1# Copyright 2022 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: core.cnrm.cloud.google.com/v1alpha1
16kind: ServiceMapping
17metadata:
18 name: accesscontextmanager.cnrm.cloud.google.com
19 namespace: cnrm-system
20spec:
21 name: AccessContextManager
22 version: v1beta1
23 serviceHostName: accesscontextmanager.googleapis.com
24 resources:
25 - name: google_access_context_manager_access_level
26 kind: AccessContextManagerAccessLevel
27 autoGenerated: true
28 idTemplate: "{{name}}"
29 idTemplateCanBeUsedToMatchResourceName: false
30 resourceAvailableInAssetInventory: false
31 metadataMapping:
32 name: name
33 resourceID:
34 targetField: name
35 - name: google_access_context_manager_access_level_condition
36 kind: AccessContextManagerAccessLevelCondition
37 autoGenerated: true
38 idTemplate: "{{access_level}}"
39 idTemplateCanBeUsedToMatchResourceName: false
40 resourceAvailableInAssetInventory: false
41 metadataMapping:
42 name: access_level
43 resourceID:
44 targetField: access_level
45 resourceReferences:
46 - key: accessLevelRef
47 tfField: access_level
48 gvk:
49 kind: AccessContextManagerAccessLevel
50 version: v1beta1
51 group: accesscontextmanager.cnrm.cloud.google.com
52 targetField: name
53 parent: true
54 - name: google_access_context_manager_access_levels
55 kind: AccessContextManagerAccessLevels
56 autoGenerated: true
57 idTemplate: "{{parent}}/accessLevels"
58 idTemplateCanBeUsedToMatchResourceName: false
59 resourceAvailableInAssetInventory: false
60 metadataMapping:
61 name: parent
62 resourceID:
63 targetField: parent
64 - name: google_access_context_manager_access_policy
65 kind: AccessContextManagerAccessPolicy
66 autoGenerated: true
67 iamConfig:
68 policyName: google_access_context_manager_access_policy_iam_policy
69 policyMemberName: google_access_context_manager_access_policy_iam_member
70 referenceField:
71 name: name
72 type: id
73 supportsConditions: false
74 idTemplate: "{{name}}"
75 idTemplateCanBeUsedToMatchResourceName: false
76 resourceAvailableInAssetInventory: false
77 serverGeneratedIDField: name
78 resourceID:
79 targetField: name
80 valueTemplate: "accessPolicies/{{value}}"
81 - name: google_access_context_manager_authorized_orgs_desc
82 kind: AccessContextManagerAuthorizedOrgsDesc
83 autoGenerated: true
84 idTemplate: "{{name}}"
85 idTemplateCanBeUsedToMatchResourceName: false
86 resourceAvailableInAssetInventory: false
87 metadataMapping:
88 name: name
89 resourceID:
90 targetField: name
91 - name: google_access_context_manager_gcp_user_access_binding
92 kind: AccessContextManagerGCPUserAccessBinding
93 autoGenerated: true
94 idTemplate: "{{name}}"
95 idTemplateCanBeUsedToMatchResourceName: false
96 resourceAvailableInAssetInventory: false
97 serverGeneratedIDField: name
98 resourceID:
99 targetField: name
100 valueTemplate: "organizations/{{organization_id}}/gcpUserAccessBindings/{{value}}"
101 hierarchicalReferences:
102 - type: organization
103 key: organizationRef
104 resourceReferences:
105 - tfField: organization_id
106 key: organizationRef
107 description: |-
108 The organization that this resource belongs to.
109 gvk:
110 kind: Organization
111 version: v1beta1
112 group: resourcemanager.cnrm.cloud.google.com
113 - name: google_access_context_manager_service_perimeter
114 kind: AccessContextManagerServicePerimeter
115 autoGenerated: true
116 idTemplate: "{{name}}"
117 idTemplateCanBeUsedToMatchResourceName: false
118 resourceAvailableInAssetInventory: false
119 metadataMapping:
120 name: name
121 resourceID:
122 targetField: name
123 - name: google_access_context_manager_service_perimeter_resource
124 kind: AccessContextManagerServicePerimeterResource
125 autoGenerated: true
126 idTemplate: "{{perimeter_name}}/{{resource}}"
127 idTemplateCanBeUsedToMatchResourceName: false
128 resourceAvailableInAssetInventory: false
129 resourceReferences:
130 - key: perimeterNameRef
131 tfField: perimeter_name
132 gvk:
133 kind: AccessContextManagerServicePerimeter
134 version: v1beta1
135 group: accesscontextmanager.cnrm.cloud.google.com
136 valueTemplate: "{{parent}}/servicePerimeters/{{value}}"
137 parent: true
138 - name: google_access_context_manager_service_perimeters
139 kind: AccessContextManagerServicePerimeters
140 autoGenerated: true
141 idTemplate: "{{parent}}/servicePerimeters"
142 idTemplateCanBeUsedToMatchResourceName: false
143 resourceAvailableInAssetInventory: false
144 metadataMapping:
145 name: parent
146 resourceID:
147 targetField: parent
View as plain text