import * as pulumi from "@pulumi/pulumi"; /** * Represents an OAuth Client. Used to access Google Cloud resources on behalf of a * Workforce Identity Federation user by using OAuth 2.0 Protocol to obtain an access * token from Google Cloud. * * To get more information about OauthClient, see: * * * [API documentation](https://cloud.google.com/iam/docs/reference/rest/v1/projects.locations.oauthClients) * * How-to Guides * * [Managing OAuth clients](https://cloud.google.com/iam/docs/workforce-manage-oauth-app#manage-clients) * * ## Example Usage * * ### Iam Oauth Client Full * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const example = new gcp.iam.OauthClient("example", { * oauthClientId: "example-client-id", * displayName: "Display Name of OAuth client", * description: "A sample OAuth client", * location: "global", * disabled: false, * allowedGrantTypes: ["AUTHORIZATION_CODE_GRANT"], * allowedRedirectUris: ["https://www.example.com"], * allowedScopes: ["https://www.googleapis.com/auth/cloud-platform"], * clientType: "CONFIDENTIAL_CLIENT", * }); * ``` * * ## Import * * OauthClient can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/{{location}}/oauthClients/{{oauth_client_id}}` * * `{{project}}/{{location}}/{{oauth_client_id}}` * * `{{location}}/{{oauth_client_id}}` * * When using the `pulumi import` command, OauthClient can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:iam/oauthClient:OauthClient default projects/{{project}}/locations/{{location}}/oauthClients/{{oauth_client_id}} * $ pulumi import gcp:iam/oauthClient:OauthClient default {{project}}/{{location}}/{{oauth_client_id}} * $ pulumi import gcp:iam/oauthClient:OauthClient default {{location}}/{{oauth_client_id}} * ``` */ export declare class OauthClient extends pulumi.CustomResource { /** * Get an existing OauthClient resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: OauthClientState, opts?: pulumi.CustomResourceOptions): OauthClient; /** * Returns true if the given object is an instance of OauthClient. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is OauthClient; /** * Required. The list of OAuth grant types is allowed for the OauthClient. */ readonly allowedGrantTypes: pulumi.Output; /** * Required. The list of redirect uris that is allowed to redirect back * when authorization process is completed. */ readonly allowedRedirectUris: pulumi.Output; /** * Required. The list of scopes that the OauthClient is allowed to request during * OAuth flows. * The following scopes are supported: * * `https://www.googleapis.com/auth/cloud-platform`: See, edit, configure, * and delete your Google Cloud data and see the email address for your Google * Account. */ readonly allowedScopes: pulumi.Output; /** * Output only. The system-generated OauthClient id. */ readonly clientId: pulumi.Output; /** * Immutable. The type of OauthClient. Either public or private. * For private clients, the client secret can be managed using the dedicated * OauthClientCredential resource. * Possible values: * CLIENT_TYPE_UNSPECIFIED * PUBLIC_CLIENT * CONFIDENTIAL_CLIENT */ readonly clientType: pulumi.Output; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ readonly deletionPolicy: pulumi.Output; /** * A user-specified description of the OauthClient. * Cannot exceed 256 characters. */ readonly description: pulumi.Output; /** * Whether the OauthClient is disabled. You cannot use a disabled OAuth * client. */ readonly disabled: pulumi.Output; /** * A user-specified display name of the OauthClient. * Cannot exceed 32 characters. */ readonly displayName: pulumi.Output; /** * Time after which the OauthClient will be permanently purged and cannot * be recovered. */ readonly expireTime: pulumi.Output; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ readonly location: pulumi.Output; /** * Immutable. Identifier. The resource name of the OauthClient. * Format:`projects/{project}/locations/{location}/oauthClients/{oauth_client}`. */ readonly name: pulumi.Output; /** * Required. The ID to use for the OauthClient, which becomes the final component of * the resource name. This value should be a string of 6 to 63 lowercase * letters, digits, or hyphens. It must start with a letter, and cannot have a * trailing hyphen. The prefix `gcp-` is reserved for use by Google, and may * not be specified. */ readonly oauthClientId: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * The state of the OauthClient. * Possible values: * STATE_UNSPECIFIED * ACTIVE * DELETED */ readonly state: pulumi.Output; /** * Create a OauthClient resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: OauthClientArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering OauthClient resources. */ export interface OauthClientState { /** * Required. The list of OAuth grant types is allowed for the OauthClient. */ allowedGrantTypes?: pulumi.Input[] | undefined>; /** * Required. The list of redirect uris that is allowed to redirect back * when authorization process is completed. */ allowedRedirectUris?: pulumi.Input[] | undefined>; /** * Required. The list of scopes that the OauthClient is allowed to request during * OAuth flows. * The following scopes are supported: * * `https://www.googleapis.com/auth/cloud-platform`: See, edit, configure, * and delete your Google Cloud data and see the email address for your Google * Account. */ allowedScopes?: pulumi.Input[] | undefined>; /** * Output only. The system-generated OauthClient id. */ clientId?: pulumi.Input; /** * Immutable. The type of OauthClient. Either public or private. * For private clients, the client secret can be managed using the dedicated * OauthClientCredential resource. * Possible values: * CLIENT_TYPE_UNSPECIFIED * PUBLIC_CLIENT * CONFIDENTIAL_CLIENT */ clientType?: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * A user-specified description of the OauthClient. * Cannot exceed 256 characters. */ description?: pulumi.Input; /** * Whether the OauthClient is disabled. You cannot use a disabled OAuth * client. */ disabled?: pulumi.Input; /** * A user-specified display name of the OauthClient. * Cannot exceed 32 characters. */ displayName?: pulumi.Input; /** * Time after which the OauthClient will be permanently purged and cannot * be recovered. */ expireTime?: pulumi.Input; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ location?: pulumi.Input; /** * Immutable. Identifier. The resource name of the OauthClient. * Format:`projects/{project}/locations/{location}/oauthClients/{oauth_client}`. */ name?: pulumi.Input; /** * Required. The ID to use for the OauthClient, which becomes the final component of * the resource name. This value should be a string of 6 to 63 lowercase * letters, digits, or hyphens. It must start with a letter, and cannot have a * trailing hyphen. The prefix `gcp-` is reserved for use by Google, and may * not be specified. */ oauthClientId?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * The state of the OauthClient. * Possible values: * STATE_UNSPECIFIED * ACTIVE * DELETED */ state?: pulumi.Input; } /** * The set of arguments for constructing a OauthClient resource. */ export interface OauthClientArgs { /** * Required. The list of OAuth grant types is allowed for the OauthClient. */ allowedGrantTypes: pulumi.Input[]>; /** * Required. The list of redirect uris that is allowed to redirect back * when authorization process is completed. */ allowedRedirectUris: pulumi.Input[]>; /** * Required. The list of scopes that the OauthClient is allowed to request during * OAuth flows. * The following scopes are supported: * * `https://www.googleapis.com/auth/cloud-platform`: See, edit, configure, * and delete your Google Cloud data and see the email address for your Google * Account. */ allowedScopes: pulumi.Input[]>; /** * Immutable. The type of OauthClient. Either public or private. * For private clients, the client secret can be managed using the dedicated * OauthClientCredential resource. * Possible values: * CLIENT_TYPE_UNSPECIFIED * PUBLIC_CLIENT * CONFIDENTIAL_CLIENT */ clientType?: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * A user-specified description of the OauthClient. * Cannot exceed 256 characters. */ description?: pulumi.Input; /** * Whether the OauthClient is disabled. You cannot use a disabled OAuth * client. */ disabled?: pulumi.Input; /** * A user-specified display name of the OauthClient. * Cannot exceed 32 characters. */ displayName?: pulumi.Input; /** * Resource ID segment making up resource `name`. It identifies the resource within its parent collection as described in https://google.aip.dev/122. */ location: pulumi.Input; /** * Required. The ID to use for the OauthClient, which becomes the final component of * the resource name. This value should be a string of 6 to 63 lowercase * letters, digits, or hyphens. It must start with a letter, and cannot have a * trailing hyphen. The prefix `gcp-` is reserved for use by Google, and may * not be specified. */ oauthClientId: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; } //# sourceMappingURL=oauthClient.d.ts.map