UNPKG

@pulumi/gcp

Version:

A Pulumi package for creating and managing Google Cloud Platform resources.

pulumi/pulumi-gcp

161 lines • 8.37 kB

JavaScript

"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.WorkloadIdentityPoolManagedIdentity = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("../utilities"); /** * Represents a managed identity for a workload identity pool namespace. * * To get more information about WorkloadIdentityPoolManagedIdentity, see: * * * [API documentation](https://cloud.google.com/iam/docs/reference/rest/v1/projects.locations.workloadIdentityPools.namespaces.managedIdentities) * * How-to Guides * * [Configure managed workload identity authentication for Compute Engine](https://cloud.google.com/iam/docs/create-managed-workload-identities) * * [Configure managed workload identity authentication for GKE](https://cloud.google.com/iam/docs/create-managed-workload-identities-gke) * * ## Example Usage * * ### Iam Workload Identity Pool Managed Identity Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const pool = new gcp.iam.WorkloadIdentityPool("pool", { * workloadIdentityPoolId: "example-pool", * mode: "TRUST_DOMAIN", * }); * const ns = new gcp.iam.WorkloadIdentityPoolNamespace("ns", { * workloadIdentityPoolId: pool.workloadIdentityPoolId, * workloadIdentityPoolNamespaceId: "example-namespace", * }); * const example = new gcp.iam.WorkloadIdentityPoolManagedIdentity("example", { * workloadIdentityPoolId: pool.workloadIdentityPoolId, * workloadIdentityPoolNamespaceId: ns.workloadIdentityPoolNamespaceId, * workloadIdentityPoolManagedIdentityId: "example-managed-identity", * }); * ``` * ### Iam Workload Identity Pool Managed Identity Full * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const pool = new gcp.iam.WorkloadIdentityPool("pool", { * workloadIdentityPoolId: "example-pool", * mode: "TRUST_DOMAIN", * }); * const ns = new gcp.iam.WorkloadIdentityPoolNamespace("ns", { * workloadIdentityPoolId: pool.workloadIdentityPoolId, * workloadIdentityPoolNamespaceId: "example-namespace", * }); * const example = new gcp.iam.WorkloadIdentityPoolManagedIdentity("example", { * workloadIdentityPoolId: pool.workloadIdentityPoolId, * workloadIdentityPoolNamespaceId: ns.workloadIdentityPoolNamespaceId, * workloadIdentityPoolManagedIdentityId: "example-managed-identity", * description: "Example Managed Identity in a Workload Identity Pool Namespace", * disabled: true, * attestationRules: [ * { * googleCloudResource: "//compute.googleapis.com/projects/1111111111111/uid/zones/us-central1-a/instances/12345678", * }, * { * googleCloudResource: "//run.googleapis.com/projects/1111111111111/name/locations/us-east1/services/my-service", * }, * ], * }); * ``` * * ## Import * * WorkloadIdentityPoolManagedIdentity can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/global/workloadIdentityPools/{{workload_identity_pool_id}}/namespaces/{{workload_identity_pool_namespace_id}}/managedIdentities/{{workload_identity_pool_managed_identity_id}}` * * * `{{project}}/{{workload_identity_pool_id}}/{{workload_identity_pool_namespace_id}}/{{workload_identity_pool_managed_identity_id}}` * * * `{{workload_identity_pool_id}}/{{workload_identity_pool_namespace_id}}/{{workload_identity_pool_managed_identity_id}}` * * When using the `pulumi import` command, WorkloadIdentityPoolManagedIdentity can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:iam/workloadIdentityPoolManagedIdentity:WorkloadIdentityPoolManagedIdentity default projects/{{project}}/locations/global/workloadIdentityPools/{{workload_identity_pool_id}}/namespaces/{{workload_identity_pool_namespace_id}}/managedIdentities/{{workload_identity_pool_managed_identity_id}} * ``` * * ```sh * $ pulumi import gcp:iam/workloadIdentityPoolManagedIdentity:WorkloadIdentityPoolManagedIdentity default {{project}}/{{workload_identity_pool_id}}/{{workload_identity_pool_namespace_id}}/{{workload_identity_pool_managed_identity_id}} * ``` * * ```sh * $ pulumi import gcp:iam/workloadIdentityPoolManagedIdentity:WorkloadIdentityPoolManagedIdentity default {{workload_identity_pool_id}}/{{workload_identity_pool_namespace_id}}/{{workload_identity_pool_managed_identity_id}} * ``` */ class WorkloadIdentityPoolManagedIdentity extends pulumi.CustomResource { /** * Get an existing WorkloadIdentityPoolManagedIdentity resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name, id, state, opts) { return new WorkloadIdentityPoolManagedIdentity(name, state, { ...opts, id: id }); } /** * Returns true if the given object is an instance of WorkloadIdentityPoolManagedIdentity. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj) { if (obj === undefined || obj === null) { return false; } return obj['__pulumiType'] === WorkloadIdentityPoolManagedIdentity.__pulumiType; } constructor(name, argsOrState, opts) { let resourceInputs = {}; opts = opts || {}; if (opts.id) { const state = argsOrState; resourceInputs["attestationRules"] = state?.attestationRules; resourceInputs["description"] = state?.description; resourceInputs["disabled"] = state?.disabled; resourceInputs["name"] = state?.name; resourceInputs["project"] = state?.project; resourceInputs["state"] = state?.state; resourceInputs["workloadIdentityPoolId"] = state?.workloadIdentityPoolId; resourceInputs["workloadIdentityPoolManagedIdentityId"] = state?.workloadIdentityPoolManagedIdentityId; resourceInputs["workloadIdentityPoolNamespaceId"] = state?.workloadIdentityPoolNamespaceId; } else { const args = argsOrState; if (args?.workloadIdentityPoolId === undefined && !opts.urn) { throw new Error("Missing required property 'workloadIdentityPoolId'"); } if (args?.workloadIdentityPoolManagedIdentityId === undefined && !opts.urn) { throw new Error("Missing required property 'workloadIdentityPoolManagedIdentityId'"); } if (args?.workloadIdentityPoolNamespaceId === undefined && !opts.urn) { throw new Error("Missing required property 'workloadIdentityPoolNamespaceId'"); } resourceInputs["attestationRules"] = args?.attestationRules; resourceInputs["description"] = args?.description; resourceInputs["disabled"] = args?.disabled; resourceInputs["project"] = args?.project; resourceInputs["workloadIdentityPoolId"] = args?.workloadIdentityPoolId; resourceInputs["workloadIdentityPoolManagedIdentityId"] = args?.workloadIdentityPoolManagedIdentityId; resourceInputs["workloadIdentityPoolNamespaceId"] = args?.workloadIdentityPoolNamespaceId; resourceInputs["name"] = undefined /*out*/; resourceInputs["state"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); super(WorkloadIdentityPoolManagedIdentity.__pulumiType, name, resourceInputs, opts); } } exports.WorkloadIdentityPoolManagedIdentity = WorkloadIdentityPoolManagedIdentity; /** @internal */ WorkloadIdentityPoolManagedIdentity.__pulumiType = 'gcp:iam/workloadIdentityPoolManagedIdentity:WorkloadIdentityPoolManagedIdentity'; //# sourceMappingURL=workloadIdentityPoolManagedIdentity.js.map