UNPKG

@pulumi/gcp

Version:

A Pulumi package for creating and managing Google Cloud Platform resources.

pulumi.io

pulumi/pulumi-gcp

72 lines (71 loc) 2.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
import * as pulumi from "@pulumi/pulumi"; /** * Get OpenID userinfo about the credentials used with the Google provider, * specifically the email. * * This datasource enables you to export the email of the account you've * authenticated the provider with; this can be used alongside * `data.google_client_config`'s `accessToken` to perform OpenID Connect * authentication with GKE and configure an RBAC role for the email used. * * > This resource will only work as expected if the provider is configured to * use the `https://www.googleapis.com/auth/userinfo.email` scope! You will * receive an error otherwise. The provider uses this scope by default. * * ## Example Usage * * ### Exporting An Email * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * export = async () => { * const me = await gcp.organizations.getClientOpenIdUserInfo({}); * return { * "my-email": me.email, * }; * } * ``` */ export declare function getClientOpenIdUserInfo(opts?: pulumi.InvokeOptions): Promise<GetClientOpenIdUserInfoResult>; /** * A collection of values returned by getClientOpenIdUserInfo. */ export interface GetClientOpenIdUserInfoResult { /** * The email of the account used by the provider to authenticate with GCP. */ readonly email: string; readonly id: string; } /** * Get OpenID userinfo about the credentials used with the Google provider, * specifically the email. * * This datasource enables you to export the email of the account you've * authenticated the provider with; this can be used alongside * `data.google_client_config`'s `accessToken` to perform OpenID Connect * authentication with GKE and configure an RBAC role for the email used. * * > This resource will only work as expected if the provider is configured to * use the `https://www.googleapis.com/auth/userinfo.email` scope! You will * receive an error otherwise. The provider uses this scope by default. * * ## Example Usage * * ### Exporting An Email * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * export = async () => { * const me = await gcp.organizations.getClientOpenIdUserInfo({}); * return { * "my-email": me.email, * }; * } * ``` */ export declare function getClientOpenIdUserInfoOutput(opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetClientOpenIdUserInfoResult>;