Docs Home
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
google-native.gkehub/v1alpha.MembershipRbacRoleBinding
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi
Creates a Membership RBACRoleBinding. Auto-naming is currently not supported for this resource.
Create MembershipRbacRoleBinding Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MembershipRbacRoleBinding(name: string, args: MembershipRbacRoleBindingArgs, opts?: CustomResourceOptions);@overload
def MembershipRbacRoleBinding(resource_name: str,
args: MembershipRbacRoleBindingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def MembershipRbacRoleBinding(resource_name: str,
opts: Optional[ResourceOptions] = None,
membership_id: Optional[str] = None,
rbacrolebinding_id: Optional[str] = None,
role: Optional[RoleArgs] = None,
group: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None,
user: Optional[str] = None)func NewMembershipRbacRoleBinding(ctx *Context, name string, args MembershipRbacRoleBindingArgs, opts ...ResourceOption) (*MembershipRbacRoleBinding, error)public MembershipRbacRoleBinding(string name, MembershipRbacRoleBindingArgs args, CustomResourceOptions? opts = null)public MembershipRbacRoleBinding(String name, MembershipRbacRoleBindingArgs args)
public MembershipRbacRoleBinding(String name, MembershipRbacRoleBindingArgs args, CustomResourceOptions options)
type: google-native:gkehub/v1alpha:MembershipRbacRoleBinding
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. MembershipRbacRoleBindingArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. MembershipRbacRoleBindingArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. MembershipRbacRoleBindingArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. MembershipRbacRoleBindingArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. MembershipRbacRoleBindingArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var membershipRbacRoleBindingResource = new GoogleNative.GKEHub.V1Alpha.MembershipRbacRoleBinding("membershipRbacRoleBindingResource", new()
{
MembershipId = "string",
RbacrolebindingId = "string",
Role = new GoogleNative.GKEHub.V1Alpha.Inputs.RoleArgs
{
PredefinedRole = GoogleNative.GKEHub.V1Alpha.RolePredefinedRole.Unknown,
},
Group = "string",
Labels =
{
{ "string", "string" },
},
Location = "string",
Name = "string",
Project = "string",
User = "string",
});
example, err := gkehubv1alpha.NewMembershipRbacRoleBinding(ctx, "membershipRbacRoleBindingResource", &gkehubv1alpha.MembershipRbacRoleBindingArgs{
MembershipId: pulumi.String("string"),
RbacrolebindingId: pulumi.String("string"),
Role: &gkehub.RoleArgs{
PredefinedRole: gkehubv1alpha.RolePredefinedRoleUnknown,
},
Group: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Location: pulumi.String("string"),
Name: pulumi.String("string"),
Project: pulumi.String("string"),
User: pulumi.String("string"),
})
var membershipRbacRoleBindingResource = new MembershipRbacRoleBinding("membershipRbacRoleBindingResource", MembershipRbacRoleBindingArgs.builder()
.membershipId("string")
.rbacrolebindingId("string")
.role(RoleArgs.builder()
.predefinedRole("UNKNOWN")
.build())
.group("string")
.labels(Map.of("string", "string"))
.location("string")
.name("string")
.project("string")
.user("string")
.build());
membership_rbac_role_binding_resource = google_native.gkehub.v1alpha.MembershipRbacRoleBinding("membershipRbacRoleBindingResource",
membership_id="string",
rbacrolebinding_id="string",
role={
"predefined_role": google_native.gkehub.v1alpha.RolePredefinedRole.UNKNOWN,
},
group="string",
labels={
"string": "string",
},
location="string",
name="string",
project="string",
user="string")
const membershipRbacRoleBindingResource = new google_native.gkehub.v1alpha.MembershipRbacRoleBinding("membershipRbacRoleBindingResource", {
membershipId: "string",
rbacrolebindingId: "string",
role: {
predefinedRole: google_native.gkehub.v1alpha.RolePredefinedRole.Unknown,
},
group: "string",
labels: {
string: "string",
},
location: "string",
name: "string",
project: "string",
user: "string",
});
type: google-native:gkehub/v1alpha:MembershipRbacRoleBinding
properties:
group: string
labels:
string: string
location: string
membershipId: string
name: string
project: string
rbacrolebindingId: string
role:
predefinedRole: UNKNOWN
user: string
MembershipRbacRoleBinding Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The MembershipRbacRoleBinding resource accepts the following input properties:
- Membership
Id stringThis property is required. 
Changes to this property will trigger replacement. - Rbacrolebinding
Id stringThis property is required. Changes to this property will trigger replacement. - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_idmust be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?, with a maximum length of 63 characters. - Role
This property is required. Pulumi.Google Native. GKEHub. V1Alpha. Inputs. Role - Role to bind to the principal
- Group string
- group is the group, as seen by the kubernetes cluster.
- Labels Dictionary<string, string>
- Optional. Labels for this RBACRolebinding.
- Location
- Name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding} - Project
- User string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- Membership
Id stringThis property is required. Changes to this property will trigger replacement. - Rbacrolebinding
Id stringThis property is required. Changes to this property will trigger replacement. - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_idmust be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?, with a maximum length of 63 characters. - Role
This property is required. RoleArgs - Role to bind to the principal
- Group string
- group is the group, as seen by the kubernetes cluster.
- Labels map[string]string
- Optional. Labels for this RBACRolebinding.
- Location
- Name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding} - Project
- User string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership
Id StringThis property is required. Changes to this property will trigger replacement. - rbacrolebinding
Id StringThis property is required. Changes to this property will trigger replacement. - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_idmust be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?, with a maximum length of 63 characters. - role
This property is required. Role - Role to bind to the principal
- group String
- group is the group, as seen by the kubernetes cluster.
- labels Map<String,String>
- Optional. Labels for this RBACRolebinding.
- location
- name String
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding} - project
- user String
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership
Id stringThis property is required. Changes to this property will trigger replacement. - rbacrolebinding
Id stringThis property is required. Changes to this property will trigger replacement. - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_idmust be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?, with a maximum length of 63 characters. - role
This property is required. Role - Role to bind to the principal
- group string
- group is the group, as seen by the kubernetes cluster.
- labels {[key: string]: string}
- Optional. Labels for this RBACRolebinding.
- location
- name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding} - project
- user string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership_
id strThis property is required. Changes to this property will trigger replacement. - rbacrolebinding_
id strThis property is required. Changes to this property will trigger replacement. - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_idmust be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?, with a maximum length of 63 characters. - role
This property is required. RoleArgs - Role to bind to the principal
- group str
- group is the group, as seen by the kubernetes cluster.
- labels Mapping[str, str]
- Optional. Labels for this RBACRolebinding.
- location
- name str
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding} - project
- user str
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership
Id StringThis property is required. Changes to this property will trigger replacement. - rbacrolebinding
Id StringThis property is required. Changes to this property will trigger replacement. - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_idmust be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?, with a maximum length of 63 characters. - role
This property is required. Property Map - Role to bind to the principal
- group String
- group is the group, as seen by the kubernetes cluster.
- labels Map<String>
- Optional. Labels for this RBACRolebinding.
- location
- name String
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding} - project
- user String
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
Outputs
All input properties are implicitly available as output properties. Additionally, the MembershipRbacRoleBinding resource produces the following output properties:
- Create
Time string - When the rbacrolebinding was created.
- Delete
Time string - When the rbacrolebinding was deleted.
- Id string
- The provider-assigned unique ID for this managed resource.
- State
Pulumi.
Google Native. GKEHub. V1Alpha. Outputs. RBACRole Binding Lifecycle State Response - State of the rbacrolebinding resource.
- Uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- Update
Time string - When the rbacrolebinding was last updated.
- Create
Time string - When the rbacrolebinding was created.
- Delete
Time string - When the rbacrolebinding was deleted.
- Id string
- The provider-assigned unique ID for this managed resource.
- State
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- Uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- Update
Time string - When the rbacrolebinding was last updated.
- create
Time String - When the rbacrolebinding was created.
- delete
Time String - When the rbacrolebinding was deleted.
- id String
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid String
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time String - When the rbacrolebinding was last updated.
- create
Time string - When the rbacrolebinding was created.
- delete
Time string - When the rbacrolebinding was deleted.
- id string
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time string - When the rbacrolebinding was last updated.
- create_
time str - When the rbacrolebinding was created.
- delete_
time str - When the rbacrolebinding was deleted.
- id str
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid str
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update_
time str - When the rbacrolebinding was last updated.
- create
Time String - When the rbacrolebinding was created.
- delete
Time String - When the rbacrolebinding was deleted.
- id String
- The provider-assigned unique ID for this managed resource.
- state Property Map
- State of the rbacrolebinding resource.
- uid String
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time String - When the rbacrolebinding was last updated.
Supporting Types
RBACRoleBindingLifecycleStateResponse, RBACRoleBindingLifecycleStateResponseArgs
, RBACRoleBindingLifecycleStateResponseArgs
- Code
This property is required. string - The current state of the rbacrolebinding resource.
- Code
This property is required. string - The current state of the rbacrolebinding resource.
- code
This property is required. String - The current state of the rbacrolebinding resource.
- code
This property is required. string - The current state of the rbacrolebinding resource.
- code
This property is required. str - The current state of the rbacrolebinding resource.
- code
This property is required. String - The current state of the rbacrolebinding resource.
Role, RoleArgs
, RoleArgs
- Predefined
Role Pulumi.Google Native. GKEHub. V1Alpha. Role Predefined Role - predefined_role is the Kubernetes default role to use
- Predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined_
role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role "UNKNOWN" | "ADMIN" | "EDIT" | "VIEW" | "ANTHOS_SUPPORT" - predefined_role is the Kubernetes default role to use
RolePredefinedRole, RolePredefinedRoleArgs
, RolePredefinedRoleArgs
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Role
Predefined Role Unknown - UNKNOWNUNKNOWN
- Role
Predefined Role Admin - ADMINADMIN has EDIT and RBAC permissions
- Role
Predefined Role Edit - EDITEDIT can edit all resources except RBAC
- Role
Predefined Role View - VIEWVIEW can only read resources
- Role
Predefined Role Anthos Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- UNKNOWN
- UNKNOWNUNKNOWN
- ADMIN
- ADMINADMIN has EDIT and RBAC permissions
- EDIT
- EDITEDIT can edit all resources except RBAC
- VIEW
- VIEWVIEW can only read resources
- ANTHOS_SUPPORT
- ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- "UNKNOWN"
- UNKNOWNUNKNOWN
- "ADMIN"
- ADMINADMIN has EDIT and RBAC permissions
- "EDIT"
- EDITEDIT can edit all resources except RBAC
- "VIEW"
- VIEWVIEW can only read resources
- "ANTHOS_SUPPORT"
- ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
RoleResponse, RoleResponseArgs
, RoleResponseArgs
- Predefined
Role This property is required. string - predefined_role is the Kubernetes default role to use
- Predefined
Role This property is required. string - predefined_role is the Kubernetes default role to use
- predefined
Role This property is required. String - predefined_role is the Kubernetes default role to use
- predefined
Role This property is required. string - predefined_role is the Kubernetes default role to use
- predefined_
role This property is required. str - predefined_role is the Kubernetes default role to use
- predefined
Role This property is required. String - predefined_role is the Kubernetes default role to use
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi