IAM policy for Google Cloud Healthcare FHIR store

Three different resources help you manage your IAM policy for Healthcare FHIR store. Each of these resources serves a different use case:

google_healthcare_fhir_store_iam_policy

data "google_iam_policy" "admin" {
  binding {
    role = "roles/editor"

    members = [
      "user:jane@example.com",
    ]
  }
}

resource "google_healthcare_fhir_store_iam_policy" "fhir_store" {
  fhir_store_id = "your-fhir-store-id"
  policy_data   = data.google_iam_policy.admin.policy_data
}

google_healthcare_fhir_store_iam_binding

resource "google_healthcare_fhir_store_iam_binding" "fhir_store" {
  fhir_store_id = "your-fhir-store-id"
  role          = "roles/editor"

  members = [
    "user:jane@example.com",
  ]
}

google_healthcare_fhir_store_iam_member

resource "google_healthcare_fhir_store_iam_member" "fhir_store" {
  fhir_store_id = "your-fhir-store-id"
  role          = "roles/editor"
  member        = "user:jane@example.com"
}

Argument Reference

The following arguments are supported:

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Import

Importing IAM members

IAM member imports use space-delimited identifiers that contains the fhir_store_id, role, and member. For example:

An import block (Terraform v1.5.0 and later) can be used to import IAM members:

import {
  id = "{{project_id}}/{{location}}/{{dataset}}/{{fhir_store}} roles/editor jane@example.com"
  to = google_healthcare_fhir_store_iam_member.default
}

The terraform import command can also be used:

$ terraform import google_healthcare_fhir_store_iam_member.default "{{project_id}}/{{location}}/{{dataset}}/{{fhir_store}} roles/editor jane@example.com"

Importing IAM bindings

IAM binding imports use space-delimited identifiers that contain the resource's fhir_store_id and role. For example:

An import block (Terraform v1.5.0 and later) can be used to import IAM bindings:

import {
  id = "{{project_id}}/{{location}}/{{dataset}}/{{fhir_store}} roles/editor"
  to = google_healthcare_fhir_store_iam_binding.default
}

The terraform import command can also be used:

$ terraform import google_healthcare_fhir_store_iam_binding.default "{{project_id}}/{{location}}/{{dataset}}/{{fhir_store}} roles/editor"

Importing IAM policies

IAM policy imports use the identifier of the Healthcare FHIR store resource. For example:

An import block (Terraform v1.5.0 and later) can be used to import IAM policies:

import {
  id = "{{project_id}}/{{location}}/{{dataset}}/{{fhir_store}}"
  to = google_healthcare_fhir_store_iam_policy.default
}

The terraform import command can also be used:

$ terraform import google_healthcare_fhir_store_iam_policy.default {{project_id}}/{{location}}/{{dataset}}/{{fhir_store}}