Google Cloud Identity Group Membership
This page shows how to write Terraform for Cloud Identity Group Membership and write them securely.
google_cloud_identity_group_membership (Terraform)
The Group Membership in Cloud Identity can be configured in Terraform with the resource name google_cloud_identity_group_membership
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "google_cloud_identity_group_membership" "obe-bu2-cigroups-app3_leslie_lamport_apszaz_com" {
group = google_cloud_identity_group.obe-bu2-cigroups-app3.id
preferred_member_key {
id = "leslie.lamport@apszaz.com"
}
roles {
resource "google_cloud_identity_group_membership" "obe-bu1-cigroups-app1_leslie_lamport_apszaz_com" {
group = google_cloud_identity_group.obe-bu1-cigroups-app1.id
preferred_member_key {
id = "leslie.lamport@apszaz.com"
}
roles {
resource "google_cloud_identity_group_membership" "tnt1-bu1-cigroups-app3_leslie_lamport_apszaz_com" {
group = google_cloud_identity_group.tnt1-bu1-cigroups-app3.id
preferred_member_key {
id = "leslie.lamport@apszaz.com"
}
roles {
resource "google_cloud_identity_group_membership" "obe-bu2-cigroups-app1_leslie_lamport_apszaz_com" {
group = google_cloud_identity_group.obe-bu2-cigroups-app1.id
preferred_member_key {
id = "leslie.lamport@apszaz.com"
}
roles {
resource "google_cloud_identity_group_membership" "tnt1-bu1-cigroups-app1_leslie_lamport_apszaz_com" {
group = google_cloud_identity_group.tnt1-bu1-cigroups-app1.id
preferred_member_key {
id = "leslie.lamport@apszaz.com"
}
roles {
Parameters
-
create_time
optional computed - string
The time when the Membership was created.
-
group
required - string
The name of the Group to create this membership in.
The resource name of the Membership, of the form groups/[group_id]/memberships/[membership_id].
-
type
optional computed - string
The type of the membership.
-
update_time
optional computed - string
The time when the Membership was last updated.
-
preferred_member_key
list block-
id
required - string
The ID of the entity. For Google-managed entities, the id must be the email address of an existing group or user. For external-identity-mapped entities, the id must be a string conforming to the Identity Source's requirements. Must be unique within a namespace.
-
namespace
optional - string
The namespace in which the entity exists. If not specified, the EntityKey represents a Google-managed entity such as a Google user or a Google Group. If specified, the EntityKey represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of 'identitysources/[identity_source_id]'.
-
-
roles
set block-
name
required - string
The name of the MembershipRole. Must be one of OWNER, MANAGER, MEMBER. Possible values: ["OWNER", "MANAGER", "MEMBER"]
-
-
timeouts
single block
Explanation in Terraform Registry
A Membership defines a relationship between a Group and an entity belonging to that Group, referred to as a "member". To get more information about GroupMembership, see:
- API documentation
- How-to Guides
- Official Documentation
Warning: If you are using User ADCs (Application Default Credentials) with this resource, you must specify a
billing_project
and setuser_project_override
to true in the provider configuration. Otherwise the Cloud Identity API will return a 403 error. Your account must have theserviceusage.services.use
permission on thebilling_project
you defined.
Frequently asked questions
What is Google Cloud Identity Group Membership?
Google Cloud Identity Group Membership is a resource for Cloud Identity of Google Cloud Platform. Settings can be wrote in Terraform.
Where can I find the example code for the Google Cloud Identity Group Membership?
For Terraform, the apsureda/ci-groups, apsureda/ci-groups and apsureda/gci-groups source code examples are useful. See the Terraform Example section for further details.