forked from hashicorp/terraform-provider-google
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for google_storage_object_access_control (hashicorp#2256)
- Loading branch information
1 parent
260e8dc
commit a18a475
Showing
1 changed file
with
138 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,138 @@ | ||
| --- | ||
| # ---------------------------------------------------------------------------- | ||
| # | ||
| # *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** | ||
| # | ||
| # ---------------------------------------------------------------------------- | ||
| # | ||
| # This file is automatically generated by Magic Modules and manual | ||
| # changes will be clobbered when the file is regenerated. | ||
| # | ||
| # Please read more about how to change this file in | ||
| # .github/CONTRIBUTING.md. | ||
| # | ||
| # ---------------------------------------------------------------------------- | ||
| layout: "google" | ||
| page_title: "Google: google_storage_object_access_control" | ||
| sidebar_current: "docs-google-storage-object-access-control" | ||
| description: |- | ||
| The ObjectAccessControls resources represent the Access Control Lists | ||
| (ACLs) for objects within Google Cloud Storage. | ||
| --- | ||
|
|
||
| # google\_storage\_object\_access\_control | ||
|
|
||
| The ObjectAccessControls resources represent the Access Control Lists | ||
| (ACLs) for objects within Google Cloud Storage. ACLs let you specify | ||
| who has access to your data and to what extent. | ||
|
|
||
| There are two roles that can be assigned to an entity: | ||
|
|
||
| READERs can get an object, though the acl property will not be revealed. | ||
| OWNERs are READERs, and they can get the acl property, update an object, | ||
| and call all objectAccessControls methods on the object. The owner of an | ||
| object is always an OWNER. | ||
| For more information, see Access Control, with the caveat that this API | ||
| uses READER and OWNER instead of READ and FULL_CONTROL. | ||
|
|
||
|
|
||
| To get more information about ObjectAccessControl, see: | ||
|
|
||
| * [API documentation](https://cloud.google.com/storage/docs/json_api/v1/objectAccessControls) | ||
| * How-to Guides | ||
| * [Official Documentation](https://cloud.google.com/storage/docs/access-control/create-manage-lists) | ||
|
|
||
| ## Example Usage | ||
|
|
||
| ```hcl | ||
| resource "google_storage_object_access_control" "public_rule" { | ||
| object = "${google_storage_bucket_object.object.name}" | ||
| bucket = "${google_storage_bucket.bucket.name}" | ||
| role = "READER" | ||
| entity = "allUsers" | ||
| } | ||
| resource "google_storage_bucket" "bucket" { | ||
| name = "static-content-bucket" | ||
| } | ||
| resource "google_storage_bucket_object" "object" { | ||
| name = "public-object" | ||
| bucket = "${google_storage_bucket.bucket.name}" | ||
| source = "../static/img/header-logo.jpg" | ||
| } | ||
| ``` | ||
|
|
||
| ## Argument Reference | ||
|
|
||
| The following arguments are supported: | ||
|
|
||
|
|
||
| * `bucket` - | ||
| (Required) | ||
| The name of the bucket. | ||
|
|
||
| * `entity` - | ||
| (Required) | ||
| The entity holding the permission, in one of the following forms: | ||
| * user-{{userId}} | ||
| * user-{{email}} (such as "[email protected]") | ||
| * group-{{groupId}} | ||
| * group-{{email}} (such as "[email protected]") | ||
| * domain-{{domain}} (such as "domain-example.com") | ||
| * project-team-{{projectId}} | ||
| * allUsers | ||
| * allAuthenticatedUsers | ||
|
|
||
| * `object` - | ||
| (Required) | ||
| The name of the object to apply the access control to. | ||
|
|
||
| * `role` - | ||
| (Required) | ||
| The access permission for the entity. | ||
|
|
||
|
|
||
| - - - | ||
|
|
||
|
|
||
|
|
||
| ## Attributes Reference | ||
|
|
||
| In addition to the arguments listed above, the following computed attributes are exported: | ||
|
|
||
|
|
||
| * `domain` - | ||
| The domain associated with the entity. | ||
|
|
||
| * `email` - | ||
| The email address associated with the entity. | ||
|
|
||
| * `entity_id` - | ||
| The ID for the entity | ||
|
|
||
| * `generation` - | ||
| The content generation of the object, if applied to an object. | ||
|
|
||
| * `project_team` - | ||
| The project team associated with the entity Structure is documented below. | ||
|
|
||
|
|
||
| The `project_team` block contains: | ||
|
|
||
| * `project_number` - | ||
| (Optional) | ||
| The project team associated with the entity | ||
|
|
||
| * `team` - | ||
| (Optional) | ||
| The team. | ||
|
|
||
|
|
||
| ## Import | ||
|
|
||
| ObjectAccessControl can be imported using any of these accepted formats: | ||
|
|
||
| ``` | ||
| $ terraform import google_storage_object_access_control.default {{bucket}}/{{object}}/{{entity}} | ||
| ``` |