policy that specifies the data masking rule to use. Structure is documented below.

func (DataPolicyOutput) DataPolicyId 

func (o DataPolicyOutput) DataPolicyId() pulumi.StringOutput

User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name.

func (DataPolicyOutput) DataPolicyType 

func (o DataPolicyOutput) DataPolicyType() pulumi.StringOutput

The enrollment level of the service. Possible values are: `COLUMN_LEVEL_SECURITY_POLICY`, `DATA_MASKING_POLICY`.

***

func (DataPolicyOutput) ElementType 

func (DataPolicyOutput) ElementType() reflect.Type

func (DataPolicyOutput) Location 

func (o DataPolicyOutput) Location() pulumi.StringOutput

The name of the location of the data policy.

func (DataPolicyOutput) Name 

func (o DataPolicyOutput) Name() pulumi.StringOutput

Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}.

func (DataPolicyOutput) PolicyTag 

func (o DataPolicyOutput) PolicyTag() pulumi.StringOutput

Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}.

func (DataPolicyOutput) Project 

func (o DataPolicyOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (DataPolicyOutput) ToDataPolicyOutput 

func (o DataPolicyOutput) ToDataPolicyOutput() DataPolicyOutput

func (DataPolicyOutput) ToDataPolicyOutputWithContext 

func (o DataPolicyOutput) ToDataPolicyOutputWithContext(ctx context.Context) DataPolicyOutput

func (DataPolicyOutput) ToOutput added in v6.65.1 

func (o DataPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*DataPolicy]

type DataPolicyState 

type DataPolicyState struct {
	// The data masking policy that specifies the data masking rule to use.
	// Structure is documented below.
	DataMaskingPolicy DataPolicyDataMaskingPolicyPtrInput
	// User-assigned (human readable) ID of the data policy that needs to be unique within a project. Used as {dataPolicyId} in part of the resource name.
	DataPolicyId pulumi.StringPtrInput
	// The enrollment level of the service.
	// Possible values are: `COLUMN_LEVEL_SECURITY_POLICY`, `DATA_MASKING_POLICY`.
	//
	// ***
	DataPolicyType pulumi.StringPtrInput
	// The name of the location of the data policy.
	Location pulumi.StringPtrInput
	// Resource name of this data policy, in the format of projects/{project_number}/locations/{locationId}/dataPolicies/{dataPolicyId}.
	Name pulumi.StringPtrInput
	// Policy tag resource name, in the format of projects/{project_number}/locations/{locationId}/taxonomies/{taxonomyId}/policyTags/{policyTag_id}.
	PolicyTag pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
}

func (DataPolicyState) ElementType 

func (DataPolicyState) ElementType() reflect.Type

type GetIamPolicyArgs added in v6.59.0 

type GetIamPolicyArgs struct {
	DataPolicyId string `pulumi:"dataPolicyId"`
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location *string `pulumi:"location"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project *string `pulumi:"project"`
}

A collection of arguments for invoking getIamPolicy.

type GetIamPolicyOutputArgs added in v6.59.0 

type GetIamPolicyOutputArgs struct {
	DataPolicyId pulumi.StringInput `pulumi:"dataPolicyId"`
	// The name of the location of the data policy.
	// Used to find the parent resource to bind the IAM policy to
	Location pulumi.StringPtrInput `pulumi:"location"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
}

A collection of arguments for invoking getIamPolicy.

func (GetIamPolicyOutputArgs) ElementType added in v6.59.0 

func (GetIamPolicyOutputArgs) ElementType() reflect.Type

type GetIamPolicyResult added in v6.59.0 

type GetIamPolicyResult struct {
	DataPolicyId string `pulumi:"dataPolicyId"`
	// (Computed) The etag of the IAM policy.
	Etag string `pulumi:"etag"`
	// The provider-assigned unique ID for this managed resource.
	Id       string `pulumi:"id"`
	Location string `pulumi:"location"`
	// (Required only by `bigquerydatapolicy.DataPolicyIamPolicy`) The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData string `pulumi:"policyData"`
	Project    string `pulumi:"project"`
}

A collection of values returned by getIamPolicy.

func GetIamPolicy added in v6.59.0 

func GetIamPolicy(ctx *pulumi.Context, args *GetIamPolicyArgs, opts ...pulumi.InvokeOption) (*GetIamPolicyResult, error)

Retrieves the current IAM policy data for datapolicy

## example

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/bigquerydatapolicy"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := bigquerydatapolicy.GetIamPolicy(ctx, &bigquerydatapolicy.GetIamPolicyArgs{
			Project:      pulumi.StringRef(google_bigquery_datapolicy_data_policy.Data_policy.Project),
			Location:     pulumi.StringRef(google_bigquery_datapolicy_data_policy.Data_policy.Location),
			DataPolicyId: google_bigquery_datapolicy_data_policy.Data_policy.Data_policy_id,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetIamPolicyResultOutput added in v6.59.0 

type GetIamPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getIamPolicy.

func GetIamPolicyOutput added in v6.59.0 

func GetIamPolicyOutput(ctx *pulumi.Context, args GetIamPolicyOutputArgs, opts ...pulumi.InvokeOption) GetIamPolicyResultOutput

func (GetIamPolicyResultOutput) DataPolicyId added in v6.59.0 

func (o GetIamPolicyResultOutput) DataPolicyId() pulumi.StringOutput

func (GetIamPolicyResultOutput) ElementType added in v6.59.0 

func (GetIamPolicyResultOutput) ElementType() reflect.Type

func (GetIamPolicyResultOutput) Etag added in v6.59.0 

func (o GetIamPolicyResultOutput) Etag() pulumi.StringOutput

(Computed) The etag of the IAM policy.

func (GetIamPolicyResultOutput) Id added in v6.59.0 

func (o GetIamPolicyResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetIamPolicyResultOutput) Location added in v6.59.0 

func (o GetIamPolicyResultOutput) Location() pulumi.StringOutput

func (GetIamPolicyResultOutput) PolicyData added in v6.59.0 

func (o GetIamPolicyResultOutput) PolicyData() pulumi.StringOutput

(Required only by `bigquerydatapolicy.DataPolicyIamPolicy`) The policy data generated by a `organizations.getIAMPolicy` data source.

func (GetIamPolicyResultOutput) Project added in v6.59.0 

func (o GetIamPolicyResultOutput) Project() pulumi.StringOutput

func (GetIamPolicyResultOutput) ToGetIamPolicyResultOutput added in v6.59.0 

func (o GetIamPolicyResultOutput) ToGetIamPolicyResultOutput() GetIamPolicyResultOutput

func (GetIamPolicyResultOutput) ToGetIamPolicyResultOutputWithContext added in v6.59.0 

func (o GetIamPolicyResultOutput) ToGetIamPolicyResultOutputWithContext(ctx context.Context) GetIamPolicyResultOutput

func (GetIamPolicyResultOutput) ToOutput added in v6.65.1 

func (o GetIamPolicyResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetIamPolicyResult]

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.