Package com.pulumi.gcp.dataproc
Class JobIAMBinding
- java.lang.Object
-
- com.pulumi.resources.Resource
-
- com.pulumi.resources.CustomResource
-
- com.pulumi.gcp.dataproc.JobIAMBinding
-
public class JobIAMBinding extends com.pulumi.resources.CustomResourceThree different resources help you manage IAM policies on dataproc jobs. Each of these resources serves a different use case: * `gcp.dataproc.JobIAMPolicy`: Authoritative. Sets the IAM policy for the job and replaces any existing policy already attached. * `gcp.dataproc.JobIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the job are preserved. * `gcp.dataproc.JobIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the job are preserved. > **Note:** `gcp.dataproc.JobIAMPolicy` **cannot** be used in conjunction with `gcp.dataproc.JobIAMBinding` and `gcp.dataproc.JobIAMMember` or they will fight over what your policy should be. In addition, be careful not to accidentally unset ownership of the job as `gcp.dataproc.JobIAMPolicy` replaces the entire policy. > **Note:** `gcp.dataproc.JobIAMBinding` resources **can be** used in conjunction with `gcp.dataproc.JobIAMMember` resources **only if** they do not grant privilege to the same role. ## google\_dataproc\_job\_iam\_policy ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.organizations.OrganizationsFunctions; import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs; import com.pulumi.gcp.dataproc.JobIAMPolicy; import com.pulumi.gcp.dataproc.JobIAMPolicyArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder() .bindings(GetIAMPolicyBindingArgs.builder() .role("roles/editor") .members("user:[email protected]") .build()) .build()); var editor = new JobIAMPolicy("editor", JobIAMPolicyArgs.builder() .project("your-project") .region("your-region") .jobId("your-dataproc-job") .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData())) .build()); } } ``` ## google\_dataproc\_job\_iam\_binding ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.dataproc.JobIAMBinding; import com.pulumi.gcp.dataproc.JobIAMBindingArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var editor = new JobIAMBinding("editor", JobIAMBindingArgs.builder() .jobId("your-dataproc-job") .members("user:[email protected]") .role("roles/editor") .build()); } } ``` ## google\_dataproc\_job\_iam\_member ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.dataproc.JobIAMMember; import com.pulumi.gcp.dataproc.JobIAMMemberArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var editor = new JobIAMMember("editor", JobIAMMemberArgs.builder() .jobId("your-dataproc-job") .member("user:[email protected]") .role("roles/editor") .build()); } } ``` ## Import Job IAM resources can be imported using the project, region, job id, role and/or member. ```sh $ pulumi import gcp:dataproc/jobIAMBinding:JobIAMBinding editor "projects/{project}/regions/{region}/jobs/{job_id}" ``` ```sh $ pulumi import gcp:dataproc/jobIAMBinding:JobIAMBinding editor "projects/{project}/regions/{region}/jobs/{job_id} roles/editor" ``` ```sh $ pulumi import gcp:dataproc/jobIAMBinding:JobIAMBinding editor "projects/{project}/regions/{region}/jobs/{job_id} roles/editor user:[email protected]" ``` -> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.
-
-
Constructor Summary
Constructors Constructor Description JobIAMBinding(java.lang.String name)JobIAMBinding(java.lang.String name, JobIAMBindingArgs args)JobIAMBinding(java.lang.String name, JobIAMBindingArgs args, com.pulumi.resources.CustomResourceOptions options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description com.pulumi.core.Output<java.util.Optional<JobIAMBindingCondition>>condition()com.pulumi.core.Output<java.lang.String>etag()static JobIAMBindingget(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, JobIAMBindingState state, com.pulumi.resources.CustomResourceOptions options)Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.com.pulumi.core.Output<java.lang.String>jobId()com.pulumi.core.Output<java.util.List<java.lang.String>>members()com.pulumi.core.Output<java.lang.String>project()com.pulumi.core.Output<java.lang.String>region()com.pulumi.core.Output<java.lang.String>role()
-
-
-
Constructor Detail
-
JobIAMBinding
public JobIAMBinding(java.lang.String name)
- Parameters:
name- The _unique_ name of the resulting resource.
-
JobIAMBinding
public JobIAMBinding(java.lang.String name, JobIAMBindingArgs args)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.
-
JobIAMBinding
public JobIAMBinding(java.lang.String name, JobIAMBindingArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.options- A bag of options that control this resource's behavior.
-
-
Method Detail
-
condition
public com.pulumi.core.Output<java.util.Optional<JobIAMBindingCondition>> condition()
-
etag
public com.pulumi.core.Output<java.lang.String> etag()
- Returns:
- (Computed) The etag of the jobs's IAM policy.
-
jobId
public com.pulumi.core.Output<java.lang.String> jobId()
-
members
public com.pulumi.core.Output<java.util.List<java.lang.String>> members()
-
project
public com.pulumi.core.Output<java.lang.String> project()
- Returns:
- The project in which the job belongs. If it is not provided, the provider will use a default.
-
region
public com.pulumi.core.Output<java.lang.String> region()
- Returns:
- The region in which the job belongs. If it is not provided, the provider will use a default.
-
role
public com.pulumi.core.Output<java.lang.String> role()
- Returns:
- The role that should be applied. Only one `gcp.dataproc.JobIAMBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`. `gcp.dataproc.JobIAMPolicy` only:
-
get
public static JobIAMBinding get(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, @Nullable JobIAMBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options)
Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.- Parameters:
name- The _unique_ name of the resulting resource.id- The _unique_ provider ID of the resource to lookup.state-options- Optional settings to control the behavior of the CustomResource.
-
-