googleIapBrand

OAuth brand data. Only "Organization Internal" brands can be created programmatically via API. To convert it into an external brands please use the GCP Console.

\~> Note: Brands can only be created once for a Google Cloud project and the underlying Google API doesn't not support DELETE or PATCH methods. Destroying a Terraform-managed Brand will remove it from state but will not delete it from Google Cloud.

To get more information about Brand, see:

• API documentation
• How-to Guides
• Setting up IAP Brand

Example Usage - Iap Brand

resource "google_project" "project" {
  project_id = "tf-test%{random_suffix}"
  name       = "tf-test%{random_suffix}"
  org_id     = "123456789"
}

resource "google_project_service" "project_service" {
  project = google_project.project.project_id
  service = "iap.googleapis.com"
}

resource "google_iap_brand" "project_brand" {
  support_email     = "support@example.com"
  application_title = "Cloud IAP protected Application"
  project           = google_project_service.project_service.project
}

Argument Reference

The following arguments are supported:

• supportEmail - (Required) Support email displayed on the OAuth consent screen. Can be either a user or group email. When a user email is specified, the caller must be the user with the associated email address. When a group email is specified, the caller can be either a user or a service account which is an owner of the specified group in Cloud Identity.

• applicationTitle - (Required) Application name displayed on OAuth consent screen.

• project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

• id - an identifier for the resource with format {{name}}

• orgInternalOnly - Whether the brand is only intended for usage inside the GSuite organization only.

• name - Output only. Identifier of the brand, in the format projects/{projectNumber}/brands/{brandId} NOTE: The name can also be expressed as projects/{projectId}/brands/{brandId}, e.g. when importing. NOTE: The brand identification corresponds to the project number as only one brand can be created per project.

Timeouts

This resource provides the following Timeouts configuration options:

• create - Default is 20 minutes.
• delete - Default is 20 minutes.

Import

Brand can be imported using any of these accepted formats:

$ terraform import google_iap_brand.default projects/{{project_id}}/brands/{{brand_id}}
$ terraform import google_iap_brand.default projects/{{project_number}}/brands/{{brand_id}}
$ terraform import google_iap_brand.default {{project_number}}/{{brand_id}}

User Project Overrides

This resource supports User Project Overrides.