Google Cloud v8.30.0 published on Monday, May 12, 2025 by Pulumi
gcp.securesourcemanager.getInstanceIamPolicy
Explore with Pulumi AI
Retrieves the current IAM policy data for instance
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const policy = gcp.securesourcemanager.getInstanceIamPolicy({
    project: _default.project,
    location: _default.location,
    instanceId: _default.instanceId,
});
import pulumi
import pulumi_gcp as gcp
policy = gcp.securesourcemanager.get_instance_iam_policy(project=default["project"],
    location=default["location"],
    instance_id=default["instanceId"])
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/securesourcemanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := securesourcemanager.LookupInstanceIamPolicy(ctx, &securesourcemanager.LookupInstanceIamPolicyArgs{
			Project:    pulumi.StringRef(_default.Project),
			Location:   pulumi.StringRef(_default.Location),
			InstanceId: _default.InstanceId,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() => 
{
    var policy = Gcp.SecureSourceManager.GetInstanceIamPolicy.Invoke(new()
    {
        Project = @default.Project,
        Location = @default.Location,
        InstanceId = @default.InstanceId,
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.securesourcemanager.SecuresourcemanagerFunctions;
import com.pulumi.gcp.securesourcemanager.inputs.GetInstanceIamPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var policy = SecuresourcemanagerFunctions.getInstanceIamPolicy(GetInstanceIamPolicyArgs.builder()
            .project(default_.project())
            .location(default_.location())
            .instanceId(default_.instanceId())
            .build());
    }
}
variables:
  policy:
    fn::invoke:
      function: gcp:securesourcemanager:getInstanceIamPolicy
      arguments:
        project: ${default.project}
        location: ${default.location}
        instanceId: ${default.instanceId}
Using getInstanceIamPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getInstanceIamPolicy(args: GetInstanceIamPolicyArgs, opts?: InvokeOptions): Promise<GetInstanceIamPolicyResult>
function getInstanceIamPolicyOutput(args: GetInstanceIamPolicyOutputArgs, opts?: InvokeOptions): Output<GetInstanceIamPolicyResult>def get_instance_iam_policy(instance_id: Optional[str] = None,
                            location: Optional[str] = None,
                            project: Optional[str] = None,
                            opts: Optional[InvokeOptions] = None) -> GetInstanceIamPolicyResult
def get_instance_iam_policy_output(instance_id: Optional[pulumi.Input[str]] = None,
                            location: Optional[pulumi.Input[str]] = None,
                            project: Optional[pulumi.Input[str]] = None,
                            opts: Optional[InvokeOptions] = None) -> Output[GetInstanceIamPolicyResult]func LookupInstanceIamPolicy(ctx *Context, args *LookupInstanceIamPolicyArgs, opts ...InvokeOption) (*LookupInstanceIamPolicyResult, error)
func LookupInstanceIamPolicyOutput(ctx *Context, args *LookupInstanceIamPolicyOutputArgs, opts ...InvokeOption) LookupInstanceIamPolicyResultOutput> Note: This function is named LookupInstanceIamPolicy in the Go SDK.
public static class GetInstanceIamPolicy 
{
    public static Task<GetInstanceIamPolicyResult> InvokeAsync(GetInstanceIamPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetInstanceIamPolicyResult> Invoke(GetInstanceIamPolicyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetInstanceIamPolicyResult> getInstanceIamPolicy(GetInstanceIamPolicyArgs args, InvokeOptions options)
public static Output<GetInstanceIamPolicyResult> getInstanceIamPolicy(GetInstanceIamPolicyArgs args, InvokeOptions options)
fn::invoke:
  function: gcp:securesourcemanager/getInstanceIamPolicy:getInstanceIamPolicy
  arguments:
    # arguments dictionaryThe following arguments are supported:
- InstanceId string
- The name for the Instance. Used to find the parent resource to bind the IAM policy to
- Location string
- The location for the Instance. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
- InstanceId string
- The name for the Instance. Used to find the parent resource to bind the IAM policy to
- Location string
- The location for the Instance. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
- instanceId String
- The name for the Instance. Used to find the parent resource to bind the IAM policy to
- location String
- The location for the Instance. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
- instanceId string
- The name for the Instance. Used to find the parent resource to bind the IAM policy to
- location string
- The location for the Instance. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.
- project string
- The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
- instance_id str
- The name for the Instance. Used to find the parent resource to bind the IAM policy to
- location str
- The location for the Instance. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.
- project str
- The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
- instanceId String
- The name for the Instance. Used to find the parent resource to bind the IAM policy to
- location String
- The location for the Instance. Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
getInstanceIamPolicy Result
The following output properties are available:
- Etag string
- (Computed) The etag of the IAM policy.
- Id string
- The provider-assigned unique ID for this managed resource.
- InstanceId string
- Location string
- PolicyData string
- (Required only by gcp.securesourcemanager.InstanceIamPolicy) The policy data generated by agcp.organizations.getIAMPolicydata source.
- Project string
- Etag string
- (Computed) The etag of the IAM policy.
- Id string
- The provider-assigned unique ID for this managed resource.
- InstanceId string
- Location string
- PolicyData string
- (Required only by gcp.securesourcemanager.InstanceIamPolicy) The policy data generated by agcp.organizations.getIAMPolicydata source.
- Project string
- etag String
- (Computed) The etag of the IAM policy.
- id String
- The provider-assigned unique ID for this managed resource.
- instanceId String
- location String
- policyData String
- (Required only by gcp.securesourcemanager.InstanceIamPolicy) The policy data generated by agcp.organizations.getIAMPolicydata source.
- project String
- etag string
- (Computed) The etag of the IAM policy.
- id string
- The provider-assigned unique ID for this managed resource.
- instanceId string
- location string
- policyData string
- (Required only by gcp.securesourcemanager.InstanceIamPolicy) The policy data generated by agcp.organizations.getIAMPolicydata source.
- project string
- etag str
- (Computed) The etag of the IAM policy.
- id str
- The provider-assigned unique ID for this managed resource.
- instance_id str
- location str
- policy_data str
- (Required only by gcp.securesourcemanager.InstanceIamPolicy) The policy data generated by agcp.organizations.getIAMPolicydata source.
- project str
- etag String
- (Computed) The etag of the IAM policy.
- id String
- The provider-assigned unique ID for this managed resource.
- instanceId String
- location String
- policyData String
- (Required only by gcp.securesourcemanager.InstanceIamPolicy) The policy data generated by agcp.organizations.getIAMPolicydata source.
- project String
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the google-betaTerraform Provider.