UNPKG

@pulumi/gcp

Version:

A Pulumi package for creating and managing Google Cloud Platform resources.

pulumi.io

pulumi/pulumi-gcp

72 lines 3.02 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
"use strict"; // *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.getAccountJwtOutput = exports.getAccountJwt = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("../utilities"); /** * This data source provides a [self-signed JWT](https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-jwt). Tokens issued from this data source are typically used to call external services that accept JWTs for authentication. * * ## Example Usage * * Note: in order to use the following, the caller must have _at least_ `roles/iam.serviceAccountTokenCreator` on the `targetServiceAccount`. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const foo = gcp.serviceaccount.getAccountJwt({ * targetServiceAccount: "impersonated-account@project.iam.gserviceaccount.com", * payload: JSON.stringify({ * foo: "bar", * sub: "subject", * }), * expiresIn: 60, * }); * export const jwt = foo.then(foo => foo.jwt); * ``` */ function getAccountJwt(args, opts) { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("gcp:serviceaccount/getAccountJwt:getAccountJwt", { "delegates": args.delegates, "expiresIn": args.expiresIn, "payload": args.payload, "targetServiceAccount": args.targetServiceAccount, }, opts); } exports.getAccountJwt = getAccountJwt; /** * This data source provides a [self-signed JWT](https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-jwt). Tokens issued from this data source are typically used to call external services that accept JWTs for authentication. * * ## Example Usage * * Note: in order to use the following, the caller must have _at least_ `roles/iam.serviceAccountTokenCreator` on the `targetServiceAccount`. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const foo = gcp.serviceaccount.getAccountJwt({ * targetServiceAccount: "impersonated-account@project.iam.gserviceaccount.com", * payload: JSON.stringify({ * foo: "bar", * sub: "subject", * }), * expiresIn: 60, * }); * export const jwt = foo.then(foo => foo.jwt); * ``` */ function getAccountJwtOutput(args, opts) { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("gcp:serviceaccount/getAccountJwt:getAccountJwt", { "delegates": args.delegates, "expiresIn": args.expiresIn, "payload": args.payload, "targetServiceAccount": args.targetServiceAccount, }, opts); } exports.getAccountJwtOutput = getAccountJwtOutput; //# sourceMappingURL=getAccountJwt.js.map