Yandex v0.13.0 published on Tuesday, Feb 22, 2022 by Pulumi
yandex.getIamPolicy
Start a Neo task
Explain and create a yandex.getIamPolicy resource
Generates an [IAM] policy document that may be referenced by and applied to
other Yandex.Cloud Platform resources, such as the yandex.ResourcemanagerFolder resource.
import * as pulumi from "@pulumi/pulumi";
import * as yandex from "@pulumi/yandex";
const admin = pulumi.output(yandex.getIamPolicy({
bindings: [
{
members: ["userAccount:user_id_1"],
role: "admin",
},
{
members: ["userAccount:user_id_2"],
role: "viewer",
},
],
}));
import pulumi
import pulumi_yandex as yandex
admin = yandex.get_iam_policy(bindings=[
yandex.GetIamPolicyBindingArgs(
members=["userAccount:user_id_1"],
role="admin",
),
yandex.GetIamPolicyBindingArgs(
members=["userAccount:user_id_2"],
role="viewer",
),
])
using Pulumi;
using Yandex = Pulumi.Yandex;
class MyStack : Stack
{
public MyStack()
{
var admin = Output.Create(Yandex.GetIamPolicy.InvokeAsync(new Yandex.GetIamPolicyArgs
{
Bindings =
{
new Yandex.Inputs.GetIamPolicyBindingArgs
{
Members =
{
"userAccount:user_id_1",
},
Role = "admin",
},
new Yandex.Inputs.GetIamPolicyBindingArgs
{
Members =
{
"userAccount:user_id_2",
},
Role = "viewer",
},
},
}));
}
}
package main
import (
"github.com/pulumi/pulumi-yandex/sdk/go/yandex"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := yandex.GetIamPolicy(ctx, &GetIamPolicyArgs{
Bindings: []GetIamPolicyBinding{
GetIamPolicyBinding{
Members: []string{
"userAccount:user_id_1",
},
Role: "admin",
},
GetIamPolicyBinding{
Members: []string{
"userAccount:user_id_2",
},
Role: "viewer",
},
},
}, nil)
if err != nil {
return err
}
return nil
})
}
This data source is used to define [IAM] policies to apply to other resources. Currently, defining a policy through a data source and referencing that policy from another resource is the only way to apply an IAM policy to a resource.
Using getIamPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getIamPolicy(args: GetIamPolicyArgs, opts?: InvokeOptions): Promise<GetIamPolicyResult>
function getIamPolicyOutput(args: GetIamPolicyOutputArgs, opts?: InvokeOptions): Output<GetIamPolicyResult>def get_iam_policy(bindings: Optional[Sequence[GetIamPolicyBinding]] = None,
opts: Optional[InvokeOptions] = None) -> GetIamPolicyResult
def get_iam_policy_output(bindings: Optional[pulumi.Input[Sequence[pulumi.Input[GetIamPolicyBindingArgs]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetIamPolicyResult]func GetIamPolicy(ctx *Context, args *GetIamPolicyArgs, opts ...InvokeOption) (*GetIamPolicyResult, error)
func GetIamPolicyOutput(ctx *Context, args *GetIamPolicyOutputArgs, opts ...InvokeOption) GetIamPolicyResultOutput> Note: This function is named GetIamPolicy in the Go SDK.
public static class GetIamPolicy
{
public static Task<GetIamPolicyResult> InvokeAsync(GetIamPolicyArgs args, InvokeOptions? opts = null)
public static Output<GetIamPolicyResult> Invoke(GetIamPolicyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetIamPolicyResult> getIamPolicy(GetIamPolicyArgs args, InvokeOptions options)
public static Output<GetIamPolicyResult> getIamPolicy(GetIamPolicyArgs args, InvokeOptions options)
fn::invoke:
function: yandex:index/getIamPolicy:getIamPolicy
arguments:
# arguments dictionaryThe following arguments are supported:
- Bindings
List<Get
Iam Policy Binding> - A nested configuration block (described below)
that defines a binding to be included in the policy document. Multiple
bindingarguments are supported.
- Bindings
[]Get
Iam Policy Binding - A nested configuration block (described below)
that defines a binding to be included in the policy document. Multiple
bindingarguments are supported.
- bindings
List<Get
Iam Policy Binding> - A nested configuration block (described below)
that defines a binding to be included in the policy document. Multiple
bindingarguments are supported.
- bindings
Get
Iam Policy Binding[] - A nested configuration block (described below)
that defines a binding to be included in the policy document. Multiple
bindingarguments are supported.
- bindings
Sequence[Get
Iam Policy Binding] - A nested configuration block (described below)
that defines a binding to be included in the policy document. Multiple
bindingarguments are supported.
- bindings List<Property Map>
- A nested configuration block (described below)
that defines a binding to be included in the policy document. Multiple
bindingarguments are supported.
getIamPolicy Result
The following output properties are available:
- Bindings
List<Get
Iam Policy Binding> - Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Data string - The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
- Bindings
[]Get
Iam Policy Binding - Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Data string - The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
- bindings
List<Get
Iam Policy Binding> - id String
- The provider-assigned unique ID for this managed resource.
- policy
Data String - The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
- bindings
Get
Iam Policy Binding[] - id string
- The provider-assigned unique ID for this managed resource.
- policy
Data string - The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
- bindings
Sequence[Get
Iam Policy Binding] - id str
- The provider-assigned unique ID for this managed resource.
- policy_
data str - The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
- bindings List<Property Map>
- id String
- The provider-assigned unique ID for this managed resource.
- policy
Data String - The above bindings serialized in a format suitable for referencing from a resource that supports IAM.
Supporting Types
GetIamPolicyBinding
- Members List<string>
- An array of identities that will be granted the privilege in the
role. Each entry can have one of the following values:- userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
- serviceAccount:{service_account_id}: A unique service account ID.
- Role string
- The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
- Members []string
- An array of identities that will be granted the privilege in the
role. Each entry can have one of the following values:- userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
- serviceAccount:{service_account_id}: A unique service account ID.
- Role string
- The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
- members List<String>
- An array of identities that will be granted the privilege in the
role. Each entry can have one of the following values:- userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
- serviceAccount:{service_account_id}: A unique service account ID.
- role String
- The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
- members string[]
- An array of identities that will be granted the privilege in the
role. Each entry can have one of the following values:- userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
- serviceAccount:{service_account_id}: A unique service account ID.
- role string
- The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
- members Sequence[str]
- An array of identities that will be granted the privilege in the
role. Each entry can have one of the following values:- userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
- serviceAccount:{service_account_id}: A unique service account ID.
- role str
- The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
- members List<String>
- An array of identities that will be granted the privilege in the
role. Each entry can have one of the following values:- userAccount:{user_id}: A unique user ID that represents a specific Yandex account.
- serviceAccount:{service_account_id}: A unique service account ID.
- role String
- The role/permission that will be granted to the members. See the [IAM Roles] documentation for a complete list of roles.
Package Details
- Repository
- Yandex pulumi/pulumi-yandex
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
yandexTerraform Provider.
