mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-07-08 19:18:30 +00:00
151 lines
4.7 KiB
Markdown
151 lines
4.7 KiB
Markdown
---
|
|
# ----------------------------------------------------------------------------
|
|
#
|
|
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
|
|
#
|
|
# ----------------------------------------------------------------------------
|
|
#
|
|
# This file is automatically generated by Magic Modules and manual
|
|
# changes will be clobbered when the file is regenerated.
|
|
#
|
|
# Please read more about how to change this file in
|
|
# .github/CONTRIBUTING.md.
|
|
#
|
|
# ----------------------------------------------------------------------------
|
|
layout: "google"
|
|
page_title: "Google: google_storage_default_object_access_control"
|
|
sidebar_current: "docs-google-storage-default-object-access-control"
|
|
description: |-
|
|
The DefaultObjectAccessControls resources represent the Access Control
|
|
Lists (ACLs) applied to a new object within a Google Cloud Storage bucket
|
|
when no ACL was provided for that object.
|
|
---
|
|
|
|
# google\_storage\_default\_object\_access\_control
|
|
|
|
The DefaultObjectAccessControls resources represent the Access Control
|
|
Lists (ACLs) applied to a new object within a Google Cloud Storage bucket
|
|
when no ACL was provided for that object. ACLs let you specify who has
|
|
access to your bucket contents and to what extent.
|
|
|
|
There are two roles that can be assigned to an entity:
|
|
|
|
READERs can get an object, though the acl property will not be revealed.
|
|
OWNERs are READERs, and they can get the acl property, update an object,
|
|
and call all objectAccessControls methods on the object. The owner of an
|
|
object is always an OWNER.
|
|
For more information, see Access Control, with the caveat that this API
|
|
uses READER and OWNER instead of READ and FULL_CONTROL.
|
|
|
|
|
|
To get more information about DefaultObjectAccessControl, see:
|
|
|
|
* [API documentation](https://cloud.google.com/storage/docs/json_api/v1/defaultObjectAccessControls)
|
|
* How-to Guides
|
|
* [Official Documentation](https://cloud.google.com/storage/docs/access-control/create-manage-lists)
|
|
|
|
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
|
|
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=storage_default_object_access_control_public&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
|
|
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
|
|
</a>
|
|
</div>
|
|
## Example Usage - Storage Default Object Access Control Public
|
|
|
|
|
|
```hcl
|
|
resource "google_storage_default_object_access_control" "public_rule" {
|
|
bucket = "${google_storage_bucket.bucket.name}"
|
|
role = "READER"
|
|
entity = "allUsers"
|
|
}
|
|
|
|
resource "google_storage_bucket" "bucket" {
|
|
name = "static-content-bucket"
|
|
}
|
|
```
|
|
|
|
## Argument Reference
|
|
|
|
The following arguments are supported:
|
|
|
|
|
|
* `bucket` -
|
|
(Required)
|
|
The name of the bucket.
|
|
|
|
* `entity` -
|
|
(Required)
|
|
The entity holding the permission, in one of the following forms:
|
|
* user-{{userId}}
|
|
* user-{{email}} (such as "user-liz@example.com")
|
|
* group-{{groupId}}
|
|
* group-{{email}} (such as "group-example@googlegroups.com")
|
|
* domain-{{domain}} (such as "domain-example.com")
|
|
* project-team-{{projectId}}
|
|
* allUsers
|
|
* allAuthenticatedUsers
|
|
|
|
* `role` -
|
|
(Required)
|
|
The access permission for the entity.
|
|
|
|
|
|
- - -
|
|
|
|
|
|
* `object` -
|
|
(Optional)
|
|
The name of the object, if applied to an object.
|
|
|
|
|
|
## Attributes Reference
|
|
|
|
In addition to the arguments listed above, the following computed attributes are exported:
|
|
|
|
|
|
* `domain` -
|
|
The domain associated with the entity.
|
|
|
|
* `email` -
|
|
The email address associated with the entity.
|
|
|
|
* `entity_id` -
|
|
The ID for the entity
|
|
|
|
* `generation` -
|
|
The content generation of the object, if applied to an object.
|
|
|
|
* `project_team` -
|
|
The project team associated with the entity Structure is documented below.
|
|
|
|
|
|
The `project_team` block contains:
|
|
|
|
* `project_number` -
|
|
(Optional)
|
|
The project team associated with the entity
|
|
|
|
* `team` -
|
|
(Optional)
|
|
The team.
|
|
|
|
## Timeouts
|
|
|
|
This resource provides the following
|
|
[Timeouts](/docs/configuration/resources.html#timeouts) configuration options:
|
|
|
|
- `create` - Default is 4 minutes.
|
|
- `update` - Default is 4 minutes.
|
|
- `delete` - Default is 4 minutes.
|
|
|
|
## Import
|
|
|
|
DefaultObjectAccessControl can be imported using any of these accepted formats:
|
|
|
|
```
|
|
$ terraform import google_storage_default_object_access_control.default {{bucket}}/{{entity}}
|
|
```
|
|
|
|
-> If you're importing a resource with beta features, make sure to include `-provider=google-beta`
|
|
as an argument so that Terraform uses the correct provider to import your resource.
|