googleIamTestablePermissions
Retrieve a list of testable permissions for a resource. Testable permissions mean the permissions that user can add or remove in a role at a given resource. The resource can be referenced either via the full resource name or via a URI.
Example Usage
Retrieve all the supported permissions able to be set on myProject
that are in either GA or BETA. This is useful for dynamically constructing custom roles.
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.dataGoogleIamTestablePermissions.DataGoogleIamTestablePermissions(
this,
"perms",
{
full_resource_name:
"//cloudresourcemanager.googleapis.com/projects/my-project",
stages: ["GA", "BETA"],
}
);
Argument Reference
The following arguments are supported:
fullResourceName
- (Required) See full resource name documentation for more detail.stages
- (Optional) The acceptable release stages of the permission in the output. Note thatbeta
does not include permissions inga
, but you can specify both with["ga", "beta"]
for example. Can be a list of"alpha"
,"beta"
,"ga"
,"deprecated"
. Default is["ga"]
.customSupportLevel
- (Optional) The level of support for custom roles. Can be one of"notSupported"
,"supported"
,"testing"
. Default is"supported"
Attributes Reference
The following attributes are exported:
permissions
- A list of permissions matching the provided input. Structure is defined below.
The permissions
block supports:
name
- Name of the permission.title
- Human readable title of the permission.stage
- Release stage of the permission.customSupportLevel
- The the support level of this permission for custom roles.apiDisabled
- Whether the corresponding API has been enabled for the resource.