organizationIamCustomRole.python.md

organizationIamCustomRole Submodule

Constructs

OrganizationIamCustomRole

Represents a {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role google_organization_iam_custom_role}.

Initializers

from cdktn_provider_google import organization_iam_custom_role

organizationIamCustomRole.OrganizationIamCustomRole(
  scope: Construct,
  id: str,
  connection: SSHProvisionerConnection | WinrmProvisionerConnection = None,
  count: typing.Union[int, float] | TerraformCount = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner] = None,
  org_id: str,
  permissions: typing.List[str],
  role_id: str,
  title: str,
  deletion_policy: str = None,
  description: str = None,
  id: str = None,
  stage: str = None
)

Name	Type	Description
scope	constructs.Construct	The scope in which to define this construct.
id	str	The scoped construct ID.
connection	cdktn.SSHProvisionerConnection | cdktn.WinrmProvisionerConnection	No description.
count	typing.Union[int, float] | cdktn.TerraformCount	No description.
depends_on	typing.List[cdktn.ITerraformDependable]	No description.
for_each	cdktn.ITerraformIterator	No description.
lifecycle	cdktn.TerraformResourceLifecycle	No description.
provider	cdktn.TerraformProvider	No description.
provisioners	typing.List[cdktn.FileProvisioner | cdktn.LocalExecProvisioner | cdktn.RemoteExecProvisioner]	No description.
org_id	str	The numeric ID of the organization in which you want to create a custom role.
permissions	typing.List[str]	The names of the permissions this role grants when bound in an IAM policy.
role_id	str	The role id to use for this role.
title	str	A human-readable title for the role.
deletion_policy	str	Whether Terraform will be prevented from destroying the instance.
description	str	A human-readable description for the role.
id	str	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#id OrganizationIamCustomRole#id}.
stage	str	The current launch stage of the role. Defaults to GA.

---

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: str

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

connection^Optional

• Type: cdktn.SSHProvisionerConnection | cdktn.WinrmProvisionerConnection

---

count^Optional

• Type: typing.Union[int, float] | cdktn.TerraformCount

---

depends_on^Optional

• Type: typing.List[cdktn.ITerraformDependable]

---

for_each^Optional

• Type: cdktn.ITerraformIterator

---

lifecycle^Optional

• Type: cdktn.TerraformResourceLifecycle

---

provider^Optional

• Type: cdktn.TerraformProvider

---

provisioners^Optional

• Type: typing.List[cdktn.FileProvisioner | cdktn.LocalExecProvisioner | cdktn.RemoteExecProvisioner]

---

org_id^Required

• Type: str

The numeric ID of the organization in which you want to create a custom role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#org_id OrganizationIamCustomRole#org_id}

---

permissions^Required

• Type: typing.List[str]

The names of the permissions this role grants when bound in an IAM policy.

At least one permission must be specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#permissions OrganizationIamCustomRole#permissions}

---

role_id^Required

• Type: str

The role id to use for this role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#role_id OrganizationIamCustomRole#role_id}

---

title^Required

• Type: str

A human-readable title for the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#title OrganizationIamCustomRole#title}

---

deletion_policy^Optional

• Type: str

Whether Terraform will be prevented from destroying the instance.

Defaults to "DELETE". When a 'terraform destroy' or 'terraform apply' would delete the instance, the command will fail if this field is set to "PREVENT" in Terraform state. When set to "ABANDON", the command will remove the resource from Terraform management without updating or deleting the resource in the API. When set to "DELETE", deleting the resource is allowed.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#deletion_policy OrganizationIamCustomRole#deletion_policy}

---

description^Optional

• Type: str

A human-readable description for the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#description OrganizationIamCustomRole#description}

---

id^Optional

• Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#id OrganizationIamCustomRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

stage^Optional

• Type: str

The current launch stage of the role. Defaults to GA.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#stage OrganizationIamCustomRole#stage}

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
with	Applies one or more mixins to this construct.
add_override	No description.
override_logical_id	Overrides the auto-generated logical ID with a specific ID.
reset_override_logical_id	Resets a previously passed logical Id to use the auto-generated logical id again.
to_hcl_terraform	No description.
to_metadata	No description.
to_terraform	Adds this resource to the terraform JSON output.
add_move_target	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
get_any_map_attribute	No description.
get_boolean_attribute	No description.
get_boolean_map_attribute	No description.
get_list_attribute	No description.
get_number_attribute	No description.
get_number_list_attribute	No description.
get_number_map_attribute	No description.
get_string_attribute	No description.
get_string_map_attribute	No description.
has_resource_move	No description.
import_from	No description.
interpolation_for_attribute	No description.
move_from_id	Move the resource corresponding to "id" to this resource.
move_to	Moves this resource to the target resource given by moveTarget.
move_to_id	Moves this resource to the resource corresponding to "id".
reset_deletion_policy	No description.
reset_description	No description.
reset_id	No description.
reset_stage	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

with

def with(
  mixins: *IMixin
) -> IConstruct

Applies one or more mixins to this construct.

Mixins are applied in order. The list of constructs is captured at the start of the call, so constructs added by a mixin will not be visited. Use multiple with() calls if subsequent mixins should apply to added constructs.

mixins^Required

• Type: *constructs.IMixin

The mixins to apply.

---

add_override

def add_override(
  path: str,
  value: typing.Any
) -> None

path^Required

• Type: str

---

value^Required

• Type: typing.Any

---

override_logical_id

def override_logical_id(
  new_logical_id: str
) -> None

Overrides the auto-generated logical ID with a specific ID.

new_logical_id^Required

• Type: str

The new logical ID to use for this stack element.

---

reset_override_logical_id

def reset_override_logical_id() -> None

Resets a previously passed logical Id to use the auto-generated logical id again.

to_hcl_terraform

def to_hcl_terraform() -> typing.Any

to_metadata

def to_metadata() -> typing.Any

to_terraform

def to_terraform() -> typing.Any

Adds this resource to the terraform JSON output.

add_move_target

def add_move_target(
  move_target: str
) -> None

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

move_target^Required

• Type: str

The string move target that will correspond to this resource.

---

get_any_map_attribute

def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]

terraform_attribute^Required

• Type: str

---

get_boolean_attribute

def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

get_boolean_map_attribute

def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]

terraform_attribute^Required

• Type: str

---

get_list_attribute

def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]

terraform_attribute^Required

• Type: str

---

get_number_attribute

def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]

terraform_attribute^Required

• Type: str

---

get_number_list_attribute

def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_number_map_attribute

def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_string_attribute

def get_string_attribute(
  terraform_attribute: str
) -> str

terraform_attribute^Required

• Type: str

---

get_string_map_attribute

def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]

terraform_attribute^Required

• Type: str

---

has_resource_move

def has_resource_move() -> TerraformResourceMoveByTarget | TerraformResourceMoveById

import_from

def import_from(
  id: str,
  provider: TerraformProvider = None
) -> None

id^Required

• Type: str

---

provider^Optional

• Type: cdktn.TerraformProvider

---

interpolation_for_attribute

def interpolation_for_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

move_from_id

def move_from_id(
  id: str
) -> None

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

id^Required

• Type: str

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

---

move_to

def move_to(
  move_target: str,
  index: str | typing.Union[int, float] = None
) -> None

Moves this resource to the target resource given by moveTarget.

move_target^Required

• Type: str

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

---

index^Optional

• Type: str | typing.Union[int, float]

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

---

move_to_id

def move_to_id(
  id: str
) -> None

Moves this resource to the resource corresponding to "id".

id^Required

• Type: str

Full id of resource to move to, e.g. "aws_s3_bucket.example".

---

reset_deletion_policy

def reset_deletion_policy() -> None

reset_description

def reset_description() -> None

reset_id

def reset_id() -> None

reset_stage

def reset_stage() -> None

Static Functions

Name	Description
is_construct	Checks if x is a construct.
is_terraform_element	No description.
is_terraform_resource	No description.
generate_config_for_import	Generates CDKTN code for importing a OrganizationIamCustomRole resource upon running "cdktn plan ".

---

is_construct

from cdktn_provider_google import organization_iam_custom_role

organizationIamCustomRole.OrganizationIamCustomRole.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

is_terraform_element

from cdktn_provider_google import organization_iam_custom_role

organizationIamCustomRole.OrganizationIamCustomRole.is_terraform_element(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

is_terraform_resource

from cdktn_provider_google import organization_iam_custom_role

organizationIamCustomRole.OrganizationIamCustomRole.is_terraform_resource(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

generate_config_for_import

from cdktn_provider_google import organization_iam_custom_role

organizationIamCustomRole.OrganizationIamCustomRole.generate_config_for_import(
  scope: Construct,
  import_to_id: str,
  import_from_id: str,
  provider: TerraformProvider = None
)

Generates CDKTN code for importing a OrganizationIamCustomRole resource upon running "cdktn plan ".

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

import_to_id^Required

• Type: str

The construct id used in the generated config for the OrganizationIamCustomRole to import.

---

import_from_id^Required

• Type: str

The id of the existing OrganizationIamCustomRole that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: cdktn.TerraformProvider

? Optional instance of the provider where the OrganizationIamCustomRole to import is found.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
cdktf_stack	cdktn.TerraformStack	No description.
fqn	str	No description.
friendly_unique_id	str	No description.
terraform_meta_arguments	typing.Mapping[typing.Any]	No description.
terraform_resource_type	str	No description.
terraform_generator_metadata	cdktn.TerraformProviderGeneratorMetadata	No description.
connection	cdktn.SSHProvisionerConnection | cdktn.WinrmProvisionerConnection	No description.
count	typing.Union[int, float] | cdktn.TerraformCount	No description.
depends_on	typing.List[str]	No description.
for_each	cdktn.ITerraformIterator	No description.
lifecycle	cdktn.TerraformResourceLifecycle	No description.
provider	cdktn.TerraformProvider	No description.
provisioners	typing.List[cdktn.FileProvisioner | cdktn.LocalExecProvisioner | cdktn.RemoteExecProvisioner]	No description.
deleted	cdktn.IResolvable	No description.
name	str	No description.
deletion_policy_input	str	No description.
description_input	str	No description.
id_input	str	No description.
org_id_input	str	No description.
permissions_input	typing.List[str]	No description.
role_id_input	str	No description.
stage_input	str	No description.
title_input	str	No description.
deletion_policy	str	No description.
description	str	No description.
id	str	No description.
org_id	str	No description.
permissions	typing.List[str]	No description.
role_id	str	No description.
stage	str	No description.
title	str	No description.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

cdktf_stack^Required

cdktf_stack: TerraformStack

• Type: cdktn.TerraformStack

---

fqn^Required

fqn: str

• Type: str

---

friendly_unique_id^Required

friendly_unique_id: str

• Type: str

---

terraform_meta_arguments^Required

terraform_meta_arguments: typing.Mapping[typing.Any]

• Type: typing.Mapping[typing.Any]

---

terraform_resource_type^Required

terraform_resource_type: str

• Type: str

---

terraform_generator_metadata^Optional

terraform_generator_metadata: TerraformProviderGeneratorMetadata

• Type: cdktn.TerraformProviderGeneratorMetadata

---

connection^Optional

connection: SSHProvisionerConnection | WinrmProvisionerConnection

• Type: cdktn.SSHProvisionerConnection | cdktn.WinrmProvisionerConnection

---

count^Optional

count: typing.Union[int, float] | TerraformCount

• Type: typing.Union[int, float] | cdktn.TerraformCount

---

depends_on^Optional

depends_on: typing.List[str]

• Type: typing.List[str]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktn.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktn.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktn.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner]

• Type: typing.List[cdktn.FileProvisioner | cdktn.LocalExecProvisioner | cdktn.RemoteExecProvisioner]

---

deleted^Required

deleted: IResolvable

• Type: cdktn.IResolvable

---

name^Required

name: str

• Type: str

---

deletion_policy_input^Optional

deletion_policy_input: str

• Type: str

---

description_input^Optional

description_input: str

• Type: str

---

id_input^Optional

id_input: str

• Type: str

---

org_id_input^Optional

org_id_input: str

• Type: str

---

permissions_input^Optional

permissions_input: typing.List[str]

• Type: typing.List[str]

---

role_id_input^Optional

role_id_input: str

• Type: str

---

stage_input^Optional

stage_input: str

• Type: str

---

title_input^Optional

title_input: str

• Type: str

---

deletion_policy^Required

deletion_policy: str

• Type: str

---

description^Required

description: str

• Type: str

---

id^Required

id: str

• Type: str

---

org_id^Required

org_id: str

• Type: str

---

permissions^Required

permissions: typing.List[str]

• Type: typing.List[str]

---

role_id^Required

role_id: str

• Type: str

---

stage^Required

stage: str

• Type: str

---

title^Required

title: str

• Type: str

---

Constants

Name	Type	Description
tfResourceType	str	No description.

---

tfResourceType^Required

tfResourceType: str

• Type: str

---

Structs

OrganizationIamCustomRoleConfig

Initializer

from cdktn_provider_google import organization_iam_custom_role

organizationIamCustomRole.OrganizationIamCustomRoleConfig(
  connection: SSHProvisionerConnection | WinrmProvisionerConnection = None,
  count: typing.Union[int, float] | TerraformCount = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner] = None,
  org_id: str,
  permissions: typing.List[str],
  role_id: str,
  title: str,
  deletion_policy: str = None,
  description: str = None,
  id: str = None,
  stage: str = None
)

Properties

Name	Type	Description
connection	cdktn.SSHProvisionerConnection | cdktn.WinrmProvisionerConnection	No description.
count	typing.Union[int, float] | cdktn.TerraformCount	No description.
depends_on	typing.List[cdktn.ITerraformDependable]	No description.
for_each	cdktn.ITerraformIterator	No description.
lifecycle	cdktn.TerraformResourceLifecycle	No description.
provider	cdktn.TerraformProvider	No description.
provisioners	typing.List[cdktn.FileProvisioner | cdktn.LocalExecProvisioner | cdktn.RemoteExecProvisioner]	No description.
org_id	str	The numeric ID of the organization in which you want to create a custom role.
permissions	typing.List[str]	The names of the permissions this role grants when bound in an IAM policy.
role_id	str	The role id to use for this role.
title	str	A human-readable title for the role.
deletion_policy	str	Whether Terraform will be prevented from destroying the instance.
description	str	A human-readable description for the role.
id	str	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#id OrganizationIamCustomRole#id}.
stage	str	The current launch stage of the role. Defaults to GA.

---

connection^Optional

connection: SSHProvisionerConnection | WinrmProvisionerConnection

• Type: cdktn.SSHProvisionerConnection | cdktn.WinrmProvisionerConnection

---

count^Optional

count: typing.Union[int, float] | TerraformCount

• Type: typing.Union[int, float] | cdktn.TerraformCount

---

depends_on^Optional

depends_on: typing.List[ITerraformDependable]

• Type: typing.List[cdktn.ITerraformDependable]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktn.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktn.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktn.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[FileProvisioner | LocalExecProvisioner | RemoteExecProvisioner]

• Type: typing.List[cdktn.FileProvisioner | cdktn.LocalExecProvisioner | cdktn.RemoteExecProvisioner]

---

org_id^Required

org_id: str

• Type: str

The numeric ID of the organization in which you want to create a custom role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#org_id OrganizationIamCustomRole#org_id}

---

permissions^Required

permissions: typing.List[str]

• Type: typing.List[str]

The names of the permissions this role grants when bound in an IAM policy.

At least one permission must be specified.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#permissions OrganizationIamCustomRole#permissions}

---

role_id^Required

role_id: str

• Type: str

The role id to use for this role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#role_id OrganizationIamCustomRole#role_id}

---

title^Required

title: str

• Type: str

A human-readable title for the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#title OrganizationIamCustomRole#title}

---

deletion_policy^Optional

deletion_policy: str

• Type: str

Whether Terraform will be prevented from destroying the instance.

Defaults to "DELETE". When a 'terraform destroy' or 'terraform apply' would delete the instance, the command will fail if this field is set to "PREVENT" in Terraform state. When set to "ABANDON", the command will remove the resource from Terraform management without updating or deleting the resource in the API. When set to "DELETE", deleting the resource is allowed.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#deletion_policy OrganizationIamCustomRole#deletion_policy}

---

description^Optional

description: str

• Type: str

A human-readable description for the role.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#description OrganizationIamCustomRole#description}

---

id^Optional

id: str

• Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#id OrganizationIamCustomRole#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

stage^Optional

stage: str

• Type: str

The current launch stage of the role. Defaults to GA.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/7.36.0/docs/resources/organization_iam_custom_role#stage OrganizationIamCustomRole#stage}

---