public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-03 08:42:39 +00:00
Code Issues Projects Releases Wiki Activity

Add explanation for member field (#809)

Browse Source
This commit is contained in:
Vincent Roseberry 2017-11-30 09:10:24 -08:00 committed by GitHub
parent 79573e2469
commit aff87e976c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
website/docs/d/google_iam_policy.html.markdown
View File

@ -26,7 +26,7 @@ data "google_iam_policy" "admin" {
role = "roles/storage.objectViewer"
members = [
"user:evanbrown@google.com",
"user:jane@example.com",
]
}
}
@ -53,11 +53,15 @@ each accept the following arguments:
* `role` (Required) - The role/permission that will be granted to the members.
See the [IAM Roles](https://cloud.google.com/compute/docs/access/iam) documentation for a complete list of roles.
* `members` (Required) - An array of users/principals that will be granted
the privilege in the `role`. For a human user, prefix the user's e-mail
address with `user:` (e.g., `user:evandbrown@gmail.com`). For a service
account, prefix the service account e-mail address with `serviceAccount:`
(e.g., `serviceAccount:your-service-account@your-project.iam.gserviceaccount.com`).
* `members` (Required) - An array of identites that will be granted the privilege in the `role`.
Each entry can have one of the following values:
* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
* **domain:{domain}**: A Google Apps domain name that represents all the users of that domain. For example, google.com or example.com.
## Attributes Reference

9
website/docs/r/google_project_iam_binding.html.markdown
View File

@ -32,7 +32,14 @@ resource "google_project_iam_binding" "project" {
The following arguments are supported:
* `members` - (Required) A list of users that the role should apply to.
* `members` (Required) - An array of identites that will be granted the privilege in the `role`.
Each entry can have one of the following values:
* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
* **domain:{domain}**: A Google Apps domain name that represents all the users of that domain. For example, google.com or example.com.
* `role` - (Required) The role that should be applied. Only one
`google_project_iam_binding` can be used per role.

9
website/docs/r/google_project_iam_member.html.markdown
View File

@ -30,7 +30,14 @@ resource "google_project_iam_member" "project" {
The following arguments are supported:
* `member` - (Required) The user that the role should apply to.
* `member` - (Required) The identity that will be granted the privilege in the `role`.
This field can have one of the following values:
* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
* **domain:{domain}**: A Google Apps domain name that represents all the users of that domain. For example, google.com or example.com.
* `role` - (Required) The role that should be applied.