Top / Google Cloud Platform / Google Resource Manager / Lien

Google Resource Manager Lien

This page shows how to write Terraform for Resource Manager Lien and write them securely.

terraform-logo

Review your .tf file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

google_resource_manager_lien (Terraform)

The Lien in Resource Manager can be configured in Terraform with the resource name google_resource_manager_lien. The following sections describe 3 examples of how to use the resource and its parameters.

Example Usage from GitHub

resource-manager.tf#L1
resource "google_resource_manager_lien" "project_deletion_protection" {
  count        = var.deletion_protection ? 1 : 0
  origin       = "terraform"
  parent       = google_project.project.number
  reason       = "Protecting formal projects from accidental deletion"
  restrictions = ["resourcemanager.projects.delete"]
main.tf#L7
resource "google_resource_manager_lien" "this" {
  origin       = var.origin
  parent       = var.parent
  reason       = var.reason
  restrictions = var.restrictions
project.tf#L22
resource "google_resource_manager_lien" "project_deletion" {
  parent       = google_project.project.id
  restrictions = ["resourcemanager.projects.delete"]
  origin       = "managed-by-terraform"
  reason       = "This project is managed by terraform"
  depends_on = [

Review your Terraform file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

Time of creation

  • id optional computed - string
  • name optional computed - string

A system-generated unique identifier for this Lien.

A stable, user-visible/meaningful string identifying the origin of the Lien, intended to be inspected programmatically. Maximum length of 200 characters.

A reference to the resource this Lien is attached to. The server will validate the parent against those for which Liens are supported. Since a variety of objects can have Liens against them, you must provide the type prefix (e.g. "projects/my-project-name").

Concise user-visible strings indicating why an action cannot be performed on a resource. Maximum length of 200 characters.

The types of operations which should be blocked as a result of this Lien. Each value should correspond to an IAM permission. The server will validate the permissions against those for which Liens are supported. An empty list is meaningless and will be rejected. e.g. ['resourcemanager.projects.delete']

>> from Terraform Registry

Explanation in Terraform Registry

A Lien represents an encumbrance on the actions that can be performed on a resource.

>> from Terraform Registry

Frequently asked questions

What is Google Resource Manager Lien?

Google Resource Manager Lien is a resource for Resource Manager of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Resource Manager Lien?

For Terraform, the ONSdigital/terraform-module-project, niveklabs/google and jonpulsifer/nawl source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents