import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * The DefaultObjectAccessControls resources represent the Access Control * Lists (ACLs) applied to a new object within a Google Cloud Storage bucket * when no ACL was provided for that object. ACLs let you specify who has * access to your bucket contents and to what extent. * * There are two roles that can be assigned to an entity: * * READERs can get an object, though the acl property will not be revealed. * OWNERs are READERs, and they can get the acl property, update an object, * and call all objectAccessControls methods on the object. The owner of an * object is always an OWNER. * For more information, see Access Control, with the caveat that this API * uses READER and OWNER instead of READ and FULL_CONTROL. * * To get more information about DefaultObjectAccessControl, see: * * * [API documentation](https://cloud.google.com/storage/docs/json_api/v1/defaultObjectAccessControls) * * How-to Guides * * [Official Documentation](https://cloud.google.com/storage/docs/access-control/create-manage-lists) * * ## Example Usage * * ### Storage Default Object Access Control Public * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const bucket = new gcp.storage.Bucket("bucket", { * name: "static-content-bucket", * location: "US", * }); * const publicRule = new gcp.storage.DefaultObjectAccessControl("public_rule", { * bucket: bucket.name, * role: "READER", * entity: "allUsers", * }); * ``` * * ## Import * * DefaultObjectAccessControl can be imported using any of these accepted formats: * * * `{{bucket}}/{{entity}}` * * When using the `pulumi import` command, DefaultObjectAccessControl can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:storage/defaultObjectAccessControl:DefaultObjectAccessControl default {{bucket}}/{{entity}} * ``` */ export declare class DefaultObjectAccessControl extends pulumi.CustomResource { /** * Get an existing DefaultObjectAccessControl resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: DefaultObjectAccessControlState, opts?: pulumi.CustomResourceOptions): DefaultObjectAccessControl; /** * Returns true if the given object is an instance of DefaultObjectAccessControl. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is DefaultObjectAccessControl; /** * The name of the bucket. */ readonly bucket: pulumi.Output; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ readonly deletionPolicy: pulumi.Output; /** * The domain associated with the entity. */ readonly domain: pulumi.Output; /** * The email address associated with the entity. */ readonly email: pulumi.Output; /** * The entity holding the permission, in one of the following forms: * * user-{{userId}} * * user-{{email}} (such as "user-liz@example.com") * * group-{{groupId}} * * group-{{email}} (such as "group-example@googlegroups.com") * * domain-{{domain}} (such as "domain-example.com") * * project-team-{{projectId}} * * allUsers * * allAuthenticatedUsers */ readonly entity: pulumi.Output; /** * The ID for the entity */ readonly entityId: pulumi.Output; /** * The content generation of the object, if applied to an object. */ readonly generation: pulumi.Output; /** * The name of the object, if applied to an object. */ readonly object: pulumi.Output; /** * The project team associated with the entity * Structure is documented below. */ readonly projectTeams: pulumi.Output; /** * The access permission for the entity. * Possible values are: `OWNER`, `READER`. */ readonly role: pulumi.Output; /** * Create a DefaultObjectAccessControl resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: DefaultObjectAccessControlArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering DefaultObjectAccessControl resources. */ export interface DefaultObjectAccessControlState { /** * The name of the bucket. */ bucket?: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * The domain associated with the entity. */ domain?: pulumi.Input; /** * The email address associated with the entity. */ email?: pulumi.Input; /** * The entity holding the permission, in one of the following forms: * * user-{{userId}} * * user-{{email}} (such as "user-liz@example.com") * * group-{{groupId}} * * group-{{email}} (such as "group-example@googlegroups.com") * * domain-{{domain}} (such as "domain-example.com") * * project-team-{{projectId}} * * allUsers * * allAuthenticatedUsers */ entity?: pulumi.Input; /** * The ID for the entity */ entityId?: pulumi.Input; /** * The content generation of the object, if applied to an object. */ generation?: pulumi.Input; /** * The name of the object, if applied to an object. */ object?: pulumi.Input; /** * The project team associated with the entity * Structure is documented below. */ projectTeams?: pulumi.Input[] | undefined>; /** * The access permission for the entity. * Possible values are: `OWNER`, `READER`. */ role?: pulumi.Input; } /** * The set of arguments for constructing a DefaultObjectAccessControl resource. */ export interface DefaultObjectAccessControlArgs { /** * The name of the bucket. */ bucket: pulumi.Input; /** * Whether Terraform will be prevented from destroying the resource. Defaults to DELETE. * When a 'terraform destroy' or 'pulumi up' would delete the resource, * the command will fail if this field is set to "PREVENT" in Terraform state. * When set to "ABANDON", the command will remove the resource from Terraform * management without updating or deleting the resource in the API. * When set to "DELETE", deleting the resource is allowed. */ deletionPolicy?: pulumi.Input; /** * The entity holding the permission, in one of the following forms: * * user-{{userId}} * * user-{{email}} (such as "user-liz@example.com") * * group-{{groupId}} * * group-{{email}} (such as "group-example@googlegroups.com") * * domain-{{domain}} (such as "domain-example.com") * * project-team-{{projectId}} * * allUsers * * allAuthenticatedUsers */ entity: pulumi.Input; /** * The name of the object, if applied to an object. */ object?: pulumi.Input; /** * The access permission for the entity. * Possible values are: `OWNER`, `READER`. */ role: pulumi.Input; } //# sourceMappingURL=defaultObjectAccessControl.d.ts.map