UNPKG

@pulumi/gcp

Version:

A Pulumi package for creating and managing Google Cloud Platform resources.

pulumi.io

pulumi/pulumi-gcp

110 lines (109 loc) 5.32 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Allows management of audit logging config for a given service for a Google Cloud Platform Organization. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const config = new gcp.organizations.IamAuditConfig("config", { * orgId: "your-organization-id", * service: "allServices", * auditLogConfigs: [{ * logType: "DATA_READ", * exemptedMembers: ["user:joebloggs@example.com"], * }], * }); * ``` * * ## Import * * IAM audit config imports use the identifier of the resource in question and the service, e.g. * * ```sh * $ pulumi import gcp:organizations/iamAuditConfig:IamAuditConfig config "your-organization-id foo.googleapis.com" * ``` */ export declare class IamAuditConfig extends pulumi.CustomResource { /** * Get an existing IamAuditConfig resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IamAuditConfigState, opts?: pulumi.CustomResourceOptions): IamAuditConfig; /** * Returns true if the given object is an instance of IamAuditConfig. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is IamAuditConfig; /** * The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below. */ readonly auditLogConfigs: pulumi.Output<outputs.organizations.IamAuditConfigAuditLogConfig[]>; /** * The etag of iam policy */ readonly etag: pulumi.Output<string>; /** * The numeric ID of the organization in which you want to manage the audit logging config. */ readonly orgId: pulumi.Output<string>; /** * Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted. */ readonly service: pulumi.Output<string>; /** * Create a IamAuditConfig resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: IamAuditConfigArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering IamAuditConfig resources. */ export interface IamAuditConfigState { /** * The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below. */ auditLogConfigs?: pulumi.Input<pulumi.Input<inputs.organizations.IamAuditConfigAuditLogConfig>[]>; /** * The etag of iam policy */ etag?: pulumi.Input<string>; /** * The numeric ID of the organization in which you want to manage the audit logging config. */ orgId?: pulumi.Input<string>; /** * Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted. */ service?: pulumi.Input<string>; } /** * The set of arguments for constructing a IamAuditConfig resource. */ export interface IamAuditConfigArgs { /** * The configuration for logging of each type of permission. This can be specified multiple times. Structure is documented below. */ auditLogConfigs: pulumi.Input<pulumi.Input<inputs.organizations.IamAuditConfigAuditLogConfig>[]>; /** * The numeric ID of the organization in which you want to manage the audit logging config. */ orgId: pulumi.Input<string>; /** * Service which will be enabled for audit logging. The special value `allServices` covers all services. Note that if there are google\_organization\_iam\_audit\_config resources covering both `allServices` and a specific service then the union of the two AuditConfigs is used for that service: the `logTypes` specified in each `auditLogConfig` are enabled, and the `exemptedMembers` in each `auditLogConfig` are exempted. */ service: pulumi.Input<string>; }