organizations

package
v6.67.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 4, 2023 License: Apache-2.0 Imports: 8 Imported by: 13

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessApprovalSettings 

type AccessApprovalSettings struct {
	pulumi.CustomResourceState

	// The asymmetric crypto key version to use for signing approval requests.
	// Empty activeKeyVersion indicates that a Google-managed key should be used for signing.
	ActiveKeyVersion pulumi.StringPtrOutput `pulumi:"activeKeyVersion"`
	// This field will always be unset for the organization since organizations do not have ancestors.
	AncestorHasActiveKeyVersion pulumi.BoolOutput `pulumi:"ancestorHasActiveKeyVersion"`
	// This field will always be unset for the organization since organizations do not have ancestors.
	EnrolledAncestor pulumi.BoolOutput `pulumi:"enrolledAncestor"`
	// A list of Google Cloud Services for which the given resource has Access Approval enrolled.
	// Access requests for the resource given by name against any of these services contained here will be required
	// to have explicit approval. Enrollment can be done for individual services.
	// A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded.
	// Structure is documented below.
	EnrolledServices AccessApprovalSettingsEnrolledServiceArrayOutput `pulumi:"enrolledServices"`
	// If the field is true, that indicates that there is some configuration issue with the activeKeyVersion
	// configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the
	// correct permissions on it, etc.).
	InvalidKeyVersion pulumi.BoolOutput `pulumi:"invalidKeyVersion"`
	// The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings"
	Name pulumi.StringOutput `pulumi:"name"`
	// A list of email addresses to which notifications relating to approval requests should be sent.
	// Notifications relating to a resource will be sent to all emails in the settings of ancestor
	// resources of that resource. A maximum of 50 email addresses are allowed.
	NotificationEmails pulumi.StringArrayOutput `pulumi:"notificationEmails"`
	// ID of the organization of the access approval settings.
	OrganizationId pulumi.StringOutput `pulumi:"organizationId"`
}

Access Approval enables you to require your explicit approval whenever Google support and engineering need to access your customer content.

To get more information about OrganizationSettings, see:

* [API documentation](https://cloud.google.com/access-approval/docs/reference/rest/v1/organizations)

## Example Usage ### Organization Access Approval Full

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewAccessApprovalSettings(ctx, "organizationAccessApproval", &organizations.AccessApprovalSettingsArgs{
			EnrolledServices: organizations.AccessApprovalSettingsEnrolledServiceArray{
				&organizations.AccessApprovalSettingsEnrolledServiceArgs{
					CloudProduct: pulumi.String("appengine.googleapis.com"),
				},
				&organizations.AccessApprovalSettingsEnrolledServiceArgs{
					CloudProduct:    pulumi.String("dataflow.googleapis.com"),
					EnrollmentLevel: pulumi.String("BLOCK_ALL"),
				},
			},
			NotificationEmails: pulumi.StringArray{
				pulumi.String("testuser@example.com"),
				pulumi.String("example.user@example.com"),
			},
			OrganizationId: pulumi.String("123456789"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Organization Access Approval Active Key Version

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/accessapproval"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/kms"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myProject, err := organizations.NewProject(ctx, "myProject", &organizations.ProjectArgs{
			ProjectId: pulumi.String("your-project-id"),
			OrgId:     pulumi.String("123456789"),
		})
		if err != nil {
			return err
		}
		keyRing, err := kms.NewKeyRing(ctx, "keyRing", &kms.KeyRingArgs{
			Location: pulumi.String("global"),
			Project:  myProject.ProjectId,
		})
		if err != nil {
			return err
		}
		cryptoKey, err := kms.NewCryptoKey(ctx, "cryptoKey", &kms.CryptoKeyArgs{
			KeyRing: keyRing.ID(),
			Purpose: pulumi.String("ASYMMETRIC_SIGN"),
			VersionTemplate: &kms.CryptoKeyVersionTemplateArgs{
				Algorithm: pulumi.String("EC_SIGN_P384_SHA384"),
			},
		})
		if err != nil {
			return err
		}
		serviceAccount, err := accessapproval.GetOrganizationServiceAccount(ctx, &accessapproval.GetOrganizationServiceAccountArgs{
			OrganizationId: "123456789",
		}, nil)
		if err != nil {
			return err
		}
		iam, err := kms.NewCryptoKeyIAMMember(ctx, "iam", &kms.CryptoKeyIAMMemberArgs{
			CryptoKeyId: cryptoKey.ID(),
			Role:        pulumi.String("roles/cloudkms.signerVerifier"),
			Member:      pulumi.String(fmt.Sprintf("serviceAccount:%v", serviceAccount.AccountEmail)),
		})
		if err != nil {
			return err
		}
		cryptoKeyVersion := kms.GetKMSCryptoKeyVersionOutput(ctx, kms.GetKMSCryptoKeyVersionOutputArgs{
			CryptoKey: cryptoKey.ID(),
		}, nil)
		_, err = organizations.NewAccessApprovalSettings(ctx, "organizationAccessApproval", &organizations.AccessApprovalSettingsArgs{
			OrganizationId: pulumi.String("123456789"),
			ActiveKeyVersion: cryptoKeyVersion.ApplyT(func(cryptoKeyVersion kms.GetKMSCryptoKeyVersionResult) (*string, error) {
				return &cryptoKeyVersion.Name, nil
			}).(pulumi.StringPtrOutput),
			EnrolledServices: organizations.AccessApprovalSettingsEnrolledServiceArray{
				&organizations.AccessApprovalSettingsEnrolledServiceArgs{
					CloudProduct: pulumi.String("all"),
				},
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			iam,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

OrganizationSettings can be imported using any of these accepted formats

```sh 

$ pulumi import gcp:organizations/accessApprovalSettings:AccessApprovalSettings default organizations/{{organization_id}}/accessApprovalSettings

```

```sh 

$ pulumi import gcp:organizations/accessApprovalSettings:AccessApprovalSettings default {{organization_id}}

```

func GetAccessApprovalSettings 

func GetAccessApprovalSettings(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessApprovalSettingsState, opts ...pulumi.ResourceOption) (*AccessApprovalSettings, error)

GetAccessApprovalSettings gets an existing AccessApprovalSettings resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessApprovalSettings 

func NewAccessApprovalSettings(ctx *pulumi.Context,
	name string, args *AccessApprovalSettingsArgs, opts ...pulumi.ResourceOption) (*AccessApprovalSettings, error)

NewAccessApprovalSettings registers a new resource with the given unique name, arguments, and options.

func (*AccessApprovalSettings) ElementType 

func (*AccessApprovalSettings) ElementType() reflect.Type

func (*AccessApprovalSettings) ToAccessApprovalSettingsOutput 

func (i *AccessApprovalSettings) ToAccessApprovalSettingsOutput() AccessApprovalSettingsOutput

func (*AccessApprovalSettings) ToAccessApprovalSettingsOutputWithContext 

func (i *AccessApprovalSettings) ToAccessApprovalSettingsOutputWithContext(ctx context.Context) AccessApprovalSettingsOutput

func (*AccessApprovalSettings) ToOutput added in v6.65.1 

func (i *AccessApprovalSettings) ToOutput(ctx context.Context) pulumix.Output[*AccessApprovalSettings]

type AccessApprovalSettingsArgs 

type AccessApprovalSettingsArgs struct {
	// The asymmetric crypto key version to use for signing approval requests.
	// Empty activeKeyVersion indicates that a Google-managed key should be used for signing.
	ActiveKeyVersion pulumi.StringPtrInput
	// A list of Google Cloud Services for which the given resource has Access Approval enrolled.
	// Access requests for the resource given by name against any of these services contained here will be required
	// to have explicit approval. Enrollment can be done for individual services.
	// A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded.
	// Structure is documented below.
	EnrolledServices AccessApprovalSettingsEnrolledServiceArrayInput
	// A list of email addresses to which notifications relating to approval requests should be sent.
	// Notifications relating to a resource will be sent to all emails in the settings of ancestor
	// resources of that resource. A maximum of 50 email addresses are allowed.
	NotificationEmails pulumi.StringArrayInput
	// ID of the organization of the access approval settings.
	OrganizationId pulumi.StringInput
}

The set of arguments for constructing a AccessApprovalSettings resource.

func (AccessApprovalSettingsArgs) ElementType 

func (AccessApprovalSettingsArgs) ElementType() reflect.Type

type AccessApprovalSettingsArray 

type AccessApprovalSettingsArray []AccessApprovalSettingsInput

func (AccessApprovalSettingsArray) ElementType 

func (AccessApprovalSettingsArray) ElementType() reflect.Type

func (AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutput 

func (i AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput

func (AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutputWithContext 

func (i AccessApprovalSettingsArray) ToAccessApprovalSettingsArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsArrayOutput

func (AccessApprovalSettingsArray) ToOutput added in v6.65.1 

func (i AccessApprovalSettingsArray) ToOutput(ctx context.Context) pulumix.Output[[]*AccessApprovalSettings]

type AccessApprovalSettingsArrayInput 

type AccessApprovalSettingsArrayInput interface {
	pulumi.Input

	ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput
	ToAccessApprovalSettingsArrayOutputWithContext(context.Context) AccessApprovalSettingsArrayOutput
}

AccessApprovalSettingsArrayInput is an input type that accepts AccessApprovalSettingsArray and AccessApprovalSettingsArrayOutput values. You can construct a concrete instance of `AccessApprovalSettingsArrayInput` via: 

AccessApprovalSettingsArray{ AccessApprovalSettingsArgs{...} }

type AccessApprovalSettingsArrayOutput 

type AccessApprovalSettingsArrayOutput struct{ *pulumi.OutputState }

func (AccessApprovalSettingsArrayOutput) ElementType 

func (AccessApprovalSettingsArrayOutput) ElementType() reflect.Type

func (AccessApprovalSettingsArrayOutput) Index 

func (o AccessApprovalSettingsArrayOutput) Index(i pulumi.IntInput) AccessApprovalSettingsOutput

func (AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutput 

func (o AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutput() AccessApprovalSettingsArrayOutput

func (AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutputWithContext 

func (o AccessApprovalSettingsArrayOutput) ToAccessApprovalSettingsArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsArrayOutput

func (AccessApprovalSettingsArrayOutput) ToOutput added in v6.65.1 

func (o AccessApprovalSettingsArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*AccessApprovalSettings]

type AccessApprovalSettingsEnrolledService 

type AccessApprovalSettingsEnrolledService struct {
	// The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive):
	// all
	// appengine.googleapis.com
	// bigquery.googleapis.com
	// bigtable.googleapis.com
	// cloudkms.googleapis.com
	// compute.googleapis.com
	// dataflow.googleapis.com
	// iam.googleapis.com
	// pubsub.googleapis.com
	// storage.googleapis.com
	CloudProduct string `pulumi:"cloudProduct"`
	// The enrollment level of the service.
	// Default value is `BLOCK_ALL`.
	// Possible values are: `BLOCK_ALL`.
	//
	// ***
	EnrollmentLevel *string `pulumi:"enrollmentLevel"`
}

type AccessApprovalSettingsEnrolledServiceArgs 

type AccessApprovalSettingsEnrolledServiceArgs struct {
	// The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive):
	// all
	// appengine.googleapis.com
	// bigquery.googleapis.com
	// bigtable.googleapis.com
	// cloudkms.googleapis.com
	// compute.googleapis.com
	// dataflow.googleapis.com
	// iam.googleapis.com
	// pubsub.googleapis.com
	// storage.googleapis.com
	CloudProduct pulumi.StringInput `pulumi:"cloudProduct"`
	// The enrollment level of the service.
	// Default value is `BLOCK_ALL`.
	// Possible values are: `BLOCK_ALL`.
	//
	// ***
	EnrollmentLevel pulumi.StringPtrInput `pulumi:"enrollmentLevel"`
}

func (AccessApprovalSettingsEnrolledServiceArgs) ElementType 

func (AccessApprovalSettingsEnrolledServiceArgs) ElementType() reflect.Type

func (AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutput 

func (i AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput

func (AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutputWithContext 

func (i AccessApprovalSettingsEnrolledServiceArgs) ToAccessApprovalSettingsEnrolledServiceOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceOutput

func (AccessApprovalSettingsEnrolledServiceArgs) ToOutput added in v6.65.1 

func (i AccessApprovalSettingsEnrolledServiceArgs) ToOutput(ctx context.Context) pulumix.Output[AccessApprovalSettingsEnrolledService]

type AccessApprovalSettingsEnrolledServiceArray 

type AccessApprovalSettingsEnrolledServiceArray []AccessApprovalSettingsEnrolledServiceInput

func (AccessApprovalSettingsEnrolledServiceArray) ElementType 

func (AccessApprovalSettingsEnrolledServiceArray) ElementType() reflect.Type

func (AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutput 

func (i AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput

func (AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext 

func (i AccessApprovalSettingsEnrolledServiceArray) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput

func (AccessApprovalSettingsEnrolledServiceArray) ToOutput added in v6.65.1 

func (i AccessApprovalSettingsEnrolledServiceArray) ToOutput(ctx context.Context) pulumix.Output[[]AccessApprovalSettingsEnrolledService]

type AccessApprovalSettingsEnrolledServiceArrayInput 

type AccessApprovalSettingsEnrolledServiceArrayInput interface {
	pulumi.Input

	ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput
	ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput
}

AccessApprovalSettingsEnrolledServiceArrayInput is an input type that accepts AccessApprovalSettingsEnrolledServiceArray and AccessApprovalSettingsEnrolledServiceArrayOutput values. You can construct a concrete instance of `AccessApprovalSettingsEnrolledServiceArrayInput` via: 

AccessApprovalSettingsEnrolledServiceArray{ AccessApprovalSettingsEnrolledServiceArgs{...} }

type AccessApprovalSettingsEnrolledServiceArrayOutput 

type AccessApprovalSettingsEnrolledServiceArrayOutput struct{ *pulumi.OutputState }

func (AccessApprovalSettingsEnrolledServiceArrayOutput) ElementType 

func (AccessApprovalSettingsEnrolledServiceArrayOutput) ElementType() reflect.Type

func (AccessApprovalSettingsEnrolledServiceArrayOutput) Index 

func (o AccessApprovalSettingsEnrolledServiceArrayOutput) Index(i pulumi.IntInput) AccessApprovalSettingsEnrolledServiceOutput

func (AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutput 

func (o AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutput() AccessApprovalSettingsEnrolledServiceArrayOutput

func (AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext 

func (o AccessApprovalSettingsEnrolledServiceArrayOutput) ToAccessApprovalSettingsEnrolledServiceArrayOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceArrayOutput

func (AccessApprovalSettingsEnrolledServiceArrayOutput) ToOutput added in v6.65.1 

func (o AccessApprovalSettingsEnrolledServiceArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]AccessApprovalSettingsEnrolledService]

type AccessApprovalSettingsEnrolledServiceInput 

type AccessApprovalSettingsEnrolledServiceInput interface {
	pulumi.Input

	ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput
	ToAccessApprovalSettingsEnrolledServiceOutputWithContext(context.Context) AccessApprovalSettingsEnrolledServiceOutput
}

AccessApprovalSettingsEnrolledServiceInput is an input type that accepts AccessApprovalSettingsEnrolledServiceArgs and AccessApprovalSettingsEnrolledServiceOutput values. You can construct a concrete instance of `AccessApprovalSettingsEnrolledServiceInput` via: 

AccessApprovalSettingsEnrolledServiceArgs{...}

type AccessApprovalSettingsEnrolledServiceOutput 

type AccessApprovalSettingsEnrolledServiceOutput struct{ *pulumi.OutputState }

func (AccessApprovalSettingsEnrolledServiceOutput) CloudProduct 

func (o AccessApprovalSettingsEnrolledServiceOutput) CloudProduct() pulumi.StringOutput

The product for which Access Approval will be enrolled. Allowed values are listed (case-sensitive): all appengine.googleapis.com bigquery.googleapis.com bigtable.googleapis.com cloudkms.googleapis.com compute.googleapis.com dataflow.googleapis.com iam.googleapis.com pubsub.googleapis.com storage.googleapis.com

func (AccessApprovalSettingsEnrolledServiceOutput) ElementType 

func (AccessApprovalSettingsEnrolledServiceOutput) ElementType() reflect.Type

func (AccessApprovalSettingsEnrolledServiceOutput) EnrollmentLevel 

func (o AccessApprovalSettingsEnrolledServiceOutput) EnrollmentLevel() pulumi.StringPtrOutput

The enrollment level of the service. Default value is `BLOCK_ALL`. Possible values are: `BLOCK_ALL`.

***

func (AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutput 

func (o AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutput() AccessApprovalSettingsEnrolledServiceOutput

func (AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutputWithContext 

func (o AccessApprovalSettingsEnrolledServiceOutput) ToAccessApprovalSettingsEnrolledServiceOutputWithContext(ctx context.Context) AccessApprovalSettingsEnrolledServiceOutput

func (AccessApprovalSettingsEnrolledServiceOutput) ToOutput added in v6.65.1 

func (o AccessApprovalSettingsEnrolledServiceOutput) ToOutput(ctx context.Context) pulumix.Output[AccessApprovalSettingsEnrolledService]

type AccessApprovalSettingsInput 

type AccessApprovalSettingsInput interface {
	pulumi.Input

	ToAccessApprovalSettingsOutput() AccessApprovalSettingsOutput
	ToAccessApprovalSettingsOutputWithContext(ctx context.Context) AccessApprovalSettingsOutput
}

type AccessApprovalSettingsMap 

type AccessApprovalSettingsMap map[string]AccessApprovalSettingsInput

func (AccessApprovalSettingsMap) ElementType 

func (AccessApprovalSettingsMap) ElementType() reflect.Type

func (AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutput 

func (i AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutput() AccessApprovalSettingsMapOutput

func (AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutputWithContext 

func (i AccessApprovalSettingsMap) ToAccessApprovalSettingsMapOutputWithContext(ctx context.Context) AccessApprovalSettingsMapOutput

func (AccessApprovalSettingsMap) ToOutput added in v6.65.1 

func (i AccessApprovalSettingsMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*AccessApprovalSettings]

type AccessApprovalSettingsMapInput 

type AccessApprovalSettingsMapInput interface {
	pulumi.Input

	ToAccessApprovalSettingsMapOutput() AccessApprovalSettingsMapOutput
	ToAccessApprovalSettingsMapOutputWithContext(context.Context) AccessApprovalSettingsMapOutput
}

AccessApprovalSettingsMapInput is an input type that accepts AccessApprovalSettingsMap and AccessApprovalSettingsMapOutput values. You can construct a concrete instance of `AccessApprovalSettingsMapInput` via: 

AccessApprovalSettingsMap{ "key": AccessApprovalSettingsArgs{...} }

type AccessApprovalSettingsMapOutput 

type AccessApprovalSettingsMapOutput struct{ *pulumi.OutputState }

func (AccessApprovalSettingsMapOutput) ElementType 

func (AccessApprovalSettingsMapOutput) ElementType() reflect.Type

func (AccessApprovalSettingsMapOutput) MapIndex 

func (o AccessApprovalSettingsMapOutput) MapIndex(k pulumi.StringInput) AccessApprovalSettingsOutput

func (AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutput 

func (o AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutput() AccessApprovalSettingsMapOutput

func (AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutputWithContext 

func (o AccessApprovalSettingsMapOutput) ToAccessApprovalSettingsMapOutputWithContext(ctx context.Context) AccessApprovalSettingsMapOutput

func (AccessApprovalSettingsMapOutput) ToOutput added in v6.65.1 

func (o AccessApprovalSettingsMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*AccessApprovalSettings]

type AccessApprovalSettingsOutput 

type AccessApprovalSettingsOutput struct{ *pulumi.OutputState }

func (AccessApprovalSettingsOutput) ActiveKeyVersion added in v6.23.0 

func (o AccessApprovalSettingsOutput) ActiveKeyVersion() pulumi.StringPtrOutput

The asymmetric crypto key version to use for signing approval requests. Empty activeKeyVersion indicates that a Google-managed key should be used for signing.

func (AccessApprovalSettingsOutput) AncestorHasActiveKeyVersion added in v6.23.0 

func (o AccessApprovalSettingsOutput) AncestorHasActiveKeyVersion() pulumi.BoolOutput

This field will always be unset for the organization since organizations do not have ancestors.

func (AccessApprovalSettingsOutput) ElementType 

func (AccessApprovalSettingsOutput) ElementType() reflect.Type

func (AccessApprovalSettingsOutput) EnrolledAncestor added in v6.23.0 

func (o AccessApprovalSettingsOutput) EnrolledAncestor() pulumi.BoolOutput

This field will always be unset for the organization since organizations do not have ancestors.

func (AccessApprovalSettingsOutput) EnrolledServices added in v6.23.0 

func (o AccessApprovalSettingsOutput) EnrolledServices() AccessApprovalSettingsEnrolledServiceArrayOutput

A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required to have explicit approval. Enrollment can be done for individual services. A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded. Structure is documented below.

func (AccessApprovalSettingsOutput) InvalidKeyVersion added in v6.23.0 

func (o AccessApprovalSettingsOutput) InvalidKeyVersion() pulumi.BoolOutput

If the field is true, that indicates that there is some configuration issue with the activeKeyVersion configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the correct permissions on it, etc.).

func (AccessApprovalSettingsOutput) Name added in v6.23.0 

func (o AccessApprovalSettingsOutput) Name() pulumi.StringOutput

The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings"

func (AccessApprovalSettingsOutput) NotificationEmails added in v6.23.0 

func (o AccessApprovalSettingsOutput) NotificationEmails() pulumi.StringArrayOutput

A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed.

func (AccessApprovalSettingsOutput) OrganizationId added in v6.23.0 

func (o AccessApprovalSettingsOutput) OrganizationId() pulumi.StringOutput

ID of the organization of the access approval settings.

func (AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutput 

func (o AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutput() AccessApprovalSettingsOutput

func (AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutputWithContext 

func (o AccessApprovalSettingsOutput) ToAccessApprovalSettingsOutputWithContext(ctx context.Context) AccessApprovalSettingsOutput

func (AccessApprovalSettingsOutput) ToOutput added in v6.65.1 

func (o AccessApprovalSettingsOutput) ToOutput(ctx context.Context) pulumix.Output[*AccessApprovalSettings]

type AccessApprovalSettingsState 

type AccessApprovalSettingsState struct {
	// The asymmetric crypto key version to use for signing approval requests.
	// Empty activeKeyVersion indicates that a Google-managed key should be used for signing.
	ActiveKeyVersion pulumi.StringPtrInput
	// This field will always be unset for the organization since organizations do not have ancestors.
	AncestorHasActiveKeyVersion pulumi.BoolPtrInput
	// This field will always be unset for the organization since organizations do not have ancestors.
	EnrolledAncestor pulumi.BoolPtrInput
	// A list of Google Cloud Services for which the given resource has Access Approval enrolled.
	// Access requests for the resource given by name against any of these services contained here will be required
	// to have explicit approval. Enrollment can be done for individual services.
	// A maximum of 10 enrolled services will be enforced, to be expanded as the set of supported services is expanded.
	// Structure is documented below.
	EnrolledServices AccessApprovalSettingsEnrolledServiceArrayInput
	// If the field is true, that indicates that there is some configuration issue with the activeKeyVersion
	// configured on this Organization (e.g. it doesn't exist or the Access Approval service account doesn't have the
	// correct permissions on it, etc.).
	InvalidKeyVersion pulumi.BoolPtrInput
	// The resource name of the settings. Format is "organizations/{organization_id}/accessApprovalSettings"
	Name pulumi.StringPtrInput
	// A list of email addresses to which notifications relating to approval requests should be sent.
	// Notifications relating to a resource will be sent to all emails in the settings of ancestor
	// resources of that resource. A maximum of 50 email addresses are allowed.
	NotificationEmails pulumi.StringArrayInput
	// ID of the organization of the access approval settings.
	OrganizationId pulumi.StringPtrInput
}

func (AccessApprovalSettingsState) ElementType 

func (AccessApprovalSettingsState) ElementType() reflect.Type

type Folder 

type Folder struct {
	pulumi.CustomResourceState

	// Timestamp when the Folder was created. Assigned by the server.
	// A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName pulumi.StringOutput `pulumi:"displayName"`
	// The folder id from the name "folders/{folder_id}"
	FolderId pulumi.StringOutput `pulumi:"folderId"`
	// The lifecycle state of the folder such as `ACTIVE` or `DELETE_REQUESTED`.
	LifecycleState pulumi.StringOutput `pulumi:"lifecycleState"`
	// The resource name of the Folder. Its format is folders/{folder_id}.
	Name pulumi.StringOutput `pulumi:"name"`
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent pulumi.StringOutput `pulumi:"parent"`
}

Allows management of a Google Cloud Platform folder. For more information see [the official documentation](https://cloud.google.com/resource-manager/docs/creating-managing-folders) and [API](https://cloud.google.com/resource-manager/reference/rest/v2/folders).

A folder can contain projects, other folders, or a combination of both. You can use folders to group projects under an organization in a hierarchy. For example, your organization might contain multiple departments, each with its own set of Cloud Platform resources. Folders allows you to group these resources on a per-department basis. Folders are used to group resources that share common IAM policies.

Folders created live inside an Organization. See the [Organization documentation](https://cloud.google.com/resource-manager/docs/quickstarts) for more details.

The service account used to run the provider when creating a `organizations.Folder` resource must have `roles/resourcemanager.folderCreator`. See the [Access Control for Folders Using IAM](https://cloud.google.com/resource-manager/docs/access-control-folders) doc for more information.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		department1, err := organizations.NewFolder(ctx, "department1", &organizations.FolderArgs{
			DisplayName: pulumi.String("Department 1"),
			Parent:      pulumi.String("organizations/1234567"),
		})
		if err != nil {
			return err
		}
		_, err = organizations.NewFolder(ctx, "team-abc", &organizations.FolderArgs{
			DisplayName: pulumi.String("Team ABC"),
			Parent:      department1.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Folders can be imported using the folder's id, e.g. Both syntaxes are valid

```sh 

$ pulumi import gcp:organizations/folder:Folder department1 1234567

```

```sh 

$ pulumi import gcp:organizations/folder:Folder department1 folders/1234567

```

func GetFolder 

func GetFolder(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *FolderState, opts ...pulumi.ResourceOption) (*Folder, error)

GetFolder gets an existing Folder resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewFolder 

func NewFolder(ctx *pulumi.Context,
	name string, args *FolderArgs, opts ...pulumi.ResourceOption) (*Folder, error)

NewFolder registers a new resource with the given unique name, arguments, and options.

func (*Folder) ElementType 

func (*Folder) ElementType() reflect.Type

func (*Folder) ToFolderOutput 

func (i *Folder) ToFolderOutput() FolderOutput

func (*Folder) ToFolderOutputWithContext 

func (i *Folder) ToFolderOutputWithContext(ctx context.Context) FolderOutput

func (*Folder) ToOutput added in v6.65.1 

func (i *Folder) ToOutput(ctx context.Context) pulumix.Output[*Folder]

type FolderArgs 

type FolderArgs struct {
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName pulumi.StringInput
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent pulumi.StringInput
}

The set of arguments for constructing a Folder resource.

func (FolderArgs) ElementType 

func (FolderArgs) ElementType() reflect.Type

type FolderArray 

type FolderArray []FolderInput

func (FolderArray) ElementType 

func (FolderArray) ElementType() reflect.Type

func (FolderArray) ToFolderArrayOutput 

func (i FolderArray) ToFolderArrayOutput() FolderArrayOutput

func (FolderArray) ToFolderArrayOutputWithContext 

func (i FolderArray) ToFolderArrayOutputWithContext(ctx context.Context) FolderArrayOutput

func (FolderArray) ToOutput added in v6.65.1 

func (i FolderArray) ToOutput(ctx context.Context) pulumix.Output[[]*Folder]

type FolderArrayInput 

type FolderArrayInput interface {
	pulumi.Input

	ToFolderArrayOutput() FolderArrayOutput
	ToFolderArrayOutputWithContext(context.Context) FolderArrayOutput
}

FolderArrayInput is an input type that accepts FolderArray and FolderArrayOutput values. You can construct a concrete instance of `FolderArrayInput` via: 

FolderArray{ FolderArgs{...} }

type FolderArrayOutput 

type FolderArrayOutput struct{ *pulumi.OutputState }

func (FolderArrayOutput) ElementType 

func (FolderArrayOutput) ElementType() reflect.Type

func (FolderArrayOutput) Index 

func (o FolderArrayOutput) Index(i pulumi.IntInput) FolderOutput

func (FolderArrayOutput) ToFolderArrayOutput 

func (o FolderArrayOutput) ToFolderArrayOutput() FolderArrayOutput

func (FolderArrayOutput) ToFolderArrayOutputWithContext 

func (o FolderArrayOutput) ToFolderArrayOutputWithContext(ctx context.Context) FolderArrayOutput

func (FolderArrayOutput) ToOutput added in v6.65.1 

func (o FolderArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Folder]

type FolderInput 

type FolderInput interface {
	pulumi.Input

	ToFolderOutput() FolderOutput
	ToFolderOutputWithContext(ctx context.Context) FolderOutput
}

type FolderMap 

type FolderMap map[string]FolderInput

func (FolderMap) ElementType 

func (FolderMap) ElementType() reflect.Type

func (FolderMap) ToFolderMapOutput 

func (i FolderMap) ToFolderMapOutput() FolderMapOutput

func (FolderMap) ToFolderMapOutputWithContext 

func (i FolderMap) ToFolderMapOutputWithContext(ctx context.Context) FolderMapOutput

func (FolderMap) ToOutput added in v6.65.1 

func (i FolderMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Folder]

type FolderMapInput 

type FolderMapInput interface {
	pulumi.Input

	ToFolderMapOutput() FolderMapOutput
	ToFolderMapOutputWithContext(context.Context) FolderMapOutput
}

FolderMapInput is an input type that accepts FolderMap and FolderMapOutput values. You can construct a concrete instance of `FolderMapInput` via: 

FolderMap{ "key": FolderArgs{...} }

type FolderMapOutput 

type FolderMapOutput struct{ *pulumi.OutputState }

func (FolderMapOutput) ElementType 

func (FolderMapOutput) ElementType() reflect.Type

func (FolderMapOutput) MapIndex 

func (o FolderMapOutput) MapIndex(k pulumi.StringInput) FolderOutput

func (FolderMapOutput) ToFolderMapOutput 

func (o FolderMapOutput) ToFolderMapOutput() FolderMapOutput

func (FolderMapOutput) ToFolderMapOutputWithContext 

func (o FolderMapOutput) ToFolderMapOutputWithContext(ctx context.Context) FolderMapOutput

func (FolderMapOutput) ToOutput added in v6.65.1 

func (o FolderMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Folder]

type FolderOutput 

type FolderOutput struct{ *pulumi.OutputState }

func (FolderOutput) CreateTime added in v6.23.0 

func (o FolderOutput) CreateTime() pulumi.StringOutput

Timestamp when the Folder was created. Assigned by the server. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".

func (FolderOutput) DisplayName added in v6.23.0 

func (o FolderOutput) DisplayName() pulumi.StringOutput

The folder’s display name. A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.

func (FolderOutput) ElementType 

func (FolderOutput) ElementType() reflect.Type

func (FolderOutput) FolderId added in v6.23.0 

func (o FolderOutput) FolderId() pulumi.StringOutput

The folder id from the name "folders/{folder_id}"

func (FolderOutput) LifecycleState added in v6.23.0 

func (o FolderOutput) LifecycleState() pulumi.StringOutput

The lifecycle state of the folder such as `ACTIVE` or `DELETE_REQUESTED`.

func (FolderOutput) Name added in v6.23.0 

func (o FolderOutput) Name() pulumi.StringOutput

The resource name of the Folder. Its format is folders/{folder_id}.

func (FolderOutput) Parent added in v6.23.0 

func (o FolderOutput) Parent() pulumi.StringOutput

The resource name of the parent Folder or Organization. Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.

func (FolderOutput) ToFolderOutput 

func (o FolderOutput) ToFolderOutput() FolderOutput

func (FolderOutput) ToFolderOutputWithContext 

func (o FolderOutput) ToFolderOutputWithContext(ctx context.Context) FolderOutput

func (FolderOutput) ToOutput added in v6.65.1 

func (o FolderOutput) ToOutput(ctx context.Context) pulumix.Output[*Folder]

type FolderState 

type FolderState struct {
	// Timestamp when the Folder was created. Assigned by the server.
	// A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime pulumi.StringPtrInput
	// The folder’s display name.
	// A folder’s display name must be unique amongst its siblings, e.g. no two folders with the same parent can share the same display name. The display name must start and end with a letter or digit, may contain letters, digits, spaces, hyphens and underscores and can be no longer than 30 characters.
	DisplayName pulumi.StringPtrInput
	// The folder id from the name "folders/{folder_id}"
	FolderId pulumi.StringPtrInput
	// The lifecycle state of the folder such as `ACTIVE` or `DELETE_REQUESTED`.
	LifecycleState pulumi.StringPtrInput
	// The resource name of the Folder. Its format is folders/{folder_id}.
	Name pulumi.StringPtrInput
	// The resource name of the parent Folder or Organization.
	// Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.
	Parent pulumi.StringPtrInput
}

func (FolderState) ElementType 

func (FolderState) ElementType() reflect.Type

type GetActiveFolderArgs 

type GetActiveFolderArgs struct {
	// The folder's display name.
	DisplayName string `pulumi:"displayName"`
	// The resource name of the parent Folder or Organization.
	Parent string `pulumi:"parent"`
}

A collection of arguments for invoking getActiveFolder.

type GetActiveFolderOutputArgs 

type GetActiveFolderOutputArgs struct {
	// The folder's display name.
	DisplayName pulumi.StringInput `pulumi:"displayName"`
	// The resource name of the parent Folder or Organization.
	Parent pulumi.StringInput `pulumi:"parent"`
}

A collection of arguments for invoking getActiveFolder.

func (GetActiveFolderOutputArgs) ElementType 

func (GetActiveFolderOutputArgs) ElementType() reflect.Type

type GetActiveFolderResult 

type GetActiveFolderResult struct {
	DisplayName string `pulumi:"displayName"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The resource name of the Folder. This uniquely identifies the folder.
	Name   string `pulumi:"name"`
	Parent string `pulumi:"parent"`
}

A collection of values returned by getActiveFolder.

func GetActiveFolder 

func GetActiveFolder(ctx *pulumi.Context, args *GetActiveFolderArgs, opts ...pulumi.InvokeOption) (*GetActiveFolderResult, error)

Get an active folder within GCP by `displayName` and `parent`.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.GetActiveFolder(ctx, &organizations.GetActiveFolderArgs{
			DisplayName: "Department 1",
			Parent:      "organizations/1234567",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetActiveFolderResultOutput 

type GetActiveFolderResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getActiveFolder.

func GetActiveFolderOutput 

func GetActiveFolderOutput(ctx *pulumi.Context, args GetActiveFolderOutputArgs, opts ...pulumi.InvokeOption) GetActiveFolderResultOutput

func (GetActiveFolderResultOutput) DisplayName 

func (o GetActiveFolderResultOutput) DisplayName() pulumi.StringOutput

func (GetActiveFolderResultOutput) ElementType 

func (GetActiveFolderResultOutput) ElementType() reflect.Type

func (GetActiveFolderResultOutput) Id 

func (o GetActiveFolderResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetActiveFolderResultOutput) Name 

func (o GetActiveFolderResultOutput) Name() pulumi.StringOutput

The resource name of the Folder. This uniquely identifies the folder.

func (GetActiveFolderResultOutput) Parent 

func (o GetActiveFolderResultOutput) Parent() pulumi.StringOutput

func (GetActiveFolderResultOutput) ToGetActiveFolderResultOutput 

func (o GetActiveFolderResultOutput) ToGetActiveFolderResultOutput() GetActiveFolderResultOutput

func (GetActiveFolderResultOutput) ToGetActiveFolderResultOutputWithContext 

func (o GetActiveFolderResultOutput) ToGetActiveFolderResultOutputWithContext(ctx context.Context) GetActiveFolderResultOutput

func (GetActiveFolderResultOutput) ToOutput added in v6.65.1 

func (o GetActiveFolderResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetActiveFolderResult]

type GetBillingAccountArgs 

type GetBillingAccountArgs struct {
	// The name of the billing account in the form `{billing_account_id}` or `billingAccounts/{billing_account_id}`.
	BillingAccount *string `pulumi:"billingAccount"`
	// The display name of the billing account.
	DisplayName *string `pulumi:"displayName"`
	// `true` if projects associated with the billing account should be read, `false` if this step
	// should be skipped. Setting `false` may be useful if the user permissions do not allow listing projects. Defaults to `true`.
	//
	// > **NOTE:** One of `billingAccount` or `displayName` must be specified.
	LookupProjects *bool `pulumi:"lookupProjects"`
	// `true` if the billing account is open, `false` if the billing account is closed.
	Open *bool `pulumi:"open"`
}

A collection of arguments for invoking getBillingAccount.

type GetBillingAccountOutputArgs 

type GetBillingAccountOutputArgs struct {
	// The name of the billing account in the form `{billing_account_id}` or `billingAccounts/{billing_account_id}`.
	BillingAccount pulumi.StringPtrInput `pulumi:"billingAccount"`
	// The display name of the billing account.
	DisplayName pulumi.StringPtrInput `pulumi:"displayName"`
	// `true` if projects associated with the billing account should be read, `false` if this step
	// should be skipped. Setting `false` may be useful if the user permissions do not allow listing projects. Defaults to `true`.
	//
	// > **NOTE:** One of `billingAccount` or `displayName` must be specified.
	LookupProjects pulumi.BoolPtrInput `pulumi:"lookupProjects"`
	// `true` if the billing account is open, `false` if the billing account is closed.
	Open pulumi.BoolPtrInput `pulumi:"open"`
}

A collection of arguments for invoking getBillingAccount.

func (GetBillingAccountOutputArgs) ElementType 

func (GetBillingAccountOutputArgs) ElementType() reflect.Type

type GetBillingAccountResult 

type GetBillingAccountResult struct {
	BillingAccount *string `pulumi:"billingAccount"`
	DisplayName    string  `pulumi:"displayName"`
	// The provider-assigned unique ID for this managed resource.
	Id             string `pulumi:"id"`
	LookupProjects *bool  `pulumi:"lookupProjects"`
	// The resource name of the billing account in the form `billingAccounts/{billing_account_id}`.
	Name string `pulumi:"name"`
	Open bool   `pulumi:"open"`
	// The IDs of any projects associated with the billing account. `lookupProjects` must not be false
	// for this to be populated.
	ProjectIds []string `pulumi:"projectIds"`
}

A collection of values returned by getBillingAccount.

func GetBillingAccount 

func GetBillingAccount(ctx *pulumi.Context, args *GetBillingAccountArgs, opts ...pulumi.InvokeOption) (*GetBillingAccountResult, error)

Use this data source to get information about a Google Billing Account.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		acct, err := organizations.GetBillingAccount(ctx, &organizations.GetBillingAccountArgs{
			DisplayName: pulumi.StringRef("My Billing Account"),
			Open:        pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		_, err = organizations.NewProject(ctx, "myProject", &organizations.ProjectArgs{
			ProjectId:      pulumi.String("your-project-id"),
			OrgId:          pulumi.String("1234567"),
			BillingAccount: *pulumi.String(acct.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetBillingAccountResultOutput 

type GetBillingAccountResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getBillingAccount.

func GetBillingAccountOutput 

func GetBillingAccountOutput(ctx *pulumi.Context, args GetBillingAccountOutputArgs, opts ...pulumi.InvokeOption) GetBillingAccountResultOutput

func (GetBillingAccountResultOutput) BillingAccount 

func (o GetBillingAccountResultOutput) BillingAccount() pulumi.StringPtrOutput

func (GetBillingAccountResultOutput) DisplayName 

func (o GetBillingAccountResultOutput) DisplayName() pulumi.StringOutput

func (GetBillingAccountResultOutput) ElementType 

func (GetBillingAccountResultOutput) ElementType() reflect.Type

func (GetBillingAccountResultOutput) Id 

func (o GetBillingAccountResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetBillingAccountResultOutput) LookupProjects added in v6.59.0 

func (o GetBillingAccountResultOutput) LookupProjects() pulumi.BoolPtrOutput

func (GetBillingAccountResultOutput) Name 

func (o GetBillingAccountResultOutput) Name() pulumi.StringOutput

The resource name of the billing account in the form `billingAccounts/{billing_account_id}`.

func (GetBillingAccountResultOutput) Open 

func (o GetBillingAccountResultOutput) Open() pulumi.BoolOutput

func (GetBillingAccountResultOutput) ProjectIds 

func (o GetBillingAccountResultOutput) ProjectIds() pulumi.StringArrayOutput

The IDs of any projects associated with the billing account. `lookupProjects` must not be false for this to be populated.

func (GetBillingAccountResultOutput) ToGetBillingAccountResultOutput 

func (o GetBillingAccountResultOutput) ToGetBillingAccountResultOutput() GetBillingAccountResultOutput

func (GetBillingAccountResultOutput) ToGetBillingAccountResultOutputWithContext 

func (o GetBillingAccountResultOutput) ToGetBillingAccountResultOutputWithContext(ctx context.Context) GetBillingAccountResultOutput

func (GetBillingAccountResultOutput) ToOutput added in v6.65.1 

func (o GetBillingAccountResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetBillingAccountResult]

type GetClientConfigResult 

type GetClientConfigResult struct {
	// The OAuth2 access token used by the client to authenticate against the Google Cloud API.
	AccessToken string `pulumi:"accessToken"`
	Id          string `pulumi:"id"`
	// The ID of the project to apply any resources to.
	Project string `pulumi:"project"`
	// The region to operate under.
	Region string `pulumi:"region"`
	// The zone to operate under.
	Zone string `pulumi:"zone"`
}

A collection of values returned by getClientConfig.

func GetClientConfig 

func GetClientConfig(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*GetClientConfigResult, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := organizations.GetClientConfig(ctx, nil, nil)
		if err != nil {
			return err
		}
		ctx.Export("project", current.Project)
		return nil
	})
}

```

type GetClientConfigResultOutput added in v6.67.1 

type GetClientConfigResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getClientConfig.

func GetClientConfigOutput added in v6.67.1 

func GetClientConfigOutput(ctx *pulumi.Context, opts ...pulumi.InvokeOption) GetClientConfigResultOutput

func (GetClientConfigResultOutput) AccessToken added in v6.67.1 

func (o GetClientConfigResultOutput) AccessToken() pulumi.StringOutput

The OAuth2 access token used by the client to authenticate against the Google Cloud API.

func (GetClientConfigResultOutput) ElementType added in v6.67.1 

func (GetClientConfigResultOutput) ElementType() reflect.Type

func (GetClientConfigResultOutput) Id added in v6.67.1 

func (o GetClientConfigResultOutput) Id() pulumi.StringOutput

func (GetClientConfigResultOutput) Project added in v6.67.1 

func (o GetClientConfigResultOutput) Project() pulumi.StringOutput

The ID of the project to apply any resources to.

func (GetClientConfigResultOutput) Region added in v6.67.1 

func (o GetClientConfigResultOutput) Region() pulumi.StringOutput

The region to operate under.

func (GetClientConfigResultOutput) ToGetClientConfigResultOutput added in v6.67.1 

func (o GetClientConfigResultOutput) ToGetClientConfigResultOutput() GetClientConfigResultOutput

func (GetClientConfigResultOutput) ToGetClientConfigResultOutputWithContext added in v6.67.1 

func (o GetClientConfigResultOutput) ToGetClientConfigResultOutputWithContext(ctx context.Context) GetClientConfigResultOutput

func (GetClientConfigResultOutput) ToOutput added in v6.67.1 

func (o GetClientConfigResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetClientConfigResult]

func (GetClientConfigResultOutput) Zone added in v6.67.1 

func (o GetClientConfigResultOutput) Zone() pulumi.StringOutput

The zone to operate under.

type GetClientOpenIdUserInfoResult 

type GetClientOpenIdUserInfoResult struct {
	// The email of the account used by the provider to authenticate with GCP.
	Email string `pulumi:"email"`
	Id    string `pulumi:"id"`
}

A collection of values returned by getClientOpenIdUserInfo.

func GetClientOpenIdUserInfo 

func GetClientOpenIdUserInfo(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*GetClientOpenIdUserInfoResult, error)

Get OpenID userinfo about the credentials used with the Google provider, specifically the email.

This datasource enables you to export the email of the account you've authenticated the provider with; this can be used alongside `data.google_client_config`'s `accessToken` to perform OpenID Connect authentication with GKE and configure an RBAC role for the email used.

> This resource will only work as expected if the provider is configured to use the `https://www.googleapis.com/auth/userinfo.email` scope! You will receive an error otherwise. The provider uses this scope by default.

## Example Usage ### Exporting An Email

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		me, err := organizations.GetClientOpenIdUserInfo(ctx, nil, nil)
		if err != nil {
			return err
		}
		ctx.Export("my-email", me.Email)
		return nil
	})
}

```

type GetClientOpenIdUserInfoResultOutput added in v6.67.1 

type GetClientOpenIdUserInfoResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getClientOpenIdUserInfo.

func GetClientOpenIdUserInfoOutput added in v6.67.1 

func GetClientOpenIdUserInfoOutput(ctx *pulumi.Context, opts ...pulumi.InvokeOption) GetClientOpenIdUserInfoResultOutput

func (GetClientOpenIdUserInfoResultOutput) ElementType added in v6.67.1 

func (GetClientOpenIdUserInfoResultOutput) ElementType() reflect.Type

func (GetClientOpenIdUserInfoResultOutput) Email added in v6.67.1 

func (o GetClientOpenIdUserInfoResultOutput) Email() pulumi.StringOutput

The email of the account used by the provider to authenticate with GCP.

func (GetClientOpenIdUserInfoResultOutput) Id added in v6.67.1 

func (o GetClientOpenIdUserInfoResultOutput) Id() pulumi.StringOutput

func (GetClientOpenIdUserInfoResultOutput) ToGetClientOpenIdUserInfoResultOutput added in v6.67.1 

func (o GetClientOpenIdUserInfoResultOutput) ToGetClientOpenIdUserInfoResultOutput() GetClientOpenIdUserInfoResultOutput

func (GetClientOpenIdUserInfoResultOutput) ToGetClientOpenIdUserInfoResultOutputWithContext added in v6.67.1 

func (o GetClientOpenIdUserInfoResultOutput) ToGetClientOpenIdUserInfoResultOutputWithContext(ctx context.Context) GetClientOpenIdUserInfoResultOutput

func (GetClientOpenIdUserInfoResultOutput) ToOutput added in v6.67.1 

func (o GetClientOpenIdUserInfoResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetClientOpenIdUserInfoResult]

type GetFoldersArgs added in v6.4.0 

type GetFoldersArgs struct {
	// A string parent as defined in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v3/folders/list#query-parameters).
	ParentId string `pulumi:"parentId"`
}

A collection of arguments for invoking getFolders.

type GetFoldersFolder added in v6.4.0 

type GetFoldersFolder struct {
	// The timestamp of when the folder was created
	CreateTime string `pulumi:"createTime"`
	// The timestamp of when the folder was requested to be deleted (if applicable)
	DeleteTime string `pulumi:"deleteTime"`
	// The display name of the folder
	DisplayName string `pulumi:"displayName"`
	// Entity tag identifier of the folder
	Etag string `pulumi:"etag"`
	// The id of the folder
	Name string `pulumi:"name"`
	// The parent id of the folder
	Parent string `pulumi:"parent"`
	// The lifecycle state of the folder
	State string `pulumi:"state"`
	// The timestamp of when the folder was last modified
	UpdateTime string `pulumi:"updateTime"`
}

type GetFoldersFolderArgs added in v6.4.0 

type GetFoldersFolderArgs struct {
	// The timestamp of when the folder was created
	CreateTime pulumi.StringInput `pulumi:"createTime"`
	// The timestamp of when the folder was requested to be deleted (if applicable)
	DeleteTime pulumi.StringInput `pulumi:"deleteTime"`
	// The display name of the folder
	DisplayName pulumi.StringInput `pulumi:"displayName"`
	// Entity tag identifier of the folder
	Etag pulumi.StringInput `pulumi:"etag"`
	// The id of the folder
	Name pulumi.StringInput `pulumi:"name"`
	// The parent id of the folder
	Parent pulumi.StringInput `pulumi:"parent"`
	// The lifecycle state of the folder
	State pulumi.StringInput `pulumi:"state"`
	// The timestamp of when the folder was last modified
	UpdateTime pulumi.StringInput `pulumi:"updateTime"`
}

func (GetFoldersFolderArgs) ElementType added in v6.4.0 

func (GetFoldersFolderArgs) ElementType() reflect.Type

func (GetFoldersFolderArgs) ToGetFoldersFolderOutput added in v6.4.0 

func (i GetFoldersFolderArgs) ToGetFoldersFolderOutput() GetFoldersFolderOutput

func (GetFoldersFolderArgs) ToGetFoldersFolderOutputWithContext added in v6.4.0 

func (i GetFoldersFolderArgs) ToGetFoldersFolderOutputWithContext(ctx context.Context) GetFoldersFolderOutput

func (GetFoldersFolderArgs) ToOutput added in v6.65.1 

func (i GetFoldersFolderArgs) ToOutput(ctx context.Context) pulumix.Output[GetFoldersFolder]

type GetFoldersFolderArray added in v6.4.0 

type GetFoldersFolderArray []GetFoldersFolderInput

func (GetFoldersFolderArray) ElementType added in v6.4.0 

func (GetFoldersFolderArray) ElementType() reflect.Type

func (GetFoldersFolderArray) ToGetFoldersFolderArrayOutput added in v6.4.0 

func (i GetFoldersFolderArray) ToGetFoldersFolderArrayOutput() GetFoldersFolderArrayOutput

func (GetFoldersFolderArray) ToGetFoldersFolderArrayOutputWithContext added in v6.4.0 

func (i GetFoldersFolderArray) ToGetFoldersFolderArrayOutputWithContext(ctx context.Context) GetFoldersFolderArrayOutput

func (GetFoldersFolderArray) ToOutput added in v6.65.1 

func (i GetFoldersFolderArray) ToOutput(ctx context.Context) pulumix.Output[[]GetFoldersFolder]

type GetFoldersFolderArrayInput added in v6.4.0 

type GetFoldersFolderArrayInput interface {
	pulumi.Input

	ToGetFoldersFolderArrayOutput() GetFoldersFolderArrayOutput
	ToGetFoldersFolderArrayOutputWithContext(context.Context) GetFoldersFolderArrayOutput
}

GetFoldersFolderArrayInput is an input type that accepts GetFoldersFolderArray and GetFoldersFolderArrayOutput values. You can construct a concrete instance of `GetFoldersFolderArrayInput` via: 

GetFoldersFolderArray{ GetFoldersFolderArgs{...} }

type GetFoldersFolderArrayOutput added in v6.4.0 

type GetFoldersFolderArrayOutput struct{ *pulumi.OutputState }

func (GetFoldersFolderArrayOutput) ElementType added in v6.4.0 

func (GetFoldersFolderArrayOutput) ElementType() reflect.Type

func (GetFoldersFolderArrayOutput) Index added in v6.4.0 

func (o GetFoldersFolderArrayOutput) Index(i pulumi.IntInput) GetFoldersFolderOutput

func (GetFoldersFolderArrayOutput) ToGetFoldersFolderArrayOutput added in v6.4.0 

func (o GetFoldersFolderArrayOutput) ToGetFoldersFolderArrayOutput() GetFoldersFolderArrayOutput

func (GetFoldersFolderArrayOutput) ToGetFoldersFolderArrayOutputWithContext added in v6.4.0 

func (o GetFoldersFolderArrayOutput) ToGetFoldersFolderArrayOutputWithContext(ctx context.Context) GetFoldersFolderArrayOutput

func (GetFoldersFolderArrayOutput) ToOutput added in v6.65.1 

func (o GetFoldersFolderArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetFoldersFolder]

type GetFoldersFolderInput added in v6.4.0 

type GetFoldersFolderInput interface {
	pulumi.Input

	ToGetFoldersFolderOutput() GetFoldersFolderOutput
	ToGetFoldersFolderOutputWithContext(context.Context) GetFoldersFolderOutput
}

GetFoldersFolderInput is an input type that accepts GetFoldersFolderArgs and GetFoldersFolderOutput values. You can construct a concrete instance of `GetFoldersFolderInput` via: 

GetFoldersFolderArgs{...}

type GetFoldersFolderOutput added in v6.4.0 

type GetFoldersFolderOutput struct{ *pulumi.OutputState }

func (GetFoldersFolderOutput) CreateTime added in v6.4.0 

func (o GetFoldersFolderOutput) CreateTime() pulumi.StringOutput

The timestamp of when the folder was created

func (GetFoldersFolderOutput) DeleteTime added in v6.4.0 

func (o GetFoldersFolderOutput) DeleteTime() pulumi.StringOutput

The timestamp of when the folder was requested to be deleted (if applicable)

func (GetFoldersFolderOutput) DisplayName added in v6.4.0 

func (o GetFoldersFolderOutput) DisplayName() pulumi.StringOutput

The display name of the folder

func (GetFoldersFolderOutput) ElementType added in v6.4.0 

func (GetFoldersFolderOutput) ElementType() reflect.Type

func (GetFoldersFolderOutput) Etag added in v6.4.0 

func (o GetFoldersFolderOutput) Etag() pulumi.StringOutput

Entity tag identifier of the folder

func (GetFoldersFolderOutput) Name added in v6.4.0 

func (o GetFoldersFolderOutput) Name() pulumi.StringOutput

The id of the folder

func (GetFoldersFolderOutput) Parent added in v6.4.0 

func (o GetFoldersFolderOutput) Parent() pulumi.StringOutput

The parent id of the folder

func (GetFoldersFolderOutput) State added in v6.4.0 

func (o GetFoldersFolderOutput) State() pulumi.StringOutput

The lifecycle state of the folder

func (GetFoldersFolderOutput) ToGetFoldersFolderOutput added in v6.4.0 

func (o GetFoldersFolderOutput) ToGetFoldersFolderOutput() GetFoldersFolderOutput

func (GetFoldersFolderOutput) ToGetFoldersFolderOutputWithContext added in v6.4.0 

func (o GetFoldersFolderOutput) ToGetFoldersFolderOutputWithContext(ctx context.Context) GetFoldersFolderOutput

func (GetFoldersFolderOutput) ToOutput added in v6.65.1 

func (o GetFoldersFolderOutput) ToOutput(ctx context.Context) pulumix.Output[GetFoldersFolder]

func (GetFoldersFolderOutput) UpdateTime added in v6.4.0 

func (o GetFoldersFolderOutput) UpdateTime() pulumi.StringOutput

The timestamp of when the folder was last modified

type GetFoldersOutputArgs added in v6.4.0 

type GetFoldersOutputArgs struct {
	// A string parent as defined in the [REST API](https://cloud.google.com/resource-manager/reference/rest/v3/folders/list#query-parameters).
	ParentId pulumi.StringInput `pulumi:"parentId"`
}

A collection of arguments for invoking getFolders.

func (GetFoldersOutputArgs) ElementType added in v6.4.0 

func (GetFoldersOutputArgs) ElementType() reflect.Type

type GetFoldersResult added in v6.4.0 

type GetFoldersResult struct {
	// A list of projects matching the provided filter. Structure is defined below.
	Folders []GetFoldersFolder `pulumi:"folders"`
	// The provider-assigned unique ID for this managed resource.
	Id       string `pulumi:"id"`
	ParentId string `pulumi:"parentId"`
}

A collection of values returned by getFolders.

func GetFolders added in v6.4.0 

func GetFolders(ctx *pulumi.Context, args *GetFoldersArgs, opts ...pulumi.InvokeOption) (*GetFoldersResult, error)

Retrieve information about a set of folders based on a parent ID. See the [REST API](https://cloud.google.com/resource-manager/reference/rest/v3/folders/list) for more details.

## Example Usage ### Searching For Folders At The Root Of An Org

```go package main

import ( 

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		my_org_folders, err := organizations.GetFolders(ctx, &organizations.GetFoldersArgs{
			ParentId: fmt.Sprintf("organizations/%v", _var.Organization_id),
		}, nil)
		if err != nil {
			return err
		}
		_, err = organizations.LookupFolder(ctx, &organizations.LookupFolderArgs{
			Folder: my_org_folders.Folders[0].Name,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetFoldersResultOutput added in v6.4.0 

type GetFoldersResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getFolders.

func GetFoldersOutput added in v6.4.0 

func GetFoldersOutput(ctx *pulumi.Context, args GetFoldersOutputArgs, opts ...pulumi.InvokeOption) GetFoldersResultOutput

func (GetFoldersResultOutput) ElementType added in v6.4.0 

func (GetFoldersResultOutput) ElementType() reflect.Type

func (GetFoldersResultOutput) Folders added in v6.4.0 

func (o GetFoldersResultOutput) Folders() GetFoldersFolderArrayOutput

A list of projects matching the provided filter. Structure is defined below.

func (GetFoldersResultOutput) Id added in v6.4.0 

func (o GetFoldersResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetFoldersResultOutput) ParentId added in v6.4.0 

func (o GetFoldersResultOutput) ParentId() pulumi.StringOutput

func (GetFoldersResultOutput) ToGetFoldersResultOutput added in v6.4.0 

func (o GetFoldersResultOutput) ToGetFoldersResultOutput() GetFoldersResultOutput

func (GetFoldersResultOutput) ToGetFoldersResultOutputWithContext added in v6.4.0 

func (o GetFoldersResultOutput) ToGetFoldersResultOutputWithContext(ctx context.Context) GetFoldersResultOutput

func (GetFoldersResultOutput) ToOutput added in v6.65.1 

func (o GetFoldersResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetFoldersResult]

type GetIAMPolicyAuditConfig 

type GetIAMPolicyAuditConfig struct {
	// A nested block that defines the operations you'd like to log.
	AuditLogConfigs []GetIAMPolicyAuditConfigAuditLogConfig `pulumi:"auditLogConfigs"`
	// Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service string `pulumi:"service"`
}

type GetIAMPolicyAuditConfigArgs 

type GetIAMPolicyAuditConfigArgs struct {
	// A nested block that defines the operations you'd like to log.
	AuditLogConfigs GetIAMPolicyAuditConfigAuditLogConfigArrayInput `pulumi:"auditLogConfigs"`
	// Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service pulumi.StringInput `pulumi:"service"`
}

func (GetIAMPolicyAuditConfigArgs) ElementType 

func (GetIAMPolicyAuditConfigArgs) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutput 

func (i GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutput() GetIAMPolicyAuditConfigOutput

func (GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutputWithContext 

func (i GetIAMPolicyAuditConfigArgs) ToGetIAMPolicyAuditConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigOutput

func (GetIAMPolicyAuditConfigArgs) ToOutput added in v6.65.1 

func (i GetIAMPolicyAuditConfigArgs) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyAuditConfig]

type GetIAMPolicyAuditConfigArray 

type GetIAMPolicyAuditConfigArray []GetIAMPolicyAuditConfigInput

func (GetIAMPolicyAuditConfigArray) ElementType 

func (GetIAMPolicyAuditConfigArray) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutput 

func (i GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutput() GetIAMPolicyAuditConfigArrayOutput

func (GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutputWithContext 

func (i GetIAMPolicyAuditConfigArray) ToGetIAMPolicyAuditConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigArrayOutput

func (GetIAMPolicyAuditConfigArray) ToOutput added in v6.65.1 

func (i GetIAMPolicyAuditConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]GetIAMPolicyAuditConfig]

type GetIAMPolicyAuditConfigArrayInput 

type GetIAMPolicyAuditConfigArrayInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigArrayOutput() GetIAMPolicyAuditConfigArrayOutput
	ToGetIAMPolicyAuditConfigArrayOutputWithContext(context.Context) GetIAMPolicyAuditConfigArrayOutput
}

GetIAMPolicyAuditConfigArrayInput is an input type that accepts GetIAMPolicyAuditConfigArray and GetIAMPolicyAuditConfigArrayOutput values. You can construct a concrete instance of `GetIAMPolicyAuditConfigArrayInput` via: 

GetIAMPolicyAuditConfigArray{ GetIAMPolicyAuditConfigArgs{...} }

type GetIAMPolicyAuditConfigArrayOutput 

type GetIAMPolicyAuditConfigArrayOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigArrayOutput) ElementType 

func (GetIAMPolicyAuditConfigArrayOutput) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigArrayOutput) Index 

func (o GetIAMPolicyAuditConfigArrayOutput) Index(i pulumi.IntInput) GetIAMPolicyAuditConfigOutput

func (GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutput 

func (o GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutput() GetIAMPolicyAuditConfigArrayOutput

func (GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutputWithContext 

func (o GetIAMPolicyAuditConfigArrayOutput) ToGetIAMPolicyAuditConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigArrayOutput

func (GetIAMPolicyAuditConfigArrayOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyAuditConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetIAMPolicyAuditConfig]

type GetIAMPolicyAuditConfigAuditLogConfig 

type GetIAMPolicyAuditConfigAuditLogConfig struct {
	// Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.
	LogType string `pulumi:"logType"`
}

type GetIAMPolicyAuditConfigAuditLogConfigArgs 

type GetIAMPolicyAuditConfigAuditLogConfigArgs struct {
	// Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.
	LogType pulumi.StringInput `pulumi:"logType"`
}

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ElementType 

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutput 

func (i GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutput() GetIAMPolicyAuditConfigAuditLogConfigOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext 

func (i GetIAMPolicyAuditConfigAuditLogConfigArgs) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArgs) ToOutput added in v6.65.1 

func (i GetIAMPolicyAuditConfigAuditLogConfigArgs) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyAuditConfigAuditLogConfig]

type GetIAMPolicyAuditConfigAuditLogConfigArray 

type GetIAMPolicyAuditConfigAuditLogConfigArray []GetIAMPolicyAuditConfigAuditLogConfigInput

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ElementType 

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput 

func (i GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput() GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext 

func (i GetIAMPolicyAuditConfigAuditLogConfigArray) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArray) ToOutput added in v6.65.1 

func (i GetIAMPolicyAuditConfigAuditLogConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]GetIAMPolicyAuditConfigAuditLogConfig]

type GetIAMPolicyAuditConfigAuditLogConfigArrayInput 

type GetIAMPolicyAuditConfigAuditLogConfigArrayInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput() GetIAMPolicyAuditConfigAuditLogConfigArrayOutput
	ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext(context.Context) GetIAMPolicyAuditConfigAuditLogConfigArrayOutput
}

GetIAMPolicyAuditConfigAuditLogConfigArrayInput is an input type that accepts GetIAMPolicyAuditConfigAuditLogConfigArray and GetIAMPolicyAuditConfigAuditLogConfigArrayOutput values. You can construct a concrete instance of `GetIAMPolicyAuditConfigAuditLogConfigArrayInput` via: 

GetIAMPolicyAuditConfigAuditLogConfigArray{ GetIAMPolicyAuditConfigAuditLogConfigArgs{...} }

type GetIAMPolicyAuditConfigAuditLogConfigArrayOutput 

type GetIAMPolicyAuditConfigAuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ElementType 

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) Index 

func (o GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) Index(i pulumi.IntInput) GetIAMPolicyAuditConfigAuditLogConfigOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput 

func (o GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutput() GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext 

func (o GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToGetIAMPolicyAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

func (GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyAuditConfigAuditLogConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetIAMPolicyAuditConfigAuditLogConfig]

type GetIAMPolicyAuditConfigAuditLogConfigInput 

type GetIAMPolicyAuditConfigAuditLogConfigInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigAuditLogConfigOutput() GetIAMPolicyAuditConfigAuditLogConfigOutput
	ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext(context.Context) GetIAMPolicyAuditConfigAuditLogConfigOutput
}

GetIAMPolicyAuditConfigAuditLogConfigInput is an input type that accepts GetIAMPolicyAuditConfigAuditLogConfigArgs and GetIAMPolicyAuditConfigAuditLogConfigOutput values. You can construct a concrete instance of `GetIAMPolicyAuditConfigAuditLogConfigInput` via: 

GetIAMPolicyAuditConfigAuditLogConfigArgs{...}

type GetIAMPolicyAuditConfigAuditLogConfigOutput 

type GetIAMPolicyAuditConfigAuditLogConfigOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ElementType 

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ExemptedMembers 

func (o GetIAMPolicyAuditConfigAuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that are exempt from these types of logging operations. Follows the same format of the `members` array for `binding`.

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) LogType 

func (o GetIAMPolicyAuditConfigAuditLogConfigOutput) LogType() pulumi.StringOutput

Defines the logging level. `DATA_READ`, `DATA_WRITE` and `ADMIN_READ` capture different types of events. See [the audit configuration documentation](https://cloud.google.com/resource-manager/reference/rest/Shared.Types/AuditConfig) for more details.

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutput 

func (o GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutput() GetIAMPolicyAuditConfigAuditLogConfigOutput

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext 

func (o GetIAMPolicyAuditConfigAuditLogConfigOutput) ToGetIAMPolicyAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigAuditLogConfigOutput

func (GetIAMPolicyAuditConfigAuditLogConfigOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyAuditConfigAuditLogConfigOutput) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyAuditConfigAuditLogConfig]

type GetIAMPolicyAuditConfigInput 

type GetIAMPolicyAuditConfigInput interface {
	pulumi.Input

	ToGetIAMPolicyAuditConfigOutput() GetIAMPolicyAuditConfigOutput
	ToGetIAMPolicyAuditConfigOutputWithContext(context.Context) GetIAMPolicyAuditConfigOutput
}

GetIAMPolicyAuditConfigInput is an input type that accepts GetIAMPolicyAuditConfigArgs and GetIAMPolicyAuditConfigOutput values. You can construct a concrete instance of `GetIAMPolicyAuditConfigInput` via: 

GetIAMPolicyAuditConfigArgs{...}

type GetIAMPolicyAuditConfigOutput 

type GetIAMPolicyAuditConfigOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyAuditConfigOutput) AuditLogConfigs 

func (o GetIAMPolicyAuditConfigOutput) AuditLogConfigs() GetIAMPolicyAuditConfigAuditLogConfigArrayOutput

A nested block that defines the operations you'd like to log.

func (GetIAMPolicyAuditConfigOutput) ElementType 

func (GetIAMPolicyAuditConfigOutput) ElementType() reflect.Type

func (GetIAMPolicyAuditConfigOutput) Service 

func (o GetIAMPolicyAuditConfigOutput) Service() pulumi.StringOutput

Defines a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutput 

func (o GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutput() GetIAMPolicyAuditConfigOutput

func (GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutputWithContext 

func (o GetIAMPolicyAuditConfigOutput) ToGetIAMPolicyAuditConfigOutputWithContext(ctx context.Context) GetIAMPolicyAuditConfigOutput

func (GetIAMPolicyAuditConfigOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyAuditConfigOutput) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyAuditConfig]

type GetIAMPolicyBinding 

type GetIAMPolicyBinding struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.
	Condition *GetIAMPolicyBindingCondition `pulumi:"condition"`
	// An array of identities that will be granted the privilege in the `role`. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. Some resources **don't** support this identity.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. Some resources **don't** support this identity.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members []string `pulumi:"members"`
	// The role/permission that will be granted to the members.
	// See the [IAM Roles](https://cloud.google.com/compute/docs/access/iam) documentation for a complete list of roles.
	// Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role string `pulumi:"role"`
}

type GetIAMPolicyBindingArgs 

type GetIAMPolicyBindingArgs struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.
	Condition GetIAMPolicyBindingConditionPtrInput `pulumi:"condition"`
	// An array of identities that will be granted the privilege in the `role`. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. Some resources **don't** support this identity.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. Some resources **don't** support this identity.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// The role/permission that will be granted to the members.
	// See the [IAM Roles](https://cloud.google.com/compute/docs/access/iam) documentation for a complete list of roles.
	// Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput `pulumi:"role"`
}

func (GetIAMPolicyBindingArgs) ElementType 

func (GetIAMPolicyBindingArgs) ElementType() reflect.Type

func (GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutput 

func (i GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutput() GetIAMPolicyBindingOutput

func (GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutputWithContext 

func (i GetIAMPolicyBindingArgs) ToGetIAMPolicyBindingOutputWithContext(ctx context.Context) GetIAMPolicyBindingOutput

func (GetIAMPolicyBindingArgs) ToOutput added in v6.65.1 

func (i GetIAMPolicyBindingArgs) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyBinding]

type GetIAMPolicyBindingArray 

type GetIAMPolicyBindingArray []GetIAMPolicyBindingInput

func (GetIAMPolicyBindingArray) ElementType 

func (GetIAMPolicyBindingArray) ElementType() reflect.Type

func (GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutput 

func (i GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutput() GetIAMPolicyBindingArrayOutput

func (GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutputWithContext 

func (i GetIAMPolicyBindingArray) ToGetIAMPolicyBindingArrayOutputWithContext(ctx context.Context) GetIAMPolicyBindingArrayOutput

func (GetIAMPolicyBindingArray) ToOutput added in v6.65.1 

func (i GetIAMPolicyBindingArray) ToOutput(ctx context.Context) pulumix.Output[[]GetIAMPolicyBinding]

type GetIAMPolicyBindingArrayInput 

type GetIAMPolicyBindingArrayInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingArrayOutput() GetIAMPolicyBindingArrayOutput
	ToGetIAMPolicyBindingArrayOutputWithContext(context.Context) GetIAMPolicyBindingArrayOutput
}

GetIAMPolicyBindingArrayInput is an input type that accepts GetIAMPolicyBindingArray and GetIAMPolicyBindingArrayOutput values. You can construct a concrete instance of `GetIAMPolicyBindingArrayInput` via: 

GetIAMPolicyBindingArray{ GetIAMPolicyBindingArgs{...} }

type GetIAMPolicyBindingArrayOutput 

type GetIAMPolicyBindingArrayOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingArrayOutput) ElementType 

func (GetIAMPolicyBindingArrayOutput) ElementType() reflect.Type

func (GetIAMPolicyBindingArrayOutput) Index 

func (o GetIAMPolicyBindingArrayOutput) Index(i pulumi.IntInput) GetIAMPolicyBindingOutput

func (GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutput 

func (o GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutput() GetIAMPolicyBindingArrayOutput

func (GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutputWithContext 

func (o GetIAMPolicyBindingArrayOutput) ToGetIAMPolicyBindingArrayOutputWithContext(ctx context.Context) GetIAMPolicyBindingArrayOutput

func (GetIAMPolicyBindingArrayOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyBindingArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]GetIAMPolicyBinding]

type GetIAMPolicyBindingCondition 

type GetIAMPolicyBindingCondition struct {
	// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title string `pulumi:"title"`
}

type GetIAMPolicyBindingConditionArgs 

type GetIAMPolicyBindingConditionArgs struct {
	// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringInput `pulumi:"title"`
}

func (GetIAMPolicyBindingConditionArgs) ElementType 

func (GetIAMPolicyBindingConditionArgs) ElementType() reflect.Type

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutput 

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutput() GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutputWithContext 

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutput 

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutputWithContext 

func (i GetIAMPolicyBindingConditionArgs) ToGetIAMPolicyBindingConditionPtrOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionArgs) ToOutput added in v6.65.1 

func (i GetIAMPolicyBindingConditionArgs) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyBindingCondition]

type GetIAMPolicyBindingConditionInput 

type GetIAMPolicyBindingConditionInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingConditionOutput() GetIAMPolicyBindingConditionOutput
	ToGetIAMPolicyBindingConditionOutputWithContext(context.Context) GetIAMPolicyBindingConditionOutput
}

GetIAMPolicyBindingConditionInput is an input type that accepts GetIAMPolicyBindingConditionArgs and GetIAMPolicyBindingConditionOutput values. You can construct a concrete instance of `GetIAMPolicyBindingConditionInput` via: 

GetIAMPolicyBindingConditionArgs{...}

type GetIAMPolicyBindingConditionOutput 

type GetIAMPolicyBindingConditionOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingConditionOutput) Description 

func (o GetIAMPolicyBindingConditionOutput) Description() pulumi.StringPtrOutput

An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (GetIAMPolicyBindingConditionOutput) ElementType 

func (GetIAMPolicyBindingConditionOutput) ElementType() reflect.Type

func (GetIAMPolicyBindingConditionOutput) Expression 

func (o GetIAMPolicyBindingConditionOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (GetIAMPolicyBindingConditionOutput) Title 

func (o GetIAMPolicyBindingConditionOutput) Title() pulumi.StringOutput

A title for the expression, i.e. a short string describing its purpose.

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutput 

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutput() GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutputWithContext 

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutput 

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext 

func (o GetIAMPolicyBindingConditionOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyBindingConditionOutput) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyBindingCondition]

type GetIAMPolicyBindingConditionPtrInput 

type GetIAMPolicyBindingConditionPtrInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput
	ToGetIAMPolicyBindingConditionPtrOutputWithContext(context.Context) GetIAMPolicyBindingConditionPtrOutput
}

GetIAMPolicyBindingConditionPtrInput is an input type that accepts GetIAMPolicyBindingConditionArgs, GetIAMPolicyBindingConditionPtr and GetIAMPolicyBindingConditionPtrOutput values. You can construct a concrete instance of `GetIAMPolicyBindingConditionPtrInput` via: 

        GetIAMPolicyBindingConditionArgs{...}

or:

        nil

func GetIAMPolicyBindingConditionPtr 

func GetIAMPolicyBindingConditionPtr(v *GetIAMPolicyBindingConditionArgs) GetIAMPolicyBindingConditionPtrInput

type GetIAMPolicyBindingConditionPtrOutput 

type GetIAMPolicyBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingConditionPtrOutput) Description 

func (o GetIAMPolicyBindingConditionPtrOutput) Description() pulumi.StringPtrOutput

An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (GetIAMPolicyBindingConditionPtrOutput) Elem 

func (o GetIAMPolicyBindingConditionPtrOutput) Elem() GetIAMPolicyBindingConditionOutput

func (GetIAMPolicyBindingConditionPtrOutput) ElementType 

func (GetIAMPolicyBindingConditionPtrOutput) ElementType() reflect.Type

func (GetIAMPolicyBindingConditionPtrOutput) Expression 

func (o GetIAMPolicyBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (GetIAMPolicyBindingConditionPtrOutput) Title 

func (o GetIAMPolicyBindingConditionPtrOutput) Title() pulumi.StringPtrOutput

A title for the expression, i.e. a short string describing its purpose.

func (GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutput 

func (o GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutput() GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext 

func (o GetIAMPolicyBindingConditionPtrOutput) ToGetIAMPolicyBindingConditionPtrOutputWithContext(ctx context.Context) GetIAMPolicyBindingConditionPtrOutput

func (GetIAMPolicyBindingConditionPtrOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyBindingConditionPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*GetIAMPolicyBindingCondition]

type GetIAMPolicyBindingInput 

type GetIAMPolicyBindingInput interface {
	pulumi.Input

	ToGetIAMPolicyBindingOutput() GetIAMPolicyBindingOutput
	ToGetIAMPolicyBindingOutputWithContext(context.Context) GetIAMPolicyBindingOutput
}

GetIAMPolicyBindingInput is an input type that accepts GetIAMPolicyBindingArgs and GetIAMPolicyBindingOutput values. You can construct a concrete instance of `GetIAMPolicyBindingInput` via: 

GetIAMPolicyBindingArgs{...}

type GetIAMPolicyBindingOutput 

type GetIAMPolicyBindingOutput struct{ *pulumi.OutputState }

func (GetIAMPolicyBindingOutput) Condition 

func (o GetIAMPolicyBindingOutput) Condition() GetIAMPolicyBindingConditionPtrOutput

An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

func (GetIAMPolicyBindingOutput) ElementType 

func (GetIAMPolicyBindingOutput) ElementType() reflect.Type

func (GetIAMPolicyBindingOutput) Members 

func (o GetIAMPolicyBindingOutput) Members() pulumi.StringArrayOutput

An array of identities that will be granted the privilege in the `role`. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. Some resources **don't** support this identity. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. Some resources **don't** support this identity. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (GetIAMPolicyBindingOutput) Role 

func (o GetIAMPolicyBindingOutput) Role() pulumi.StringOutput

The role/permission that will be granted to the members. See the [IAM Roles](https://cloud.google.com/compute/docs/access/iam) documentation for a complete list of roles. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutput 

func (o GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutput() GetIAMPolicyBindingOutput

func (GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutputWithContext 

func (o GetIAMPolicyBindingOutput) ToGetIAMPolicyBindingOutputWithContext(ctx context.Context) GetIAMPolicyBindingOutput

func (GetIAMPolicyBindingOutput) ToOutput added in v6.65.1 

func (o GetIAMPolicyBindingOutput) ToOutput(ctx context.Context) pulumix.Output[GetIAMPolicyBinding]

type GetOrganizationArgs 

type GetOrganizationArgs struct {
	// The domain name of the Organization.
	//
	// > **NOTE:** One of `organization` or `domain` must be specified.
	Domain *string `pulumi:"domain"`
	// The Organization's numeric ID, including an optional `organizations/` prefix.
	Organization *string `pulumi:"organization"`
}

A collection of arguments for invoking getOrganization.

type GetOrganizationOutputArgs 

type GetOrganizationOutputArgs struct {
	// The domain name of the Organization.
	//
	// > **NOTE:** One of `organization` or `domain` must be specified.
	Domain pulumi.StringPtrInput `pulumi:"domain"`
	// The Organization's numeric ID, including an optional `organizations/` prefix.
	Organization pulumi.StringPtrInput `pulumi:"organization"`
}

A collection of arguments for invoking getOrganization.

func (GetOrganizationOutputArgs) ElementType 

func (GetOrganizationOutputArgs) ElementType() reflect.Type

type GetOrganizationResult 

type GetOrganizationResult struct {
	// Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime string `pulumi:"createTime"`
	// The Google for Work customer ID of the Organization.
	DirectoryCustomerId string `pulumi:"directoryCustomerId"`
	Domain              string `pulumi:"domain"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The Organization's current lifecycle state.
	LifecycleState string `pulumi:"lifecycleState"`
	// The resource name of the Organization in the form `organizations/{organization_id}`.
	Name string `pulumi:"name"`
	// The Organization ID.
	OrgId        string  `pulumi:"orgId"`
	Organization *string `pulumi:"organization"`
}

A collection of values returned by getOrganization.

func GetOrganization 

func GetOrganization(ctx *pulumi.Context, args *GetOrganizationArgs, opts ...pulumi.InvokeOption) (*GetOrganizationResult, error)

Get information about a Google Cloud Organization. Note that you must have the `roles/resourcemanager.organizationViewer` role (or equivalent permissions) at the organization level to use this datasource.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		org, err := organizations.GetOrganization(ctx, &organizations.GetOrganizationArgs{
			Domain: pulumi.StringRef("example.com"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = organizations.NewFolder(ctx, "sales", &organizations.FolderArgs{
			DisplayName: pulumi.String("Sales"),
			Parent:      *pulumi.String(org.Name),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetOrganizationResultOutput 

type GetOrganizationResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getOrganization.

func GetOrganizationOutput 

func GetOrganizationOutput(ctx *pulumi.Context, args GetOrganizationOutputArgs, opts ...pulumi.InvokeOption) GetOrganizationResultOutput

func (GetOrganizationResultOutput) CreateTime 

func (o GetOrganizationResultOutput) CreateTime() pulumi.StringOutput

Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".

func (GetOrganizationResultOutput) DirectoryCustomerId 

func (o GetOrganizationResultOutput) DirectoryCustomerId() pulumi.StringOutput

The Google for Work customer ID of the Organization.

func (GetOrganizationResultOutput) Domain 

func (o GetOrganizationResultOutput) Domain() pulumi.StringOutput

func (GetOrganizationResultOutput) ElementType 

func (GetOrganizationResultOutput) ElementType() reflect.Type

func (GetOrganizationResultOutput) Id 

func (o GetOrganizationResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetOrganizationResultOutput) LifecycleState 

func (o GetOrganizationResultOutput) LifecycleState() pulumi.StringOutput

The Organization's current lifecycle state.

func (GetOrganizationResultOutput) Name 

func (o GetOrganizationResultOutput) Name() pulumi.StringOutput

The resource name of the Organization in the form `organizations/{organization_id}`.

func (GetOrganizationResultOutput) OrgId 

func (o GetOrganizationResultOutput) OrgId() pulumi.StringOutput

The Organization ID.

func (GetOrganizationResultOutput) Organization 

func (o GetOrganizationResultOutput) Organization() pulumi.StringPtrOutput

func (GetOrganizationResultOutput) ToGetOrganizationResultOutput 

func (o GetOrganizationResultOutput) ToGetOrganizationResultOutput() GetOrganizationResultOutput

func (GetOrganizationResultOutput) ToGetOrganizationResultOutputWithContext 

func (o GetOrganizationResultOutput) ToGetOrganizationResultOutputWithContext(ctx context.Context) GetOrganizationResultOutput

func (GetOrganizationResultOutput) ToOutput added in v6.65.1 

func (o GetOrganizationResultOutput) ToOutput(ctx context.Context) pulumix.Output[GetOrganizationResult]

type IAMBinding 

type IAMBinding struct {
	pulumi.CustomResourceState

	Condition IAMBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Allows creation and management of a single binding within IAM policy for an existing Google Cloud Platform Organization.

> **Note:** This resource __must not__ be used in conjunction with 

`organizations.IAMMember` for the __same role__ or they will fight over
what your policy should be.

> **Note:** On create, this resource will overwrite members of any existing roles. 

Use `pulumi import` and inspect the `output to ensure
your existing members are preserved.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMBinding(ctx, "binding", &organizations.IAMBindingArgs{
			Members: pulumi.StringArray{
				pulumi.String("user:alice@gmail.com"),
			},
			OrgId: pulumi.String("123456789"),
			Role:  pulumi.String("roles/browser"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM binding imports use space-delimited identifiers; first the resource in question and then the role.

These bindings can be imported using the `org_id` and role, e.g.

```sh 

$ pulumi import gcp:organizations/iAMBinding:IAMBinding my_org "your-org-id roles/viewer"

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetIAMBinding 

func GetIAMBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMBindingState, opts ...pulumi.ResourceOption) (*IAMBinding, error)

GetIAMBinding gets an existing IAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMBinding 

func NewIAMBinding(ctx *pulumi.Context,
	name string, args *IAMBindingArgs, opts ...pulumi.ResourceOption) (*IAMBinding, error)

NewIAMBinding registers a new resource with the given unique name, arguments, and options.

func (*IAMBinding) ElementType 

func (*IAMBinding) ElementType() reflect.Type

func (*IAMBinding) ToIAMBindingOutput 

func (i *IAMBinding) ToIAMBindingOutput() IAMBindingOutput

func (*IAMBinding) ToIAMBindingOutputWithContext 

func (i *IAMBinding) ToIAMBindingOutputWithContext(ctx context.Context) IAMBindingOutput

func (*IAMBinding) ToOutput added in v6.65.1 

func (i *IAMBinding) ToOutput(ctx context.Context) pulumix.Output[*IAMBinding]

type IAMBindingArgs 

type IAMBindingArgs struct {
	Condition IAMBindingConditionPtrInput
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members pulumi.StringArrayInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringInput
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a IAMBinding resource.

func (IAMBindingArgs) ElementType 

func (IAMBindingArgs) ElementType() reflect.Type

type IAMBindingArray 

type IAMBindingArray []IAMBindingInput

func (IAMBindingArray) ElementType 

func (IAMBindingArray) ElementType() reflect.Type

func (IAMBindingArray) ToIAMBindingArrayOutput 

func (i IAMBindingArray) ToIAMBindingArrayOutput() IAMBindingArrayOutput

func (IAMBindingArray) ToIAMBindingArrayOutputWithContext 

func (i IAMBindingArray) ToIAMBindingArrayOutputWithContext(ctx context.Context) IAMBindingArrayOutput

func (IAMBindingArray) ToOutput added in v6.65.1 

func (i IAMBindingArray) ToOutput(ctx context.Context) pulumix.Output[[]*IAMBinding]

type IAMBindingArrayInput 

type IAMBindingArrayInput interface {
	pulumi.Input

	ToIAMBindingArrayOutput() IAMBindingArrayOutput
	ToIAMBindingArrayOutputWithContext(context.Context) IAMBindingArrayOutput
}

IAMBindingArrayInput is an input type that accepts IAMBindingArray and IAMBindingArrayOutput values. You can construct a concrete instance of `IAMBindingArrayInput` via: 

IAMBindingArray{ IAMBindingArgs{...} }

type IAMBindingArrayOutput 

type IAMBindingArrayOutput struct{ *pulumi.OutputState }

func (IAMBindingArrayOutput) ElementType 

func (IAMBindingArrayOutput) ElementType() reflect.Type

func (IAMBindingArrayOutput) Index 

func (o IAMBindingArrayOutput) Index(i pulumi.IntInput) IAMBindingOutput

func (IAMBindingArrayOutput) ToIAMBindingArrayOutput 

func (o IAMBindingArrayOutput) ToIAMBindingArrayOutput() IAMBindingArrayOutput

func (IAMBindingArrayOutput) ToIAMBindingArrayOutputWithContext 

func (o IAMBindingArrayOutput) ToIAMBindingArrayOutputWithContext(ctx context.Context) IAMBindingArrayOutput

func (IAMBindingArrayOutput) ToOutput added in v6.65.1 

func (o IAMBindingArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*IAMBinding]

type IAMBindingCondition 

type IAMBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type IAMBindingConditionArgs 

type IAMBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (IAMBindingConditionArgs) ElementType 

func (IAMBindingConditionArgs) ElementType() reflect.Type

func (IAMBindingConditionArgs) ToIAMBindingConditionOutput 

func (i IAMBindingConditionArgs) ToIAMBindingConditionOutput() IAMBindingConditionOutput

func (IAMBindingConditionArgs) ToIAMBindingConditionOutputWithContext 

func (i IAMBindingConditionArgs) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput

func (IAMBindingConditionArgs) ToIAMBindingConditionPtrOutput 

func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput

func (IAMBindingConditionArgs) ToIAMBindingConditionPtrOutputWithContext 

func (i IAMBindingConditionArgs) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput

func (IAMBindingConditionArgs) ToOutput added in v6.65.1 

func (i IAMBindingConditionArgs) ToOutput(ctx context.Context) pulumix.Output[IAMBindingCondition]

type IAMBindingConditionInput 

type IAMBindingConditionInput interface {
	pulumi.Input

	ToIAMBindingConditionOutput() IAMBindingConditionOutput
	ToIAMBindingConditionOutputWithContext(context.Context) IAMBindingConditionOutput
}

IAMBindingConditionInput is an input type that accepts IAMBindingConditionArgs and IAMBindingConditionOutput values. You can construct a concrete instance of `IAMBindingConditionInput` via: 

IAMBindingConditionArgs{...}

type IAMBindingConditionOutput 

type IAMBindingConditionOutput struct{ *pulumi.OutputState }

func (IAMBindingConditionOutput) Description 

func (o IAMBindingConditionOutput) Description() pulumi.StringPtrOutput

func (IAMBindingConditionOutput) ElementType 

func (IAMBindingConditionOutput) ElementType() reflect.Type

func (IAMBindingConditionOutput) Expression 

func (o IAMBindingConditionOutput) Expression() pulumi.StringOutput

func (IAMBindingConditionOutput) Title 

func (o IAMBindingConditionOutput) Title() pulumi.StringOutput

func (IAMBindingConditionOutput) ToIAMBindingConditionOutput 

func (o IAMBindingConditionOutput) ToIAMBindingConditionOutput() IAMBindingConditionOutput

func (IAMBindingConditionOutput) ToIAMBindingConditionOutputWithContext 

func (o IAMBindingConditionOutput) ToIAMBindingConditionOutputWithContext(ctx context.Context) IAMBindingConditionOutput

func (IAMBindingConditionOutput) ToIAMBindingConditionPtrOutput 

func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput

func (IAMBindingConditionOutput) ToIAMBindingConditionPtrOutputWithContext 

func (o IAMBindingConditionOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput

func (IAMBindingConditionOutput) ToOutput added in v6.65.1 

func (o IAMBindingConditionOutput) ToOutput(ctx context.Context) pulumix.Output[IAMBindingCondition]

type IAMBindingConditionPtrInput 

type IAMBindingConditionPtrInput interface {
	pulumi.Input

	ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput
	ToIAMBindingConditionPtrOutputWithContext(context.Context) IAMBindingConditionPtrOutput
}

IAMBindingConditionPtrInput is an input type that accepts IAMBindingConditionArgs, IAMBindingConditionPtr and IAMBindingConditionPtrOutput values. You can construct a concrete instance of `IAMBindingConditionPtrInput` via: 

        IAMBindingConditionArgs{...}

or:

        nil

func IAMBindingConditionPtr 

func IAMBindingConditionPtr(v *IAMBindingConditionArgs) IAMBindingConditionPtrInput

type IAMBindingConditionPtrOutput 

type IAMBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (IAMBindingConditionPtrOutput) Description 

func (o IAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput

func (IAMBindingConditionPtrOutput) Elem 

func (o IAMBindingConditionPtrOutput) Elem() IAMBindingConditionOutput

func (IAMBindingConditionPtrOutput) ElementType 

func (IAMBindingConditionPtrOutput) ElementType() reflect.Type

func (IAMBindingConditionPtrOutput) Expression 

func (o IAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput

func (IAMBindingConditionPtrOutput) Title 

func (o IAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput

func (IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutput 

func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutput() IAMBindingConditionPtrOutput

func (IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutputWithContext 

func (o IAMBindingConditionPtrOutput) ToIAMBindingConditionPtrOutputWithContext(ctx context.Context) IAMBindingConditionPtrOutput

func (IAMBindingConditionPtrOutput) ToOutput added in v6.65.1 

func (o IAMBindingConditionPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*IAMBindingCondition]

type IAMBindingInput 

type IAMBindingInput interface {
	pulumi.Input

	ToIAMBindingOutput() IAMBindingOutput
	ToIAMBindingOutputWithContext(ctx context.Context) IAMBindingOutput
}

type IAMBindingMap 

type IAMBindingMap map[string]IAMBindingInput

func (IAMBindingMap) ElementType 

func (IAMBindingMap) ElementType() reflect.Type

func (IAMBindingMap) ToIAMBindingMapOutput 

func (i IAMBindingMap) ToIAMBindingMapOutput() IAMBindingMapOutput

func (IAMBindingMap) ToIAMBindingMapOutputWithContext 

func (i IAMBindingMap) ToIAMBindingMapOutputWithContext(ctx context.Context) IAMBindingMapOutput

func (IAMBindingMap) ToOutput added in v6.65.1 

func (i IAMBindingMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMBinding]

type IAMBindingMapInput 

type IAMBindingMapInput interface {
	pulumi.Input

	ToIAMBindingMapOutput() IAMBindingMapOutput
	ToIAMBindingMapOutputWithContext(context.Context) IAMBindingMapOutput
}

IAMBindingMapInput is an input type that accepts IAMBindingMap and IAMBindingMapOutput values. You can construct a concrete instance of `IAMBindingMapInput` via: 

IAMBindingMap{ "key": IAMBindingArgs{...} }

type IAMBindingMapOutput 

type IAMBindingMapOutput struct{ *pulumi.OutputState }

func (IAMBindingMapOutput) ElementType 

func (IAMBindingMapOutput) ElementType() reflect.Type

func (IAMBindingMapOutput) MapIndex 

func (o IAMBindingMapOutput) MapIndex(k pulumi.StringInput) IAMBindingOutput

func (IAMBindingMapOutput) ToIAMBindingMapOutput 

func (o IAMBindingMapOutput) ToIAMBindingMapOutput() IAMBindingMapOutput

func (IAMBindingMapOutput) ToIAMBindingMapOutputWithContext 

func (o IAMBindingMapOutput) ToIAMBindingMapOutputWithContext(ctx context.Context) IAMBindingMapOutput

func (IAMBindingMapOutput) ToOutput added in v6.65.1 

func (o IAMBindingMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMBinding]

type IAMBindingOutput 

type IAMBindingOutput struct{ *pulumi.OutputState }

func (IAMBindingOutput) Condition added in v6.23.0 

func (o IAMBindingOutput) Condition() IAMBindingConditionPtrOutput

func (IAMBindingOutput) ElementType 

func (IAMBindingOutput) ElementType() reflect.Type

func (IAMBindingOutput) Etag added in v6.23.0 

func (o IAMBindingOutput) Etag() pulumi.StringOutput

(Computed) The etag of the organization's IAM policy.

func (IAMBindingOutput) Members added in v6.23.0 

func (o IAMBindingOutput) Members() pulumi.StringArrayOutput

A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding

func (IAMBindingOutput) OrgId added in v6.23.0 

func (o IAMBindingOutput) OrgId() pulumi.StringOutput

The numeric ID of the organization in which you want to create a custom role.

func (IAMBindingOutput) Role added in v6.23.0 

func (o IAMBindingOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (IAMBindingOutput) ToIAMBindingOutput 

func (o IAMBindingOutput) ToIAMBindingOutput() IAMBindingOutput

func (IAMBindingOutput) ToIAMBindingOutputWithContext 

func (o IAMBindingOutput) ToIAMBindingOutputWithContext(ctx context.Context) IAMBindingOutput

func (IAMBindingOutput) ToOutput added in v6.65.1 

func (o IAMBindingOutput) ToOutput(ctx context.Context) pulumix.Output[*IAMBinding]

type IAMBindingState 

type IAMBindingState struct {
	Condition IAMBindingConditionPtrInput
	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringPtrInput
	// A list of users that the role should apply to. For more details on format and restrictions see https://cloud.google.com/billing/reference/rest/v1/Policy#Binding
	Members pulumi.StringArrayInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role pulumi.StringPtrInput
}

func (IAMBindingState) ElementType 

func (IAMBindingState) ElementType() reflect.Type

type IAMCustomRole 

type IAMCustomRole struct {
	pulumi.CustomResourceState

	// (Optional) The current deleted state of the role.
	Deleted pulumi.BoolOutput `pulumi:"deleted"`
	// A human-readable description for the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the role in the format `organizations/{{org_id}}/roles/{{role_id}}`. Like `id`, this field can be used as a reference in other resources such as IAM role bindings.
	Name pulumi.StringOutput `pulumi:"name"`
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions pulumi.StringArrayOutput `pulumi:"permissions"`
	// The role id to use for this role.
	RoleId pulumi.StringOutput `pulumi:"roleId"`
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage pulumi.StringPtrOutput `pulumi:"stage"`
	// A human-readable title for the role.
	Title pulumi.StringOutput `pulumi:"title"`
}

Allows management of a customized Cloud IAM organization role. For more information see [the official documentation](https://cloud.google.com/iam/docs/understanding-custom-roles) and [API](https://cloud.google.com/iam/reference/rest/v1/organizations.roles).

> **Warning:** Note that custom roles in GCP have the concept of a soft-delete. There are two issues that may arise 

from this and how roles are propagated. 1) creating a role may involve undeleting and then updating a role with the
same name, possibly causing confusing behavior between undelete and update. 2) A deleted role is permanently deleted
after 7 days, but it can take up to 30 more days (i.e. between 7 and 37 days after deletion) before the role name is
made available again. This means a deleted role that has been deleted for more than 7 days cannot be changed at all
by the provider, and new roles cannot share that name.

## Example Usage

This snippet creates a customized IAM organization role.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMCustomRole(ctx, "my-custom-role", &organizations.IAMCustomRoleArgs{
			Description: pulumi.String("A description"),
			OrgId:       pulumi.String("123456789"),
			Permissions: pulumi.StringArray{
				pulumi.String("iam.roles.list"),
				pulumi.String("iam.roles.create"),
				pulumi.String("iam.roles.delete"),
			},
			RoleId: pulumi.String("myCustomRole"),
			Title:  pulumi.String("My Custom Role"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Customized IAM organization role can be imported using their URI, e.g.

```sh 

$ pulumi import gcp:organizations/iAMCustomRole:IAMCustomRole my-custom-role organizations/123456789/roles/myCustomRole

```

func GetIAMCustomRole 

func GetIAMCustomRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMCustomRoleState, opts ...pulumi.ResourceOption) (*IAMCustomRole, error)

GetIAMCustomRole gets an existing IAMCustomRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMCustomRole 

func NewIAMCustomRole(ctx *pulumi.Context,
	name string, args *IAMCustomRoleArgs, opts ...pulumi.ResourceOption) (*IAMCustomRole, error)

NewIAMCustomRole registers a new resource with the given unique name, arguments, and options.

func (*IAMCustomRole) ElementType 

func (*IAMCustomRole) ElementType() reflect.Type

func (*IAMCustomRole) ToIAMCustomRoleOutput 

func (i *IAMCustomRole) ToIAMCustomRoleOutput() IAMCustomRoleOutput

func (*IAMCustomRole) ToIAMCustomRoleOutputWithContext 

func (i *IAMCustomRole) ToIAMCustomRoleOutputWithContext(ctx context.Context) IAMCustomRoleOutput

func (*IAMCustomRole) ToOutput added in v6.65.1 

func (i *IAMCustomRole) ToOutput(ctx context.Context) pulumix.Output[*IAMCustomRole]

type IAMCustomRoleArgs 

type IAMCustomRoleArgs struct {
	// A human-readable description for the role.
	Description pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringInput
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions pulumi.StringArrayInput
	// The role id to use for this role.
	RoleId pulumi.StringInput
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage pulumi.StringPtrInput
	// A human-readable title for the role.
	Title pulumi.StringInput
}

The set of arguments for constructing a IAMCustomRole resource.

func (IAMCustomRoleArgs) ElementType 

func (IAMCustomRoleArgs) ElementType() reflect.Type

type IAMCustomRoleArray 

type IAMCustomRoleArray []IAMCustomRoleInput

func (IAMCustomRoleArray) ElementType 

func (IAMCustomRoleArray) ElementType() reflect.Type

func (IAMCustomRoleArray) ToIAMCustomRoleArrayOutput 

func (i IAMCustomRoleArray) ToIAMCustomRoleArrayOutput() IAMCustomRoleArrayOutput

func (IAMCustomRoleArray) ToIAMCustomRoleArrayOutputWithContext 

func (i IAMCustomRoleArray) ToIAMCustomRoleArrayOutputWithContext(ctx context.Context) IAMCustomRoleArrayOutput

func (IAMCustomRoleArray) ToOutput added in v6.65.1 

func (i IAMCustomRoleArray) ToOutput(ctx context.Context) pulumix.Output[[]*IAMCustomRole]

type IAMCustomRoleArrayInput 

type IAMCustomRoleArrayInput interface {
	pulumi.Input

	ToIAMCustomRoleArrayOutput() IAMCustomRoleArrayOutput
	ToIAMCustomRoleArrayOutputWithContext(context.Context) IAMCustomRoleArrayOutput
}

IAMCustomRoleArrayInput is an input type that accepts IAMCustomRoleArray and IAMCustomRoleArrayOutput values. You can construct a concrete instance of `IAMCustomRoleArrayInput` via: 

IAMCustomRoleArray{ IAMCustomRoleArgs{...} }

type IAMCustomRoleArrayOutput 

type IAMCustomRoleArrayOutput struct{ *pulumi.OutputState }

func (IAMCustomRoleArrayOutput) ElementType 

func (IAMCustomRoleArrayOutput) ElementType() reflect.Type

func (IAMCustomRoleArrayOutput) Index 

func (o IAMCustomRoleArrayOutput) Index(i pulumi.IntInput) IAMCustomRoleOutput

func (IAMCustomRoleArrayOutput) ToIAMCustomRoleArrayOutput 

func (o IAMCustomRoleArrayOutput) ToIAMCustomRoleArrayOutput() IAMCustomRoleArrayOutput

func (IAMCustomRoleArrayOutput) ToIAMCustomRoleArrayOutputWithContext 

func (o IAMCustomRoleArrayOutput) ToIAMCustomRoleArrayOutputWithContext(ctx context.Context) IAMCustomRoleArrayOutput

func (IAMCustomRoleArrayOutput) ToOutput added in v6.65.1 

func (o IAMCustomRoleArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*IAMCustomRole]

type IAMCustomRoleInput 

type IAMCustomRoleInput interface {
	pulumi.Input

	ToIAMCustomRoleOutput() IAMCustomRoleOutput
	ToIAMCustomRoleOutputWithContext(ctx context.Context) IAMCustomRoleOutput
}

type IAMCustomRoleMap 

type IAMCustomRoleMap map[string]IAMCustomRoleInput

func (IAMCustomRoleMap) ElementType 

func (IAMCustomRoleMap) ElementType() reflect.Type

func (IAMCustomRoleMap) ToIAMCustomRoleMapOutput 

func (i IAMCustomRoleMap) ToIAMCustomRoleMapOutput() IAMCustomRoleMapOutput

func (IAMCustomRoleMap) ToIAMCustomRoleMapOutputWithContext 

func (i IAMCustomRoleMap) ToIAMCustomRoleMapOutputWithContext(ctx context.Context) IAMCustomRoleMapOutput

func (IAMCustomRoleMap) ToOutput added in v6.65.1 

func (i IAMCustomRoleMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMCustomRole]

type IAMCustomRoleMapInput 

type IAMCustomRoleMapInput interface {
	pulumi.Input

	ToIAMCustomRoleMapOutput() IAMCustomRoleMapOutput
	ToIAMCustomRoleMapOutputWithContext(context.Context) IAMCustomRoleMapOutput
}

IAMCustomRoleMapInput is an input type that accepts IAMCustomRoleMap and IAMCustomRoleMapOutput values. You can construct a concrete instance of `IAMCustomRoleMapInput` via: 

IAMCustomRoleMap{ "key": IAMCustomRoleArgs{...} }

type IAMCustomRoleMapOutput 

type IAMCustomRoleMapOutput struct{ *pulumi.OutputState }

func (IAMCustomRoleMapOutput) ElementType 

func (IAMCustomRoleMapOutput) ElementType() reflect.Type

func (IAMCustomRoleMapOutput) MapIndex 

func (o IAMCustomRoleMapOutput) MapIndex(k pulumi.StringInput) IAMCustomRoleOutput

func (IAMCustomRoleMapOutput) ToIAMCustomRoleMapOutput 

func (o IAMCustomRoleMapOutput) ToIAMCustomRoleMapOutput() IAMCustomRoleMapOutput

func (IAMCustomRoleMapOutput) ToIAMCustomRoleMapOutputWithContext 

func (o IAMCustomRoleMapOutput) ToIAMCustomRoleMapOutputWithContext(ctx context.Context) IAMCustomRoleMapOutput

func (IAMCustomRoleMapOutput) ToOutput added in v6.65.1 

func (o IAMCustomRoleMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMCustomRole]

type IAMCustomRoleOutput 

type IAMCustomRoleOutput struct{ *pulumi.OutputState }

func (IAMCustomRoleOutput) Deleted added in v6.23.0 

func (o IAMCustomRoleOutput) Deleted() pulumi.BoolOutput

(Optional) The current deleted state of the role.

func (IAMCustomRoleOutput) Description added in v6.23.0 

func (o IAMCustomRoleOutput) Description() pulumi.StringPtrOutput

A human-readable description for the role.

func (IAMCustomRoleOutput) ElementType 

func (IAMCustomRoleOutput) ElementType() reflect.Type

func (IAMCustomRoleOutput) Name added in v6.23.0 

func (o IAMCustomRoleOutput) Name() pulumi.StringOutput

The name of the role in the format `organizations/{{org_id}}/roles/{{role_id}}`. Like `id`, this field can be used as a reference in other resources such as IAM role bindings.

func (IAMCustomRoleOutput) OrgId added in v6.23.0 

func (o IAMCustomRoleOutput) OrgId() pulumi.StringOutput

The numeric ID of the organization in which you want to create a custom role.

func (IAMCustomRoleOutput) Permissions added in v6.23.0 

func (o IAMCustomRoleOutput) Permissions() pulumi.StringArrayOutput

The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.

func (IAMCustomRoleOutput) RoleId added in v6.23.0 

func (o IAMCustomRoleOutput) RoleId() pulumi.StringOutput

The role id to use for this role.

func (IAMCustomRoleOutput) Stage added in v6.23.0 

func (o IAMCustomRoleOutput) Stage() pulumi.StringPtrOutput

The current launch stage of the role. Defaults to `GA`. List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).

func (IAMCustomRoleOutput) Title added in v6.23.0 

func (o IAMCustomRoleOutput) Title() pulumi.StringOutput

A human-readable title for the role.

func (IAMCustomRoleOutput) ToIAMCustomRoleOutput 

func (o IAMCustomRoleOutput) ToIAMCustomRoleOutput() IAMCustomRoleOutput

func (IAMCustomRoleOutput) ToIAMCustomRoleOutputWithContext 

func (o IAMCustomRoleOutput) ToIAMCustomRoleOutputWithContext(ctx context.Context) IAMCustomRoleOutput

func (IAMCustomRoleOutput) ToOutput added in v6.65.1 

func (o IAMCustomRoleOutput) ToOutput(ctx context.Context) pulumix.Output[*IAMCustomRole]

type IAMCustomRoleState 

type IAMCustomRoleState struct {
	// (Optional) The current deleted state of the role.
	Deleted pulumi.BoolPtrInput
	// A human-readable description for the role.
	Description pulumi.StringPtrInput
	// The name of the role in the format `organizations/{{org_id}}/roles/{{role_id}}`. Like `id`, this field can be used as a reference in other resources such as IAM role bindings.
	Name pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to create a custom role.
	OrgId pulumi.StringPtrInput
	// The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
	Permissions pulumi.StringArrayInput
	// The role id to use for this role.
	RoleId pulumi.StringPtrInput
	// The current launch stage of the role.
	// Defaults to `GA`.
	// List of possible stages is [here](https://cloud.google.com/iam/reference/rest/v1/organizations.roles#Role.RoleLaunchStage).
	Stage pulumi.StringPtrInput
	// A human-readable title for the role.
	Title pulumi.StringPtrInput
}

func (IAMCustomRoleState) ElementType 

func (IAMCustomRoleState) ElementType() reflect.Type

type IAMMember 

type IAMMember struct {
	pulumi.CustomResourceState

	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition IAMMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the organization's IAM policy.
	Etag   pulumi.StringOutput `pulumi:"etag"`
	Member pulumi.StringOutput `pulumi:"member"`
	// The organization id of the target organization.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `organizations/{{org_id}}/roles/{{role_id}}`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Four different resources help you manage your IAM policy for a organization. Each of these resources serves a different use case:

* `organizations.IAMPolicy`: Authoritative. Sets the IAM policy for the organization and replaces any existing policy already attached. * `organizations.IAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the organization are preserved. * `organizations.IAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the organization are preserved. * `organizations.IamAuditConfig`: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.

> **Note:** `organizations.IAMPolicy` **cannot** be used in conjunction with `organizations.IAMBinding`, `organizations.IAMMember`, or `organizations.IamAuditConfig` or they will fight over what your policy should be.

> **Note:** `organizations.IAMBinding` resources **can be** used in conjunction with `organizations.IAMMember` resources **only if** they do not grant privilege to the same role.

## google\_organization\_iam\_policy

!> **Warning:** New organizations have several default policies which will, 

without extreme caution, be **overwritten** by use of this resource.
The safest alternative is to use multiple `organizations.IAMBinding`
resources. This resource makes it easy to remove your own access to
an organization, which will require a call to Google Support to have
fixed, and can take multiple days to resolve.

In general, this resource should only be used with organizations
fully managed by this provider.I f you do use this resource,
the best way to be sure that you are not making dangerous changes is to start
by **importing** your existing policy, and examining the diff very closely.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = organizations.NewIAMPolicy(ctx, "organization", &organizations.IAMPolicyArgs{
			OrgId:      pulumi.String("1234567890"),
			PolicyData: *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Condition: {
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
						Title:       "expires_after_2019_12_31",
					},
					Members: []string{
						"user:jane@example.com",
					},
					Role: "roles/editor",
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = organizations.NewIAMPolicy(ctx, "organization", &organizations.IAMPolicyArgs{
			OrgId:      pulumi.String("1234567890"),
			PolicyData: *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_organization\_iam\_binding

> **Note:** If `role` is set to `roles/owner` and you don't specify a user or service account you have access to in `members`, you can lock yourself out of your organization.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMBinding(ctx, "organization", &organizations.IAMBindingArgs{
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			OrgId: pulumi.String("1234567890"),
			Role:  pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMBinding(ctx, "organization", &organizations.IAMBindingArgs{
			Condition: &organizations.IAMBindingConditionArgs{
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
				Title:       pulumi.String("expires_after_2019_12_31"),
			},
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			OrgId: pulumi.String("1234567890"),
			Role:  pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_organization\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMMember(ctx, "organization", &organizations.IAMMemberArgs{
			Member: pulumi.String("user:jane@example.com"),
			OrgId:  pulumi.String("1234567890"),
			Role:   pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMMember(ctx, "organization", &organizations.IAMMemberArgs{
			Condition: &organizations.IAMMemberConditionArgs{
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
				Title:       pulumi.String("expires_after_2019_12_31"),
			},
			Member: pulumi.String("user:jane@example.com"),
			OrgId:  pulumi.String("1234567890"),
			Role:   pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_organization\_iam\_audit\_config

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIamAuditConfig(ctx, "organization", &organizations.IamAuditConfigArgs{
			AuditLogConfigs: organizations.IamAuditConfigAuditLogConfigArray{
				&organizations.IamAuditConfigAuditLogConfigArgs{
					LogType: pulumi.String("ADMIN_READ"),
				},
				&organizations.IamAuditConfigAuditLogConfigArgs{
					ExemptedMembers: pulumi.StringArray{
						pulumi.String("user:joebloggs@hashicorp.com"),
					},
					LogType: pulumi.String("DATA_READ"),
				},
			},
			OrgId:   pulumi.String("1234567890"),
			Service: pulumi.String("allServices"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.

This member resource can be imported using the `org_id`, role, and member e.g.

```sh 

$ pulumi import gcp:organizations/iAMMember:IAMMember my_organization "your-orgid roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role.

This binding resource can be imported using the `org_id` and role, e.g.

```sh 

$ pulumi import gcp:organizations/iAMMember:IAMMember my_organization "your-org-id roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question.

This policy resource can be imported using the `org_id`.

```sh 

$ pulumi import gcp:organizations/iAMMember:IAMMember my_organization your-org-id

``` 

IAM audit config imports use the identifier of the resource in question and the service, e.g.

```sh 

$ pulumi import gcp:organizations/iAMMember:IAMMember my_organization "your-organization-id foo.googleapis.com"

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `organizations/{{org_id}}/roles/{{role_id}}`. -> **Conditional IAM Bindings**If you're importing a IAM binding with a condition block, make sure

```sh 

$ pulumi import gcp:organizations/iAMMember:IAMMember to include the title of condition, e.g. `google_organization_iam_binding.my_organization "your-org-id roles/{{role_id}} condition-title"`

```

func GetIAMMember 

func GetIAMMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMMemberState, opts ...pulumi.ResourceOption) (*IAMMember, error)

GetIAMMember gets an existing IAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMMember 

func NewIAMMember(ctx *pulumi.Context,
	name string, args *IAMMemberArgs, opts ...pulumi.ResourceOption) (*IAMMember, error)

NewIAMMember registers a new resource with the given unique name, arguments, and options.

func (*IAMMember) ElementType 

func (*IAMMember) ElementType() reflect.Type

func (*IAMMember) ToIAMMemberOutput 

func (i *IAMMember) ToIAMMemberOutput() IAMMemberOutput

func (*IAMMember) ToIAMMemberOutputWithContext 

func (i *IAMMember) ToIAMMemberOutputWithContext(ctx context.Context) IAMMemberOutput

func (*IAMMember) ToOutput added in v6.65.1 

func (i *IAMMember) ToOutput(ctx context.Context) pulumix.Output[*IAMMember]

type IAMMemberArgs 

type IAMMemberArgs struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition IAMMemberConditionPtrInput
	Member    pulumi.StringInput
	// The organization id of the target organization.
	OrgId pulumi.StringInput
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `organizations/{{org_id}}/roles/{{role_id}}`.
	Role pulumi.StringInput
}

The set of arguments for constructing a IAMMember resource.

func (IAMMemberArgs) ElementType 

func (IAMMemberArgs) ElementType() reflect.Type

type IAMMemberArray 

type IAMMemberArray []IAMMemberInput

func (IAMMemberArray) ElementType 

func (IAMMemberArray) ElementType() reflect.Type

func (IAMMemberArray) ToIAMMemberArrayOutput 

func (i IAMMemberArray) ToIAMMemberArrayOutput() IAMMemberArrayOutput

func (IAMMemberArray) ToIAMMemberArrayOutputWithContext 

func (i IAMMemberArray) ToIAMMemberArrayOutputWithContext(ctx context.Context) IAMMemberArrayOutput

func (IAMMemberArray) ToOutput added in v6.65.1 

func (i IAMMemberArray) ToOutput(ctx context.Context) pulumix.Output[[]*IAMMember]

type IAMMemberArrayInput 

type IAMMemberArrayInput interface {
	pulumi.Input

	ToIAMMemberArrayOutput() IAMMemberArrayOutput
	ToIAMMemberArrayOutputWithContext(context.Context) IAMMemberArrayOutput
}

IAMMemberArrayInput is an input type that accepts IAMMemberArray and IAMMemberArrayOutput values. You can construct a concrete instance of `IAMMemberArrayInput` via: 

IAMMemberArray{ IAMMemberArgs{...} }

type IAMMemberArrayOutput 

type IAMMemberArrayOutput struct{ *pulumi.OutputState }

func (IAMMemberArrayOutput) ElementType 

func (IAMMemberArrayOutput) ElementType() reflect.Type

func (IAMMemberArrayOutput) Index 

func (o IAMMemberArrayOutput) Index(i pulumi.IntInput) IAMMemberOutput

func (IAMMemberArrayOutput) ToIAMMemberArrayOutput 

func (o IAMMemberArrayOutput) ToIAMMemberArrayOutput() IAMMemberArrayOutput

func (IAMMemberArrayOutput) ToIAMMemberArrayOutputWithContext 

func (o IAMMemberArrayOutput) ToIAMMemberArrayOutputWithContext(ctx context.Context) IAMMemberArrayOutput

func (IAMMemberArrayOutput) ToOutput added in v6.65.1 

func (o IAMMemberArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*IAMMember]

type IAMMemberCondition 

type IAMMemberCondition struct {
	// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	//
	// > **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the
	// identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will
	// consider it to be an entirely different resource and will treat it as such.
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title string `pulumi:"title"`
}

type IAMMemberConditionArgs 

type IAMMemberConditionArgs struct {
	// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	//
	// > **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the
	// identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will
	// consider it to be an entirely different resource and will treat it as such.
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringInput `pulumi:"title"`
}

func (IAMMemberConditionArgs) ElementType 

func (IAMMemberConditionArgs) ElementType() reflect.Type

func (IAMMemberConditionArgs) ToIAMMemberConditionOutput 

func (i IAMMemberConditionArgs) ToIAMMemberConditionOutput() IAMMemberConditionOutput

func (IAMMemberConditionArgs) ToIAMMemberConditionOutputWithContext 

func (i IAMMemberConditionArgs) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput

func (IAMMemberConditionArgs) ToIAMMemberConditionPtrOutput 

func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput

func (IAMMemberConditionArgs) ToIAMMemberConditionPtrOutputWithContext 

func (i IAMMemberConditionArgs) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput

func (IAMMemberConditionArgs) ToOutput added in v6.65.1 

func (i IAMMemberConditionArgs) ToOutput(ctx context.Context) pulumix.Output[IAMMemberCondition]

type IAMMemberConditionInput 

type IAMMemberConditionInput interface {
	pulumi.Input

	ToIAMMemberConditionOutput() IAMMemberConditionOutput
	ToIAMMemberConditionOutputWithContext(context.Context) IAMMemberConditionOutput
}

IAMMemberConditionInput is an input type that accepts IAMMemberConditionArgs and IAMMemberConditionOutput values. You can construct a concrete instance of `IAMMemberConditionInput` via: 

IAMMemberConditionArgs{...}

type IAMMemberConditionOutput 

type IAMMemberConditionOutput struct{ *pulumi.OutputState }

func (IAMMemberConditionOutput) Description 

func (o IAMMemberConditionOutput) Description() pulumi.StringPtrOutput

An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

> **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will consider it to be an entirely different resource and will treat it as such.

func (IAMMemberConditionOutput) ElementType 

func (IAMMemberConditionOutput) ElementType() reflect.Type

func (IAMMemberConditionOutput) Expression 

func (o IAMMemberConditionOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (IAMMemberConditionOutput) Title 

func (o IAMMemberConditionOutput) Title() pulumi.StringOutput

A title for the expression, i.e. a short string describing its purpose.

func (IAMMemberConditionOutput) ToIAMMemberConditionOutput 

func (o IAMMemberConditionOutput) ToIAMMemberConditionOutput() IAMMemberConditionOutput

func (IAMMemberConditionOutput) ToIAMMemberConditionOutputWithContext 

func (o IAMMemberConditionOutput) ToIAMMemberConditionOutputWithContext(ctx context.Context) IAMMemberConditionOutput

func (IAMMemberConditionOutput) ToIAMMemberConditionPtrOutput 

func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput

func (IAMMemberConditionOutput) ToIAMMemberConditionPtrOutputWithContext 

func (o IAMMemberConditionOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput

func (IAMMemberConditionOutput) ToOutput added in v6.65.1 

func (o IAMMemberConditionOutput) ToOutput(ctx context.Context) pulumix.Output[IAMMemberCondition]

type IAMMemberConditionPtrInput 

type IAMMemberConditionPtrInput interface {
	pulumi.Input

	ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput
	ToIAMMemberConditionPtrOutputWithContext(context.Context) IAMMemberConditionPtrOutput
}

IAMMemberConditionPtrInput is an input type that accepts IAMMemberConditionArgs, IAMMemberConditionPtr and IAMMemberConditionPtrOutput values. You can construct a concrete instance of `IAMMemberConditionPtrInput` via: 

        IAMMemberConditionArgs{...}

or:

        nil

func IAMMemberConditionPtr 

func IAMMemberConditionPtr(v *IAMMemberConditionArgs) IAMMemberConditionPtrInput

type IAMMemberConditionPtrOutput 

type IAMMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (IAMMemberConditionPtrOutput) Description 

func (o IAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput

An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

> **Warning:** This provider considers the `role` and condition contents (`title`+`description`+`expression`) as the identifier for the binding. This means that if any part of the condition is changed out-of-band, the provider will consider it to be an entirely different resource and will treat it as such.

func (IAMMemberConditionPtrOutput) Elem 

func (o IAMMemberConditionPtrOutput) Elem() IAMMemberConditionOutput

func (IAMMemberConditionPtrOutput) ElementType 

func (IAMMemberConditionPtrOutput) ElementType() reflect.Type

func (IAMMemberConditionPtrOutput) Expression 

func (o IAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (IAMMemberConditionPtrOutput) Title 

func (o IAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput

A title for the expression, i.e. a short string describing its purpose.

func (IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutput 

func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutput() IAMMemberConditionPtrOutput

func (IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutputWithContext 

func (o IAMMemberConditionPtrOutput) ToIAMMemberConditionPtrOutputWithContext(ctx context.Context) IAMMemberConditionPtrOutput

func (IAMMemberConditionPtrOutput) ToOutput added in v6.65.1 

func (o IAMMemberConditionPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*IAMMemberCondition]

type IAMMemberInput 

type IAMMemberInput interface {
	pulumi.Input

	ToIAMMemberOutput() IAMMemberOutput
	ToIAMMemberOutputWithContext(ctx context.Context) IAMMemberOutput
}

type IAMMemberMap 

type IAMMemberMap map[string]IAMMemberInput

func (IAMMemberMap) ElementType 

func (IAMMemberMap) ElementType() reflect.Type

func (IAMMemberMap) ToIAMMemberMapOutput 

func (i IAMMemberMap) ToIAMMemberMapOutput() IAMMemberMapOutput

func (IAMMemberMap) ToIAMMemberMapOutputWithContext 

func (i IAMMemberMap) ToIAMMemberMapOutputWithContext(ctx context.Context) IAMMemberMapOutput

func (IAMMemberMap) ToOutput added in v6.65.1 

func (i IAMMemberMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMMember]

type IAMMemberMapInput 

type IAMMemberMapInput interface {
	pulumi.Input

	ToIAMMemberMapOutput() IAMMemberMapOutput
	ToIAMMemberMapOutputWithContext(context.Context) IAMMemberMapOutput
}

IAMMemberMapInput is an input type that accepts IAMMemberMap and IAMMemberMapOutput values. You can construct a concrete instance of `IAMMemberMapInput` via: 

IAMMemberMap{ "key": IAMMemberArgs{...} }

type IAMMemberMapOutput 

type IAMMemberMapOutput struct{ *pulumi.OutputState }

func (IAMMemberMapOutput) ElementType 

func (IAMMemberMapOutput) ElementType() reflect.Type

func (IAMMemberMapOutput) MapIndex 

func (o IAMMemberMapOutput) MapIndex(k pulumi.StringInput) IAMMemberOutput

func (IAMMemberMapOutput) ToIAMMemberMapOutput 

func (o IAMMemberMapOutput) ToIAMMemberMapOutput() IAMMemberMapOutput

func (IAMMemberMapOutput) ToIAMMemberMapOutputWithContext 

func (o IAMMemberMapOutput) ToIAMMemberMapOutputWithContext(ctx context.Context) IAMMemberMapOutput

func (IAMMemberMapOutput) ToOutput added in v6.65.1 

func (o IAMMemberMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMMember]

type IAMMemberOutput 

type IAMMemberOutput struct{ *pulumi.OutputState }

func (IAMMemberOutput) Condition added in v6.23.0 

func (o IAMMemberOutput) Condition() IAMMemberConditionPtrOutput

An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

func (IAMMemberOutput) ElementType 

func (IAMMemberOutput) ElementType() reflect.Type

func (IAMMemberOutput) Etag added in v6.23.0 

func (o IAMMemberOutput) Etag() pulumi.StringOutput

(Computed) The etag of the organization's IAM policy.

func (IAMMemberOutput) Member added in v6.23.0 

func (o IAMMemberOutput) Member() pulumi.StringOutput

func (IAMMemberOutput) OrgId added in v6.23.0 

func (o IAMMemberOutput) OrgId() pulumi.StringOutput

The organization id of the target organization.

func (IAMMemberOutput) Role added in v6.23.0 

func (o IAMMemberOutput) Role() pulumi.StringOutput

The role that should be applied. Only one `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format `organizations/{{org_id}}/roles/{{role_id}}`.

func (IAMMemberOutput) ToIAMMemberOutput 

func (o IAMMemberOutput) ToIAMMemberOutput() IAMMemberOutput

func (IAMMemberOutput) ToIAMMemberOutputWithContext 

func (o IAMMemberOutput) ToIAMMemberOutputWithContext(ctx context.Context) IAMMemberOutput

func (IAMMemberOutput) ToOutput added in v6.65.1 

func (o IAMMemberOutput) ToOutput(ctx context.Context) pulumix.Output[*IAMMember]

type IAMMemberState 

type IAMMemberState struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition IAMMemberConditionPtrInput
	// (Computed) The etag of the organization's IAM policy.
	Etag   pulumi.StringPtrInput
	Member pulumi.StringPtrInput
	// The organization id of the target organization.
	OrgId pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `organizations.IAMBinding` can be used per role. Note that custom roles must be of the format
	// `organizations/{{org_id}}/roles/{{role_id}}`.
	Role pulumi.StringPtrInput
}

func (IAMMemberState) ElementType 

func (IAMMemberState) ElementType() reflect.Type

type IAMPolicy 

type IAMPolicy struct {
	pulumi.CustomResourceState

	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The organization id of the target organization.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// The `organizations.getIAMPolicy` data source that represents
	// the IAM policy that will be applied to the organization. The policy will be
	// merged with any existing policy applied to the organization.
	//
	// Changing this updates the policy.
	//
	// Deleting this removes all policies from the organization, locking out users without
	// organization-level access.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
}

Four different resources help you manage your IAM policy for a organization. Each of these resources serves a different use case:

* `organizations.IAMPolicy`: Authoritative. Sets the IAM policy for the organization and replaces any existing policy already attached. * `organizations.IAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the organization are preserved. * `organizations.IAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the organization are preserved. * `organizations.IamAuditConfig`: Authoritative for a given service. Updates the IAM policy to enable audit logging for the given service.

> **Note:** `organizations.IAMPolicy` **cannot** be used in conjunction with `organizations.IAMBinding`, `organizations.IAMMember`, or `organizations.IamAuditConfig` or they will fight over what your policy should be.

> **Note:** `organizations.IAMBinding` resources **can be** used in conjunction with `organizations.IAMMember` resources **only if** they do not grant privilege to the same role.

## google\_organization\_iam\_policy

!> **Warning:** New organizations have several default policies which will, 

without extreme caution, be **overwritten** by use of this resource.
The safest alternative is to use multiple `organizations.IAMBinding`
resources. This resource makes it easy to remove your own access to
an organization, which will require a call to Google Support to have
fixed, and can take multiple days to resolve.

In general, this resource should only be used with organizations
fully managed by this provider.I f you do use this resource,
the best way to be sure that you are not making dangerous changes is to start
by **importing** your existing policy, and examining the diff very closely.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/editor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = organizations.NewIAMPolicy(ctx, "organization", &organizations.IAMPolicyArgs{
			OrgId:      pulumi.String("1234567890"),
			PolicyData: *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Condition: {
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
						Title:       "expires_after_2019_12_31",
					},
					Members: []string{
						"user:jane@example.com",
					},
					Role: "roles/editor",
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = organizations.NewIAMPolicy(ctx, "organization", &organizations.IAMPolicyArgs{
			OrgId:      pulumi.String("1234567890"),
			PolicyData: *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_organization\_iam\_binding

> **Note:** If `role` is set to `roles/owner` and you don't specify a user or service account you have access to in `members`, you can lock yourself out of your organization.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMBinding(ctx, "organization", &organizations.IAMBindingArgs{
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			OrgId: pulumi.String("1234567890"),
			Role:  pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMBinding(ctx, "organization", &organizations.IAMBindingArgs{
			Condition: &organizations.IAMBindingConditionArgs{
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
				Title:       pulumi.String("expires_after_2019_12_31"),
			},
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			OrgId: pulumi.String("1234567890"),
			Role:  pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_organization\_iam\_member

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMMember(ctx, "organization", &organizations.IAMMemberArgs{
			Member: pulumi.String("user:jane@example.com"),
			OrgId:  pulumi.String("1234567890"),
			Role:   pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIAMMember(ctx, "organization", &organizations.IAMMemberArgs{
			Condition: &organizations.IAMMemberConditionArgs{
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
				Title:       pulumi.String("expires_after_2019_12_31"),
			},
			Member: pulumi.String("user:jane@example.com"),
			OrgId:  pulumi.String("1234567890"),
			Role:   pulumi.String("roles/editor"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_organization\_iam\_audit\_config

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIamAuditConfig(ctx, "organization", &organizations.IamAuditConfigArgs{
			AuditLogConfigs: organizations.IamAuditConfigAuditLogConfigArray{
				&organizations.IamAuditConfigAuditLogConfigArgs{
					LogType: pulumi.String("ADMIN_READ"),
				},
				&organizations.IamAuditConfigAuditLogConfigArgs{
					ExemptedMembers: pulumi.StringArray{
						pulumi.String("user:joebloggs@hashicorp.com"),
					},
					LogType: pulumi.String("DATA_READ"),
				},
			},
			OrgId:   pulumi.String("1234567890"),
			Service: pulumi.String("allServices"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.

This member resource can be imported using the `org_id`, role, and member e.g.

```sh 

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization "your-orgid roles/viewer user:foo@example.com"

``` 

IAM binding imports use space-delimited identifiers; the resource in question and the role.

This binding resource can be imported using the `org_id` and role, e.g.

```sh 

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization "your-org-id roles/viewer"

``` 

IAM policy imports use the identifier of the resource in question.

This policy resource can be imported using the `org_id`.

```sh 

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization your-org-id

``` 

IAM audit config imports use the identifier of the resource in question and the service, e.g.

```sh 

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy my_organization "your-organization-id foo.googleapis.com"

``` 

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `organizations/{{org_id}}/roles/{{role_id}}`. -> **Conditional IAM Bindings**If you're importing a IAM binding with a condition block, make sure

```sh 

$ pulumi import gcp:organizations/iAMPolicy:IAMPolicy to include the title of condition, e.g. `google_organization_iam_binding.my_organization "your-org-id roles/{{role_id}} condition-title"`

```

func GetIAMPolicy 

func GetIAMPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IAMPolicyState, opts ...pulumi.ResourceOption) (*IAMPolicy, error)

GetIAMPolicy gets an existing IAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIAMPolicy 

func NewIAMPolicy(ctx *pulumi.Context,
	name string, args *IAMPolicyArgs, opts ...pulumi.ResourceOption) (*IAMPolicy, error)

NewIAMPolicy registers a new resource with the given unique name, arguments, and options.

func (*IAMPolicy) ElementType 

func (*IAMPolicy) ElementType() reflect.Type

func (*IAMPolicy) ToIAMPolicyOutput 

func (i *IAMPolicy) ToIAMPolicyOutput() IAMPolicyOutput

func (*IAMPolicy) ToIAMPolicyOutputWithContext 

func (i *IAMPolicy) ToIAMPolicyOutputWithContext(ctx context.Context) IAMPolicyOutput

func (*IAMPolicy) ToOutput added in v6.65.1 

func (i *IAMPolicy) ToOutput(ctx context.Context) pulumix.Output[*IAMPolicy]

type IAMPolicyArgs 

type IAMPolicyArgs struct {
	// The organization id of the target organization.
	OrgId pulumi.StringInput
	// The `organizations.getIAMPolicy` data source that represents
	// the IAM policy that will be applied to the organization. The policy will be
	// merged with any existing policy applied to the organization.
	//
	// Changing this updates the policy.
	//
	// Deleting this removes all policies from the organization, locking out users without
	// organization-level access.
	PolicyData pulumi.StringInput
}

The set of arguments for constructing a IAMPolicy resource.

func (IAMPolicyArgs) ElementType 

func (IAMPolicyArgs) ElementType() reflect.Type

type IAMPolicyArray 

type IAMPolicyArray []IAMPolicyInput

func (IAMPolicyArray) ElementType 

func (IAMPolicyArray) ElementType() reflect.Type

func (IAMPolicyArray) ToIAMPolicyArrayOutput 

func (i IAMPolicyArray) ToIAMPolicyArrayOutput() IAMPolicyArrayOutput

func (IAMPolicyArray) ToIAMPolicyArrayOutputWithContext 

func (i IAMPolicyArray) ToIAMPolicyArrayOutputWithContext(ctx context.Context) IAMPolicyArrayOutput

func (IAMPolicyArray) ToOutput added in v6.65.1 

func (i IAMPolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*IAMPolicy]

type IAMPolicyArrayInput 

type IAMPolicyArrayInput interface {
	pulumi.Input

	ToIAMPolicyArrayOutput() IAMPolicyArrayOutput
	ToIAMPolicyArrayOutputWithContext(context.Context) IAMPolicyArrayOutput
}

IAMPolicyArrayInput is an input type that accepts IAMPolicyArray and IAMPolicyArrayOutput values. You can construct a concrete instance of `IAMPolicyArrayInput` via: 

IAMPolicyArray{ IAMPolicyArgs{...} }

type IAMPolicyArrayOutput 

type IAMPolicyArrayOutput struct{ *pulumi.OutputState }

func (IAMPolicyArrayOutput) ElementType 

func (IAMPolicyArrayOutput) ElementType() reflect.Type

func (IAMPolicyArrayOutput) Index 

func (o IAMPolicyArrayOutput) Index(i pulumi.IntInput) IAMPolicyOutput

func (IAMPolicyArrayOutput) ToIAMPolicyArrayOutput 

func (o IAMPolicyArrayOutput) ToIAMPolicyArrayOutput() IAMPolicyArrayOutput

func (IAMPolicyArrayOutput) ToIAMPolicyArrayOutputWithContext 

func (o IAMPolicyArrayOutput) ToIAMPolicyArrayOutputWithContext(ctx context.Context) IAMPolicyArrayOutput

func (IAMPolicyArrayOutput) ToOutput added in v6.65.1 

func (o IAMPolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*IAMPolicy]

type IAMPolicyInput 

type IAMPolicyInput interface {
	pulumi.Input

	ToIAMPolicyOutput() IAMPolicyOutput
	ToIAMPolicyOutputWithContext(ctx context.Context) IAMPolicyOutput
}

type IAMPolicyMap 

type IAMPolicyMap map[string]IAMPolicyInput

func (IAMPolicyMap) ElementType 

func (IAMPolicyMap) ElementType() reflect.Type

func (IAMPolicyMap) ToIAMPolicyMapOutput 

func (i IAMPolicyMap) ToIAMPolicyMapOutput() IAMPolicyMapOutput

func (IAMPolicyMap) ToIAMPolicyMapOutputWithContext 

func (i IAMPolicyMap) ToIAMPolicyMapOutputWithContext(ctx context.Context) IAMPolicyMapOutput

func (IAMPolicyMap) ToOutput added in v6.65.1 

func (i IAMPolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMPolicy]

type IAMPolicyMapInput 

type IAMPolicyMapInput interface {
	pulumi.Input

	ToIAMPolicyMapOutput() IAMPolicyMapOutput
	ToIAMPolicyMapOutputWithContext(context.Context) IAMPolicyMapOutput
}

IAMPolicyMapInput is an input type that accepts IAMPolicyMap and IAMPolicyMapOutput values. You can construct a concrete instance of `IAMPolicyMapInput` via: 

IAMPolicyMap{ "key": IAMPolicyArgs{...} }

type IAMPolicyMapOutput 

type IAMPolicyMapOutput struct{ *pulumi.OutputState }

func (IAMPolicyMapOutput) ElementType 

func (IAMPolicyMapOutput) ElementType() reflect.Type

func (IAMPolicyMapOutput) MapIndex 

func (o IAMPolicyMapOutput) MapIndex(k pulumi.StringInput) IAMPolicyOutput

func (IAMPolicyMapOutput) ToIAMPolicyMapOutput 

func (o IAMPolicyMapOutput) ToIAMPolicyMapOutput() IAMPolicyMapOutput

func (IAMPolicyMapOutput) ToIAMPolicyMapOutputWithContext 

func (o IAMPolicyMapOutput) ToIAMPolicyMapOutputWithContext(ctx context.Context) IAMPolicyMapOutput

func (IAMPolicyMapOutput) ToOutput added in v6.65.1 

func (o IAMPolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*IAMPolicy]

type IAMPolicyOutput 

type IAMPolicyOutput struct{ *pulumi.OutputState }

func (IAMPolicyOutput) ElementType 

func (IAMPolicyOutput) ElementType() reflect.Type

func (IAMPolicyOutput) Etag added in v6.23.0 

func (o IAMPolicyOutput) Etag() pulumi.StringOutput

(Computed) The etag of the organization's IAM policy.

func (IAMPolicyOutput) OrgId added in v6.23.0 

func (o IAMPolicyOutput) OrgId() pulumi.StringOutput

The organization id of the target organization.

func (IAMPolicyOutput) PolicyData added in v6.23.0 

func (o IAMPolicyOutput) PolicyData() pulumi.StringOutput

The `organizations.getIAMPolicy` data source that represents the IAM policy that will be applied to the organization. The policy will be merged with any existing policy applied to the organization.

Changing this updates the policy.

Deleting this removes all policies from the organization, locking out users without organization-level access.

func (IAMPolicyOutput) ToIAMPolicyOutput 

func (o IAMPolicyOutput) ToIAMPolicyOutput() IAMPolicyOutput

func (IAMPolicyOutput) ToIAMPolicyOutputWithContext 

func (o IAMPolicyOutput) ToIAMPolicyOutputWithContext(ctx context.Context) IAMPolicyOutput

func (IAMPolicyOutput) ToOutput added in v6.65.1 

func (o IAMPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*IAMPolicy]

type IAMPolicyState 

type IAMPolicyState struct {
	// (Computed) The etag of the organization's IAM policy.
	Etag pulumi.StringPtrInput
	// The organization id of the target organization.
	OrgId pulumi.StringPtrInput
	// The `organizations.getIAMPolicy` data source that represents
	// the IAM policy that will be applied to the organization. The policy will be
	// merged with any existing policy applied to the organization.
	//
	// Changing this updates the policy.
	//
	// Deleting this removes all policies from the organization, locking out users without
	// organization-level access.
	PolicyData pulumi.StringPtrInput
}

func (IAMPolicyState) ElementType 

func (IAMPolicyState) ElementType() reflect.Type

type IamAuditConfig 

type IamAuditConfig struct {
	pulumi.CustomResourceState

	// The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
	AuditLogConfigs IamAuditConfigAuditLogConfigArrayOutput `pulumi:"auditLogConfigs"`
	// The etag of iam policy
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The numeric ID of the organization in which you want to manage the audit logging config.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
	Service pulumi.StringOutput `pulumi:"service"`
}

Allows management of audit logging config for a given service for a Google Cloud Platform Organization.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewIamAuditConfig(ctx, "config", &organizations.IamAuditConfigArgs{
			AuditLogConfigs: organizations.IamAuditConfigAuditLogConfigArray{
				&organizations.IamAuditConfigAuditLogConfigArgs{
					ExemptedMembers: pulumi.StringArray{
						pulumi.String("user:joebloggs@hashicorp.com"),
					},
					LogType: pulumi.String("DATA_READ"),
				},
			},
			OrgId:   pulumi.String("your-organization-id"),
			Service: pulumi.String("allServices"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM audit config imports use the identifier of the resource in question and the service, e.g.

```sh 

$ pulumi import gcp:organizations/iamAuditConfig:IamAuditConfig config "your-organization-id foo.googleapis.com"

```

func GetIamAuditConfig 

func GetIamAuditConfig(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IamAuditConfigState, opts ...pulumi.ResourceOption) (*IamAuditConfig, error)

GetIamAuditConfig gets an existing IamAuditConfig resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIamAuditConfig 

func NewIamAuditConfig(ctx *pulumi.Context,
	name string, args *IamAuditConfigArgs, opts ...pulumi.ResourceOption) (*IamAuditConfig, error)

NewIamAuditConfig registers a new resource with the given unique name, arguments, and options.

func (*IamAuditConfig) ElementType 

func (*IamAuditConfig) ElementType() reflect.Type

func (*IamAuditConfig) ToIamAuditConfigOutput 

func (i *IamAuditConfig) ToIamAuditConfigOutput() IamAuditConfigOutput

func (*IamAuditConfig) ToIamAuditConfigOutputWithContext 

func (i *IamAuditConfig) ToIamAuditConfigOutputWithContext(ctx context.Context) IamAuditConfigOutput

func (*IamAuditConfig) ToOutput added in v6.65.1 

func (i *IamAuditConfig) ToOutput(ctx context.Context) pulumix.Output[*IamAuditConfig]

type IamAuditConfigArgs 

type IamAuditConfigArgs struct {
	// The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
	AuditLogConfigs IamAuditConfigAuditLogConfigArrayInput
	// The numeric ID of the organization in which you want to manage the audit logging config.
	OrgId pulumi.StringInput
	// Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
	Service pulumi.StringInput
}

The set of arguments for constructing a IamAuditConfig resource.

func (IamAuditConfigArgs) ElementType 

func (IamAuditConfigArgs) ElementType() reflect.Type

type IamAuditConfigArray 

type IamAuditConfigArray []IamAuditConfigInput

func (IamAuditConfigArray) ElementType 

func (IamAuditConfigArray) ElementType() reflect.Type

func (IamAuditConfigArray) ToIamAuditConfigArrayOutput 

func (i IamAuditConfigArray) ToIamAuditConfigArrayOutput() IamAuditConfigArrayOutput

func (IamAuditConfigArray) ToIamAuditConfigArrayOutputWithContext 

func (i IamAuditConfigArray) ToIamAuditConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigArrayOutput

func (IamAuditConfigArray) ToOutput added in v6.65.1 

func (i IamAuditConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]*IamAuditConfig]

type IamAuditConfigArrayInput 

type IamAuditConfigArrayInput interface {
	pulumi.Input

	ToIamAuditConfigArrayOutput() IamAuditConfigArrayOutput
	ToIamAuditConfigArrayOutputWithContext(context.Context) IamAuditConfigArrayOutput
}

IamAuditConfigArrayInput is an input type that accepts IamAuditConfigArray and IamAuditConfigArrayOutput values. You can construct a concrete instance of `IamAuditConfigArrayInput` via: 

IamAuditConfigArray{ IamAuditConfigArgs{...} }

type IamAuditConfigArrayOutput 

type IamAuditConfigArrayOutput struct{ *pulumi.OutputState }

func (IamAuditConfigArrayOutput) ElementType 

func (IamAuditConfigArrayOutput) ElementType() reflect.Type

func (IamAuditConfigArrayOutput) Index 

func (o IamAuditConfigArrayOutput) Index(i pulumi.IntInput) IamAuditConfigOutput

func (IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutput 

func (o IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutput() IamAuditConfigArrayOutput

func (IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutputWithContext 

func (o IamAuditConfigArrayOutput) ToIamAuditConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigArrayOutput

func (IamAuditConfigArrayOutput) ToOutput added in v6.65.1 

func (o IamAuditConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*IamAuditConfig]

type IamAuditConfigAuditLogConfig 

type IamAuditConfigAuditLogConfig struct {
	// Identities that do not cause logging for this type of permission.
	// Each entry can have one of the following values:
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// Permission type for which logging is to be configured.  Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`.
	LogType string `pulumi:"logType"`
}

type IamAuditConfigAuditLogConfigArgs 

type IamAuditConfigAuditLogConfigArgs struct {
	// Identities that do not cause logging for this type of permission.
	// Each entry can have one of the following values:
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// Permission type for which logging is to be configured.  Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`.
	LogType pulumi.StringInput `pulumi:"logType"`
}

func (IamAuditConfigAuditLogConfigArgs) ElementType 

func (IamAuditConfigAuditLogConfigArgs) ElementType() reflect.Type

func (IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutput 

func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput

func (IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutputWithContext 

func (i IamAuditConfigAuditLogConfigArgs) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput

func (IamAuditConfigAuditLogConfigArgs) ToOutput added in v6.65.1 

func (i IamAuditConfigAuditLogConfigArgs) ToOutput(ctx context.Context) pulumix.Output[IamAuditConfigAuditLogConfig]

type IamAuditConfigAuditLogConfigArray 

type IamAuditConfigAuditLogConfigArray []IamAuditConfigAuditLogConfigInput

func (IamAuditConfigAuditLogConfigArray) ElementType 

func (IamAuditConfigAuditLogConfigArray) ElementType() reflect.Type

func (IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutput 

func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput

func (IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutputWithContext 

func (i IamAuditConfigAuditLogConfigArray) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput

func (IamAuditConfigAuditLogConfigArray) ToOutput added in v6.65.1 

func (i IamAuditConfigAuditLogConfigArray) ToOutput(ctx context.Context) pulumix.Output[[]IamAuditConfigAuditLogConfig]

type IamAuditConfigAuditLogConfigArrayInput 

type IamAuditConfigAuditLogConfigArrayInput interface {
	pulumi.Input

	ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput
	ToIamAuditConfigAuditLogConfigArrayOutputWithContext(context.Context) IamAuditConfigAuditLogConfigArrayOutput
}

IamAuditConfigAuditLogConfigArrayInput is an input type that accepts IamAuditConfigAuditLogConfigArray and IamAuditConfigAuditLogConfigArrayOutput values. You can construct a concrete instance of `IamAuditConfigAuditLogConfigArrayInput` via: 

IamAuditConfigAuditLogConfigArray{ IamAuditConfigAuditLogConfigArgs{...} }

type IamAuditConfigAuditLogConfigArrayOutput 

type IamAuditConfigAuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (IamAuditConfigAuditLogConfigArrayOutput) ElementType 

func (IamAuditConfigAuditLogConfigArrayOutput) ElementType() reflect.Type

func (IamAuditConfigAuditLogConfigArrayOutput) Index 

func (o IamAuditConfigAuditLogConfigArrayOutput) Index(i pulumi.IntInput) IamAuditConfigAuditLogConfigOutput

func (IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutput 

func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutput() IamAuditConfigAuditLogConfigArrayOutput

func (IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutputWithContext 

func (o IamAuditConfigAuditLogConfigArrayOutput) ToIamAuditConfigAuditLogConfigArrayOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigArrayOutput

func (IamAuditConfigAuditLogConfigArrayOutput) ToOutput added in v6.65.1 

func (o IamAuditConfigAuditLogConfigArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]IamAuditConfigAuditLogConfig]

type IamAuditConfigAuditLogConfigInput 

type IamAuditConfigAuditLogConfigInput interface {
	pulumi.Input

	ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput
	ToIamAuditConfigAuditLogConfigOutputWithContext(context.Context) IamAuditConfigAuditLogConfigOutput
}

IamAuditConfigAuditLogConfigInput is an input type that accepts IamAuditConfigAuditLogConfigArgs and IamAuditConfigAuditLogConfigOutput values. You can construct a concrete instance of `IamAuditConfigAuditLogConfigInput` via: 

IamAuditConfigAuditLogConfigArgs{...}

type IamAuditConfigAuditLogConfigOutput 

type IamAuditConfigAuditLogConfigOutput struct{ *pulumi.OutputState }

func (IamAuditConfigAuditLogConfigOutput) ElementType 

func (IamAuditConfigAuditLogConfigOutput) ElementType() reflect.Type

func (IamAuditConfigAuditLogConfigOutput) ExemptedMembers 

func (o IamAuditConfigAuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput

Identities that do not cause logging for this type of permission. Each entry can have one of the following values: * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.

func (IamAuditConfigAuditLogConfigOutput) LogType 

func (o IamAuditConfigAuditLogConfigOutput) LogType() pulumi.StringOutput

Permission type for which logging is to be configured. Must be one of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ`.

func (IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutput 

func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutput() IamAuditConfigAuditLogConfigOutput

func (IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutputWithContext 

func (o IamAuditConfigAuditLogConfigOutput) ToIamAuditConfigAuditLogConfigOutputWithContext(ctx context.Context) IamAuditConfigAuditLogConfigOutput

func (IamAuditConfigAuditLogConfigOutput) ToOutput added in v6.65.1 

func (o IamAuditConfigAuditLogConfigOutput) ToOutput(ctx context.Context) pulumix.Output[IamAuditConfigAuditLogConfig]

type IamAuditConfigInput 

type IamAuditConfigInput interface {
	pulumi.Input

	ToIamAuditConfigOutput() IamAuditConfigOutput
	ToIamAuditConfigOutputWithContext(ctx context.Context) IamAuditConfigOutput
}

type IamAuditConfigMap 

type IamAuditConfigMap map[string]IamAuditConfigInput

func (IamAuditConfigMap) ElementType 

func (IamAuditConfigMap) ElementType() reflect.Type

func (IamAuditConfigMap) ToIamAuditConfigMapOutput 

func (i IamAuditConfigMap) ToIamAuditConfigMapOutput() IamAuditConfigMapOutput

func (IamAuditConfigMap) ToIamAuditConfigMapOutputWithContext 

func (i IamAuditConfigMap) ToIamAuditConfigMapOutputWithContext(ctx context.Context) IamAuditConfigMapOutput

func (IamAuditConfigMap) ToOutput added in v6.65.1 

func (i IamAuditConfigMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*IamAuditConfig]

type IamAuditConfigMapInput 

type IamAuditConfigMapInput interface {
	pulumi.Input

	ToIamAuditConfigMapOutput() IamAuditConfigMapOutput
	ToIamAuditConfigMapOutputWithContext(context.Context) IamAuditConfigMapOutput
}

IamAuditConfigMapInput is an input type that accepts IamAuditConfigMap and IamAuditConfigMapOutput values. You can construct a concrete instance of `IamAuditConfigMapInput` via: 

IamAuditConfigMap{ "key": IamAuditConfigArgs{...} }

type IamAuditConfigMapOutput 

type IamAuditConfigMapOutput struct{ *pulumi.OutputState }

func (IamAuditConfigMapOutput) ElementType 

func (IamAuditConfigMapOutput) ElementType() reflect.Type

func (IamAuditConfigMapOutput) MapIndex 

func (o IamAuditConfigMapOutput) MapIndex(k pulumi.StringInput) IamAuditConfigOutput

func (IamAuditConfigMapOutput) ToIamAuditConfigMapOutput 

func (o IamAuditConfigMapOutput) ToIamAuditConfigMapOutput() IamAuditConfigMapOutput

func (IamAuditConfigMapOutput) ToIamAuditConfigMapOutputWithContext 

func (o IamAuditConfigMapOutput) ToIamAuditConfigMapOutputWithContext(ctx context.Context) IamAuditConfigMapOutput

func (IamAuditConfigMapOutput) ToOutput added in v6.65.1 

func (o IamAuditConfigMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*IamAuditConfig]

type IamAuditConfigOutput 

type IamAuditConfigOutput struct{ *pulumi.OutputState }

func (IamAuditConfigOutput) AuditLogConfigs added in v6.23.0 

func (o IamAuditConfigOutput) AuditLogConfigs() IamAuditConfigAuditLogConfigArrayOutput

The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below.

func (IamAuditConfigOutput) ElementType 

func (IamAuditConfigOutput) ElementType() reflect.Type

func (IamAuditConfigOutput) Etag added in v6.23.0 

func (o IamAuditConfigOutput) Etag() pulumi.StringOutput

The etag of iam policy

func (IamAuditConfigOutput) OrgId added in v6.23.0 

func (o IamAuditConfigOutput) OrgId() pulumi.StringOutput

The numeric ID of the organization in which you want to manage the audit logging config.

func (IamAuditConfigOutput) Service added in v6.23.0 

func (o IamAuditConfigOutput) Service() pulumi.StringOutput

Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.

func (IamAuditConfigOutput) ToIamAuditConfigOutput 

func (o IamAuditConfigOutput) ToIamAuditConfigOutput() IamAuditConfigOutput

func (IamAuditConfigOutput) ToIamAuditConfigOutputWithContext 

func (o IamAuditConfigOutput) ToIamAuditConfigOutputWithContext(ctx context.Context) IamAuditConfigOutput

func (IamAuditConfigOutput) ToOutput added in v6.65.1 

func (o IamAuditConfigOutput) ToOutput(ctx context.Context) pulumix.Output[*IamAuditConfig]

type IamAuditConfigState 

type IamAuditConfigState struct {
	// The configuration for logging of each type of permission.  This can be specified multiple times.  Structure is documented below.
	AuditLogConfigs IamAuditConfigAuditLogConfigArrayInput
	// The etag of iam policy
	Etag pulumi.StringPtrInput
	// The numeric ID of the organization in which you want to manage the audit logging config.
	OrgId pulumi.StringPtrInput
	// Service which will be enabled for audit logging.  The special value `allServices` covers all services.  Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted.
	Service pulumi.StringPtrInput
}

func (IamAuditConfigState) ElementType 

func (IamAuditConfigState) ElementType() reflect.Type

type LookupFolderArgs 

type LookupFolderArgs struct {
	// The name of the Folder in the form `{folder_id}` or `folders/{folder_id}`.
	Folder string `pulumi:"folder"`
	// `true` to find the organization that the folder belongs, `false` to avoid the lookup. It searches up the tree. (defaults to `false`)
	LookupOrganization *bool `pulumi:"lookupOrganization"`
}

A collection of arguments for invoking getFolder.

type LookupFolderOutputArgs 

type LookupFolderOutputArgs struct {
	// The name of the Folder in the form `{folder_id}` or `folders/{folder_id}`.
	Folder pulumi.StringInput `pulumi:"folder"`
	// `true` to find the organization that the folder belongs, `false` to avoid the lookup. It searches up the tree. (defaults to `false`)
	LookupOrganization pulumi.BoolPtrInput `pulumi:"lookupOrganization"`
}

A collection of arguments for invoking getFolder.

func (LookupFolderOutputArgs) ElementType 

func (LookupFolderOutputArgs) ElementType() reflect.Type

type LookupFolderResult 

type LookupFolderResult struct {
	// Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".
	CreateTime string `pulumi:"createTime"`
	// The folder's display name.
	DisplayName string `pulumi:"displayName"`
	Folder      string `pulumi:"folder"`
	FolderId    string `pulumi:"folderId"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The Folder's current lifecycle state.
	LifecycleState     string `pulumi:"lifecycleState"`
	LookupOrganization *bool  `pulumi:"lookupOrganization"`
	// The resource name of the Folder in the form `folders/{folder_id}`.
	Name string `pulumi:"name"`
	// If `lookupOrganization` is enable, the resource name of the Organization that the folder belongs.
	Organization string `pulumi:"organization"`
	// The resource name of the parent Folder or Organization.
	Parent string `pulumi:"parent"`
}

A collection of values returned by getFolder.

func LookupFolder 

func LookupFolder(ctx *pulumi.Context, args *LookupFolderArgs, opts ...pulumi.InvokeOption) (*LookupFolderResult, error)

Use this data source to get information about a Google Cloud Folder.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myFolder1, err := organizations.LookupFolder(ctx, &organizations.LookupFolderArgs{
			Folder:             "folders/12345",
			LookupOrganization: pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		myFolder2, err := organizations.LookupFolder(ctx, &organizations.LookupFolderArgs{
			Folder: "folders/23456",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("myFolder1Organization", myFolder1.Organization)
		ctx.Export("myFolder2Parent", myFolder2.Parent)
		return nil
	})
}

```

type LookupFolderResultOutput 

type LookupFolderResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getFolder.

func LookupFolderOutput 

func LookupFolderOutput(ctx *pulumi.Context, args LookupFolderOutputArgs, opts ...pulumi.InvokeOption) LookupFolderResultOutput

func (LookupFolderResultOutput) CreateTime 

func (o LookupFolderResultOutput) CreateTime() pulumi.StringOutput

Timestamp when the Organization was created. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".

func (LookupFolderResultOutput) DisplayName 

func (o LookupFolderResultOutput) DisplayName() pulumi.StringOutput

The folder's display name.

func (LookupFolderResultOutput) ElementType 

func (LookupFolderResultOutput) ElementType() reflect.Type

func (LookupFolderResultOutput) Folder 

func (o LookupFolderResultOutput) Folder() pulumi.StringOutput

func (LookupFolderResultOutput) FolderId 

func (o LookupFolderResultOutput) FolderId() pulumi.StringOutput

func (LookupFolderResultOutput) Id 

func (o LookupFolderResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupFolderResultOutput) LifecycleState 

func (o LookupFolderResultOutput) LifecycleState() pulumi.StringOutput

The Folder's current lifecycle state.

func (LookupFolderResultOutput) LookupOrganization 

func (o LookupFolderResultOutput) LookupOrganization() pulumi.BoolPtrOutput

func (LookupFolderResultOutput) Name 

func (o LookupFolderResultOutput) Name() pulumi.StringOutput

The resource name of the Folder in the form `folders/{folder_id}`.

func (LookupFolderResultOutput) Organization 

func (o LookupFolderResultOutput) Organization() pulumi.StringOutput

If `lookupOrganization` is enable, the resource name of the Organization that the folder belongs.

func (LookupFolderResultOutput) Parent 

func (o LookupFolderResultOutput) Parent() pulumi.StringOutput

The resource name of the parent Folder or Organization.

func (LookupFolderResultOutput) ToLookupFolderResultOutput 

func (o LookupFolderResultOutput) ToLookupFolderResultOutput() LookupFolderResultOutput

func (LookupFolderResultOutput) ToLookupFolderResultOutputWithContext 

func (o LookupFolderResultOutput) ToLookupFolderResultOutputWithContext(ctx context.Context) LookupFolderResultOutput

func (LookupFolderResultOutput) ToOutput added in v6.65.1 

func (o LookupFolderResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupFolderResult]

type LookupIAMPolicyArgs 

type LookupIAMPolicyArgs struct {
	// A nested configuration block that defines logging additional configuration for your project. This field is only supported on `projects.IAMPolicy`, `folder.IAMPolicy` and `organizations.IAMPolicy`.
	AuditConfigs []GetIAMPolicyAuditConfig `pulumi:"auditConfigs"`
	// A nested configuration block (described below)
	// defining a binding to be included in the policy document. Multiple
	// `binding` arguments are supported.
	//
	// Each document configuration must have one or more `binding` blocks, which
	// each accept the following arguments:
	Bindings []GetIAMPolicyBinding `pulumi:"bindings"`
}

A collection of arguments for invoking getIAMPolicy.

type LookupIAMPolicyOutputArgs 

type LookupIAMPolicyOutputArgs struct {
	// A nested configuration block that defines logging additional configuration for your project. This field is only supported on `projects.IAMPolicy`, `folder.IAMPolicy` and `organizations.IAMPolicy`.
	AuditConfigs GetIAMPolicyAuditConfigArrayInput `pulumi:"auditConfigs"`
	// A nested configuration block (described below)
	// defining a binding to be included in the policy document. Multiple
	// `binding` arguments are supported.
	//
	// Each document configuration must have one or more `binding` blocks, which
	// each accept the following arguments:
	Bindings GetIAMPolicyBindingArrayInput `pulumi:"bindings"`
}

A collection of arguments for invoking getIAMPolicy.

func (LookupIAMPolicyOutputArgs) ElementType 

func (LookupIAMPolicyOutputArgs) ElementType() reflect.Type

type LookupIAMPolicyResult 

type LookupIAMPolicyResult struct {
	AuditConfigs []GetIAMPolicyAuditConfig `pulumi:"auditConfigs"`
	Bindings     []GetIAMPolicyBinding     `pulumi:"bindings"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The above bindings serialized in a format suitable for
	// referencing from a resource that supports IAM.
	PolicyData string `pulumi:"policyData"`
}

A collection of values returned by getIAMPolicy.

func LookupIAMPolicy 

func LookupIAMPolicy(ctx *pulumi.Context, args *LookupIAMPolicyArgs, opts ...pulumi.InvokeOption) (*LookupIAMPolicyResult, error)

Generates an IAM policy document that may be referenced by and applied to other Google Cloud Platform IAM resources, such as the `projects.IAMPolicy` resource.

**Note:** Please review the documentation of the resource that you will be using the datasource with. Some resources such as `projects.IAMPolicy` and others have limitations in their API methods which are noted on their respective page.

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			AuditConfigs: []organizations.GetIAMPolicyAuditConfig{
				{
					AuditLogConfigs: []organizations.GetIAMPolicyAuditConfigAuditLogConfig{
						{
							ExemptedMembers: []string{
								"user:you@domain.com",
							},
							LogType: "DATA_READ",
						},
						{
							LogType: "DATA_WRITE",
						},
						{
							LogType: "ADMIN_READ",
						},
					},
					Service: "cloudkms.googleapis.com",
				},
			},
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Members: []string{
						"serviceAccount:your-custom-sa@your-project.iam.gserviceaccount.com",
					},
					Role: "roles/compute.instanceAdmin",
				},
				{
					Members: []string{
						"user:alice@gmail.com",
					},
					Role: "roles/storage.objectViewer",
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

This data source is used to define IAM policies to apply to other resources. Currently, defining a policy through a datasource and referencing that policy from another resource is the only way to apply an IAM policy to a resource.

type LookupIAMPolicyResultOutput 

type LookupIAMPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getIAMPolicy.

func LookupIAMPolicyOutput 

func LookupIAMPolicyOutput(ctx *pulumi.Context, args LookupIAMPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupIAMPolicyResultOutput

func (LookupIAMPolicyResultOutput) AuditConfigs 

func (o LookupIAMPolicyResultOutput) AuditConfigs() GetIAMPolicyAuditConfigArrayOutput

func (LookupIAMPolicyResultOutput) Bindings 

func (o LookupIAMPolicyResultOutput) Bindings() GetIAMPolicyBindingArrayOutput

func (LookupIAMPolicyResultOutput) ElementType 

func (LookupIAMPolicyResultOutput) ElementType() reflect.Type

func (LookupIAMPolicyResultOutput) Id 

func (o LookupIAMPolicyResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupIAMPolicyResultOutput) PolicyData 

func (o LookupIAMPolicyResultOutput) PolicyData() pulumi.StringOutput

The above bindings serialized in a format suitable for referencing from a resource that supports IAM.

func (LookupIAMPolicyResultOutput) ToLookupIAMPolicyResultOutput 

func (o LookupIAMPolicyResultOutput) ToLookupIAMPolicyResultOutput() LookupIAMPolicyResultOutput

func (LookupIAMPolicyResultOutput) ToLookupIAMPolicyResultOutputWithContext 

func (o LookupIAMPolicyResultOutput) ToLookupIAMPolicyResultOutputWithContext(ctx context.Context) LookupIAMPolicyResultOutput

func (LookupIAMPolicyResultOutput) ToOutput added in v6.65.1 

func (o LookupIAMPolicyResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupIAMPolicyResult]

type LookupProjectArgs 

type LookupProjectArgs struct {
	// The project ID. If it is not provided, the provider project is used.
	ProjectId *string `pulumi:"projectId"`
}

A collection of arguments for invoking getProject.

type LookupProjectOutputArgs 

type LookupProjectOutputArgs struct {
	// The project ID. If it is not provided, the provider project is used.
	ProjectId pulumi.StringPtrInput `pulumi:"projectId"`
}

A collection of arguments for invoking getProject.

func (LookupProjectOutputArgs) ElementType 

func (LookupProjectOutputArgs) ElementType() reflect.Type

type LookupProjectResult 

type LookupProjectResult struct {
	AutoCreateNetwork bool   `pulumi:"autoCreateNetwork"`
	BillingAccount    string `pulumi:"billingAccount"`
	FolderId          string `pulumi:"folderId"`
	// The provider-assigned unique ID for this managed resource.
	Id     string            `pulumi:"id"`
	Labels map[string]string `pulumi:"labels"`
	Name   string            `pulumi:"name"`
	// The numeric identifier of the project.
	Number     string  `pulumi:"number"`
	OrgId      string  `pulumi:"orgId"`
	ProjectId  *string `pulumi:"projectId"`
	SkipDelete bool    `pulumi:"skipDelete"`
}

A collection of values returned by getProject.

func LookupProject 

func LookupProject(ctx *pulumi.Context, args *LookupProjectArgs, opts ...pulumi.InvokeOption) (*LookupProjectResult, error)

Use this data source to get project details. For more information see [API](https://cloud.google.com/resource-manager/reference/rest/v1/projects#Project)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, nil, nil)
		if err != nil {
			return err
		}
		ctx.Export("projectNumber", project.Number)
		return nil
	})
}

```

type LookupProjectResultOutput 

type LookupProjectResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getProject.

func LookupProjectOutput 

func LookupProjectOutput(ctx *pulumi.Context, args LookupProjectOutputArgs, opts ...pulumi.InvokeOption) LookupProjectResultOutput

func (LookupProjectResultOutput) AutoCreateNetwork 

func (o LookupProjectResultOutput) AutoCreateNetwork() pulumi.BoolOutput

func (LookupProjectResultOutput) BillingAccount 

func (o LookupProjectResultOutput) BillingAccount() pulumi.StringOutput

func (LookupProjectResultOutput) ElementType 

func (LookupProjectResultOutput) ElementType() reflect.Type

func (LookupProjectResultOutput) FolderId 

func (o LookupProjectResultOutput) FolderId() pulumi.StringOutput

func (LookupProjectResultOutput) Id 

func (o LookupProjectResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupProjectResultOutput) Labels 

func (o LookupProjectResultOutput) Labels() pulumi.StringMapOutput

func (LookupProjectResultOutput) Name 

func (o LookupProjectResultOutput) Name() pulumi.StringOutput

func (LookupProjectResultOutput) Number 

func (o LookupProjectResultOutput) Number() pulumi.StringOutput

The numeric identifier of the project.

func (LookupProjectResultOutput) OrgId 

func (o LookupProjectResultOutput) OrgId() pulumi.StringOutput

func (LookupProjectResultOutput) ProjectId 

func (o LookupProjectResultOutput) ProjectId() pulumi.StringPtrOutput

func (LookupProjectResultOutput) SkipDelete 

func (o LookupProjectResultOutput) SkipDelete() pulumi.BoolOutput

func (LookupProjectResultOutput) ToLookupProjectResultOutput 

func (o LookupProjectResultOutput) ToLookupProjectResultOutput() LookupProjectResultOutput

func (LookupProjectResultOutput) ToLookupProjectResultOutputWithContext 

func (o LookupProjectResultOutput) ToLookupProjectResultOutputWithContext(ctx context.Context) LookupProjectResultOutput

func (LookupProjectResultOutput) ToOutput added in v6.65.1 

func (o LookupProjectResultOutput) ToOutput(ctx context.Context) pulumix.Output[LookupProjectResult]

type Policy 

type Policy struct {
	pulumi.CustomResourceState

	// A boolean policy is a constraint that is either enforced or not. Structure is documented
	// below.
	BooleanPolicy PolicyBooleanPolicyPtrOutput `pulumi:"booleanPolicy"`
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	//
	// ***
	Constraint pulumi.StringOutput `pulumi:"constraint"`
	// (Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy PolicyListPolicyPtrOutput `pulumi:"listPolicy"`
	// The numeric ID of the organization to set the policy for.
	OrgId pulumi.StringOutput `pulumi:"orgId"`
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	//
	// > **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will
	// effectively be unset. This is represented in the UI as the constraint being 'Inherited'.
	//
	// ***
	RestorePolicy PolicyRestorePolicyPtrOutput `pulumi:"restorePolicy"`
	// (Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
	// Version of the Policy. Default version is 0.
	Version pulumi.IntOutput `pulumi:"version"`
}

Allows management of Organization Policies for a Google Cloud Organization.

> **Warning:** This resource has been superseded by `orgpolicy.Policy`. `orgpolicy.Policy` uses Organization Policy API V2 instead of Cloud Resource Manager API V1 and it supports additional features such as tags and conditions.

To get more information about Organization Policies, see:

* [API documentation](https://cloud.google.com/resource-manager/reference/rest/v1/organizations/setOrgPolicy) * How-to Guides

## Example Usage

To set policy with a [boolean constraint](https://cloud.google.com/resource-manager/docs/organization-policy/quickstart-boolean-constraints):

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewPolicy(ctx, "serialPortPolicy", &organizations.PolicyArgs{
			BooleanPolicy: &organizations.PolicyBooleanPolicyArgs{
				Enforced: pulumi.Bool(true),
			},
			Constraint: pulumi.String("compute.disableSerialPortAccess"),
			OrgId:      pulumi.String("123456789"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

To set a policy with a [list constraint](https://cloud.google.com/resource-manager/docs/organization-policy/quickstart-list-constraints):

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewPolicy(ctx, "servicesPolicy", &organizations.PolicyArgs{
			Constraint: pulumi.String("serviceuser.services"),
			ListPolicy: &organizations.PolicyListPolicyArgs{
				Allow: &organizations.PolicyListPolicyAllowArgs{
					All: pulumi.Bool(true),
				},
			},
			OrgId: pulumi.String("123456789"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

Or to deny some services, use the following instead:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewPolicy(ctx, "servicesPolicy", &organizations.PolicyArgs{
			Constraint: pulumi.String("serviceuser.services"),
			ListPolicy: &organizations.PolicyListPolicyArgs{
				Deny: &organizations.PolicyListPolicyDenyArgs{
					Values: pulumi.StringArray{
						pulumi.String("cloudresourcemanager.googleapis.com"),
					},
				},
				SuggestedValue: pulumi.String("compute.googleapis.com"),
			},
			OrgId: pulumi.String("123456789"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

To restore the default organization policy, use the following instead:

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewPolicy(ctx, "servicesPolicy", &organizations.PolicyArgs{
			Constraint: pulumi.String("serviceuser.services"),
			OrgId:      pulumi.String("123456789"),
			RestorePolicy: &organizations.PolicyRestorePolicyArgs{
				Default: pulumi.Bool(true),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Organization Policies can be imported using the `org_id` and the `constraint`, e.g.

```sh 

$ pulumi import gcp:organizations/policy:Policy services_policy 123456789/constraints/serviceuser.services

``` 

It is all right if the constraint contains a slash, as in the example above.

func GetPolicy 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType 

func (*Policy) ElementType() reflect.Type

func (*Policy) ToOutput added in v6.65.1 

func (i *Policy) ToOutput(ctx context.Context) pulumix.Output[*Policy]

func (*Policy) ToPolicyOutput 

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext 

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs 

type PolicyArgs struct {
	// A boolean policy is a constraint that is either enforced or not. Structure is documented
	// below.
	BooleanPolicy PolicyBooleanPolicyPtrInput
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	//
	// ***
	Constraint pulumi.StringInput
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy PolicyListPolicyPtrInput
	// The numeric ID of the organization to set the policy for.
	OrgId pulumi.StringInput
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	//
	// > **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will
	// effectively be unset. This is represented in the UI as the constraint being 'Inherited'.
	//
	// ***
	RestorePolicy PolicyRestorePolicyPtrInput
	// Version of the Policy. Default version is 0.
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType 

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray 

type PolicyArray []PolicyInput

func (PolicyArray) ElementType 

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToOutput added in v6.65.1 

func (i PolicyArray) ToOutput(ctx context.Context) pulumix.Output[[]*Policy]

func (PolicyArray) ToPolicyArrayOutput 

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext 

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput 

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via: 

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput 

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType 

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index 

func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput

func (PolicyArrayOutput) ToOutput added in v6.65.1 

func (o PolicyArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Policy]

func (PolicyArrayOutput) ToPolicyArrayOutput 

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext 

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyBooleanPolicy 

type PolicyBooleanPolicy struct {
	// If true, then the Policy is enforced. If false, then any configuration is acceptable.
	Enforced bool `pulumi:"enforced"`
}

type PolicyBooleanPolicyArgs 

type PolicyBooleanPolicyArgs struct {
	// If true, then the Policy is enforced. If false, then any configuration is acceptable.
	Enforced pulumi.BoolInput `pulumi:"enforced"`
}

func (PolicyBooleanPolicyArgs) ElementType 

func (PolicyBooleanPolicyArgs) ElementType() reflect.Type

func (PolicyBooleanPolicyArgs) ToOutput added in v6.65.1 

func (i PolicyBooleanPolicyArgs) ToOutput(ctx context.Context) pulumix.Output[PolicyBooleanPolicy]

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutput 

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutput() PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutputWithContext 

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyOutputWithContext(ctx context.Context) PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutput 

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput

func (PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutputWithContext 

func (i PolicyBooleanPolicyArgs) ToPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) PolicyBooleanPolicyPtrOutput

type PolicyBooleanPolicyInput 

type PolicyBooleanPolicyInput interface {
	pulumi.Input

	ToPolicyBooleanPolicyOutput() PolicyBooleanPolicyOutput
	ToPolicyBooleanPolicyOutputWithContext(context.Context) PolicyBooleanPolicyOutput
}

PolicyBooleanPolicyInput is an input type that accepts PolicyBooleanPolicyArgs and PolicyBooleanPolicyOutput values. You can construct a concrete instance of `PolicyBooleanPolicyInput` via: 

PolicyBooleanPolicyArgs{...}

type PolicyBooleanPolicyOutput 

type PolicyBooleanPolicyOutput struct{ *pulumi.OutputState }

func (PolicyBooleanPolicyOutput) ElementType 

func (PolicyBooleanPolicyOutput) ElementType() reflect.Type

func (PolicyBooleanPolicyOutput) Enforced 

func (o PolicyBooleanPolicyOutput) Enforced() pulumi.BoolOutput

If true, then the Policy is enforced. If false, then any configuration is acceptable.

func (PolicyBooleanPolicyOutput) ToOutput added in v6.65.1 

func (o PolicyBooleanPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[PolicyBooleanPolicy]

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutput 

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutput() PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutputWithContext 

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyOutputWithContext(ctx context.Context) PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutput 

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput

func (PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutputWithContext 

func (o PolicyBooleanPolicyOutput) ToPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) PolicyBooleanPolicyPtrOutput

type PolicyBooleanPolicyPtrInput 

type PolicyBooleanPolicyPtrInput interface {
	pulumi.Input

	ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput
	ToPolicyBooleanPolicyPtrOutputWithContext(context.Context) PolicyBooleanPolicyPtrOutput
}

PolicyBooleanPolicyPtrInput is an input type that accepts PolicyBooleanPolicyArgs, PolicyBooleanPolicyPtr and PolicyBooleanPolicyPtrOutput values. You can construct a concrete instance of `PolicyBooleanPolicyPtrInput` via: 

        PolicyBooleanPolicyArgs{...}

or:

        nil

func PolicyBooleanPolicyPtr 

func PolicyBooleanPolicyPtr(v *PolicyBooleanPolicyArgs) PolicyBooleanPolicyPtrInput

type PolicyBooleanPolicyPtrOutput 

type PolicyBooleanPolicyPtrOutput struct{ *pulumi.OutputState }

func (PolicyBooleanPolicyPtrOutput) Elem 

func (o PolicyBooleanPolicyPtrOutput) Elem() PolicyBooleanPolicyOutput

func (PolicyBooleanPolicyPtrOutput) ElementType 

func (PolicyBooleanPolicyPtrOutput) ElementType() reflect.Type

func (PolicyBooleanPolicyPtrOutput) Enforced 

func (o PolicyBooleanPolicyPtrOutput) Enforced() pulumi.BoolPtrOutput

If true, then the Policy is enforced. If false, then any configuration is acceptable.

func (PolicyBooleanPolicyPtrOutput) ToOutput added in v6.65.1 

func (o PolicyBooleanPolicyPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*PolicyBooleanPolicy]

func (PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutput 

func (o PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutput() PolicyBooleanPolicyPtrOutput

func (PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutputWithContext 

func (o PolicyBooleanPolicyPtrOutput) ToPolicyBooleanPolicyPtrOutputWithContext(ctx context.Context) PolicyBooleanPolicyPtrOutput

type PolicyInput 

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyListPolicy 

type PolicyListPolicy struct {
	// or `deny` - (Optional) One or the other must be set.
	Allow *PolicyListPolicyAllow `pulumi:"allow"`
	Deny  *PolicyListPolicyDeny  `pulumi:"deny"`
	// If set to true, the values from the effective Policy of the parent resource
	// are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
	//
	// The `allow` or `deny` blocks support:
	InheritFromParent *bool `pulumi:"inheritFromParent"`
	// The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
	SuggestedValue *string `pulumi:"suggestedValue"`
}

type PolicyListPolicyAllow 

type PolicyListPolicyAllow struct {
	// The policy allows or denies all values.
	All *bool `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values []string `pulumi:"values"`
}

type PolicyListPolicyAllowArgs 

type PolicyListPolicyAllowArgs struct {
	// The policy allows or denies all values.
	All pulumi.BoolPtrInput `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values pulumi.StringArrayInput `pulumi:"values"`
}

func (PolicyListPolicyAllowArgs) ElementType 

func (PolicyListPolicyAllowArgs) ElementType() reflect.Type

func (PolicyListPolicyAllowArgs) ToOutput added in v6.65.1 

func (i PolicyListPolicyAllowArgs) ToOutput(ctx context.Context) pulumix.Output[PolicyListPolicyAllow]

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutput 

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutput() PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutputWithContext 

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowOutputWithContext(ctx context.Context) PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutput 

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutputWithContext 

func (i PolicyListPolicyAllowArgs) ToPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) PolicyListPolicyAllowPtrOutput

type PolicyListPolicyAllowInput 

type PolicyListPolicyAllowInput interface {
	pulumi.Input

	ToPolicyListPolicyAllowOutput() PolicyListPolicyAllowOutput
	ToPolicyListPolicyAllowOutputWithContext(context.Context) PolicyListPolicyAllowOutput
}

PolicyListPolicyAllowInput is an input type that accepts PolicyListPolicyAllowArgs and PolicyListPolicyAllowOutput values. You can construct a concrete instance of `PolicyListPolicyAllowInput` via: 

PolicyListPolicyAllowArgs{...}

type PolicyListPolicyAllowOutput 

type PolicyListPolicyAllowOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyAllowOutput) All 

func (o PolicyListPolicyAllowOutput) All() pulumi.BoolPtrOutput

The policy allows or denies all values.

func (PolicyListPolicyAllowOutput) ElementType 

func (PolicyListPolicyAllowOutput) ElementType() reflect.Type

func (PolicyListPolicyAllowOutput) ToOutput added in v6.65.1 

func (o PolicyListPolicyAllowOutput) ToOutput(ctx context.Context) pulumix.Output[PolicyListPolicyAllow]

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutput 

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutput() PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutputWithContext 

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowOutputWithContext(ctx context.Context) PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutput 

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutputWithContext 

func (o PolicyListPolicyAllowOutput) ToPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowOutput) Values 

func (o PolicyListPolicyAllowOutput) Values() pulumi.StringArrayOutput

The policy can define specific values that are allowed or denied.

type PolicyListPolicyAllowPtrInput 

type PolicyListPolicyAllowPtrInput interface {
	pulumi.Input

	ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput
	ToPolicyListPolicyAllowPtrOutputWithContext(context.Context) PolicyListPolicyAllowPtrOutput
}

PolicyListPolicyAllowPtrInput is an input type that accepts PolicyListPolicyAllowArgs, PolicyListPolicyAllowPtr and PolicyListPolicyAllowPtrOutput values. You can construct a concrete instance of `PolicyListPolicyAllowPtrInput` via: 

        PolicyListPolicyAllowArgs{...}

or:

        nil

func PolicyListPolicyAllowPtr 

func PolicyListPolicyAllowPtr(v *PolicyListPolicyAllowArgs) PolicyListPolicyAllowPtrInput

type PolicyListPolicyAllowPtrOutput 

type PolicyListPolicyAllowPtrOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyAllowPtrOutput) All 

func (o PolicyListPolicyAllowPtrOutput) All() pulumi.BoolPtrOutput

The policy allows or denies all values.

func (PolicyListPolicyAllowPtrOutput) Elem 

func (o PolicyListPolicyAllowPtrOutput) Elem() PolicyListPolicyAllowOutput

func (PolicyListPolicyAllowPtrOutput) ElementType 

func (PolicyListPolicyAllowPtrOutput) ElementType() reflect.Type

func (PolicyListPolicyAllowPtrOutput) ToOutput added in v6.65.1 

func (o PolicyListPolicyAllowPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*PolicyListPolicyAllow]

func (PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutput 

func (o PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutput() PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutputWithContext 

func (o PolicyListPolicyAllowPtrOutput) ToPolicyListPolicyAllowPtrOutputWithContext(ctx context.Context) PolicyListPolicyAllowPtrOutput

func (PolicyListPolicyAllowPtrOutput) Values 

func (o PolicyListPolicyAllowPtrOutput) Values() pulumi.StringArrayOutput

The policy can define specific values that are allowed or denied.

type PolicyListPolicyArgs 

type PolicyListPolicyArgs struct {
	// or `deny` - (Optional) One or the other must be set.
	Allow PolicyListPolicyAllowPtrInput `pulumi:"allow"`
	Deny  PolicyListPolicyDenyPtrInput  `pulumi:"deny"`
	// If set to true, the values from the effective Policy of the parent resource
	// are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.
	//
	// The `allow` or `deny` blocks support:
	InheritFromParent pulumi.BoolPtrInput `pulumi:"inheritFromParent"`
	// The Google Cloud Console will try to default to a configuration that matches the value specified in this field.
	SuggestedValue pulumi.StringPtrInput `pulumi:"suggestedValue"`
}

func (PolicyListPolicyArgs) ElementType 

func (PolicyListPolicyArgs) ElementType() reflect.Type

func (PolicyListPolicyArgs) ToOutput added in v6.65.1 

func (i PolicyListPolicyArgs) ToOutput(ctx context.Context) pulumix.Output[PolicyListPolicy]

func (PolicyListPolicyArgs) ToPolicyListPolicyOutput 

func (i PolicyListPolicyArgs) ToPolicyListPolicyOutput() PolicyListPolicyOutput

func (PolicyListPolicyArgs) ToPolicyListPolicyOutputWithContext 

func (i PolicyListPolicyArgs) ToPolicyListPolicyOutputWithContext(ctx context.Context) PolicyListPolicyOutput

func (PolicyListPolicyArgs) ToPolicyListPolicyPtrOutput 

func (i PolicyListPolicyArgs) ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput

func (PolicyListPolicyArgs) ToPolicyListPolicyPtrOutputWithContext 

func (i PolicyListPolicyArgs) ToPolicyListPolicyPtrOutputWithContext(ctx context.Context) PolicyListPolicyPtrOutput

type PolicyListPolicyDeny 

type PolicyListPolicyDeny struct {
	// The policy allows or denies all values.
	All *bool `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values []string `pulumi:"values"`
}

type PolicyListPolicyDenyArgs 

type PolicyListPolicyDenyArgs struct {
	// The policy allows or denies all values.
	All pulumi.BoolPtrInput `pulumi:"all"`
	// The policy can define specific values that are allowed or denied.
	Values pulumi.StringArrayInput `pulumi:"values"`
}

func (PolicyListPolicyDenyArgs) ElementType 

func (PolicyListPolicyDenyArgs) ElementType() reflect.Type

func (PolicyListPolicyDenyArgs) ToOutput added in v6.65.1 

func (i PolicyListPolicyDenyArgs) ToOutput(ctx context.Context) pulumix.Output[PolicyListPolicyDeny]

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutput 

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutput() PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutputWithContext 

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyOutputWithContext(ctx context.Context) PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutput 

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutputWithContext 

func (i PolicyListPolicyDenyArgs) ToPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) PolicyListPolicyDenyPtrOutput

type PolicyListPolicyDenyInput 

type PolicyListPolicyDenyInput interface {
	pulumi.Input

	ToPolicyListPolicyDenyOutput() PolicyListPolicyDenyOutput
	ToPolicyListPolicyDenyOutputWithContext(context.Context) PolicyListPolicyDenyOutput
}

PolicyListPolicyDenyInput is an input type that accepts PolicyListPolicyDenyArgs and PolicyListPolicyDenyOutput values. You can construct a concrete instance of `PolicyListPolicyDenyInput` via: 

PolicyListPolicyDenyArgs{...}

type PolicyListPolicyDenyOutput 

type PolicyListPolicyDenyOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyDenyOutput) All 

func (o PolicyListPolicyDenyOutput) All() pulumi.BoolPtrOutput

The policy allows or denies all values.

func (PolicyListPolicyDenyOutput) ElementType 

func (PolicyListPolicyDenyOutput) ElementType() reflect.Type

func (PolicyListPolicyDenyOutput) ToOutput added in v6.65.1 

func (o PolicyListPolicyDenyOutput) ToOutput(ctx context.Context) pulumix.Output[PolicyListPolicyDeny]

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutput 

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutput() PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutputWithContext 

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyOutputWithContext(ctx context.Context) PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutput 

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutputWithContext 

func (o PolicyListPolicyDenyOutput) ToPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyOutput) Values 

func (o PolicyListPolicyDenyOutput) Values() pulumi.StringArrayOutput

The policy can define specific values that are allowed or denied.

type PolicyListPolicyDenyPtrInput 

type PolicyListPolicyDenyPtrInput interface {
	pulumi.Input

	ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput
	ToPolicyListPolicyDenyPtrOutputWithContext(context.Context) PolicyListPolicyDenyPtrOutput
}

PolicyListPolicyDenyPtrInput is an input type that accepts PolicyListPolicyDenyArgs, PolicyListPolicyDenyPtr and PolicyListPolicyDenyPtrOutput values. You can construct a concrete instance of `PolicyListPolicyDenyPtrInput` via: 

        PolicyListPolicyDenyArgs{...}

or:

        nil

func PolicyListPolicyDenyPtr 

func PolicyListPolicyDenyPtr(v *PolicyListPolicyDenyArgs) PolicyListPolicyDenyPtrInput

type PolicyListPolicyDenyPtrOutput 

type PolicyListPolicyDenyPtrOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyDenyPtrOutput) All 

func (o PolicyListPolicyDenyPtrOutput) All() pulumi.BoolPtrOutput

The policy allows or denies all values.

func (PolicyListPolicyDenyPtrOutput) Elem 

func (o PolicyListPolicyDenyPtrOutput) Elem() PolicyListPolicyDenyOutput

func (PolicyListPolicyDenyPtrOutput) ElementType 

func (PolicyListPolicyDenyPtrOutput) ElementType() reflect.Type

func (PolicyListPolicyDenyPtrOutput) ToOutput added in v6.65.1 

func (o PolicyListPolicyDenyPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*PolicyListPolicyDeny]

func (PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutput 

func (o PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutput() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutputWithContext 

func (o PolicyListPolicyDenyPtrOutput) ToPolicyListPolicyDenyPtrOutputWithContext(ctx context.Context) PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyDenyPtrOutput) Values 

func (o PolicyListPolicyDenyPtrOutput) Values() pulumi.StringArrayOutput

The policy can define specific values that are allowed or denied.

type PolicyListPolicyInput 

type PolicyListPolicyInput interface {
	pulumi.Input

	ToPolicyListPolicyOutput() PolicyListPolicyOutput
	ToPolicyListPolicyOutputWithContext(context.Context) PolicyListPolicyOutput
}

PolicyListPolicyInput is an input type that accepts PolicyListPolicyArgs and PolicyListPolicyOutput values. You can construct a concrete instance of `PolicyListPolicyInput` via: 

PolicyListPolicyArgs{...}

type PolicyListPolicyOutput 

type PolicyListPolicyOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyOutput) Allow 

func (o PolicyListPolicyOutput) Allow() PolicyListPolicyAllowPtrOutput

or `deny` - (Optional) One or the other must be set.

func (PolicyListPolicyOutput) Deny 

func (o PolicyListPolicyOutput) Deny() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyOutput) ElementType 

func (PolicyListPolicyOutput) ElementType() reflect.Type

func (PolicyListPolicyOutput) InheritFromParent 

func (o PolicyListPolicyOutput) InheritFromParent() pulumi.BoolPtrOutput

If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.

The `allow` or `deny` blocks support:

func (PolicyListPolicyOutput) SuggestedValue 

func (o PolicyListPolicyOutput) SuggestedValue() pulumi.StringPtrOutput

The Google Cloud Console will try to default to a configuration that matches the value specified in this field.

func (PolicyListPolicyOutput) ToOutput added in v6.65.1 

func (o PolicyListPolicyOutput) ToOutput(ctx context.Context) pulumix.Output[PolicyListPolicy]

func (PolicyListPolicyOutput) ToPolicyListPolicyOutput 

func (o PolicyListPolicyOutput) ToPolicyListPolicyOutput() PolicyListPolicyOutput

func (PolicyListPolicyOutput) ToPolicyListPolicyOutputWithContext 

func (o PolicyListPolicyOutput) ToPolicyListPolicyOutputWithContext(ctx context.Context) PolicyListPolicyOutput

func (PolicyListPolicyOutput) ToPolicyListPolicyPtrOutput 

func (o PolicyListPolicyOutput) ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput

func (PolicyListPolicyOutput) ToPolicyListPolicyPtrOutputWithContext 

func (o PolicyListPolicyOutput) ToPolicyListPolicyPtrOutputWithContext(ctx context.Context) PolicyListPolicyPtrOutput

type PolicyListPolicyPtrInput 

type PolicyListPolicyPtrInput interface {
	pulumi.Input

	ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput
	ToPolicyListPolicyPtrOutputWithContext(context.Context) PolicyListPolicyPtrOutput
}

PolicyListPolicyPtrInput is an input type that accepts PolicyListPolicyArgs, PolicyListPolicyPtr and PolicyListPolicyPtrOutput values. You can construct a concrete instance of `PolicyListPolicyPtrInput` via: 

        PolicyListPolicyArgs{...}

or:

        nil

func PolicyListPolicyPtr 

func PolicyListPolicyPtr(v *PolicyListPolicyArgs) PolicyListPolicyPtrInput

type PolicyListPolicyPtrOutput 

type PolicyListPolicyPtrOutput struct{ *pulumi.OutputState }

func (PolicyListPolicyPtrOutput) Allow 

func (o PolicyListPolicyPtrOutput) Allow() PolicyListPolicyAllowPtrOutput

or `deny` - (Optional) One or the other must be set.

func (PolicyListPolicyPtrOutput) Deny 

func (o PolicyListPolicyPtrOutput) Deny() PolicyListPolicyDenyPtrOutput

func (PolicyListPolicyPtrOutput) Elem 

func (o PolicyListPolicyPtrOutput) Elem() PolicyListPolicyOutput

func (PolicyListPolicyPtrOutput) ElementType 

func (PolicyListPolicyPtrOutput) ElementType() reflect.Type

func (PolicyListPolicyPtrOutput) InheritFromParent 

func (o PolicyListPolicyPtrOutput) InheritFromParent() pulumi.BoolPtrOutput

If set to true, the values from the effective Policy of the parent resource are inherited, meaning the values set in this Policy are added to the values inherited up the hierarchy.

The `allow` or `deny` blocks support:

func (PolicyListPolicyPtrOutput) SuggestedValue 

func (o PolicyListPolicyPtrOutput) SuggestedValue() pulumi.StringPtrOutput

The Google Cloud Console will try to default to a configuration that matches the value specified in this field.

func (PolicyListPolicyPtrOutput) ToOutput added in v6.65.1 

func (o PolicyListPolicyPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*PolicyListPolicy]

func (PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutput 

func (o PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutput() PolicyListPolicyPtrOutput

func (PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutputWithContext 

func (o PolicyListPolicyPtrOutput) ToPolicyListPolicyPtrOutputWithContext(ctx context.Context) PolicyListPolicyPtrOutput

type PolicyMap 

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType 

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToOutput added in v6.65.1 

func (i PolicyMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Policy]

func (PolicyMap) ToPolicyMapOutput 

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext 

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput 

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via: 

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput 

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType 

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex 

func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput

func (PolicyMapOutput) ToOutput added in v6.65.1 

func (o PolicyMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Policy]

func (PolicyMapOutput) ToPolicyMapOutput 

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext 

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput 

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) BooleanPolicy added in v6.23.0 

func (o PolicyOutput) BooleanPolicy() PolicyBooleanPolicyPtrOutput

A boolean policy is a constraint that is either enforced or not. Structure is documented below.

func (PolicyOutput) Constraint added in v6.23.0 

func (o PolicyOutput) Constraint() pulumi.StringOutput

The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).

***

func (PolicyOutput) ElementType 

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) Etag added in v6.23.0 

func (o PolicyOutput) Etag() pulumi.StringOutput

(Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.

func (PolicyOutput) ListPolicy added in v6.23.0 

func (o PolicyOutput) ListPolicy() PolicyListPolicyPtrOutput

A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.

func (PolicyOutput) OrgId added in v6.23.0 

func (o PolicyOutput) OrgId() pulumi.StringOutput

The numeric ID of the organization to set the policy for.

func (PolicyOutput) RestorePolicy added in v6.23.0 

func (o PolicyOutput) RestorePolicy() PolicyRestorePolicyPtrOutput

A restore policy is a constraint to restore the default policy. Structure is documented below.

> **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will effectively be unset. This is represented in the UI as the constraint being 'Inherited'.

***

func (PolicyOutput) ToOutput added in v6.65.1 

func (o PolicyOutput) ToOutput(ctx context.Context) pulumix.Output[*Policy]

func (PolicyOutput) ToPolicyOutput 

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext 

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

func (PolicyOutput) UpdateTime added in v6.23.0 

func (o PolicyOutput) UpdateTime() pulumi.StringOutput

(Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".

func (PolicyOutput) Version added in v6.23.0 

func (o PolicyOutput) Version() pulumi.IntOutput

Version of the Policy. Default version is 0.

type PolicyRestorePolicy 

type PolicyRestorePolicy struct {
	// May only be set to true. If set, then the default Policy is restored.
	Default bool `pulumi:"default"`
}

type PolicyRestorePolicyArgs 

type PolicyRestorePolicyArgs struct {
	// May only be set to true. If set, then the default Policy is restored.
	Default pulumi.BoolInput `pulumi:"default"`
}

func (PolicyRestorePolicyArgs) ElementType 

func (PolicyRestorePolicyArgs) ElementType() reflect.Type

func (PolicyRestorePolicyArgs) ToOutput added in v6.65.1 

func (i PolicyRestorePolicyArgs) ToOutput(ctx context.Context) pulumix.Output[PolicyRestorePolicy]

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutput 

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutput() PolicyRestorePolicyOutput

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutputWithContext 

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyOutputWithContext(ctx context.Context) PolicyRestorePolicyOutput

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutput 

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput

func (PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutputWithContext 

func (i PolicyRestorePolicyArgs) ToPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) PolicyRestorePolicyPtrOutput

type PolicyRestorePolicyInput 

type PolicyRestorePolicyInput interface {
	pulumi.Input

	ToPolicyRestorePolicyOutput() PolicyRestorePolicyOutput
	ToPolicyRestorePolicyOutputWithContext(context.Context) PolicyRestorePolicyOutput
}

PolicyRestorePolicyInput is an input type that accepts PolicyRestorePolicyArgs and PolicyRestorePolicyOutput values. You can construct a concrete instance of `PolicyRestorePolicyInput` via: 

PolicyRestorePolicyArgs{...}

type PolicyRestorePolicyOutput 

type PolicyRestorePolicyOutput struct{ *pulumi.OutputState }

func (PolicyRestorePolicyOutput) Default 

func (o PolicyRestorePolicyOutput) Default() pulumi.BoolOutput

May only be set to true. If set, then the default Policy is restored.

func (PolicyRestorePolicyOutput) ElementType 

func (PolicyRestorePolicyOutput) ElementType() reflect.Type

func (PolicyRestorePolicyOutput) ToOutput added in v6.65.1 

func (o PolicyRestorePolicyOutput) ToOutput(ctx context.Context) pulumix.Output[PolicyRestorePolicy]

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutput 

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutput() PolicyRestorePolicyOutput

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutputWithContext 

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyOutputWithContext(ctx context.Context) PolicyRestorePolicyOutput

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutput 

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput

func (PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutputWithContext 

func (o PolicyRestorePolicyOutput) ToPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) PolicyRestorePolicyPtrOutput

type PolicyRestorePolicyPtrInput 

type PolicyRestorePolicyPtrInput interface {
	pulumi.Input

	ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput
	ToPolicyRestorePolicyPtrOutputWithContext(context.Context) PolicyRestorePolicyPtrOutput
}

PolicyRestorePolicyPtrInput is an input type that accepts PolicyRestorePolicyArgs, PolicyRestorePolicyPtr and PolicyRestorePolicyPtrOutput values. You can construct a concrete instance of `PolicyRestorePolicyPtrInput` via: 

        PolicyRestorePolicyArgs{...}

or:

        nil

func PolicyRestorePolicyPtr 

func PolicyRestorePolicyPtr(v *PolicyRestorePolicyArgs) PolicyRestorePolicyPtrInput

type PolicyRestorePolicyPtrOutput 

type PolicyRestorePolicyPtrOutput struct{ *pulumi.OutputState }

func (PolicyRestorePolicyPtrOutput) Default 

func (o PolicyRestorePolicyPtrOutput) Default() pulumi.BoolPtrOutput

May only be set to true. If set, then the default Policy is restored.

func (PolicyRestorePolicyPtrOutput) Elem 

func (o PolicyRestorePolicyPtrOutput) Elem() PolicyRestorePolicyOutput

func (PolicyRestorePolicyPtrOutput) ElementType 

func (PolicyRestorePolicyPtrOutput) ElementType() reflect.Type

func (PolicyRestorePolicyPtrOutput) ToOutput added in v6.65.1 

func (o PolicyRestorePolicyPtrOutput) ToOutput(ctx context.Context) pulumix.Output[*PolicyRestorePolicy]

func (PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutput 

func (o PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutput() PolicyRestorePolicyPtrOutput

func (PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutputWithContext 

func (o PolicyRestorePolicyPtrOutput) ToPolicyRestorePolicyPtrOutputWithContext(ctx context.Context) PolicyRestorePolicyPtrOutput

type PolicyState 

type PolicyState struct {
	// A boolean policy is a constraint that is either enforced or not. Structure is documented
	// below.
	BooleanPolicy PolicyBooleanPolicyPtrInput
	// The name of the Constraint the Policy is configuring, for example, `serviceuser.services`. Check out the [complete list of available constraints](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-constraints#available_constraints).
	//
	// ***
	Constraint pulumi.StringPtrInput
	// (Computed) The etag of the organization policy. `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other.
	Etag pulumi.StringPtrInput
	// A policy that can define specific values that are allowed or denied for the given constraint. It can also be used to allow or deny all values. Structure is documented below.
	ListPolicy PolicyListPolicyPtrInput
	// The numeric ID of the organization to set the policy for.
	OrgId pulumi.StringPtrInput
	// A restore policy is a constraint to restore the default policy. Structure is documented below.
	//
	// > **Note:** If none of [`booleanPolicy`, `listPolicy`, `restorePolicy`] are defined the policy for a given constraint will
	// effectively be unset. This is represented in the UI as the constraint being 'Inherited'.
	//
	// ***
	RestorePolicy PolicyRestorePolicyPtrInput
	// (Computed) The timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds, representing when the variable was last updated. Example: "2016-10-09T12:33:37.578138407Z".
	UpdateTime pulumi.StringPtrInput
	// Version of the Policy. Default version is 0.
	Version pulumi.IntPtrInput
}

func (PolicyState) ElementType 

func (PolicyState) ElementType() reflect.Type

type Project 

type Project struct {
	pulumi.CustomResourceState

	// Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
	// that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
	// if you set auto_create_network to false, since the network will exist momentarily.
	AutoCreateNetwork pulumi.BoolPtrOutput `pulumi:"autoCreateNetwork"`
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with the provider
	// must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account.
	// See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/docs/how-to/billing-access)
	// for more details.
	BillingAccount pulumi.StringPtrOutput `pulumi:"billingAccount"`
	// The numeric ID of the folder this project should be
	// created under. Only one of `orgId` or `folderId` may be
	// specified. If the `folderId` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId pulumi.StringPtrOutput `pulumi:"folderId"`
	// A set of key/value label pairs to assign to the project.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The display name of the project.
	Name pulumi.StringOutput `pulumi:"name"`
	// The numeric identifier of the project.
	Number pulumi.StringOutput `pulumi:"number"`
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `orgId` or `folderId` may be specified. If the `orgId` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId pulumi.StringPtrOutput `pulumi:"orgId"`
	// The project ID. Changing this forces a new project to be created.
	ProjectId pulumi.StringOutput `pulumi:"projectId"`
	// If true, the resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete pulumi.BoolOutput `pulumi:"skipDelete"`
}

Allows creation and management of a Google Cloud Platform project.

Projects created with this resource must be associated with an Organization. See the [Organization documentation](https://cloud.google.com/resource-manager/docs/quickstarts) for more details.

The user or service account that is running this provider when creating a `organizations.Project` resource must have `roles/resourcemanager.projectCreator` on the specified organization. See the [Access Control for Organizations Using IAM](https://cloud.google.com/resource-manager/docs/access-control-org) doc for more information.

> This resource reads the specified billing account on every pulumi up and plan operation so you must have permissions on the specified billing account.

To get more information about projects, see:

* [API documentation](https://cloud.google.com/resource-manager/reference/rest/v1/projects) * How-to Guides

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := organizations.NewProject(ctx, "myProject", &organizations.ProjectArgs{
			OrgId:     pulumi.String("1234567"),
			ProjectId: pulumi.String("your-project-id"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

To create a project under a specific folder

```go package main

import ( 

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		department1, err := organizations.NewFolder(ctx, "department1", &organizations.FolderArgs{
			DisplayName: pulumi.String("Department 1"),
			Parent:      pulumi.String("organizations/1234567"),
		})
		if err != nil {
			return err
		}
		_, err = organizations.NewProject(ctx, "myProject-in-a-folder", &organizations.ProjectArgs{
			ProjectId: pulumi.String("your-project-id"),
			FolderId:  department1.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Projects can be imported using the `project_id`, e.g.

```sh 

$ pulumi import gcp:organizations/project:Project my_project your-project-id

```

func GetProject 

func GetProject(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ProjectState, opts ...pulumi.ResourceOption) (*Project, error)

GetProject gets an existing Project resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewProject 

func NewProject(ctx *pulumi.Context,
	name string, args *ProjectArgs, opts ...pulumi.ResourceOption) (*Project, error)

NewProject registers a new resource with the given unique name, arguments, and options.

func (*Project) ElementType 

func (*Project) ElementType() reflect.Type

func (*Project) ToOutput added in v6.65.1 

func (i *Project) ToOutput(ctx context.Context) pulumix.Output[*Project]

func (*Project) ToProjectOutput 

func (i *Project) ToProjectOutput() ProjectOutput

func (*Project) ToProjectOutputWithContext 

func (i *Project) ToProjectOutputWithContext(ctx context.Context) ProjectOutput

type ProjectArgs 

type ProjectArgs struct {
	// Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
	// that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
	// if you set auto_create_network to false, since the network will exist momentarily.
	AutoCreateNetwork pulumi.BoolPtrInput
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with the provider
	// must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account.
	// See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/docs/how-to/billing-access)
	// for more details.
	BillingAccount pulumi.StringPtrInput
	// The numeric ID of the folder this project should be
	// created under. Only one of `orgId` or `folderId` may be
	// specified. If the `folderId` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId pulumi.StringPtrInput
	// A set of key/value label pairs to assign to the project.
	Labels pulumi.StringMapInput
	// The display name of the project.
	Name pulumi.StringPtrInput
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `orgId` or `folderId` may be specified. If the `orgId` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId pulumi.StringPtrInput
	// The project ID. Changing this forces a new project to be created.
	ProjectId pulumi.StringInput
	// If true, the resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete pulumi.BoolPtrInput
}

The set of arguments for constructing a Project resource.

func (ProjectArgs) ElementType 

func (ProjectArgs) ElementType() reflect.Type

type ProjectArray 

type ProjectArray []ProjectInput

func (ProjectArray) ElementType 

func (ProjectArray) ElementType() reflect.Type

func (ProjectArray) ToOutput added in v6.65.1 

func (i ProjectArray) ToOutput(ctx context.Context) pulumix.Output[[]*Project]

func (ProjectArray) ToProjectArrayOutput 

func (i ProjectArray) ToProjectArrayOutput() ProjectArrayOutput

func (ProjectArray) ToProjectArrayOutputWithContext 

func (i ProjectArray) ToProjectArrayOutputWithContext(ctx context.Context) ProjectArrayOutput

type ProjectArrayInput 

type ProjectArrayInput interface {
	pulumi.Input

	ToProjectArrayOutput() ProjectArrayOutput
	ToProjectArrayOutputWithContext(context.Context) ProjectArrayOutput
}

ProjectArrayInput is an input type that accepts ProjectArray and ProjectArrayOutput values. You can construct a concrete instance of `ProjectArrayInput` via: 

ProjectArray{ ProjectArgs{...} }

type ProjectArrayOutput 

type ProjectArrayOutput struct{ *pulumi.OutputState }

func (ProjectArrayOutput) ElementType 

func (ProjectArrayOutput) ElementType() reflect.Type

func (ProjectArrayOutput) Index 

func (o ProjectArrayOutput) Index(i pulumi.IntInput) ProjectOutput

func (ProjectArrayOutput) ToOutput added in v6.65.1 

func (o ProjectArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Project]

func (ProjectArrayOutput) ToProjectArrayOutput 

func (o ProjectArrayOutput) ToProjectArrayOutput() ProjectArrayOutput

func (ProjectArrayOutput) ToProjectArrayOutputWithContext 

func (o ProjectArrayOutput) ToProjectArrayOutputWithContext(ctx context.Context) ProjectArrayOutput

type ProjectInput 

type ProjectInput interface {
	pulumi.Input

	ToProjectOutput() ProjectOutput
	ToProjectOutputWithContext(ctx context.Context) ProjectOutput
}

type ProjectMap 

type ProjectMap map[string]ProjectInput

func (ProjectMap) ElementType 

func (ProjectMap) ElementType() reflect.Type

func (ProjectMap) ToOutput added in v6.65.1 

func (i ProjectMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Project]

func (ProjectMap) ToProjectMapOutput 

func (i ProjectMap) ToProjectMapOutput() ProjectMapOutput

func (ProjectMap) ToProjectMapOutputWithContext 

func (i ProjectMap) ToProjectMapOutputWithContext(ctx context.Context) ProjectMapOutput

type ProjectMapInput 

type ProjectMapInput interface {
	pulumi.Input

	ToProjectMapOutput() ProjectMapOutput
	ToProjectMapOutputWithContext(context.Context) ProjectMapOutput
}

ProjectMapInput is an input type that accepts ProjectMap and ProjectMapOutput values. You can construct a concrete instance of `ProjectMapInput` via: 

ProjectMap{ "key": ProjectArgs{...} }

type ProjectMapOutput 

type ProjectMapOutput struct{ *pulumi.OutputState }

func (ProjectMapOutput) ElementType 

func (ProjectMapOutput) ElementType() reflect.Type

func (ProjectMapOutput) MapIndex 

func (o ProjectMapOutput) MapIndex(k pulumi.StringInput) ProjectOutput

func (ProjectMapOutput) ToOutput added in v6.65.1 

func (o ProjectMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Project]

func (ProjectMapOutput) ToProjectMapOutput 

func (o ProjectMapOutput) ToProjectMapOutput() ProjectMapOutput

func (ProjectMapOutput) ToProjectMapOutputWithContext 

func (o ProjectMapOutput) ToProjectMapOutputWithContext(ctx context.Context) ProjectMapOutput

type ProjectOutput 

type ProjectOutput struct{ *pulumi.OutputState }

func (ProjectOutput) AutoCreateNetwork added in v6.23.0 

func (o ProjectOutput) AutoCreateNetwork() pulumi.BoolPtrOutput

Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even if you set auto_create_network to false, since the network will exist momentarily.

func (ProjectOutput) BillingAccount added in v6.23.0 

func (o ProjectOutput) BillingAccount() pulumi.StringPtrOutput

The alphanumeric ID of the billing account this project belongs to. The user or service account performing this operation with the provider must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account. See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/docs/how-to/billing-access) for more details.

func (ProjectOutput) ElementType 

func (ProjectOutput) ElementType() reflect.Type

func (ProjectOutput) FolderId added in v6.23.0 

func (o ProjectOutput) FolderId() pulumi.StringPtrOutput

The numeric ID of the folder this project should be created under. Only one of `orgId` or `folderId` may be specified. If the `folderId` is specified, then the project is created under the specified folder. Changing this forces the project to be migrated to the newly specified folder.

func (ProjectOutput) Labels added in v6.23.0 

func (o ProjectOutput) Labels() pulumi.StringMapOutput

A set of key/value label pairs to assign to the project.

func (ProjectOutput) Name added in v6.23.0 

func (o ProjectOutput) Name() pulumi.StringOutput

The display name of the project.

func (ProjectOutput) Number added in v6.23.0 

func (o ProjectOutput) Number() pulumi.StringOutput

The numeric identifier of the project.

func (ProjectOutput) OrgId added in v6.23.0 

func (o ProjectOutput) OrgId() pulumi.StringPtrOutput

The numeric ID of the organization this project belongs to. Changing this forces a new project to be created. Only one of `orgId` or `folderId` may be specified. If the `orgId` is specified then the project is created at the top level. Changing this forces the project to be migrated to the newly specified organization.

func (ProjectOutput) ProjectId added in v6.23.0 

func (o ProjectOutput) ProjectId() pulumi.StringOutput

The project ID. Changing this forces a new project to be created.

func (ProjectOutput) SkipDelete added in v6.23.0 

func (o ProjectOutput) SkipDelete() pulumi.BoolOutput

If true, the resource can be deleted without deleting the Project via the Google API.

func (ProjectOutput) ToOutput added in v6.65.1 

func (o ProjectOutput) ToOutput(ctx context.Context) pulumix.Output[*Project]

func (ProjectOutput) ToProjectOutput 

func (o ProjectOutput) ToProjectOutput() ProjectOutput

func (ProjectOutput) ToProjectOutputWithContext 

func (o ProjectOutput) ToProjectOutputWithContext(ctx context.Context) ProjectOutput

type ProjectState 

type ProjectState struct {
	// Create the 'default' network automatically. Default true. If set to false, the default network will be deleted. Note
	// that, for quota purposes, you will still need to have 1 network slot available to create the project successfully, even
	// if you set auto_create_network to false, since the network will exist momentarily.
	AutoCreateNetwork pulumi.BoolPtrInput
	// The alphanumeric ID of the billing account this project
	// belongs to. The user or service account performing this operation with the provider
	// must have at mininum Billing Account User privileges (`roles/billing.user`) on the billing account.
	// See [Google Cloud Billing API Access Control](https://cloud.google.com/billing/docs/how-to/billing-access)
	// for more details.
	BillingAccount pulumi.StringPtrInput
	// The numeric ID of the folder this project should be
	// created under. Only one of `orgId` or `folderId` may be
	// specified. If the `folderId` is specified, then the project is
	// created under the specified folder. Changing this forces the
	// project to be migrated to the newly specified folder.
	FolderId pulumi.StringPtrInput
	// A set of key/value label pairs to assign to the project.
	Labels pulumi.StringMapInput
	// The display name of the project.
	Name pulumi.StringPtrInput
	// The numeric identifier of the project.
	Number pulumi.StringPtrInput
	// The numeric ID of the organization this project belongs to.
	// Changing this forces a new project to be created.  Only one of
	// `orgId` or `folderId` may be specified. If the `orgId` is
	// specified then the project is created at the top level. Changing
	// this forces the project to be migrated to the newly specified
	// organization.
	OrgId pulumi.StringPtrInput
	// The project ID. Changing this forces a new project to be created.
	ProjectId pulumi.StringPtrInput
	// If true, the resource can be deleted
	// without deleting the Project via the Google API.
	SkipDelete pulumi.BoolPtrInput
}

func (ProjectState) ElementType 

func (ProjectState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.