import * as pulumi from "@pulumi/pulumi"; /** * Allows management of a Google Cloud service account. * * * [API documentation](https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts) * * How-to Guides * * [Official Documentation](https://cloud.google.com/compute/docs/access/service-accounts) * * > **Warning:** If you delete and recreate a service account, you must reapply any IAM roles that it had before. * * > Creation of service accounts is eventually consistent, and that can lead to * errors when you try to apply ACLs to service accounts immediately after * creation. * * ## Example Usage * * This snippet creates a service account in a project. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const serviceAccount = new gcp.serviceaccount.Account("service_account", { * accountId: "service-account-id", * displayName: "Service Account", * }); * ``` * * ## Import * * Service accounts can be imported using their URI, e.g. * * * `projects/{{project_id}}/serviceAccounts/{{email}}` * * When using the `pulumi import` command, service accounts can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:serviceaccount/account:Account default projects/{{project_id}}/serviceAccounts/{{email}} * ``` */ export declare class Account extends pulumi.CustomResource { /** * Get an existing Account resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: AccountState, opts?: pulumi.CustomResourceOptions): Account; /** * Returns true if the given object is an instance of Account. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Account; /** * The account id that is used to generate the service * account email address and a stable unique id. It is unique within a project, * must be 6-30 characters long, and match the regular expression `a-z` * to comply with RFC1035. Changing this forces a new service account to be created. */ readonly accountId: pulumi.Output; /** * If set to true, skip service account creation if a service account with the same email already exists. */ readonly createIgnoreAlreadyExists: pulumi.Output; /** * A text description of the service account. * Must be less than or equal to 256 UTF-8 bytes. */ readonly description: pulumi.Output; /** * Whether a service account is disabled or not. Defaults to `false`. This field has no effect during creation. * Must be set after creation to disable a service account. */ readonly disabled: pulumi.Output; /** * The display name for the service account. * Can be updated without creating a new resource. */ readonly displayName: pulumi.Output; /** * The e-mail address of the service account. This value * should be referenced from any `gcp.organizations.getIAMPolicy` data sources * that would grant the service account privileges. */ readonly email: pulumi.Output; /** * The Identity of the service account in the form `serviceAccount:{email}`. This value is often used to refer to the service account in order to grant IAM permissions. */ readonly member: pulumi.Output; /** * The fully-qualified name of the service account. */ readonly name: pulumi.Output; /** * The ID of the project that the service account will be created in. * Defaults to the provider project configuration. */ readonly project: pulumi.Output; /** * The unique id of the service account. */ readonly uniqueId: pulumi.Output; /** * Create a Account resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: AccountArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Account resources. */ export interface AccountState { /** * The account id that is used to generate the service * account email address and a stable unique id. It is unique within a project, * must be 6-30 characters long, and match the regular expression `a-z` * to comply with RFC1035. Changing this forces a new service account to be created. */ accountId?: pulumi.Input; /** * If set to true, skip service account creation if a service account with the same email already exists. */ createIgnoreAlreadyExists?: pulumi.Input; /** * A text description of the service account. * Must be less than or equal to 256 UTF-8 bytes. */ description?: pulumi.Input; /** * Whether a service account is disabled or not. Defaults to `false`. This field has no effect during creation. * Must be set after creation to disable a service account. */ disabled?: pulumi.Input; /** * The display name for the service account. * Can be updated without creating a new resource. */ displayName?: pulumi.Input; /** * The e-mail address of the service account. This value * should be referenced from any `gcp.organizations.getIAMPolicy` data sources * that would grant the service account privileges. */ email?: pulumi.Input; /** * The Identity of the service account in the form `serviceAccount:{email}`. This value is often used to refer to the service account in order to grant IAM permissions. */ member?: pulumi.Input; /** * The fully-qualified name of the service account. */ name?: pulumi.Input; /** * The ID of the project that the service account will be created in. * Defaults to the provider project configuration. */ project?: pulumi.Input; /** * The unique id of the service account. */ uniqueId?: pulumi.Input; } /** * The set of arguments for constructing a Account resource. */ export interface AccountArgs { /** * The account id that is used to generate the service * account email address and a stable unique id. It is unique within a project, * must be 6-30 characters long, and match the regular expression `a-z` * to comply with RFC1035. Changing this forces a new service account to be created. */ accountId?: pulumi.Input; /** * If set to true, skip service account creation if a service account with the same email already exists. */ createIgnoreAlreadyExists?: pulumi.Input; /** * A text description of the service account. * Must be less than or equal to 256 UTF-8 bytes. */ description?: pulumi.Input; /** * Whether a service account is disabled or not. Defaults to `false`. This field has no effect during creation. * Must be set after creation to disable a service account. */ disabled?: pulumi.Input; /** * The display name for the service account. * Can be updated without creating a new resource. */ displayName?: pulumi.Input; /** * The ID of the project that the service account will be created in. * Defaults to the provider project configuration. */ project?: pulumi.Input; }