Expand description
The ObjectAccessControls resources represent the Access Control Lists (ACLs) for objects within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent.
There are two roles that can be assigned to an entity:
READERs can get an object, though the acl property will not be revealed. OWNERs are READERs, and they can get the acl property, update an object, and call all objectAccessControls methods on the object. The owner of an object is always an OWNER. For more information, see Access Control, with the caveat that this API uses READER and OWNER instead of READ and FULL_CONTROL.
To get more information about ObjectAccessControl, see:
- API documentation
- How-to Guides
§Example Usage
§Storage Object Access Control Public Object
resources:
publicRule:
type: gcp:storage:ObjectAccessControl
name: public_rule
properties:
object: ${object.outputName}
bucket: ${bucket.name}
role: READER
entity: allUsers
bucket:
type: gcp:storage:Bucket
properties:
name: static-content-bucket
location: US
object:
type: gcp:storage:BucketObject
properties:
name: public-object
bucket: ${bucket.name}
source:
fn::FileAsset: ../static/img/header-logo.png§Import
ObjectAccessControl can be imported using any of these accepted formats:
{{bucket}}/{{object}}/{{entity}}
When using the pulumi import command, ObjectAccessControl can be imported using one of the formats above. For example:
$ pulumi import gcp:storage/objectAccessControl:ObjectAccessControl default {{bucket}}/{{object}}/{{entity}}Structs§
- Use builder syntax to set the inputs and finish with
build_struct().
Functions§
- Registers a new resource with the given unique name and arguments