1. Packages
  2. Control Plane (cpln)
  3. API Docs
  4. Policy
Control Plane v0.0.39 published on Saturday, Sep 28, 2024 by pulumiverse

cpln.Policy

Explore with Pulumi AI

cpln logo
Control Plane v0.0.39 published on Saturday, Sep 28, 2024 by pulumiverse

    Create Policy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Policy(name: string, args: PolicyArgs, opts?: CustomResourceOptions);
    @overload
    def Policy(resource_name: str,
               args: PolicyArgs,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Policy(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               target_kind: Optional[str] = None,
               bindings: Optional[Sequence[PolicyBindingArgs]] = None,
               description: Optional[str] = None,
               gvc: Optional[str] = None,
               name: Optional[str] = None,
               tags: Optional[Mapping[str, str]] = None,
               target: Optional[str] = None,
               target_links: Optional[Sequence[str]] = None,
               target_query: Optional[PolicyTargetQueryArgs] = None)
    func NewPolicy(ctx *Context, name string, args PolicyArgs, opts ...ResourceOption) (*Policy, error)
    public Policy(string name, PolicyArgs args, CustomResourceOptions? opts = null)
    public Policy(String name, PolicyArgs args)
    public Policy(String name, PolicyArgs args, CustomResourceOptions options)
    
    type: cpln:Policy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args PolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var policyResource = new Cpln.Policy("policyResource", new()
    {
        TargetKind = "string",
        Bindings = new[]
        {
            new Cpln.Inputs.PolicyBindingArgs
            {
                Permissions = new[]
                {
                    "string",
                },
                PrincipalLinks = new[]
                {
                    "string",
                },
            },
        },
        Description = "string",
        Gvc = "string",
        Name = "string",
        Tags = 
        {
            { "string", "string" },
        },
        Target = "string",
        TargetLinks = new[]
        {
            "string",
        },
        TargetQuery = new Cpln.Inputs.PolicyTargetQueryArgs
        {
            Fetch = "string",
            Spec = new Cpln.Inputs.PolicyTargetQuerySpecArgs
            {
                Match = "string",
                Terms = new[]
                {
                    new Cpln.Inputs.PolicyTargetQuerySpecTermArgs
                    {
                        Op = "string",
                        Property = "string",
                        Rel = "string",
                        Tag = "string",
                        Value = "string",
                    },
                },
            },
        },
    });
    
    example, err := cpln.NewPolicy(ctx, "policyResource", &cpln.PolicyArgs{
    	TargetKind: pulumi.String("string"),
    	Bindings: cpln.PolicyBindingArray{
    		&cpln.PolicyBindingArgs{
    			Permissions: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			PrincipalLinks: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	Description: pulumi.String("string"),
    	Gvc:         pulumi.String("string"),
    	Name:        pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Target: pulumi.String("string"),
    	TargetLinks: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	TargetQuery: &cpln.PolicyTargetQueryArgs{
    		Fetch: pulumi.String("string"),
    		Spec: &cpln.PolicyTargetQuerySpecArgs{
    			Match: pulumi.String("string"),
    			Terms: cpln.PolicyTargetQuerySpecTermArray{
    				&cpln.PolicyTargetQuerySpecTermArgs{
    					Op:       pulumi.String("string"),
    					Property: pulumi.String("string"),
    					Rel:      pulumi.String("string"),
    					Tag:      pulumi.String("string"),
    					Value:    pulumi.String("string"),
    				},
    			},
    		},
    	},
    })
    
    var policyResource = new Policy("policyResource", PolicyArgs.builder()
        .targetKind("string")
        .bindings(PolicyBindingArgs.builder()
            .permissions("string")
            .principalLinks("string")
            .build())
        .description("string")
        .gvc("string")
        .name("string")
        .tags(Map.of("string", "string"))
        .target("string")
        .targetLinks("string")
        .targetQuery(PolicyTargetQueryArgs.builder()
            .fetch("string")
            .spec(PolicyTargetQuerySpecArgs.builder()
                .match("string")
                .terms(PolicyTargetQuerySpecTermArgs.builder()
                    .op("string")
                    .property("string")
                    .rel("string")
                    .tag("string")
                    .value("string")
                    .build())
                .build())
            .build())
        .build());
    
    policy_resource = cpln.Policy("policyResource",
        target_kind="string",
        bindings=[cpln.PolicyBindingArgs(
            permissions=["string"],
            principal_links=["string"],
        )],
        description="string",
        gvc="string",
        name="string",
        tags={
            "string": "string",
        },
        target="string",
        target_links=["string"],
        target_query=cpln.PolicyTargetQueryArgs(
            fetch="string",
            spec=cpln.PolicyTargetQuerySpecArgs(
                match="string",
                terms=[cpln.PolicyTargetQuerySpecTermArgs(
                    op="string",
                    property="string",
                    rel="string",
                    tag="string",
                    value="string",
                )],
            ),
        ))
    
    const policyResource = new cpln.Policy("policyResource", {
        targetKind: "string",
        bindings: [{
            permissions: ["string"],
            principalLinks: ["string"],
        }],
        description: "string",
        gvc: "string",
        name: "string",
        tags: {
            string: "string",
        },
        target: "string",
        targetLinks: ["string"],
        targetQuery: {
            fetch: "string",
            spec: {
                match: "string",
                terms: [{
                    op: "string",
                    property: "string",
                    rel: "string",
                    tag: "string",
                    value: "string",
                }],
            },
        },
    });
    
    type: cpln:Policy
    properties:
        bindings:
            - permissions:
                - string
              principalLinks:
                - string
        description: string
        gvc: string
        name: string
        tags:
            string: string
        target: string
        targetKind: string
        targetLinks:
            - string
        targetQuery:
            fetch: string
            spec:
                match: string
                terms:
                    - op: string
                      property: string
                      rel: string
                      tag: string
                      value: string
    

    Policy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Policy resource accepts the following input properties:

    TargetKind string
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    Bindings List<Pulumiverse.Cpln.Inputs.PolicyBinding>
    The association between a target kind and the bound permissions to service principals.
    Description string
    Description of the Policy.
    Gvc string
    The GVC for identity, workload and volumeset target kinds only.
    Name string
    Name of the Policy.
    Tags Dictionary<string, string>
    Key-value map of resource tags.
    Target string
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    TargetLinks List<string>
    List of the targets this policy will be applied to. Not used if target is set to all.
    TargetQuery Pulumiverse.Cpln.Inputs.PolicyTargetQuery
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    TargetKind string
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    Bindings []PolicyBindingArgs
    The association between a target kind and the bound permissions to service principals.
    Description string
    Description of the Policy.
    Gvc string
    The GVC for identity, workload and volumeset target kinds only.
    Name string
    Name of the Policy.
    Tags map[string]string
    Key-value map of resource tags.
    Target string
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    TargetLinks []string
    List of the targets this policy will be applied to. Not used if target is set to all.
    TargetQuery PolicyTargetQueryArgs
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    targetKind String
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    bindings List<PolicyBinding>
    The association between a target kind and the bound permissions to service principals.
    description String
    Description of the Policy.
    gvc String
    The GVC for identity, workload and volumeset target kinds only.
    name String
    Name of the Policy.
    tags Map<String,String>
    Key-value map of resource tags.
    target String
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    targetLinks List<String>
    List of the targets this policy will be applied to. Not used if target is set to all.
    targetQuery PolicyTargetQuery
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    targetKind string
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    bindings PolicyBinding[]
    The association between a target kind and the bound permissions to service principals.
    description string
    Description of the Policy.
    gvc string
    The GVC for identity, workload and volumeset target kinds only.
    name string
    Name of the Policy.
    tags {[key: string]: string}
    Key-value map of resource tags.
    target string
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    targetLinks string[]
    List of the targets this policy will be applied to. Not used if target is set to all.
    targetQuery PolicyTargetQuery
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    target_kind str
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    bindings Sequence[PolicyBindingArgs]
    The association between a target kind and the bound permissions to service principals.
    description str
    Description of the Policy.
    gvc str
    The GVC for identity, workload and volumeset target kinds only.
    name str
    Name of the Policy.
    tags Mapping[str, str]
    Key-value map of resource tags.
    target str
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    target_links Sequence[str]
    List of the targets this policy will be applied to. Not used if target is set to all.
    target_query PolicyTargetQueryArgs
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    targetKind String
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    bindings List<Property Map>
    The association between a target kind and the bound permissions to service principals.
    description String
    Description of the Policy.
    gvc String
    The GVC for identity, workload and volumeset target kinds only.
    name String
    Name of the Policy.
    tags Map<String>
    Key-value map of resource tags.
    target String
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    targetLinks List<String>
    List of the targets this policy will be applied to. Not used if target is set to all.
    targetQuery Property Map
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:

    CplnId string
    The ID, in GUID format, of the Policy.
    Id string
    The provider-assigned unique ID for this managed resource.
    Origin string
    Origin of the Policy. Either builtin or default.
    SelfLink string
    Full link to this resource. Can be referenced by other resources.
    CplnId string
    The ID, in GUID format, of the Policy.
    Id string
    The provider-assigned unique ID for this managed resource.
    Origin string
    Origin of the Policy. Either builtin or default.
    SelfLink string
    Full link to this resource. Can be referenced by other resources.
    cplnId String
    The ID, in GUID format, of the Policy.
    id String
    The provider-assigned unique ID for this managed resource.
    origin String
    Origin of the Policy. Either builtin or default.
    selfLink String
    Full link to this resource. Can be referenced by other resources.
    cplnId string
    The ID, in GUID format, of the Policy.
    id string
    The provider-assigned unique ID for this managed resource.
    origin string
    Origin of the Policy. Either builtin or default.
    selfLink string
    Full link to this resource. Can be referenced by other resources.
    cpln_id str
    The ID, in GUID format, of the Policy.
    id str
    The provider-assigned unique ID for this managed resource.
    origin str
    Origin of the Policy. Either builtin or default.
    self_link str
    Full link to this resource. Can be referenced by other resources.
    cplnId String
    The ID, in GUID format, of the Policy.
    id String
    The provider-assigned unique ID for this managed resource.
    origin String
    Origin of the Policy. Either builtin or default.
    selfLink String
    Full link to this resource. Can be referenced by other resources.

    Look up Existing Policy Resource

    Get an existing Policy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: PolicyState, opts?: CustomResourceOptions): Policy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            bindings: Optional[Sequence[PolicyBindingArgs]] = None,
            cpln_id: Optional[str] = None,
            description: Optional[str] = None,
            gvc: Optional[str] = None,
            name: Optional[str] = None,
            origin: Optional[str] = None,
            self_link: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            target: Optional[str] = None,
            target_kind: Optional[str] = None,
            target_links: Optional[Sequence[str]] = None,
            target_query: Optional[PolicyTargetQueryArgs] = None) -> Policy
    func GetPolicy(ctx *Context, name string, id IDInput, state *PolicyState, opts ...ResourceOption) (*Policy, error)
    public static Policy Get(string name, Input<string> id, PolicyState? state, CustomResourceOptions? opts = null)
    public static Policy get(String name, Output<String> id, PolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Bindings List<Pulumiverse.Cpln.Inputs.PolicyBinding>
    The association between a target kind and the bound permissions to service principals.
    CplnId string
    The ID, in GUID format, of the Policy.
    Description string
    Description of the Policy.
    Gvc string
    The GVC for identity, workload and volumeset target kinds only.
    Name string
    Name of the Policy.
    Origin string
    Origin of the Policy. Either builtin or default.
    SelfLink string
    Full link to this resource. Can be referenced by other resources.
    Tags Dictionary<string, string>
    Key-value map of resource tags.
    Target string
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    TargetKind string
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    TargetLinks List<string>
    List of the targets this policy will be applied to. Not used if target is set to all.
    TargetQuery Pulumiverse.Cpln.Inputs.PolicyTargetQuery
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    Bindings []PolicyBindingArgs
    The association between a target kind and the bound permissions to service principals.
    CplnId string
    The ID, in GUID format, of the Policy.
    Description string
    Description of the Policy.
    Gvc string
    The GVC for identity, workload and volumeset target kinds only.
    Name string
    Name of the Policy.
    Origin string
    Origin of the Policy. Either builtin or default.
    SelfLink string
    Full link to this resource. Can be referenced by other resources.
    Tags map[string]string
    Key-value map of resource tags.
    Target string
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    TargetKind string
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    TargetLinks []string
    List of the targets this policy will be applied to. Not used if target is set to all.
    TargetQuery PolicyTargetQueryArgs
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    bindings List<PolicyBinding>
    The association between a target kind and the bound permissions to service principals.
    cplnId String
    The ID, in GUID format, of the Policy.
    description String
    Description of the Policy.
    gvc String
    The GVC for identity, workload and volumeset target kinds only.
    name String
    Name of the Policy.
    origin String
    Origin of the Policy. Either builtin or default.
    selfLink String
    Full link to this resource. Can be referenced by other resources.
    tags Map<String,String>
    Key-value map of resource tags.
    target String
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    targetKind String
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    targetLinks List<String>
    List of the targets this policy will be applied to. Not used if target is set to all.
    targetQuery PolicyTargetQuery
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    bindings PolicyBinding[]
    The association between a target kind and the bound permissions to service principals.
    cplnId string
    The ID, in GUID format, of the Policy.
    description string
    Description of the Policy.
    gvc string
    The GVC for identity, workload and volumeset target kinds only.
    name string
    Name of the Policy.
    origin string
    Origin of the Policy. Either builtin or default.
    selfLink string
    Full link to this resource. Can be referenced by other resources.
    tags {[key: string]: string}
    Key-value map of resource tags.
    target string
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    targetKind string
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    targetLinks string[]
    List of the targets this policy will be applied to. Not used if target is set to all.
    targetQuery PolicyTargetQuery
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    bindings Sequence[PolicyBindingArgs]
    The association between a target kind and the bound permissions to service principals.
    cpln_id str
    The ID, in GUID format, of the Policy.
    description str
    Description of the Policy.
    gvc str
    The GVC for identity, workload and volumeset target kinds only.
    name str
    Name of the Policy.
    origin str
    Origin of the Policy. Either builtin or default.
    self_link str
    Full link to this resource. Can be referenced by other resources.
    tags Mapping[str, str]
    Key-value map of resource tags.
    target str
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    target_kind str
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    target_links Sequence[str]
    List of the targets this policy will be applied to. Not used if target is set to all.
    target_query PolicyTargetQueryArgs
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.
    bindings List<Property Map>
    The association between a target kind and the bound permissions to service principals.
    cplnId String
    The ID, in GUID format, of the Policy.
    description String
    Description of the Policy.
    gvc String
    The GVC for identity, workload and volumeset target kinds only.
    name String
    Name of the Policy.
    origin String
    Origin of the Policy. Either builtin or default.
    selfLink String
    Full link to this resource. Can be referenced by other resources.
    tags Map<String>
    Key-value map of resource tags.
    target String
    Set this value of this attribute to all if this policy should target all objects of the given target_kind. Otherwise, do not include the attribute.
    targetKind String
    The kind of resource to target (e.g., gvc, serviceaccount, etc.).
    targetLinks List<String>
    List of the targets this policy will be applied to. Not used if target is set to all.
    targetQuery Property Map
    A defined set of criteria or conditions used to identify the target entities or resources to which the policy applies.

    Supporting Types

    PolicyBinding, PolicyBindingArgs

    Permissions List<string>
    PrincipalLinks List<string>
    Permissions []string
    PrincipalLinks []string
    permissions List<String>
    principalLinks List<String>
    permissions string[]
    principalLinks string[]
    permissions Sequence[str]
    principal_links Sequence[str]
    permissions List<String>
    principalLinks List<String>

    PolicyTargetQuery, PolicyTargetQueryArgs

    PolicyTargetQuerySpec, PolicyTargetQuerySpecArgs

    PolicyTargetQuerySpecTerm, PolicyTargetQuerySpecTermArgs

    Op string
    Property string
    Rel string
    Tag string
    Value string
    Op string
    Property string
    Rel string
    Tag string
    Value string
    op String
    property String
    rel String
    tag String
    value String
    op string
    property string
    rel string
    tag string
    value string
    op str
    property str
    rel str
    tag str
    value str
    op String
    property String
    rel String
    tag String
    value String

    Package Details

    Repository
    cpln pulumiverse/pulumi-cpln
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the cpln Terraform Provider.
    cpln logo
    Control Plane v0.0.39 published on Saturday, Sep 28, 2024 by pulumiverse