# Copyright 2021 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. variable "storage_bucket_iam_members" { description = "IAM members for storage buckets. Assigns additional non-authoritative IAM bindings to a list of storage buckets." default = [] type = list(object({ resource_ids = list(string) bindings = map(list(string)) })) } variable "project_iam_members" { description = "IAM members for projects. Assigns additional non-authoritative IAM bindings to a list of projects." default = [] type = list(object({ resource_ids = list(string) bindings = map(list(string)) })) } variable "folder_iam_members" { description = "IAM members for folders. Assigns additional non-authoritative IAM bindings to a list of folders." default = [] type = list(object({ resource_ids = list(string) bindings = map(list(string)) })) } variable "organization_iam_members" { description = "IAM members for organizations. Assigns additional non-authoritative IAM bindings to a list of organizations." default = [] type = list(object({ resource_ids = list(string) bindings = map(list(string)) })) } variable "service_account_iam_members" { description = "IAM members for service accounts. Assigns additional non-authoritative service account roles (e.g. roles/iam.serviceAccountUser) to a list of service accounts." default = [] type = list(object({ resource_ids = list(string) bindings = map(list(string)) project_id = string })) }