Documentation ¶
Overview ¶
terraform_aws_iam_role
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewTerraformAwsIamRole_Override ¶
func NewTerraformAwsIamRole_Override(t TerraformAwsIamRole, scope constructs.Construct, id *string, config *TerraformAwsIamRoleConfig)
func TerraformAwsIamRole_IsConstruct ¶
func TerraformAwsIamRole_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func TerraformAwsIamRole_IsTerraformElement ¶
func TerraformAwsIamRole_IsTerraformElement(x interface{}) *bool
Experimental.
Types ¶
type TerraformAwsIamRole ¶
type TerraformAwsIamRole interface { cdktf.TerraformModule AdditionalTagMap() *map[string]*string SetAdditionalTagMap(val *map[string]*string) ArnOutput() *string AssumeRoleActions() *[]*string SetAssumeRoleActions(val *[]*string) AssumeRoleConditions() interface{} SetAssumeRoleConditions(val interface{}) Attributes() *[]*string SetAttributes(val *[]*string) // Experimental. CdktfStack() cdktf.TerraformStack // Experimental. ConstructNodeMetadata() *map[string]interface{} Context() interface{} SetContext(val interface{}) Delimiter() *string SetDelimiter(val *string) // Experimental. DependsOn() *[]*string // Experimental. SetDependsOn(val *[]*string) DescriptorFormats() interface{} SetDescriptorFormats(val interface{}) Enabled() *bool SetEnabled(val *bool) Environment() *string SetEnvironment(val *string) // Experimental. ForEach() cdktf.ITerraformIterator // Experimental. SetForEach(val cdktf.ITerraformIterator) // Experimental. Fqn() *string // Experimental. FriendlyUniqueId() *string IdLengthLimit() *float64 SetIdLengthLimit(val *float64) IdOutput() *string InstanceProfileEnabled() *bool SetInstanceProfileEnabled(val *bool) InstanceProfileOutput() *string LabelKeyCase() *string SetLabelKeyCase(val *string) LabelOrder() *[]*string SetLabelOrder(val *[]*string) LabelsAsTags() *[]*string SetLabelsAsTags(val *[]*string) LabelValueCase() *string SetLabelValueCase(val *string) ManagedPolicyArns() *[]*string SetManagedPolicyArns(val *[]*string) MaxSessionDuration() *float64 SetMaxSessionDuration(val *float64) Name() *string SetName(val *string) NameOutput() *string Namespace() *string SetNamespace(val *string) // The tree node. Node() constructs.Node Path() *string SetPath(val *string) PermissionsBoundary() *string SetPermissionsBoundary(val *string) PolicyDescription() *string SetPolicyDescription(val *string) PolicyDocumentCount() *float64 SetPolicyDocumentCount(val *float64) PolicyDocuments() *[]*string SetPolicyDocuments(val *[]*string) PolicyName() *string SetPolicyName(val *string) PolicyOutput() *string Principals() *map[string]*[]*string SetPrincipals(val *map[string]*[]*string) // Experimental. Providers() *[]interface{} // Experimental. RawOverrides() interface{} RegexReplaceChars() *string SetRegexReplaceChars(val *string) RoleDescription() *string SetRoleDescription(val *string) // Experimental. SkipAssetCreationFromLocalModules() *bool // Experimental. Source() *string Stage() *string SetStage(val *string) Tags() *map[string]*string SetTags(val *map[string]*string) TagsEnabled() *string SetTagsEnabled(val *string) Tenant() *string SetTenant(val *string) UseFullname() *bool SetUseFullname(val *bool) // Experimental. Version() *string // Experimental. AddOverride(path *string, value interface{}) // Experimental. AddProvider(provider interface{}) // Experimental. GetString(output *string) *string // Experimental. InterpolationForOutput(moduleOutput *string) cdktf.IResolvable // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Resets a previously passed logical Id to use the auto-generated logical id again. // Experimental. ResetOverrideLogicalId() SynthesizeAttributes() *map[string]interface{} SynthesizeHclAttributes() *map[string]interface{} // Experimental. ToHclTerraform() interface{} // Experimental. ToMetadata() interface{} // Returns a string representation of this construct. ToString() *string // Experimental. ToTerraform() interface{} }
Defines an TerraformAwsIamRole based on a Terraform module.
Source at ./mod/terraform-aws-iam-role
func NewTerraformAwsIamRole ¶
func NewTerraformAwsIamRole(scope constructs.Construct, id *string, config *TerraformAwsIamRoleConfig) TerraformAwsIamRole
type TerraformAwsIamRoleConfig ¶
type TerraformAwsIamRoleConfig struct { // Experimental. DependsOn *[]cdktf.ITerraformDependable `field:"optional" json:"dependsOn" yaml:"dependsOn"` // Experimental. ForEach cdktf.ITerraformIterator `field:"optional" json:"forEach" yaml:"forEach"` // Experimental. Providers *[]interface{} `field:"optional" json:"providers" yaml:"providers"` // Experimental. SkipAssetCreationFromLocalModules *bool `field:"optional" json:"skipAssetCreationFromLocalModules" yaml:"skipAssetCreationFromLocalModules"` // The description of the IAM role that is visible in the IAM role manager. RoleDescription *string `field:"required" json:"roleDescription" yaml:"roleDescription"` // Additional key-value pairs to add to each map in `tags_as_list_of_maps`. // // Not added to `tags` or `id`. // This is for some rare cases where resources want additional configuration of tags // and therefore take a list of maps with tag key, value, and additional configuration. // // The property type contains a map, they have special handling, please see {@link cdk.tf /module-map-inputs the docs} AdditionalTagMap *map[string]*string `field:"optional" json:"additionalTagMap" yaml:"additionalTagMap"` // The IAM action to be granted by the AssumeRole policy sts:AssumeRole sts:TagSession. AssumeRoleActions *[]*string `field:"optional" json:"assumeRoleActions" yaml:"assumeRoleActions"` // List of conditions for the assume role policy. AssumeRoleConditions interface{} `field:"optional" json:"assumeRoleConditions" yaml:"assumeRoleConditions"` // ID element. // // Additional attributes (e.g. `workers` or `cluster`) to add to `id`, // in the order they appear in the list. New attributes are appended to the // end of the list. The elements of the list are joined by the `delimiter` // and treated as a single ID element. Attributes *[]*string `field:"optional" json:"attributes" yaml:"attributes"` // Single object for setting entire context at once. // // See description of individual variables for details. // Leave string and numeric variables as `null` to use default value. // Individual variable settings (non-null) override settings in context object, // except for attributes, tags, and additional_tag_map, which are merged. Context interface{} `field:"optional" json:"context" yaml:"context"` // Delimiter to be used between ID elements. // // Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. Delimiter *string `field:"optional" json:"delimiter" yaml:"delimiter"` // Describe additional descriptors to be output in the `descriptors` output map. // // Map of maps. Keys are names of descriptors. Values are maps of the form // `{ // format = string // labels = list(string) // }` // (Type is `any` so the map values can later be enhanced to provide additional options.) // `format` is a Terraform format string to be passed to the `format()` function. // `labels` is a list of labels, in order, to pass to `format()` function. // Label values will be normalized before being passed to `format()` so they will be // identical to how they appear in `id`. // Default is `{}` (`descriptors` output will be empty). DescriptorFormats interface{} `field:"optional" json:"descriptorFormats" yaml:"descriptorFormats"` // Set to false to prevent the module from creating any resources. Enabled *bool `field:"optional" json:"enabled" yaml:"enabled"` // ID element. // // Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' Environment *string `field:"optional" json:"environment" yaml:"environment"` // Limit `id` to this many characters (minimum 6). // // Set to `0` for unlimited length. // Set to `null` for keep the existing setting, which defaults to `0`. // Does not affect `id_full`. IdLengthLimit *float64 `field:"optional" json:"idLengthLimit" yaml:"idLengthLimit"` // Create EC2 Instance Profile for the role. InstanceProfileEnabled *bool `field:"optional" json:"instanceProfileEnabled" yaml:"instanceProfileEnabled"` // Controls the letter case of the `tags` keys (label names) for tags generated by this module. // // Does not affect keys of tags passed in via the `tags` input. // Possible values: `lower`, `title`, `upper`. // Default value: `title`. LabelKeyCase *string `field:"optional" json:"labelKeyCase" yaml:"labelKeyCase"` // The order in which the labels (ID elements) appear in the `id`. // // Defaults to ["namespace", "environment", "stage", "name", "attributes"]. // You can omit any of the 6 labels ("tenant" is the 6th), but at least one must be present. LabelOrder *[]*string `field:"optional" json:"labelOrder" yaml:"labelOrder"` // Set of labels (ID elements) to include as tags in the `tags` output. // // Default is to include all labels. // Tags with empty values will not be included in the `tags` output. // Set to `[]` to suppress all generated tags. // **Notes:** // The value of the `name` tag, if included, will be the `id`, not the `name`. // Unlike other `null-label` inputs, the initial setting of `labels_as_tags` cannot be // changed in later chained modules. Attempts to change it will be silently ignored. // // default. LabelsAsTags *[]*string `field:"optional" json:"labelsAsTags" yaml:"labelsAsTags"` // Controls the letter case of ID elements (labels) as included in `id`, set as tag values, and output by this module individually. // // Does not affect values of tags passed in via the `tags` input. // Possible values: `lower`, `title`, `upper` and `none` (no transformation). // Set this to `title` and set `delimiter` to `""` to yield Pascal Case IDs. // Default value: `lower`. LabelValueCase *string `field:"optional" json:"labelValueCase" yaml:"labelValueCase"` // List of managed policies to attach to created role. ManagedPolicyArns *[]*string `field:"optional" json:"managedPolicyArns" yaml:"managedPolicyArns"` // The maximum session duration (in seconds) for the role. // // Can have a value from 1 hour to 12 hours // 3,600. MaxSessionDuration *float64 `field:"optional" json:"maxSessionDuration" yaml:"maxSessionDuration"` // ID element. // // Usually the component or solution name, e.g. 'app' or 'jenkins'. // This is the only ID element not also included as a `tag`. // The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. Name *string `field:"optional" json:"name" yaml:"name"` // ID element. // // Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique Namespace *string `field:"optional" json:"namespace" yaml:"namespace"` // Path to the role and policy. // // See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) for more information. // /. Path *string `field:"optional" json:"path" yaml:"path"` // ARN of the policy that is used to set the permissions boundary for the role. PermissionsBoundary *string `field:"optional" json:"permissionsBoundary" yaml:"permissionsBoundary"` // The description of the IAM policy that is visible in the IAM policy manager. PolicyDescription *string `field:"optional" json:"policyDescription" yaml:"policyDescription"` // Number of policy documents (length of policy_documents list) 1. PolicyDocumentCount *float64 `field:"optional" json:"policyDocumentCount" yaml:"policyDocumentCount"` // List of JSON IAM policy documents. PolicyDocuments *[]*string `field:"optional" json:"policyDocuments" yaml:"policyDocuments"` // The name of the IAM policy that is visible in the IAM policy manager. PolicyName *string `field:"optional" json:"policyName" yaml:"policyName"` // Map of service name as key and a list of ARNs to allow assuming the role as value (e.g. map(`AWS`, list(`arn:aws:iam:::role/admin`))) The property type contains a map, they have special handling, please see {@link cdk.tf /module-map-inputs the docs}. Principals *map[string]*[]*string `field:"optional" json:"principals" yaml:"principals"` // Terraform regular expression (regex) string. // // Characters matching the regex will be removed from the ID elements. // If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. RegexReplaceChars *string `field:"optional" json:"regexReplaceChars" yaml:"regexReplaceChars"` // ID element. // // Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' Stage *string `field:"optional" json:"stage" yaml:"stage"` // Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`). Neither the tag keys nor the tag values will be modified by this module. // // The property type contains a map, they have special handling, please see {@link cdk.tf /module-map-inputs the docs} Tags *map[string]*string `field:"optional" json:"tags" yaml:"tags"` // Enable/disable tags on IAM roles and policies true. TagsEnabled *string `field:"optional" json:"tagsEnabled" yaml:"tagsEnabled"` // ID element _(Rarely used, not included by default)_. // // A customer identifier, indicating who this instance of a resource is for. Tenant *string `field:"optional" json:"tenant" yaml:"tenant"` // If set to 'true' then the full ID for the IAM role name (e.g. `[var.namespace]-[var.environment]-[var.stage]`) will be used. // // Otherwise, `var.name` will be used for the IAM role name. // // true. UseFullname *bool `field:"optional" json:"useFullname" yaml:"useFullname"` }