@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
95 lines • 4.05 kB
JavaScript
;
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.getAccountJwtOutput = exports.getAccountJwt = void 0;
const pulumi = __importStar(require("@pulumi/pulumi"));
const utilities = __importStar(require("../utilities"));
/**
* This data source provides a [self-signed JWT](https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-jwt). Tokens issued from this data source are typically used to call external services that accept JWTs for authentication.
*
* ## Example Usage
*
* Note: in order to use the following, the caller must have _at least_ `roles/iam.serviceAccountTokenCreator` on the `targetServiceAccount`.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const foo = gcp.serviceaccount.getAccountJwt({
* targetServiceAccount: "impersonated-account@project.iam.gserviceaccount.com",
* payload: JSON.stringify({
* foo: "bar",
* sub: "subject",
* }),
* expiresIn: 60,
* });
* export const jwt = foo.then(foo => foo.jwt);
* ```
*/
function getAccountJwt(args, opts) {
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {});
return pulumi.runtime.invoke("gcp:serviceaccount/getAccountJwt:getAccountJwt", {
"delegates": args.delegates,
"expiresIn": args.expiresIn,
"payload": args.payload,
"targetServiceAccount": args.targetServiceAccount,
}, opts);
}
exports.getAccountJwt = getAccountJwt;
/**
* This data source provides a [self-signed JWT](https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-jwt). Tokens issued from this data source are typically used to call external services that accept JWTs for authentication.
*
* ## Example Usage
*
* Note: in order to use the following, the caller must have _at least_ `roles/iam.serviceAccountTokenCreator` on the `targetServiceAccount`.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const foo = gcp.serviceaccount.getAccountJwt({
* targetServiceAccount: "impersonated-account@project.iam.gserviceaccount.com",
* payload: JSON.stringify({
* foo: "bar",
* sub: "subject",
* }),
* expiresIn: 60,
* });
* export const jwt = foo.then(foo => foo.jwt);
* ```
*/
function getAccountJwtOutput(args, opts) {
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {});
return pulumi.runtime.invokeOutput("gcp:serviceaccount/getAccountJwt:getAccountJwt", {
"delegates": args.delegates,
"expiresIn": args.expiresIn,
"payload": args.payload,
"targetServiceAccount": args.targetServiceAccount,
}, opts);
}
exports.getAccountJwtOutput = getAccountJwtOutput;
//# sourceMappingURL=getAccountJwt.js.map