Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.gkehub/v1beta.MembershipRbacRoleBinding
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Creates a Membership RBACRoleBinding. Auto-naming is currently not supported for this resource.
Create MembershipRbacRoleBinding Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MembershipRbacRoleBinding(name: string, args: MembershipRbacRoleBindingArgs, opts?: CustomResourceOptions);
@overload
def MembershipRbacRoleBinding(resource_name: str,
args: MembershipRbacRoleBindingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def MembershipRbacRoleBinding(resource_name: str,
opts: Optional[ResourceOptions] = None,
membership_id: Optional[str] = None,
rbacrolebinding_id: Optional[str] = None,
role: Optional[RoleArgs] = None,
group: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None,
user: Optional[str] = None)
func NewMembershipRbacRoleBinding(ctx *Context, name string, args MembershipRbacRoleBindingArgs, opts ...ResourceOption) (*MembershipRbacRoleBinding, error)
public MembershipRbacRoleBinding(string name, MembershipRbacRoleBindingArgs args, CustomResourceOptions? opts = null)
public MembershipRbacRoleBinding(String name, MembershipRbacRoleBindingArgs args)
public MembershipRbacRoleBinding(String name, MembershipRbacRoleBindingArgs args, CustomResourceOptions options)
type: google-native:gkehub/v1beta:MembershipRbacRoleBinding
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args MembershipRbacRoleBindingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args MembershipRbacRoleBindingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args MembershipRbacRoleBindingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args MembershipRbacRoleBindingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args MembershipRbacRoleBindingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var google_nativeMembershipRbacRoleBindingResource = new GoogleNative.GKEHub.V1Beta.MembershipRbacRoleBinding("google-nativeMembershipRbacRoleBindingResource", new()
{
MembershipId = "string",
RbacrolebindingId = "string",
Role = new GoogleNative.GKEHub.V1Beta.Inputs.RoleArgs
{
PredefinedRole = GoogleNative.GKEHub.V1Beta.RolePredefinedRole.Unknown,
},
Group = "string",
Labels =
{
{ "string", "string" },
},
Location = "string",
Name = "string",
Project = "string",
User = "string",
});
example, err := gkehubv1beta.NewMembershipRbacRoleBinding(ctx, "google-nativeMembershipRbacRoleBindingResource", &gkehubv1beta.MembershipRbacRoleBindingArgs{
MembershipId: pulumi.String("string"),
RbacrolebindingId: pulumi.String("string"),
Role: &gkehub.RoleArgs{
PredefinedRole: gkehubv1beta.RolePredefinedRoleUnknown,
},
Group: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Location: pulumi.String("string"),
Name: pulumi.String("string"),
Project: pulumi.String("string"),
User: pulumi.String("string"),
})
var google_nativeMembershipRbacRoleBindingResource = new MembershipRbacRoleBinding("google-nativeMembershipRbacRoleBindingResource", MembershipRbacRoleBindingArgs.builder()
.membershipId("string")
.rbacrolebindingId("string")
.role(RoleArgs.builder()
.predefinedRole("UNKNOWN")
.build())
.group("string")
.labels(Map.of("string", "string"))
.location("string")
.name("string")
.project("string")
.user("string")
.build());
google_native_membership_rbac_role_binding_resource = google_native.gkehub.v1beta.MembershipRbacRoleBinding("google-nativeMembershipRbacRoleBindingResource",
membership_id="string",
rbacrolebinding_id="string",
role=google_native.gkehub.v1beta.RoleArgs(
predefined_role=google_native.gkehub.v1beta.RolePredefinedRole.UNKNOWN,
),
group="string",
labels={
"string": "string",
},
location="string",
name="string",
project="string",
user="string")
const google_nativeMembershipRbacRoleBindingResource = new google_native.gkehub.v1beta.MembershipRbacRoleBinding("google-nativeMembershipRbacRoleBindingResource", {
membershipId: "string",
rbacrolebindingId: "string",
role: {
predefinedRole: google_native.gkehub.v1beta.RolePredefinedRole.Unknown,
},
group: "string",
labels: {
string: "string",
},
location: "string",
name: "string",
project: "string",
user: "string",
});
type: google-native:gkehub/v1beta:MembershipRbacRoleBinding
properties:
group: string
labels:
string: string
location: string
membershipId: string
name: string
project: string
rbacrolebindingId: string
role:
predefinedRole: UNKNOWN
user: string
MembershipRbacRoleBinding Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The MembershipRbacRoleBinding resource accepts the following input properties:
- Membership
Id string - Rbacrolebinding
Id string - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - Role
Pulumi.
Google Native. GKEHub. V1Beta. Inputs. Role - Role to bind to the principal
- Group string
- group is the group, as seen by the kubernetes cluster.
- Labels Dictionary<string, string>
- Optional. Labels for this RBACRolebinding.
- Location string
- Name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- Project string
- User string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- Membership
Id string - Rbacrolebinding
Id string - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - Role
Role
Args - Role to bind to the principal
- Group string
- group is the group, as seen by the kubernetes cluster.
- Labels map[string]string
- Optional. Labels for this RBACRolebinding.
- Location string
- Name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- Project string
- User string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership
Id String - rbacrolebinding
Id String - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role Role
- Role to bind to the principal
- group String
- group is the group, as seen by the kubernetes cluster.
- labels Map<String,String>
- Optional. Labels for this RBACRolebinding.
- location String
- name String
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project String
- user String
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership
Id string - rbacrolebinding
Id string - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role Role
- Role to bind to the principal
- group string
- group is the group, as seen by the kubernetes cluster.
- labels {[key: string]: string}
- Optional. Labels for this RBACRolebinding.
- location string
- name string
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project string
- user string
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership_
id str - rbacrolebinding_
id str - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role
Role
Args - Role to bind to the principal
- group str
- group is the group, as seen by the kubernetes cluster.
- labels Mapping[str, str]
- Optional. Labels for this RBACRolebinding.
- location str
- name str
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project str
- user str
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
- membership
Id String - rbacrolebinding
Id String - Required. Client chosen ID for the RBACRoleBinding.
rbacrolebinding_id
must be a valid RFC 1123 compliant DNS label: 1. At most 63 characters in length 2. It must consist of lower case alphanumeric characters or-
3. It must start and end with an alphanumeric character Which can be expressed as the regex:[a-z0-9]([-a-z0-9]*[a-z0-9])?
, with a maximum length of 63 characters. - role Property Map
- Role to bind to the principal
- group String
- group is the group, as seen by the kubernetes cluster.
- labels Map<String>
- Optional. Labels for this RBACRolebinding.
- location String
- name String
- The resource name for the rbacrolebinding
projects/{project}/locations/{location}/scopes/{scope}/rbacrolebindings/{rbacrolebinding}
orprojects/{project}/locations/{location}/memberships/{membership}/rbacrolebindings/{rbacrolebinding}
- project String
- user String
- user is the name of the user as seen by the kubernetes cluster, example "alice" or "alice@domain.tld"
Outputs
All input properties are implicitly available as output properties. Additionally, the MembershipRbacRoleBinding resource produces the following output properties:
- Create
Time string - When the rbacrolebinding was created.
- Delete
Time string - When the rbacrolebinding was deleted.
- Id string
- The provider-assigned unique ID for this managed resource.
- State
Pulumi.
Google Native. GKEHub. V1Beta. Outputs. RBACRole Binding Lifecycle State Response - State of the rbacrolebinding resource.
- Uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- Update
Time string - When the rbacrolebinding was last updated.
- Create
Time string - When the rbacrolebinding was created.
- Delete
Time string - When the rbacrolebinding was deleted.
- Id string
- The provider-assigned unique ID for this managed resource.
- State
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- Uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- Update
Time string - When the rbacrolebinding was last updated.
- create
Time String - When the rbacrolebinding was created.
- delete
Time String - When the rbacrolebinding was deleted.
- id String
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid String
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time String - When the rbacrolebinding was last updated.
- create
Time string - When the rbacrolebinding was created.
- delete
Time string - When the rbacrolebinding was deleted.
- id string
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid string
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time string - When the rbacrolebinding was last updated.
- create_
time str - When the rbacrolebinding was created.
- delete_
time str - When the rbacrolebinding was deleted.
- id str
- The provider-assigned unique ID for this managed resource.
- state
RBACRole
Binding Lifecycle State Response - State of the rbacrolebinding resource.
- uid str
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update_
time str - When the rbacrolebinding was last updated.
- create
Time String - When the rbacrolebinding was created.
- delete
Time String - When the rbacrolebinding was deleted.
- id String
- The provider-assigned unique ID for this managed resource.
- state Property Map
- State of the rbacrolebinding resource.
- uid String
- Google-generated UUID for this resource. This is unique across all rbacrolebinding resources. If a rbacrolebinding resource is deleted and another resource with the same name is created, it gets a different uid.
- update
Time String - When the rbacrolebinding was last updated.
Supporting Types
RBACRoleBindingLifecycleStateResponse, RBACRoleBindingLifecycleStateResponseArgs
- Code string
- The current state of the rbacrolebinding resource.
- Code string
- The current state of the rbacrolebinding resource.
- code String
- The current state of the rbacrolebinding resource.
- code string
- The current state of the rbacrolebinding resource.
- code str
- The current state of the rbacrolebinding resource.
- code String
- The current state of the rbacrolebinding resource.
Role, RoleArgs
- Predefined
Role Pulumi.Google Native. GKEHub. V1Beta. Role Predefined Role - predefined_role is the Kubernetes default role to use
- Predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined_
role RolePredefined Role - predefined_role is the Kubernetes default role to use
- predefined
Role "UNKNOWN" | "ADMIN" | "EDIT" | "VIEW" | "ANTHOS_SUPPORT" - predefined_role is the Kubernetes default role to use
RolePredefinedRole, RolePredefinedRoleArgs
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Role
Predefined Role Unknown - UNKNOWNUNKNOWN
- Role
Predefined Role Admin - ADMINADMIN has EDIT and RBAC permissions
- Role
Predefined Role Edit - EDITEDIT can edit all resources except RBAC
- Role
Predefined Role View - VIEWVIEW can only read resources
- Role
Predefined Role Anthos Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- Unknown
- UNKNOWNUNKNOWN
- Admin
- ADMINADMIN has EDIT and RBAC permissions
- Edit
- EDITEDIT can edit all resources except RBAC
- View
- VIEWVIEW can only read resources
- Anthos
Support - ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- UNKNOWN
- UNKNOWNUNKNOWN
- ADMIN
- ADMINADMIN has EDIT and RBAC permissions
- EDIT
- EDITEDIT can edit all resources except RBAC
- VIEW
- VIEWVIEW can only read resources
- ANTHOS_SUPPORT
- ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
- "UNKNOWN"
- UNKNOWNUNKNOWN
- "ADMIN"
- ADMINADMIN has EDIT and RBAC permissions
- "EDIT"
- EDITEDIT can edit all resources except RBAC
- "VIEW"
- VIEWVIEW can only read resources
- "ANTHOS_SUPPORT"
- ANTHOS_SUPPORTANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.
RoleResponse, RoleResponseArgs
- Predefined
Role string - predefined_role is the Kubernetes default role to use
- Predefined
Role string - predefined_role is the Kubernetes default role to use
- predefined
Role String - predefined_role is the Kubernetes default role to use
- predefined
Role string - predefined_role is the Kubernetes default role to use
- predefined_
role str - predefined_role is the Kubernetes default role to use
- predefined
Role String - predefined_role is the Kubernetes default role to use
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.