Allows management of a customized Cloud IAM project role. For more information see the official documentation and API.
This snippet creates a customized IAM role.
resource "google_project_iam_custom_role" "my-custom-role" { role_id = "myCustomRole" title = "My Custom Role" description = "A description" permissions = ["iam.roles.list", "iam.roles.create", "iam.roles.delete"] }
The following arguments are supported:
role_id
- (Required) The role id to use for this role.
title
- (Required) A human-readable title for the role.
permissions
(Required) The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified.
project
- (Optional) The project that the service account will be created in. Defaults to the provider project configuration.
stage
- (Optional) The current launch stage of the role. Defaults to GA
. List of possible stages is here.
description
- (Optional) A human-readable description for the role.
deleted
- (Optional) The current deleted state of the role. Defaults to false
.
Customized IAM project role can be imported using their URI, e.g.
$ terraform import google_project_iam_custom_role.my-custom-role projects/my-project/roles/myCustomRole
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/google/r/google_project_iam_custom_role.html