iam

package
v4.38.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 10, 2022 License: Apache-2.0 Imports: 7 Imported by: 19

Documentation

Index

Constants

View Source
const (
	ManagedPolicyAWSAccountActivityAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountActivityAccess")
	ManagedPolicyAWSAccountUsageReportAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountUsageReportAccess")
	ManagedPolicyAWSAgentlessDiscoveryService                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService")
	ManagedPolicyAWSApplicationDiscoveryAgentAccess             = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess")
	ManagedPolicyAWSApplicationDiscoveryServiceFullAccess       = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess")
	ManagedPolicyAWSBatchFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSBatchFullAccess")
	ManagedPolicyAWSBatchServiceRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole")
	ManagedPolicyAWSCertificateManagerFullAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess")
	ManagedPolicyAWSCertificateManagerReadOnly                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly")
	ManagedPolicyAWSCloudFormationReadOnlyAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess")
	ManagedPolicyAWSCloudHSMFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMFullAccess")
	ManagedPolicyAWSCloudHSMReadOnlyAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess")
	ManagedPolicyAWSCloudHSMRole                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole")
	ManagedPolicyAWSCloudTrailFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailFullAccess")
	ManagedPolicyAWSCloudTrailReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess")
	ManagedPolicyAWSCloudWatchLambdaInsightsExecutionRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudWatchLambdaInsightsExecutionRolePolicy")
	ManagedPolicyAWSCodeBuildAdminAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess")
	ManagedPolicyAWSCodeBuildDeveloperAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess")
	ManagedPolicyAWSCodeBuildReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess")
	ManagedPolicyAWSCodeCommitFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitFullAccess")
	ManagedPolicyAWSCodeCommitPowerUser                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitPowerUser")
	ManagedPolicyAWSCodeCommitReadOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitReadOnly")
	ManagedPolicyAWSCodeDeployDeployerAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess")
	ManagedPolicyAWSCodeDeployFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployFullAccess")
	ManagedPolicyAWSCodeDeployReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess")
	ManagedPolicyAWSCodeDeployRole                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole")
	ManagedPolicyAWSCodeDeployRoleForECS                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS")
	ManagedPolicyAWSCodePipelineApproverAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess")
	ManagedPolicyAWSCodePipelineCustomActionAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess")
	ManagedPolicyAWSCodePipelineFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineFullAccess")
	ManagedPolicyAWSCodePipelineReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineReadOnlyAccess")
	ManagedPolicyAWSCodeStarFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeStarFullAccess")
	ManagedPolicyAWSCodeStarServiceRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole")
	ManagedPolicyAWSConfigRole                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRole")
	ManagedPolicyAWSConfigRulesExecutionRole                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRulesExecutionRole")
	ManagedPolicyAWSConfigUserAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSConfigUserAccess")
	ManagedPolicyAWSConnector                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSConnector")
	ManagedPolicyAWSDataPipelineRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole")
	ManagedPolicy_AWSDataPipeline_FullAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_FullAccess")
	ManagedPolicy_AWSDataPipeline_PowerUser                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_PowerUser")
	ManagedPolicyAWSDeviceFarmFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess")
	ManagedPolicyAWSDirectConnectFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectFullAccess")
	ManagedPolicyAWSDirectConnectReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess")
	ManagedPolicyAWSDirectoryServiceFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess")
	ManagedPolicyAWSDirectoryServiceReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess")
	ManagedPolicyAWSElasticBeanstalkCustomPlatformforEC2Role    = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role")
	ManagedPolicyAWSElasticBeanstalkEnhancedHealth              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth")
	ManagedPolicyAWSElasticBeanstalkFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess")
	ManagedPolicyAWSElasticBeanstalkMulticontainerDocker        = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker")
	ManagedPolicyAWSElasticBeanstalkReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess")
	ManagedPolicyAWSElasticBeanstalkService                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService")
	ManagedPolicyAWSElasticBeanstalkWebTier                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier")
	// Deprecated: This has been deprecated in favour of `AWSElasticBeanstalkWorkerTier`
	ManagedPolicyAWSElasticBeanstakWorkerTier          = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier")
	ManagedPolicyAWSElasticBeanstalkWorkerTier         = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier")
	ManagedPolicyAWSGreengrassFullccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassFullAccess")
	ManagedPolicyAWSGreengrassResourceAccessRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy")
	ManagedPolicyAWSHealthFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSHealthFullAccess")
	ManagedPolicyAWSImportExportFullAccess             = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportFullAccess")
	ManagedPolicyAWSImportExportReadOnlyAccess         = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess")
	ManagedPolicyAWSIoTConfigAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigAccess")
	ManagedPolicyAWSIoTConfigReadOnlyAccess            = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigReadOnlyAccess")
	ManagedPolicyAWSIoTDataAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDataAccess")
	ManagedPolicyAWSIoTFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTFullAccess")
	ManagedPolicyAWSIoTLogging                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTLogging")
	ManagedPolicyAWSIoTRuleActions                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTRuleActions")
	ManagedPolicyAWSKeyManagementServicePowerUser      = ManagedPolicy("arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser")
	ManagedPolicyAWSLambdaBasicExecutionRole           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole")
	ManagedPolicyAWSLambdaDynamoDBExecutionRole        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole")
	ManagedPolicyAWSLambdaENIManagementAccess          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaENIManagementAccess")
	ManagedPolicyAWSLambdaExecute                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaExecute")
	// Deprecated: This has been deprecated in favour of `LambdaFullAccess`
	ManagedPolicyAWSLambdaFullAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaFullAccess")
	ManagedPolicyLambdaFullAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_FullAccess")
	ManagedPolicyAWSLambdaInvocationDynamoDB   = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB")
	ManagedPolicyAWSLambdaKinesisExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole")
	// Deprecated: This has been deprecated in favour of `LambdaReadOnlyAccess`
	ManagedPolicyAWSLambdaReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess")
	ManagedPolicyLambdaReadOnlyAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_ReadOnlyAccess")
	ManagedPolicyAWSLambdaRole                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaRole")
	ManagedPolicyAWSLambdaVPCAccessExecutionRole                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole")
	ManagedPolicyAWSMarketplaceFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceFullAccess")
	ManagedPolicyAWSMarketplaceGetEntitlements                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceGetEntitlements")
	ManagedPolicyAWSMarketplaceManageSubscriptions                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions")
	ManagedPolicyAWSMarketplaceMeteringFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess")
	ManagedPolicyAWSMarketplaceReadonly                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceRead-only")
	ManagedPolicy_AWSMobileHub_FullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_FullAccess")
	ManagedPolicy_AWSMobileHub_ReadOnly                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_ReadOnly")
	ManagedPolicy_AWSMobileHub_ServiceUseOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMobileHub_ServiceUseOnly")
	ManagedPolicyAWSOpsWorksCMInstanceProfileRole                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole")
	ManagedPolicyAWSOpsWorksCMServiceRole                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole")
	ManagedPolicyAWSOpsWorksCloudWatchLogs                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCloudWatchLogs")
	ManagedPolicyAWSOpsWorksFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksFullAccess")
	ManagedPolicyAWSOpsWorksInstanceRegistration                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksInstanceRegistration")
	ManagedPolicyAWSOpsWorksRegisterCLI                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI")
	ManagedPolicyAWSOpsWorksRole                                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole")
	ManagedPolicyAWSQuickSightDescribeRD                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS")
	ManagedPolicyAWSQuickSightDescribeRedshift                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift")
	ManagedPolicyAWSQuickSightListIAM                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightListIAM")
	ManagedPolicyAWSQuicksightAthenaAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuicksightAthenaAccess")
	ManagedPolicyAWSStepFunctionsConsoleFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsConsoleFullAccess")
	ManagedPolicyAWSStepFunctionsFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsFullAccess")
	ManagedPolicyAWSStepFunctionsReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess")
	ManagedPolicyAWSStorageGatewayFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess")
	ManagedPolicyAWSStorageGatewayReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess")
	ManagedPolicyAWSSupportAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAccess")
	ManagedPolicyAWSWAFFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFFullAccess")
	ManagedPolicyAWSWAFReadOnlyAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess")
	ManagedPolicyAWSXrayFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayFullAccess")
	ManagedPolicyAWSXrayReadOnlyAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess")
	ManagedPolicyAWSXrayWriteOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess")
	ManagedPolicyAWSXRayDaemonWriteAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess")
	ManagedPolicyAdministratorAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess")
	ManagedPolicyAmazonAPIGatewayAdministrator                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator")
	ManagedPolicyAmazonAPIGatewayInvokeFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess")
	ManagedPolicyAmazonAPIGatewayPushToCloudWatchLogs                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs")
	ManagedPolicyAmazonAppStreamFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamFullAccess")
	ManagedPolicyAmazonAppStreamReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess")
	ManagedPolicyAmazonAppStreamServiceAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAppStreamServiceAccess")
	ManagedPolicyAmazonAthenaFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAthenaFullAccess")
	ManagedPolicyAmazonCloudDirectoryFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryFullAccess")
	ManagedPolicyAmazonCloudDirectoryReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess")
	ManagedPolicyAmazonCognitoDeveloperAuthenticatedIdentities         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities")
	ManagedPolicyAmazonCognitoPowerUser                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoPowerUser")
	ManagedPolicyAmazonCognitoReadOnly                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoReadOnly")
	ManagedPolicyAmazonDMSCloudWatchLogsRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole")
	ManagedPolicyAmazonDMSRedshiftS3Role                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role")
	ManagedPolicyAmazonDMSVPCManagementRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole")
	ManagedPolicyAmazonDRSVPCManagement                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDRSVPCManagement")
	ManagedPolicyAmazonDynamoDBFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess")
	ManagedPolicyAmazonDynamoDBFullAccesswithDataPipeline              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline")
	ManagedPolicyAmazonDynamoDBReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess")
	ManagedPolicyAmazonEC2ContainerRegistryFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess")
	ManagedPolicyAmazonEC2ContainerRegistryPowerUser                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser")
	ManagedPolicyAmazonEC2ContainerRegistryReadOnly                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly")
	ManagedPolicyAmazonEC2ContainerServiceAutoscaleRole                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole")
	ManagedPolicyAmazonEC2ContainerServiceFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess")
	ManagedPolicyAmazonEC2ContainerServiceRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole")
	ManagedPolicyAmazonEC2ContainerServiceforEC2Role                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role")
	ManagedPolicyEC2InstanceProfileForImageBuilder                     = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilder")
	ManagedPolicyAmazonEC2FullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2FullAccess")
	ManagedPolicyAmazonEC2ReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess")
	ManagedPolicyAmazonEC2ReportsAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReportsAccess")
	ManagedPolicyAmazonEC2RoleforAWSCodeDeploy                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy")
	ManagedPolicyAmazonEC2RoleforDataPipelineRole                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole")
	ManagedPolicyAmazonEC2RoleforSSM                                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM")
	ManagedPolicyAmazonEC2SpotFleetAutoscaleRole                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole")
	ManagedPolicyAmazonEC2SpotFleetRole                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole")
	ManagedPolicyAmazonEC2SpotFleetTaggingRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole")
	ManagedPolicyAmazonECSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonECS_FullAccess")
	ManagedPolicyAmazonECSServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy")
	ManagedPolicyAmazonECSTaskExecutionRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy")
	ManagedPolicyAmazonESFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESFullAccess")
	ManagedPolicyAmazonESReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESReadOnlyAccess")
	ManagedPolicyAmazonElastiCacheFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess")
	ManagedPolicyAmazonElastiCacheReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess")
	ManagedPolicyAmazonElasticFileSystemFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess")
	ManagedPolicyAmazonElasticFileSystemReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess")
	ManagedPolicyAmazonElasticMapReduceFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess")
	ManagedPolicyAmazonElasticMapReduceReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess")
	ManagedPolicyAmazonElasticMapReduceRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole")
	ManagedPolicyAmazonElasticMapReduceforAutoScalingRole              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole")
	ManagedPolicyAmazonElasticMapReduceforEC2Role                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role")
	ManagedPolicyAmazonElasticTranscoderFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderFullAccess")
	ManagedPolicyAmazonElasticTranscoderJobsSubmitter                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderJobsSubmitter")
	ManagedPolicyAmazonElasticTranscoderReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderReadOnlyAccess")
	ManagedPolicyAmazonElasticTranscoderRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole")
	ManagedPolicyAmazonGlacierFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierFullAccess")
	ManagedPolicyAmazonGlacierReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess")
	ManagedPolicyAmazonInspectorFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorFullAccess")
	ManagedPolicyAmazonInspectorReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorReadOnlyAccess")
	ManagedPolicyAmazonKinesisAnalyticsFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsFullAccess")
	ManagedPolicyAmazonKinesisAnalyticsReadOnly                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsReadOnly")
	ManagedPolicyAmazonKinesisFirehoseFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseFullAccess")
	ManagedPolicyAmazonKinesisFirehoseReadOnlyAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess")
	ManagedPolicyAmazonKinesisFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFullAccess")
	ManagedPolicyAmazonKinesisReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess")
	ManagedPolicyAmazonLexFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexFullAccess")
	ManagedPolicyAmazonLexReadOnly                                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexReadOnly")
	ManagedPolicyAmazonLexRunBotsOnly                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexRunBotsOnly")
	ManagedPolicyAmazonMachineLearningBatchPredictionsAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess")
	ManagedPolicyAmazonMachineLearningCreateOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess")
	ManagedPolicyAmazonMachineLearningFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess")
	ManagedPolicyAmazonMachineLearningManageRealTimeEndpointOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess")
	ManagedPolicyAmazonMachineLearningReadOnlyAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess")
	ManagedPolicyAmazonMachineLearningRealTimePredictionOnlyAccess     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess")
	ManagedPolicyAmazonMachineLearningRoleforRedshiftDataSource        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource")
	ManagedPolicyAmazonMechanicalTurkFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkFullAccess")
	ManagedPolicyAmazonMechanicalTurkReadOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkReadOnly")
	ManagedPolicyAmazonMobileAnalyticsFinancialReportAccess            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess")
	ManagedPolicyAmazonMobileAnalyticsFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess")
	ManagedPolicyAmazonMobileAnalyticsNonfinancialReportAccess         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess")
	ManagedPolicyAmazonMobileAnalyticsWriteOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess")
	ManagedPolicyAmazonPollyFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyFullAccess")
	ManagedPolicyAmazonPollyReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyReadOnlyAccess")
	ManagedPolicyAmazonRDSDirectoryServiceAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess")
	ManagedPolicyAmazonRDSEnhancedMonitoringRole                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole")
	ManagedPolicyAmazonRDSDataFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSDataFullAccess")
	ManagedPolicyAmazonRDSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSFullAccess")
	ManagedPolicyAmazonRDSReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess")
	ManagedPolicyAmazonRedshiftFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftFullAccess")
	ManagedPolicyAmazonRedshiftReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess")
	ManagedPolicyAmazonRekognitionFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionFullAccess")
	ManagedPolicyAmazonRekognitionReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionReadOnlyAccess")
	ManagedPolicyAmazonRoute53DomainsFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess")
	ManagedPolicyAmazonRoute53DomainsReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess")
	ManagedPolicyAmazonRoute53FullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53FullAccess")
	ManagedPolicyAmazonRoute53ReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess")
	ManagedPolicyAmazonS3FullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3FullAccess")
	ManagedPolicyAmazonS3ReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess")
	ManagedPolicyAmazonSESFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESFullAccess")
	ManagedPolicyAmazonSESReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess")
	ManagedPolicyAmazonSNSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSFullAccess")
	ManagedPolicyAmazonSNSReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess")
	ManagedPolicyAmazonSNSRole                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSNSRole")
	ManagedPolicyAmazonSQSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSFullAccess")
	ManagedPolicyAmazonSQSReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess")
	ManagedPolicyAWSLambdaSQSQueueExecutionRole                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole")
	ManagedPolicyAmazonSSMAutomationApproverAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMAutomationApproverAccess")
	ManagedPolicyAmazonSSMAutomationRole                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole")
	ManagedPolicyAmazonSSMDirectoryServiceAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMDirectoryServiceAccess")
	ManagedPolicyAmazonSSMFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMFullAccess")
	ManagedPolicyAmazonSSMMaintenanceWindowRole                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole")
	ManagedPolicyAmazonSSMPatchAssociation                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMPatchAssociation")
	ManagedPolicyAmazonSSMReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess")
	ManagedPolicyAmazonSSMManagedInstanceCore                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore")
	ManagedPolicyAmazonVPCFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCFullAccess")
	ManagedPolicyAmazonVPCReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess")
	ManagedPolicyAmazonWorkMailFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailFullAccess")
	ManagedPolicyAmazonWorkMailReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess")
	ManagedPolicyAmazonWorkSpacesAdmin                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesAdmin")
	ManagedPolicyAmazonWorkSpacesApplicationManagerAdminAccess         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess")
	ManagedPolicyAmazonZocaloFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloFullAccess")
	ManagedPolicyAmazonZocaloReadOnlyAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess")
	ManagedPolicyApplicationAutoScalingForAmazonAppStreamAccess        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess")
	ManagedPolicyAutoScalingConsoleFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleFullAccess")
	ManagedPolicyAutoScalingConsoleReadOnlyAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleReadOnlyAccess")
	ManagedPolicyAutoScalingFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingFullAccess")
	ManagedPolicyAutoScalingNotificationAccessRole                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole")
	ManagedPolicyAutoScalingReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingReadOnlyAccess")
	ManagedPolicyBilling                                               = ManagedPolicy("arn:aws:iam::aws:policy/job-function/Billing")
	ManagedPolicyCloudFrontFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontFullAccess")
	ManagedPolicyCloudFrontReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess")
	ManagedPolicyCloudSearchFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchFullAccess")
	ManagedPolicyCloudSearchReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess")
	ManagedPolicyCloudWatchActionsEC2Access                            = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchActionsEC2Access")
	ManagedPolicyCloudWatchEventsBuiltInTargetExecutionAccess          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess")
	ManagedPolicyCloudWatchEventsFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsFullAccess")
	ManagedPolicyCloudWatchEventsInvocationAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess")
	ManagedPolicyCloudWatchEventsReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsReadOnlyAccess")
	ManagedPolicyCloudWatchFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchFullAccess")
	ManagedPolicyCloudWatchLogsFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsFullAccess")
	ManagedPolicyCloudWatchLogsReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess")
	ManagedPolicyCloudWatchReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess")
	ManagedPolicyDataScientist                                         = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DataScientist")
	ManagedPolicyDatabaseAdministrator                                 = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DatabaseAdministrator")
	ManagedPolicyIAMFullAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/IAMFullAccess")
	ManagedPolicyIAMReadOnlyAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/IAMReadOnlyAccess")
	ManagedPolicyIAMSelfManageServiceSpecificCredentials               = ManagedPolicy("arn:aws:iam::aws:policy/IAMSelfManageServiceSpecificCredentials")
	ManagedPolicyIAMUserChangePassword                                 = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserChangePassword")
	ManagedPolicyIAMUserSSHKeys                                        = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserSSHKeys")
	ManagedPolicyNetworkAdministrator                                  = ManagedPolicy("arn:aws:iam::aws:policy/job-function/NetworkAdministrator")
	ManagedPolicyPowerUserAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/PowerUserAccess")
	ManagedPolicyRDSCloudHsmAuthorizationRole                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole")
	ManagedPolicyReadOnlyAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/ReadOnlyAccess")
	ManagedPolicyResourceGroupsandTagEditorFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess")
	ManagedPolicyResourceGroupsandTagEditorReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess")
	ManagedPolicySecurityAudit                                         = ManagedPolicy("arn:aws:iam::aws:policy/SecurityAudit")
	ManagedPolicyServerMigrationConnector                              = ManagedPolicy("arn:aws:iam::aws:policy/ServerMigrationConnector")
	ManagedPolicyServerMigrationServiceRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRole")
	ManagedPolicyServiceCatalogAdminFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminFullAccess")
	ManagedPolicyServiceCatalogAdminReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminReadOnlyAccess")
	ManagedPolicyServiceCatalogEndUserAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserAccess")
	ManagedPolicyServiceCatalogEndUserFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserFullAccess")
	ManagedPolicySimpleWorkflowFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/SimpleWorkflowFullAccess")
	ManagedPolicySupportUser                                           = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SupportUser")
	ManagedPolicySystemAdministrator                                   = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SystemAdministrator")
	ManagedPolicyVMImportExportRoleForAWSConnector                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector")
	ManagedPolicyViewOnlyAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/job-function/ViewOnlyAccess")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessKey

type AccessKey struct {
	pulumi.CustomResourceState

	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate                 pulumi.StringOutput `pulumi:"createDate"`
	EncryptedSecret            pulumi.StringOutput `pulumi:"encryptedSecret"`
	EncryptedSesSmtpPasswordV4 pulumi.StringOutput `pulumi:"encryptedSesSmtpPasswordV4"`
	// Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.
	KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"`
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute.
	PgpKey pulumi.StringPtrOutput `pulumi:"pgpKey"`
	// Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
	Secret pulumi.StringOutput `pulumi:"secret"`
	// Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).
	SesSmtpPasswordV4 pulumi.StringOutput `pulumi:"sesSmtpPasswordV4"`
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// IAM user to associate with this access key.
	User pulumi.StringOutput `pulumi:"user"`
}

Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
		})
		if err != nil {
			return err
		}
		lbAccessKey, err := iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User:   lbUser.Name,
			PgpKey: pulumi.String("keybase:some_person_that_exists"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		ctx.Export("secret", lbAccessKey.EncryptedSecret)
		return nil
	})
}

```

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testUser, err := iam.NewUser(ctx, "testUser", &iam.UserArgs{
			Path: pulumi.String("/test/"),
		})
		if err != nil {
			return err
		}
		testAccessKey, err := iam.NewAccessKey(ctx, "testAccessKey", &iam.AccessKeyArgs{
			User: testUser.Name,
		})
		if err != nil {
			return err
		}
		ctx.Export("awsIamSmtpPasswordV4", testAccessKey.SesSmtpPasswordV4)
		return nil
	})
}

```

## Import

IAM Access Keys can be imported using the identifier, e.g.,

```sh

$ pulumi import aws:iam/accessKey:AccessKey example AKIA1234567890

```

Resource attributes such as `encrypted_secret`, `key_fingerprint`, `pgp_key`, `secret`, `ses_smtp_password_v4`, and `encrypted_ses_smtp_password_v4` are not available for imported resources as this information cannot be read from the IAM API.

func GetAccessKey

func GetAccessKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessKeyState, opts ...pulumi.ResourceOption) (*AccessKey, error)

GetAccessKey gets an existing AccessKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessKey

func NewAccessKey(ctx *pulumi.Context,
	name string, args *AccessKeyArgs, opts ...pulumi.ResourceOption) (*AccessKey, error)

NewAccessKey registers a new resource with the given unique name, arguments, and options.

func (*AccessKey) ElementType

func (*AccessKey) ElementType() reflect.Type

func (*AccessKey) ToAccessKeyOutput

func (i *AccessKey) ToAccessKeyOutput() AccessKeyOutput

func (*AccessKey) ToAccessKeyOutputWithContext

func (i *AccessKey) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput

type AccessKeyArgs

type AccessKeyArgs struct {
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute.
	PgpKey pulumi.StringPtrInput
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrInput
	// IAM user to associate with this access key.
	User pulumi.StringInput
}

The set of arguments for constructing a AccessKey resource.

func (AccessKeyArgs) ElementType

func (AccessKeyArgs) ElementType() reflect.Type

type AccessKeyArray

type AccessKeyArray []AccessKeyInput

func (AccessKeyArray) ElementType

func (AccessKeyArray) ElementType() reflect.Type

func (AccessKeyArray) ToAccessKeyArrayOutput

func (i AccessKeyArray) ToAccessKeyArrayOutput() AccessKeyArrayOutput

func (AccessKeyArray) ToAccessKeyArrayOutputWithContext

func (i AccessKeyArray) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput

type AccessKeyArrayInput

type AccessKeyArrayInput interface {
	pulumi.Input

	ToAccessKeyArrayOutput() AccessKeyArrayOutput
	ToAccessKeyArrayOutputWithContext(context.Context) AccessKeyArrayOutput
}

AccessKeyArrayInput is an input type that accepts AccessKeyArray and AccessKeyArrayOutput values. You can construct a concrete instance of `AccessKeyArrayInput` via:

AccessKeyArray{ AccessKeyArgs{...} }

type AccessKeyArrayOutput

type AccessKeyArrayOutput struct{ *pulumi.OutputState }

func (AccessKeyArrayOutput) ElementType

func (AccessKeyArrayOutput) ElementType() reflect.Type

func (AccessKeyArrayOutput) Index

func (AccessKeyArrayOutput) ToAccessKeyArrayOutput

func (o AccessKeyArrayOutput) ToAccessKeyArrayOutput() AccessKeyArrayOutput

func (AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext

func (o AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput

type AccessKeyInput

type AccessKeyInput interface {
	pulumi.Input

	ToAccessKeyOutput() AccessKeyOutput
	ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput
}

type AccessKeyMap

type AccessKeyMap map[string]AccessKeyInput

func (AccessKeyMap) ElementType

func (AccessKeyMap) ElementType() reflect.Type

func (AccessKeyMap) ToAccessKeyMapOutput

func (i AccessKeyMap) ToAccessKeyMapOutput() AccessKeyMapOutput

func (AccessKeyMap) ToAccessKeyMapOutputWithContext

func (i AccessKeyMap) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput

type AccessKeyMapInput

type AccessKeyMapInput interface {
	pulumi.Input

	ToAccessKeyMapOutput() AccessKeyMapOutput
	ToAccessKeyMapOutputWithContext(context.Context) AccessKeyMapOutput
}

AccessKeyMapInput is an input type that accepts AccessKeyMap and AccessKeyMapOutput values. You can construct a concrete instance of `AccessKeyMapInput` via:

AccessKeyMap{ "key": AccessKeyArgs{...} }

type AccessKeyMapOutput

type AccessKeyMapOutput struct{ *pulumi.OutputState }

func (AccessKeyMapOutput) ElementType

func (AccessKeyMapOutput) ElementType() reflect.Type

func (AccessKeyMapOutput) MapIndex

func (AccessKeyMapOutput) ToAccessKeyMapOutput

func (o AccessKeyMapOutput) ToAccessKeyMapOutput() AccessKeyMapOutput

func (AccessKeyMapOutput) ToAccessKeyMapOutputWithContext

func (o AccessKeyMapOutput) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput

type AccessKeyOutput

type AccessKeyOutput struct{ *pulumi.OutputState }

func (AccessKeyOutput) ElementType

func (AccessKeyOutput) ElementType() reflect.Type

func (AccessKeyOutput) ToAccessKeyOutput

func (o AccessKeyOutput) ToAccessKeyOutput() AccessKeyOutput

func (AccessKeyOutput) ToAccessKeyOutputWithContext

func (o AccessKeyOutput) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput

type AccessKeyState

type AccessKeyState struct {
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate                 pulumi.StringPtrInput
	EncryptedSecret            pulumi.StringPtrInput
	EncryptedSesSmtpPasswordV4 pulumi.StringPtrInput
	// Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.
	KeyFingerprint pulumi.StringPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute.
	PgpKey pulumi.StringPtrInput
	// Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
	Secret pulumi.StringPtrInput
	// Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).
	SesSmtpPasswordV4 pulumi.StringPtrInput
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrInput
	// IAM user to associate with this access key.
	User pulumi.StringPtrInput
}

func (AccessKeyState) ElementType

func (AccessKeyState) ElementType() reflect.Type

type AccountAlias

type AccountAlias struct {
	pulumi.CustomResourceState

	// The account alias
	AccountAlias pulumi.StringOutput `pulumi:"accountAlias"`
}

> **Note:** There is only a single account alias per AWS account.

Manages the account alias for the AWS Account.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewAccountAlias(ctx, "alias", &iam.AccountAliasArgs{
			AccountAlias: pulumi.String("my-account-alias"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

The current Account Alias can be imported using the `account_alias`, e.g.,

```sh

$ pulumi import aws:iam/accountAlias:AccountAlias alias my-account-alias

```

func GetAccountAlias

func GetAccountAlias(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccountAliasState, opts ...pulumi.ResourceOption) (*AccountAlias, error)

GetAccountAlias gets an existing AccountAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountAlias

func NewAccountAlias(ctx *pulumi.Context,
	name string, args *AccountAliasArgs, opts ...pulumi.ResourceOption) (*AccountAlias, error)

NewAccountAlias registers a new resource with the given unique name, arguments, and options.

func (*AccountAlias) ElementType

func (*AccountAlias) ElementType() reflect.Type

func (*AccountAlias) ToAccountAliasOutput

func (i *AccountAlias) ToAccountAliasOutput() AccountAliasOutput

func (*AccountAlias) ToAccountAliasOutputWithContext

func (i *AccountAlias) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput

type AccountAliasArgs

type AccountAliasArgs struct {
	// The account alias
	AccountAlias pulumi.StringInput
}

The set of arguments for constructing a AccountAlias resource.

func (AccountAliasArgs) ElementType

func (AccountAliasArgs) ElementType() reflect.Type

type AccountAliasArray

type AccountAliasArray []AccountAliasInput

func (AccountAliasArray) ElementType

func (AccountAliasArray) ElementType() reflect.Type

func (AccountAliasArray) ToAccountAliasArrayOutput

func (i AccountAliasArray) ToAccountAliasArrayOutput() AccountAliasArrayOutput

func (AccountAliasArray) ToAccountAliasArrayOutputWithContext

func (i AccountAliasArray) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput

type AccountAliasArrayInput

type AccountAliasArrayInput interface {
	pulumi.Input

	ToAccountAliasArrayOutput() AccountAliasArrayOutput
	ToAccountAliasArrayOutputWithContext(context.Context) AccountAliasArrayOutput
}

AccountAliasArrayInput is an input type that accepts AccountAliasArray and AccountAliasArrayOutput values. You can construct a concrete instance of `AccountAliasArrayInput` via:

AccountAliasArray{ AccountAliasArgs{...} }

type AccountAliasArrayOutput

type AccountAliasArrayOutput struct{ *pulumi.OutputState }

func (AccountAliasArrayOutput) ElementType

func (AccountAliasArrayOutput) ElementType() reflect.Type

func (AccountAliasArrayOutput) Index

func (AccountAliasArrayOutput) ToAccountAliasArrayOutput

func (o AccountAliasArrayOutput) ToAccountAliasArrayOutput() AccountAliasArrayOutput

func (AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext

func (o AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput

type AccountAliasInput

type AccountAliasInput interface {
	pulumi.Input

	ToAccountAliasOutput() AccountAliasOutput
	ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput
}

type AccountAliasMap

type AccountAliasMap map[string]AccountAliasInput

func (AccountAliasMap) ElementType

func (AccountAliasMap) ElementType() reflect.Type

func (AccountAliasMap) ToAccountAliasMapOutput

func (i AccountAliasMap) ToAccountAliasMapOutput() AccountAliasMapOutput

func (AccountAliasMap) ToAccountAliasMapOutputWithContext

func (i AccountAliasMap) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput

type AccountAliasMapInput

type AccountAliasMapInput interface {
	pulumi.Input

	ToAccountAliasMapOutput() AccountAliasMapOutput
	ToAccountAliasMapOutputWithContext(context.Context) AccountAliasMapOutput
}

AccountAliasMapInput is an input type that accepts AccountAliasMap and AccountAliasMapOutput values. You can construct a concrete instance of `AccountAliasMapInput` via:

AccountAliasMap{ "key": AccountAliasArgs{...} }

type AccountAliasMapOutput

type AccountAliasMapOutput struct{ *pulumi.OutputState }

func (AccountAliasMapOutput) ElementType

func (AccountAliasMapOutput) ElementType() reflect.Type

func (AccountAliasMapOutput) MapIndex

func (AccountAliasMapOutput) ToAccountAliasMapOutput

func (o AccountAliasMapOutput) ToAccountAliasMapOutput() AccountAliasMapOutput

func (AccountAliasMapOutput) ToAccountAliasMapOutputWithContext

func (o AccountAliasMapOutput) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput

type AccountAliasOutput

type AccountAliasOutput struct{ *pulumi.OutputState }

func (AccountAliasOutput) ElementType

func (AccountAliasOutput) ElementType() reflect.Type

func (AccountAliasOutput) ToAccountAliasOutput

func (o AccountAliasOutput) ToAccountAliasOutput() AccountAliasOutput

func (AccountAliasOutput) ToAccountAliasOutputWithContext

func (o AccountAliasOutput) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput

type AccountAliasState

type AccountAliasState struct {
	// The account alias
	AccountAlias pulumi.StringPtrInput
}

func (AccountAliasState) ElementType

func (AccountAliasState) ElementType() reflect.Type

type AccountPasswordPolicy

type AccountPasswordPolicy struct {
	pulumi.CustomResourceState

	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrOutput `pulumi:"allowUsersToChangePassword"`
	// Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.
	ExpirePasswords pulumi.BoolOutput `pulumi:"expirePasswords"`
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolOutput `pulumi:"hardExpiry"`
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntOutput `pulumi:"maxPasswordAge"`
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrOutput `pulumi:"minimumPasswordLength"`
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntOutput `pulumi:"passwordReusePrevention"`
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolOutput `pulumi:"requireLowercaseCharacters"`
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolOutput `pulumi:"requireNumbers"`
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolOutput `pulumi:"requireSymbols"`
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolOutput `pulumi:"requireUppercaseCharacters"`
}

> **Note:** There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.

Manages Password Policy for the AWS Account. See more about [Account Password Policy](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html) in the official AWS docs.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewAccountPasswordPolicy(ctx, "strict", &iam.AccountPasswordPolicyArgs{
			AllowUsersToChangePassword: pulumi.Bool(true),
			MinimumPasswordLength:      pulumi.Int(8),
			RequireLowercaseCharacters: pulumi.Bool(true),
			RequireNumbers:             pulumi.Bool(true),
			RequireSymbols:             pulumi.Bool(true),
			RequireUppercaseCharacters: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Account Password Policy can be imported using the word `iam-account-password-policy`, e.g.,

```sh

$ pulumi import aws:iam/accountPasswordPolicy:AccountPasswordPolicy strict iam-account-password-policy

```

func GetAccountPasswordPolicy

func GetAccountPasswordPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccountPasswordPolicyState, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)

GetAccountPasswordPolicy gets an existing AccountPasswordPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountPasswordPolicy

func NewAccountPasswordPolicy(ctx *pulumi.Context,
	name string, args *AccountPasswordPolicyArgs, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)

NewAccountPasswordPolicy registers a new resource with the given unique name, arguments, and options.

func (*AccountPasswordPolicy) ElementType

func (*AccountPasswordPolicy) ElementType() reflect.Type

func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutput

func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput

func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext

func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput

type AccountPasswordPolicyArgs

type AccountPasswordPolicyArgs struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrInput
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolPtrInput
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntPtrInput
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrInput
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntPtrInput
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolPtrInput
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolPtrInput
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolPtrInput
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolPtrInput
}

The set of arguments for constructing a AccountPasswordPolicy resource.

func (AccountPasswordPolicyArgs) ElementType

func (AccountPasswordPolicyArgs) ElementType() reflect.Type

type AccountPasswordPolicyArray

type AccountPasswordPolicyArray []AccountPasswordPolicyInput

func (AccountPasswordPolicyArray) ElementType

func (AccountPasswordPolicyArray) ElementType() reflect.Type

func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput

func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput

func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext

func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyArrayInput

type AccountPasswordPolicyArrayInput interface {
	pulumi.Input

	ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput
	ToAccountPasswordPolicyArrayOutputWithContext(context.Context) AccountPasswordPolicyArrayOutput
}

AccountPasswordPolicyArrayInput is an input type that accepts AccountPasswordPolicyArray and AccountPasswordPolicyArrayOutput values. You can construct a concrete instance of `AccountPasswordPolicyArrayInput` via:

AccountPasswordPolicyArray{ AccountPasswordPolicyArgs{...} }

type AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyArrayOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyArrayOutput) ElementType

func (AccountPasswordPolicyArrayOutput) Index

func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput

func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput

func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext

func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyInput

type AccountPasswordPolicyInput interface {
	pulumi.Input

	ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput
	ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput
}

type AccountPasswordPolicyMap

type AccountPasswordPolicyMap map[string]AccountPasswordPolicyInput

func (AccountPasswordPolicyMap) ElementType

func (AccountPasswordPolicyMap) ElementType() reflect.Type

func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput

func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput

func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext

func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput

type AccountPasswordPolicyMapInput

type AccountPasswordPolicyMapInput interface {
	pulumi.Input

	ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput
	ToAccountPasswordPolicyMapOutputWithContext(context.Context) AccountPasswordPolicyMapOutput
}

AccountPasswordPolicyMapInput is an input type that accepts AccountPasswordPolicyMap and AccountPasswordPolicyMapOutput values. You can construct a concrete instance of `AccountPasswordPolicyMapInput` via:

AccountPasswordPolicyMap{ "key": AccountPasswordPolicyArgs{...} }

type AccountPasswordPolicyMapOutput

type AccountPasswordPolicyMapOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyMapOutput) ElementType

func (AccountPasswordPolicyMapOutput) MapIndex

func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput

func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput

func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext

func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput

type AccountPasswordPolicyOutput

type AccountPasswordPolicyOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyOutput) ElementType

func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput

func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput

func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext

func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput

type AccountPasswordPolicyState

type AccountPasswordPolicyState struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrInput
	// Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.
	ExpirePasswords pulumi.BoolPtrInput
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolPtrInput
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntPtrInput
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrInput
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntPtrInput
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolPtrInput
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolPtrInput
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolPtrInput
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolPtrInput
}

func (AccountPasswordPolicyState) ElementType

func (AccountPasswordPolicyState) ElementType() reflect.Type

type GetGroupUser

type GetGroupUser struct {
	// The Amazon Resource Name (ARN) specifying the iam user.
	Arn string `pulumi:"arn"`
	// The path to the iam user.
	Path string `pulumi:"path"`
	// The stable and unique string identifying the iam user.
	UserId string `pulumi:"userId"`
	// The name of the iam user.
	UserName string `pulumi:"userName"`
}

type GetGroupUserArgs

type GetGroupUserArgs struct {
	// The Amazon Resource Name (ARN) specifying the iam user.
	Arn pulumi.StringInput `pulumi:"arn"`
	// The path to the iam user.
	Path pulumi.StringInput `pulumi:"path"`
	// The stable and unique string identifying the iam user.
	UserId pulumi.StringInput `pulumi:"userId"`
	// The name of the iam user.
	UserName pulumi.StringInput `pulumi:"userName"`
}

func (GetGroupUserArgs) ElementType

func (GetGroupUserArgs) ElementType() reflect.Type

func (GetGroupUserArgs) ToGetGroupUserOutput

func (i GetGroupUserArgs) ToGetGroupUserOutput() GetGroupUserOutput

func (GetGroupUserArgs) ToGetGroupUserOutputWithContext

func (i GetGroupUserArgs) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput

type GetGroupUserArray

type GetGroupUserArray []GetGroupUserInput

func (GetGroupUserArray) ElementType

func (GetGroupUserArray) ElementType() reflect.Type

func (GetGroupUserArray) ToGetGroupUserArrayOutput

func (i GetGroupUserArray) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput

func (GetGroupUserArray) ToGetGroupUserArrayOutputWithContext

func (i GetGroupUserArray) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput

type GetGroupUserArrayInput

type GetGroupUserArrayInput interface {
	pulumi.Input

	ToGetGroupUserArrayOutput() GetGroupUserArrayOutput
	ToGetGroupUserArrayOutputWithContext(context.Context) GetGroupUserArrayOutput
}

GetGroupUserArrayInput is an input type that accepts GetGroupUserArray and GetGroupUserArrayOutput values. You can construct a concrete instance of `GetGroupUserArrayInput` via:

GetGroupUserArray{ GetGroupUserArgs{...} }

type GetGroupUserArrayOutput

type GetGroupUserArrayOutput struct{ *pulumi.OutputState }

func (GetGroupUserArrayOutput) ElementType

func (GetGroupUserArrayOutput) ElementType() reflect.Type

func (GetGroupUserArrayOutput) Index

func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutput

func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput

func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext

func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput

type GetGroupUserInput

type GetGroupUserInput interface {
	pulumi.Input

	ToGetGroupUserOutput() GetGroupUserOutput
	ToGetGroupUserOutputWithContext(context.Context) GetGroupUserOutput
}

GetGroupUserInput is an input type that accepts GetGroupUserArgs and GetGroupUserOutput values. You can construct a concrete instance of `GetGroupUserInput` via:

GetGroupUserArgs{...}

type GetGroupUserOutput

type GetGroupUserOutput struct{ *pulumi.OutputState }

func (GetGroupUserOutput) Arn

The Amazon Resource Name (ARN) specifying the iam user.

func (GetGroupUserOutput) ElementType

func (GetGroupUserOutput) ElementType() reflect.Type

func (GetGroupUserOutput) Path

The path to the iam user.

func (GetGroupUserOutput) ToGetGroupUserOutput

func (o GetGroupUserOutput) ToGetGroupUserOutput() GetGroupUserOutput

func (GetGroupUserOutput) ToGetGroupUserOutputWithContext

func (o GetGroupUserOutput) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput

func (GetGroupUserOutput) UserId

The stable and unique string identifying the iam user.

func (GetGroupUserOutput) UserName

func (o GetGroupUserOutput) UserName() pulumi.StringOutput

The name of the iam user.

type GetPolicyDocumentArgs

type GetPolicyDocumentArgs struct {
	// IAM policy document whose statements with non-blank `sid`s will override statements with the same `sid` from documents assigned to the `sourceJson`, `sourcePolicyDocuments`, and `overridePolicyDocuments` arguments. Non-overriding statements will be added to the exported document.
	OverrideJson *string `pulumi:"overrideJson"`
	// List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from documents provided in the `sourceJson` and `sourcePolicyDocuments` arguments.  Non-overriding statements will be added to the exported document.
	OverridePolicyDocuments []string `pulumi:"overridePolicyDocuments"`
	// ID for the policy document.
	PolicyId *string `pulumi:"policyId"`
	// IAM policy document used as a base for the exported policy document. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	SourceJson *string `pulumi:"sourceJson"`
	// List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` or `sourceJson` must have unique `sid`s. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	SourcePolicyDocuments []string `pulumi:"sourcePolicyDocuments"`
	// Configuration block for a policy statement. Detailed below.
	Statements []GetPolicyDocumentStatement `pulumi:"statements"`
	// IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getPolicyDocument.

type GetPolicyDocumentOutputArgs added in v4.21.0

type GetPolicyDocumentOutputArgs struct {
	// IAM policy document whose statements with non-blank `sid`s will override statements with the same `sid` from documents assigned to the `sourceJson`, `sourcePolicyDocuments`, and `overridePolicyDocuments` arguments. Non-overriding statements will be added to the exported document.
	OverrideJson pulumi.StringPtrInput `pulumi:"overrideJson"`
	// List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from documents provided in the `sourceJson` and `sourcePolicyDocuments` arguments.  Non-overriding statements will be added to the exported document.
	OverridePolicyDocuments pulumi.StringArrayInput `pulumi:"overridePolicyDocuments"`
	// ID for the policy document.
	PolicyId pulumi.StringPtrInput `pulumi:"policyId"`
	// IAM policy document used as a base for the exported policy document. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	SourceJson pulumi.StringPtrInput `pulumi:"sourceJson"`
	// List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` or `sourceJson` must have unique `sid`s. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	SourcePolicyDocuments pulumi.StringArrayInput `pulumi:"sourcePolicyDocuments"`
	// Configuration block for a policy statement. Detailed below.
	Statements GetPolicyDocumentStatementArrayInput `pulumi:"statements"`
	// IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getPolicyDocument.

func (GetPolicyDocumentOutputArgs) ElementType added in v4.21.0

type GetPolicyDocumentResult

type GetPolicyDocumentResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Standard JSON policy document rendered based on the arguments above.
	Json                    string                       `pulumi:"json"`
	OverrideJson            *string                      `pulumi:"overrideJson"`
	OverridePolicyDocuments []string                     `pulumi:"overridePolicyDocuments"`
	PolicyId                *string                      `pulumi:"policyId"`
	SourceJson              *string                      `pulumi:"sourceJson"`
	SourcePolicyDocuments   []string                     `pulumi:"sourcePolicyDocuments"`
	Statements              []GetPolicyDocumentStatement `pulumi:"statements"`
	Version                 *string                      `pulumi:"version"`
}

A collection of values returned by getPolicyDocument.

func GetPolicyDocument

func GetPolicyDocument(ctx *pulumi.Context, args *GetPolicyDocumentArgs, opts ...pulumi.InvokeOption) (*GetPolicyDocumentResult, error)

Generates an IAM policy document in JSON format for use with resources that expect policy documents such as `iam.Policy`.

Using this data source to generate policy documents is *optional*. It is also valid to use literal JSON strings in your configuration or to use the `file` interpolation function to read a raw JSON policy document from a file.

## Example Usage ### Basic Example

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplePolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("1"),
					Actions: []string{
						"s3:ListAllMyBuckets",
						"s3:GetBucketLocation",
					},
					Resources: []string{
						"arn:aws:s3:::*",
					},
				},
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"s3:ListBucket",
					},
					Resources: []string{
						fmt.Sprintf("%v%v", "arn:aws:s3:::", _var.S3_bucket_name),
					},
					Conditions: []iam.GetPolicyDocumentStatementCondition{
						iam.GetPolicyDocumentStatementCondition{
							Test:     "StringLike",
							Variable: "s3:prefix",
							Values: []string{
								"",
								"home/",
								"home/&{aws:username}/",
							},
						},
					},
				},
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"s3:*",
					},
					Resources: []string{
						fmt.Sprintf("%v%v%v", "arn:aws:s3:::", _var.S3_bucket_name, "/home/&{aws:username}"),
						fmt.Sprintf("%v%v%v", "arn:aws:s3:::", _var.S3_bucket_name, "/home/&{aws:username}/*"),
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewPolicy(ctx, "examplePolicy", &iam.PolicyArgs{
			Path:   pulumi.String("/"),
			Policy: pulumi.String(examplePolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example Using A Source Document

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		source, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"ec2:*",
					},
					Resources: []string{
						"*",
					},
				},
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("SidToOverride"),
					Actions: []string{
						"s3:*",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			SourceJson: pulumi.StringRef(source.Json),
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("SidToOverride"),
					Actions: []string{
						"s3:*",
					},
					Resources: []string{
						"arn:aws:s3:::somebucket",
						"arn:aws:s3:::somebucket/*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

`data.aws_iam_policy_document.source_json_example.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

``` ### Example Using An Override Document

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		override, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("SidToOverride"),
					Actions: []string{
						"s3:*",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			OverrideJson: pulumi.StringRef(override.Json),
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"ec2:*",
					},
					Resources: []string{
						"*",
					},
				},
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("SidToOverride"),
					Actions: []string{
						"s3:*",
					},
					Resources: []string{
						"arn:aws:s3:::somebucket",
						"arn:aws:s3:::somebucket/*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

`data.aws_iam_policy_document.override_json_example.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

``` ### Example with Both Source and Override Documents

You can also combine `sourceJson` and `overrideJson` in the same document.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		source, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("OverridePlaceholder"),
					Actions: []string{
						"ec2:DescribeAccountAttributes",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		override, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("OverridePlaceholder"),
					Actions: []string{
						"s3:GetObject",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			SourceJson:   pulumi.StringRef(source.Json),
			OverrideJson: pulumi.StringRef(override.Json),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

`data.aws_iam_policy_document.politik.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

```

type GetPolicyDocumentResultOutput added in v4.21.0

type GetPolicyDocumentResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPolicyDocument.

func GetPolicyDocumentOutput added in v4.21.0

func (GetPolicyDocumentResultOutput) ElementType added in v4.21.0

func (GetPolicyDocumentResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (GetPolicyDocumentResultOutput) Json added in v4.21.0

Standard JSON policy document rendered based on the arguments above.

func (GetPolicyDocumentResultOutput) OverrideJson added in v4.21.0

func (GetPolicyDocumentResultOutput) OverridePolicyDocuments added in v4.21.0

func (o GetPolicyDocumentResultOutput) OverridePolicyDocuments() pulumi.StringArrayOutput

func (GetPolicyDocumentResultOutput) PolicyId added in v4.21.0

func (GetPolicyDocumentResultOutput) SourceJson added in v4.21.0

func (GetPolicyDocumentResultOutput) SourcePolicyDocuments added in v4.21.0

func (o GetPolicyDocumentResultOutput) SourcePolicyDocuments() pulumi.StringArrayOutput

func (GetPolicyDocumentResultOutput) Statements added in v4.21.0

func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput added in v4.21.0

func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput() GetPolicyDocumentResultOutput

func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext added in v4.21.0

func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext(ctx context.Context) GetPolicyDocumentResultOutput

func (GetPolicyDocumentResultOutput) Version added in v4.21.0

type GetPolicyDocumentStatement

type GetPolicyDocumentStatement struct {
	// List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.
	Actions []string `pulumi:"actions"`
	// Configuration block for a condition. Detailed below.
	Conditions []GetPolicyDocumentStatementCondition `pulumi:"conditions"`
	// Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.
	Effect *string `pulumi:"effect"`
	// List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.
	NotActions []string `pulumi:"notActions"`
	// Like `principals` except these are principals that the statement does *not* apply to.
	NotPrincipals []GetPolicyDocumentStatementNotPrincipal `pulumi:"notPrincipals"`
	// List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.
	NotResources []string `pulumi:"notResources"`
	// Configuration block for principals. Detailed below.
	Principals []GetPolicyDocumentStatementPrincipal `pulumi:"principals"`
	// List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.
	Resources []string `pulumi:"resources"`
	// Sid (statement ID) is an identifier for a policy statement.
	Sid *string `pulumi:"sid"`
}

type GetPolicyDocumentStatementArgs

type GetPolicyDocumentStatementArgs struct {
	// List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.
	Actions pulumi.StringArrayInput `pulumi:"actions"`
	// Configuration block for a condition. Detailed below.
	Conditions GetPolicyDocumentStatementConditionArrayInput `pulumi:"conditions"`
	// Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.
	Effect pulumi.StringPtrInput `pulumi:"effect"`
	// List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.
	NotActions pulumi.StringArrayInput `pulumi:"notActions"`
	// Like `principals` except these are principals that the statement does *not* apply to.
	NotPrincipals GetPolicyDocumentStatementNotPrincipalArrayInput `pulumi:"notPrincipals"`
	// List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.
	NotResources pulumi.StringArrayInput `pulumi:"notResources"`
	// Configuration block for principals. Detailed below.
	Principals GetPolicyDocumentStatementPrincipalArrayInput `pulumi:"principals"`
	// List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.
	Resources pulumi.StringArrayInput `pulumi:"resources"`
	// Sid (statement ID) is an identifier for a policy statement.
	Sid pulumi.StringPtrInput `pulumi:"sid"`
}

func (GetPolicyDocumentStatementArgs) ElementType

func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput

func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput

func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext

func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementArray

type GetPolicyDocumentStatementArray []GetPolicyDocumentStatementInput

func (GetPolicyDocumentStatementArray) ElementType

func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput

func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput

func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext

func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementArrayInput

type GetPolicyDocumentStatementArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput
	ToGetPolicyDocumentStatementArrayOutputWithContext(context.Context) GetPolicyDocumentStatementArrayOutput
}

GetPolicyDocumentStatementArrayInput is an input type that accepts GetPolicyDocumentStatementArray and GetPolicyDocumentStatementArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementArrayInput` via:

GetPolicyDocumentStatementArray{ GetPolicyDocumentStatementArgs{...} }

type GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementArrayOutput) ElementType

func (GetPolicyDocumentStatementArrayOutput) Index

func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput

func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput

func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext

func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementCondition

type GetPolicyDocumentStatementCondition struct {
	// Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.
	Test string `pulumi:"test"`
	// Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.
	Values []string `pulumi:"values"`
	// Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.
	Variable string `pulumi:"variable"`
}

type GetPolicyDocumentStatementConditionArgs

type GetPolicyDocumentStatementConditionArgs struct {
	// Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.
	Test pulumi.StringInput `pulumi:"test"`
	// Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.
	Values pulumi.StringArrayInput `pulumi:"values"`
	// Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.
	Variable pulumi.StringInput `pulumi:"variable"`
}

func (GetPolicyDocumentStatementConditionArgs) ElementType

func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput

func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext

func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput

type GetPolicyDocumentStatementConditionArray

type GetPolicyDocumentStatementConditionArray []GetPolicyDocumentStatementConditionInput

func (GetPolicyDocumentStatementConditionArray) ElementType

func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput

func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput

func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext

func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionArrayInput

type GetPolicyDocumentStatementConditionArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput
	ToGetPolicyDocumentStatementConditionArrayOutputWithContext(context.Context) GetPolicyDocumentStatementConditionArrayOutput
}

GetPolicyDocumentStatementConditionArrayInput is an input type that accepts GetPolicyDocumentStatementConditionArray and GetPolicyDocumentStatementConditionArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionArrayInput` via:

GetPolicyDocumentStatementConditionArray{ GetPolicyDocumentStatementConditionArgs{...} }

type GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementConditionArrayOutput) ElementType

func (GetPolicyDocumentStatementConditionArrayOutput) Index

func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput

func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput

func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext

func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionInput

type GetPolicyDocumentStatementConditionInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput
	ToGetPolicyDocumentStatementConditionOutputWithContext(context.Context) GetPolicyDocumentStatementConditionOutput
}

GetPolicyDocumentStatementConditionInput is an input type that accepts GetPolicyDocumentStatementConditionArgs and GetPolicyDocumentStatementConditionOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionInput` via:

GetPolicyDocumentStatementConditionArgs{...}

type GetPolicyDocumentStatementConditionOutput

type GetPolicyDocumentStatementConditionOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementConditionOutput) ElementType

func (GetPolicyDocumentStatementConditionOutput) Test

Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.

func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput

func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext

func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionOutput) Values

Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.

func (GetPolicyDocumentStatementConditionOutput) Variable

Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.

type GetPolicyDocumentStatementInput

type GetPolicyDocumentStatementInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput
	ToGetPolicyDocumentStatementOutputWithContext(context.Context) GetPolicyDocumentStatementOutput
}

GetPolicyDocumentStatementInput is an input type that accepts GetPolicyDocumentStatementArgs and GetPolicyDocumentStatementOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementInput` via:

GetPolicyDocumentStatementArgs{...}

type GetPolicyDocumentStatementNotPrincipal

type GetPolicyDocumentStatementNotPrincipal struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers []string `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type string `pulumi:"type"`
}

type GetPolicyDocumentStatementNotPrincipalArgs

type GetPolicyDocumentStatementNotPrincipalArgs struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers pulumi.StringArrayInput `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type pulumi.StringInput `pulumi:"type"`
}

func (GetPolicyDocumentStatementNotPrincipalArgs) ElementType

func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput

func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext

func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput

type GetPolicyDocumentStatementNotPrincipalArray

type GetPolicyDocumentStatementNotPrincipalArray []GetPolicyDocumentStatementNotPrincipalInput

func (GetPolicyDocumentStatementNotPrincipalArray) ElementType

func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput

func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput

func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext

func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalArrayInput

type GetPolicyDocumentStatementNotPrincipalArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput
	ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput
}

GetPolicyDocumentStatementNotPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArray and GetPolicyDocumentStatementNotPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalArrayInput` via:

GetPolicyDocumentStatementNotPrincipalArray{ GetPolicyDocumentStatementNotPrincipalArgs{...} }

type GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ElementType

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) Index

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput

func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext

func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalInput

type GetPolicyDocumentStatementNotPrincipalInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput
	ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalOutput
}

GetPolicyDocumentStatementNotPrincipalInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArgs and GetPolicyDocumentStatementNotPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalInput` via:

GetPolicyDocumentStatementNotPrincipalArgs{...}

type GetPolicyDocumentStatementNotPrincipalOutput

type GetPolicyDocumentStatementNotPrincipalOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementNotPrincipalOutput) ElementType

func (GetPolicyDocumentStatementNotPrincipalOutput) Identifiers

List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.

func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput

func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext

func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalOutput) Type

Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.

type GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementOutput) Actions

List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.

func (GetPolicyDocumentStatementOutput) Conditions

Configuration block for a condition. Detailed below.

func (GetPolicyDocumentStatementOutput) Effect

Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.

func (GetPolicyDocumentStatementOutput) ElementType

func (GetPolicyDocumentStatementOutput) NotActions

List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.

func (GetPolicyDocumentStatementOutput) NotPrincipals

Like `principals` except these are principals that the statement does *not* apply to.

func (GetPolicyDocumentStatementOutput) NotResources

List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.

func (GetPolicyDocumentStatementOutput) Principals

Configuration block for principals. Detailed below.

func (GetPolicyDocumentStatementOutput) Resources

List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.

func (GetPolicyDocumentStatementOutput) Sid

Sid (statement ID) is an identifier for a policy statement.

func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput

func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput

func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext

func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementPrincipal

type GetPolicyDocumentStatementPrincipal struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers []string `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type string `pulumi:"type"`
}

type GetPolicyDocumentStatementPrincipalArgs

type GetPolicyDocumentStatementPrincipalArgs struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers pulumi.StringArrayInput `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type pulumi.StringInput `pulumi:"type"`
}

func (GetPolicyDocumentStatementPrincipalArgs) ElementType

func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput

func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext

func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput

type GetPolicyDocumentStatementPrincipalArray

type GetPolicyDocumentStatementPrincipalArray []GetPolicyDocumentStatementPrincipalInput

func (GetPolicyDocumentStatementPrincipalArray) ElementType

func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput

func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput

func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext

func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalArrayInput

type GetPolicyDocumentStatementPrincipalArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput
	ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalArrayOutput
}

GetPolicyDocumentStatementPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementPrincipalArray and GetPolicyDocumentStatementPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalArrayInput` via:

GetPolicyDocumentStatementPrincipalArray{ GetPolicyDocumentStatementPrincipalArgs{...} }

type GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementPrincipalArrayOutput) ElementType

func (GetPolicyDocumentStatementPrincipalArrayOutput) Index

func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput

func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput

func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext

func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalInput

type GetPolicyDocumentStatementPrincipalInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput
	ToGetPolicyDocumentStatementPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalOutput
}

GetPolicyDocumentStatementPrincipalInput is an input type that accepts GetPolicyDocumentStatementPrincipalArgs and GetPolicyDocumentStatementPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalInput` via:

GetPolicyDocumentStatementPrincipalArgs{...}

type GetPolicyDocumentStatementPrincipalOutput

type GetPolicyDocumentStatementPrincipalOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementPrincipalOutput) ElementType

func (GetPolicyDocumentStatementPrincipalOutput) Identifiers

List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.

func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput

func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext

func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalOutput) Type

Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.

type GetRolesArgs added in v4.17.0

type GetRolesArgs struct {
	// A regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex *string `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1].
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getRoles.

type GetRolesOutputArgs added in v4.21.0

type GetRolesOutputArgs struct {
	// A regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1].
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getRoles.

func (GetRolesOutputArgs) ElementType added in v4.21.0

func (GetRolesOutputArgs) ElementType() reflect.Type

type GetRolesResult added in v4.17.0

type GetRolesResult struct {
	// Set of ARNs of the matched IAM roles.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id        string  `pulumi:"id"`
	NameRegex *string `pulumi:"nameRegex"`
	// Set of Names of the matched IAM roles.
	Names      []string `pulumi:"names"`
	PathPrefix *string  `pulumi:"pathPrefix"`
}

A collection of values returned by getRoles.

func GetRoles added in v4.17.0

func GetRoles(ctx *pulumi.Context, args *GetRolesArgs, opts ...pulumi.InvokeOption) (*GetRolesResult, error)

Use this data source to get the ARNs and Names of IAM Roles.

## Example Usage ### All roles in an account

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles filtered by name regex

Roles whose role-name contains `project`

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			NameRegex: pulumi.StringRef(".*project.*"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			PathPrefix: pulumi.StringRef("/custom-path"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles provisioned by AWS SSO

Roles in the account filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

Specific role in the account filtered by name regex and path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			NameRegex:  pulumi.StringRef("AWSReservedSSO_permission_set_name_.*"),
			PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetRolesResultOutput added in v4.21.0

type GetRolesResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRoles.

func GetRolesOutput added in v4.21.0

func GetRolesOutput(ctx *pulumi.Context, args GetRolesOutputArgs, opts ...pulumi.InvokeOption) GetRolesResultOutput

func (GetRolesResultOutput) Arns added in v4.21.0

Set of ARNs of the matched IAM roles.

func (GetRolesResultOutput) ElementType added in v4.21.0

func (GetRolesResultOutput) ElementType() reflect.Type

func (GetRolesResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (GetRolesResultOutput) NameRegex added in v4.21.0

func (GetRolesResultOutput) Names added in v4.21.0

Set of Names of the matched IAM roles.

func (GetRolesResultOutput) PathPrefix added in v4.21.0

func (GetRolesResultOutput) ToGetRolesResultOutput added in v4.21.0

func (o GetRolesResultOutput) ToGetRolesResultOutput() GetRolesResultOutput

func (GetRolesResultOutput) ToGetRolesResultOutputWithContext added in v4.21.0

func (o GetRolesResultOutput) ToGetRolesResultOutputWithContext(ctx context.Context) GetRolesResultOutput

type GetSessionContextArgs added in v4.11.0

type GetSessionContextArgs struct {
	// ARN for an assumed role.
	Arn string `pulumi:"arn"`
}

A collection of arguments for invoking getSessionContext.

type GetSessionContextOutputArgs added in v4.21.0

type GetSessionContextOutputArgs struct {
	// ARN for an assumed role.
	Arn pulumi.StringInput `pulumi:"arn"`
}

A collection of arguments for invoking getSessionContext.

func (GetSessionContextOutputArgs) ElementType added in v4.21.0

type GetSessionContextResult added in v4.11.0

type GetSessionContextResult struct {
	Arn string `pulumi:"arn"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`.
	IssuerArn string `pulumi:"issuerArn"`
	// Unique identifier of the IAM role that issues the STS assumed role.
	IssuerId string `pulumi:"issuerId"`
	// Name of the source role. Only available if `arn` corresponds to an STS assumed role.
	IssuerName string `pulumi:"issuerName"`
	// Name of the STS session. Only available if `arn` corresponds to an STS assumed role.
	SessionName string `pulumi:"sessionName"`
}

A collection of values returned by getSessionContext.

func GetSessionContext added in v4.11.0

func GetSessionContext(ctx *pulumi.Context, args *GetSessionContextArgs, opts ...pulumi.InvokeOption) (*GetSessionContextResult, error)

type GetSessionContextResultOutput added in v4.21.0

type GetSessionContextResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSessionContext.

func GetSessionContextOutput added in v4.21.0

func (GetSessionContextResultOutput) Arn added in v4.21.0

func (GetSessionContextResultOutput) ElementType added in v4.21.0

func (GetSessionContextResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (GetSessionContextResultOutput) IssuerArn added in v4.21.0

IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`.

func (GetSessionContextResultOutput) IssuerId added in v4.21.0

Unique identifier of the IAM role that issues the STS assumed role.

func (GetSessionContextResultOutput) IssuerName added in v4.21.0

Name of the source role. Only available if `arn` corresponds to an STS assumed role.

func (GetSessionContextResultOutput) SessionName added in v4.21.0

Name of the STS session. Only available if `arn` corresponds to an STS assumed role.

func (GetSessionContextResultOutput) ToGetSessionContextResultOutput added in v4.21.0

func (o GetSessionContextResultOutput) ToGetSessionContextResultOutput() GetSessionContextResultOutput

func (GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext added in v4.21.0

func (o GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext(ctx context.Context) GetSessionContextResultOutput

type GetUserSshKeyArgs added in v4.27.0

type GetUserSshKeyArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding string `pulumi:"encoding"`
	// The unique identifier for the SSH public key.
	SshPublicKeyId string `pulumi:"sshPublicKeyId"`
	// The name of the IAM user associated with the SSH public key.
	Username string `pulumi:"username"`
}

A collection of arguments for invoking getUserSshKey.

type GetUserSshKeyOutputArgs added in v4.27.0

type GetUserSshKeyOutputArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringInput `pulumi:"encoding"`
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringInput `pulumi:"sshPublicKeyId"`
	// The name of the IAM user associated with the SSH public key.
	Username pulumi.StringInput `pulumi:"username"`
}

A collection of arguments for invoking getUserSshKey.

func (GetUserSshKeyOutputArgs) ElementType added in v4.27.0

func (GetUserSshKeyOutputArgs) ElementType() reflect.Type

type GetUserSshKeyResult added in v4.27.0

type GetUserSshKeyResult struct {
	Encoding string `pulumi:"encoding"`
	// The MD5 message digest of the SSH public key.
	Fingerprint string `pulumi:"fingerprint"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The SSH public key.
	PublicKey      string `pulumi:"publicKey"`
	SshPublicKeyId string `pulumi:"sshPublicKeyId"`
	// The status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.
	Status   string `pulumi:"status"`
	Username string `pulumi:"username"`
}

A collection of values returned by getUserSshKey.

func GetUserSshKey added in v4.27.0

func GetUserSshKey(ctx *pulumi.Context, args *GetUserSshKeyArgs, opts ...pulumi.InvokeOption) (*GetUserSshKeyResult, error)

Use this data source to get information about a SSH public key associated with the specified IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUserSshKey(ctx, &iam.GetUserSshKeyArgs{
			Encoding:       "SSH",
			SshPublicKeyId: "APKARUZ32GUTKIGARLXE",
			Username:       "test-user",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetUserSshKeyResultOutput added in v4.27.0

type GetUserSshKeyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUserSshKey.

func GetUserSshKeyOutput added in v4.27.0

func GetUserSshKeyOutput(ctx *pulumi.Context, args GetUserSshKeyOutputArgs, opts ...pulumi.InvokeOption) GetUserSshKeyResultOutput

func (GetUserSshKeyResultOutput) ElementType added in v4.27.0

func (GetUserSshKeyResultOutput) ElementType() reflect.Type

func (GetUserSshKeyResultOutput) Encoding added in v4.27.0

func (GetUserSshKeyResultOutput) Fingerprint added in v4.27.0

The MD5 message digest of the SSH public key.

func (GetUserSshKeyResultOutput) Id added in v4.27.0

The provider-assigned unique ID for this managed resource.

func (GetUserSshKeyResultOutput) PublicKey added in v4.27.0

The SSH public key.

func (GetUserSshKeyResultOutput) SshPublicKeyId added in v4.27.0

func (o GetUserSshKeyResultOutput) SshPublicKeyId() pulumi.StringOutput

func (GetUserSshKeyResultOutput) Status added in v4.27.0

The status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.

func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput added in v4.27.0

func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput() GetUserSshKeyResultOutput

func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext added in v4.27.0

func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext(ctx context.Context) GetUserSshKeyResultOutput

func (GetUserSshKeyResultOutput) Username added in v4.27.0

type GetUsersArgs added in v4.22.0

type GetUsersArgs struct {
	// A regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex *string `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1].
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getUsers.

type GetUsersOutputArgs added in v4.22.0

type GetUsersOutputArgs struct {
	// A regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1].
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getUsers.

func (GetUsersOutputArgs) ElementType added in v4.22.0

func (GetUsersOutputArgs) ElementType() reflect.Type

type GetUsersResult added in v4.22.0

type GetUsersResult struct {
	// Set of ARNs of the matched IAM users.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id        string  `pulumi:"id"`
	NameRegex *string `pulumi:"nameRegex"`
	// Set of Names of the matched IAM users.
	Names      []string `pulumi:"names"`
	PathPrefix *string  `pulumi:"pathPrefix"`
}

A collection of values returned by getUsers.

func GetUsers added in v4.22.0

func GetUsers(ctx *pulumi.Context, args *GetUsersArgs, opts ...pulumi.InvokeOption) (*GetUsersResult, error)

Use this data source to get the ARNs and Names of IAM Users.

## Example Usage ### All users in an account

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Users filtered by name regex

Users whose username contains `abc`

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, &iam.GetUsersArgs{
			NameRegex: pulumi.StringRef(".*abc.*"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Users filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, &iam.GetUsersArgs{
			PathPrefix: pulumi.StringRef("/custom-path"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetUsersResultOutput added in v4.22.0

type GetUsersResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUsers.

func GetUsersOutput added in v4.22.0

func GetUsersOutput(ctx *pulumi.Context, args GetUsersOutputArgs, opts ...pulumi.InvokeOption) GetUsersResultOutput

func (GetUsersResultOutput) Arns added in v4.22.0

Set of ARNs of the matched IAM users.

func (GetUsersResultOutput) ElementType added in v4.22.0

func (GetUsersResultOutput) ElementType() reflect.Type

func (GetUsersResultOutput) Id added in v4.22.0

The provider-assigned unique ID for this managed resource.

func (GetUsersResultOutput) NameRegex added in v4.22.0

func (GetUsersResultOutput) Names added in v4.22.0

Set of Names of the matched IAM users.

func (GetUsersResultOutput) PathPrefix added in v4.22.0

func (GetUsersResultOutput) ToGetUsersResultOutput added in v4.22.0

func (o GetUsersResultOutput) ToGetUsersResultOutput() GetUsersResultOutput

func (GetUsersResultOutput) ToGetUsersResultOutputWithContext added in v4.22.0

func (o GetUsersResultOutput) ToGetUsersResultOutputWithContext(ctx context.Context) GetUsersResultOutput

type Group

type Group struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this group.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringOutput `pulumi:"name"`
	// Path in which to create the group.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM group.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewGroup(ctx, "developers", &iam.GroupArgs{
			Path: pulumi.String("/users/"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Groups can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/group:Group developers developers

```

func GetGroup

func GetGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupState, opts ...pulumi.ResourceOption) (*Group, error)

GetGroup gets an existing Group resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroup

func NewGroup(ctx *pulumi.Context,
	name string, args *GroupArgs, opts ...pulumi.ResourceOption) (*Group, error)

NewGroup registers a new resource with the given unique name, arguments, and options.

func (*Group) ElementType

func (*Group) ElementType() reflect.Type

func (*Group) ToGroupOutput

func (i *Group) ToGroupOutput() GroupOutput

func (*Group) ToGroupOutputWithContext

func (i *Group) ToGroupOutputWithContext(ctx context.Context) GroupOutput

type GroupArgs

type GroupArgs struct {
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringPtrInput
	// Path in which to create the group.
	Path pulumi.StringPtrInput
}

The set of arguments for constructing a Group resource.

func (GroupArgs) ElementType

func (GroupArgs) ElementType() reflect.Type

type GroupArray

type GroupArray []GroupInput

func (GroupArray) ElementType

func (GroupArray) ElementType() reflect.Type

func (GroupArray) ToGroupArrayOutput

func (i GroupArray) ToGroupArrayOutput() GroupArrayOutput

func (GroupArray) ToGroupArrayOutputWithContext

func (i GroupArray) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupArrayInput

type GroupArrayInput interface {
	pulumi.Input

	ToGroupArrayOutput() GroupArrayOutput
	ToGroupArrayOutputWithContext(context.Context) GroupArrayOutput
}

GroupArrayInput is an input type that accepts GroupArray and GroupArrayOutput values. You can construct a concrete instance of `GroupArrayInput` via:

GroupArray{ GroupArgs{...} }

type GroupArrayOutput

type GroupArrayOutput struct{ *pulumi.OutputState }

func (GroupArrayOutput) ElementType

func (GroupArrayOutput) ElementType() reflect.Type

func (GroupArrayOutput) Index

func (GroupArrayOutput) ToGroupArrayOutput

func (o GroupArrayOutput) ToGroupArrayOutput() GroupArrayOutput

func (GroupArrayOutput) ToGroupArrayOutputWithContext

func (o GroupArrayOutput) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupInput

type GroupInput interface {
	pulumi.Input

	ToGroupOutput() GroupOutput
	ToGroupOutputWithContext(ctx context.Context) GroupOutput
}

type GroupMap

type GroupMap map[string]GroupInput

func (GroupMap) ElementType

func (GroupMap) ElementType() reflect.Type

func (GroupMap) ToGroupMapOutput

func (i GroupMap) ToGroupMapOutput() GroupMapOutput

func (GroupMap) ToGroupMapOutputWithContext

func (i GroupMap) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMapInput

type GroupMapInput interface {
	pulumi.Input

	ToGroupMapOutput() GroupMapOutput
	ToGroupMapOutputWithContext(context.Context) GroupMapOutput
}

GroupMapInput is an input type that accepts GroupMap and GroupMapOutput values. You can construct a concrete instance of `GroupMapInput` via:

GroupMap{ "key": GroupArgs{...} }

type GroupMapOutput

type GroupMapOutput struct{ *pulumi.OutputState }

func (GroupMapOutput) ElementType

func (GroupMapOutput) ElementType() reflect.Type

func (GroupMapOutput) MapIndex

func (GroupMapOutput) ToGroupMapOutput

func (o GroupMapOutput) ToGroupMapOutput() GroupMapOutput

func (GroupMapOutput) ToGroupMapOutputWithContext

func (o GroupMapOutput) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMembership

type GroupMembership struct {
	pulumi.CustomResourceState

	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringOutput `pulumi:"group"`
	// The name to identify the Group Membership
	Name pulumi.StringOutput `pulumi:"name"`
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayOutput `pulumi:"users"`
}

> **WARNING:** Multiple iam.GroupMembership resources with the same group name will produce inconsistent behavior!

Provides a top level resource to manage IAM Group membership for IAM Users. For more information on managing IAM Groups or IAM Users, see IAM Groups or IAM Users

> **Note:** `iam.GroupMembership` will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the `iam.UserGroupMembership` resource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		userOne, err := iam.NewUser(ctx, "userOne", nil)
		if err != nil {
			return err
		}
		userTwo, err := iam.NewUser(ctx, "userTwo", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewGroupMembership(ctx, "team", &iam.GroupMembershipArgs{
			Users: pulumi.StringArray{
				userOne.Name,
				userTwo.Name,
			},
			Group: group.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetGroupMembership

func GetGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupMembershipState, opts ...pulumi.ResourceOption) (*GroupMembership, error)

GetGroupMembership gets an existing GroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupMembership

func NewGroupMembership(ctx *pulumi.Context,
	name string, args *GroupMembershipArgs, opts ...pulumi.ResourceOption) (*GroupMembership, error)

NewGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*GroupMembership) ElementType

func (*GroupMembership) ElementType() reflect.Type

func (*GroupMembership) ToGroupMembershipOutput

func (i *GroupMembership) ToGroupMembershipOutput() GroupMembershipOutput

func (*GroupMembership) ToGroupMembershipOutputWithContext

func (i *GroupMembership) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput

type GroupMembershipArgs

type GroupMembershipArgs struct {
	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringInput
	// The name to identify the Group Membership
	Name pulumi.StringPtrInput
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayInput
}

The set of arguments for constructing a GroupMembership resource.

func (GroupMembershipArgs) ElementType

func (GroupMembershipArgs) ElementType() reflect.Type

type GroupMembershipArray

type GroupMembershipArray []GroupMembershipInput

func (GroupMembershipArray) ElementType

func (GroupMembershipArray) ElementType() reflect.Type

func (GroupMembershipArray) ToGroupMembershipArrayOutput

func (i GroupMembershipArray) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput

func (GroupMembershipArray) ToGroupMembershipArrayOutputWithContext

func (i GroupMembershipArray) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput

type GroupMembershipArrayInput

type GroupMembershipArrayInput interface {
	pulumi.Input

	ToGroupMembershipArrayOutput() GroupMembershipArrayOutput
	ToGroupMembershipArrayOutputWithContext(context.Context) GroupMembershipArrayOutput
}

GroupMembershipArrayInput is an input type that accepts GroupMembershipArray and GroupMembershipArrayOutput values. You can construct a concrete instance of `GroupMembershipArrayInput` via:

GroupMembershipArray{ GroupMembershipArgs{...} }

type GroupMembershipArrayOutput

type GroupMembershipArrayOutput struct{ *pulumi.OutputState }

func (GroupMembershipArrayOutput) ElementType

func (GroupMembershipArrayOutput) ElementType() reflect.Type

func (GroupMembershipArrayOutput) Index

func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutput

func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput

func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext

func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput

type GroupMembershipInput

type GroupMembershipInput interface {
	pulumi.Input

	ToGroupMembershipOutput() GroupMembershipOutput
	ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput
}

type GroupMembershipMap

type GroupMembershipMap map[string]GroupMembershipInput

func (GroupMembershipMap) ElementType

func (GroupMembershipMap) ElementType() reflect.Type

func (GroupMembershipMap) ToGroupMembershipMapOutput

func (i GroupMembershipMap) ToGroupMembershipMapOutput() GroupMembershipMapOutput

func (GroupMembershipMap) ToGroupMembershipMapOutputWithContext

func (i GroupMembershipMap) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput

type GroupMembershipMapInput

type GroupMembershipMapInput interface {
	pulumi.Input

	ToGroupMembershipMapOutput() GroupMembershipMapOutput
	ToGroupMembershipMapOutputWithContext(context.Context) GroupMembershipMapOutput
}

GroupMembershipMapInput is an input type that accepts GroupMembershipMap and GroupMembershipMapOutput values. You can construct a concrete instance of `GroupMembershipMapInput` via:

GroupMembershipMap{ "key": GroupMembershipArgs{...} }

type GroupMembershipMapOutput

type GroupMembershipMapOutput struct{ *pulumi.OutputState }

func (GroupMembershipMapOutput) ElementType

func (GroupMembershipMapOutput) ElementType() reflect.Type

func (GroupMembershipMapOutput) MapIndex

func (GroupMembershipMapOutput) ToGroupMembershipMapOutput

func (o GroupMembershipMapOutput) ToGroupMembershipMapOutput() GroupMembershipMapOutput

func (GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext

func (o GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput

type GroupMembershipOutput

type GroupMembershipOutput struct{ *pulumi.OutputState }

func (GroupMembershipOutput) ElementType

func (GroupMembershipOutput) ElementType() reflect.Type

func (GroupMembershipOutput) ToGroupMembershipOutput

func (o GroupMembershipOutput) ToGroupMembershipOutput() GroupMembershipOutput

func (GroupMembershipOutput) ToGroupMembershipOutputWithContext

func (o GroupMembershipOutput) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput

type GroupMembershipState

type GroupMembershipState struct {
	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringPtrInput
	// The name to identify the Group Membership
	Name pulumi.StringPtrInput
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayInput
}

func (GroupMembershipState) ElementType

func (GroupMembershipState) ElementType() reflect.Type

type GroupOutput

type GroupOutput struct{ *pulumi.OutputState }

func (GroupOutput) ElementType

func (GroupOutput) ElementType() reflect.Type

func (GroupOutput) ToGroupOutput

func (o GroupOutput) ToGroupOutput() GroupOutput

func (GroupOutput) ToGroupOutputWithContext

func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput

type GroupPolicy

type GroupPolicy struct {
	pulumi.CustomResourceState

	// The IAM group to attach to the policy.
	Group pulumi.StringOutput `pulumi:"group"`
	// The name of the policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
}

Provides an IAM policy attached to a group.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myDevelopers, err := iam.NewGroup(ctx, "myDevelopers", &iam.GroupArgs{
			Path: pulumi.String("/users/"),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewGroupPolicy(ctx, "myDeveloperPolicy", &iam.GroupPolicyArgs{
			Group:  myDevelopers.Name,
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Group Policies can be imported using the `group_name:group_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/groupPolicy:GroupPolicy mypolicy group_of_mypolicy_name:mypolicy_name

```

func GetGroupPolicy

func GetGroupPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupPolicyState, opts ...pulumi.ResourceOption) (*GroupPolicy, error)

GetGroupPolicy gets an existing GroupPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicy

func NewGroupPolicy(ctx *pulumi.Context,
	name string, args *GroupPolicyArgs, opts ...pulumi.ResourceOption) (*GroupPolicy, error)

NewGroupPolicy registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicy) ElementType

func (*GroupPolicy) ElementType() reflect.Type

func (*GroupPolicy) ToGroupPolicyOutput

func (i *GroupPolicy) ToGroupPolicyOutput() GroupPolicyOutput

func (*GroupPolicy) ToGroupPolicyOutputWithContext

func (i *GroupPolicy) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput

type GroupPolicyArgs

type GroupPolicyArgs struct {
	// The IAM group to attach to the policy.
	Group pulumi.StringInput
	// The name of the policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
}

The set of arguments for constructing a GroupPolicy resource.

func (GroupPolicyArgs) ElementType

func (GroupPolicyArgs) ElementType() reflect.Type

type GroupPolicyArray

type GroupPolicyArray []GroupPolicyInput

func (GroupPolicyArray) ElementType

func (GroupPolicyArray) ElementType() reflect.Type

func (GroupPolicyArray) ToGroupPolicyArrayOutput

func (i GroupPolicyArray) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput

func (GroupPolicyArray) ToGroupPolicyArrayOutputWithContext

func (i GroupPolicyArray) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput

type GroupPolicyArrayInput

type GroupPolicyArrayInput interface {
	pulumi.Input

	ToGroupPolicyArrayOutput() GroupPolicyArrayOutput
	ToGroupPolicyArrayOutputWithContext(context.Context) GroupPolicyArrayOutput
}

GroupPolicyArrayInput is an input type that accepts GroupPolicyArray and GroupPolicyArrayOutput values. You can construct a concrete instance of `GroupPolicyArrayInput` via:

GroupPolicyArray{ GroupPolicyArgs{...} }

type GroupPolicyArrayOutput

type GroupPolicyArrayOutput struct{ *pulumi.OutputState }

func (GroupPolicyArrayOutput) ElementType

func (GroupPolicyArrayOutput) ElementType() reflect.Type

func (GroupPolicyArrayOutput) Index

func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutput

func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput

func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext

func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput

type GroupPolicyAttachment

type GroupPolicyAttachment struct {
	pulumi.CustomResourceState

	// The group the policy should be applied to
	Group pulumi.StringOutput `pulumi:"group"`
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
}

Attaches a Managed IAM Policy to an IAM group

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any("{ ... policy JSON ... }"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewGroupPolicyAttachment(ctx, "test-attach", &iam.GroupPolicyAttachmentArgs{
			Group:     group.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM group policy attachments can be imported using the group name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/groupPolicyAttachment:GroupPolicyAttachment test-attach test-group/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetGroupPolicyAttachment

func GetGroupPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupPolicyAttachmentState, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)

GetGroupPolicyAttachment gets an existing GroupPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicyAttachment

func NewGroupPolicyAttachment(ctx *pulumi.Context,
	name string, args *GroupPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)

NewGroupPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicyAttachment) ElementType

func (*GroupPolicyAttachment) ElementType() reflect.Type

func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutput

func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput

func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext

func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput

type GroupPolicyAttachmentArgs

type GroupPolicyAttachmentArgs struct {
	// The group the policy should be applied to
	Group pulumi.Input
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
}

The set of arguments for constructing a GroupPolicyAttachment resource.

func (GroupPolicyAttachmentArgs) ElementType

func (GroupPolicyAttachmentArgs) ElementType() reflect.Type

type GroupPolicyAttachmentArray

type GroupPolicyAttachmentArray []GroupPolicyAttachmentInput

func (GroupPolicyAttachmentArray) ElementType

func (GroupPolicyAttachmentArray) ElementType() reflect.Type

func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput

func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput

func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext

func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentArrayInput

type GroupPolicyAttachmentArrayInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput
	ToGroupPolicyAttachmentArrayOutputWithContext(context.Context) GroupPolicyAttachmentArrayOutput
}

GroupPolicyAttachmentArrayInput is an input type that accepts GroupPolicyAttachmentArray and GroupPolicyAttachmentArrayOutput values. You can construct a concrete instance of `GroupPolicyAttachmentArrayInput` via:

GroupPolicyAttachmentArray{ GroupPolicyAttachmentArgs{...} }

type GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentArrayOutput) ElementType

func (GroupPolicyAttachmentArrayOutput) Index

func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput

func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput

func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext

func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentInput

type GroupPolicyAttachmentInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput
	ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput
}

type GroupPolicyAttachmentMap

type GroupPolicyAttachmentMap map[string]GroupPolicyAttachmentInput

func (GroupPolicyAttachmentMap) ElementType

func (GroupPolicyAttachmentMap) ElementType() reflect.Type

func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput

func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput

func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext

func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentMapInput

type GroupPolicyAttachmentMapInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput
	ToGroupPolicyAttachmentMapOutputWithContext(context.Context) GroupPolicyAttachmentMapOutput
}

GroupPolicyAttachmentMapInput is an input type that accepts GroupPolicyAttachmentMap and GroupPolicyAttachmentMapOutput values. You can construct a concrete instance of `GroupPolicyAttachmentMapInput` via:

GroupPolicyAttachmentMap{ "key": GroupPolicyAttachmentArgs{...} }

type GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentMapOutput) ElementType

func (GroupPolicyAttachmentMapOutput) MapIndex

func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput

func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput

func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext

func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentOutput

type GroupPolicyAttachmentOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentOutput) ElementType

func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput

func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput

func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext

func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput

type GroupPolicyAttachmentState

type GroupPolicyAttachmentState struct {
	// The group the policy should be applied to
	Group pulumi.Input
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
}

func (GroupPolicyAttachmentState) ElementType

func (GroupPolicyAttachmentState) ElementType() reflect.Type

type GroupPolicyInput

type GroupPolicyInput interface {
	pulumi.Input

	ToGroupPolicyOutput() GroupPolicyOutput
	ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput
}

type GroupPolicyMap

type GroupPolicyMap map[string]GroupPolicyInput

func (GroupPolicyMap) ElementType

func (GroupPolicyMap) ElementType() reflect.Type

func (GroupPolicyMap) ToGroupPolicyMapOutput

func (i GroupPolicyMap) ToGroupPolicyMapOutput() GroupPolicyMapOutput

func (GroupPolicyMap) ToGroupPolicyMapOutputWithContext

func (i GroupPolicyMap) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput

type GroupPolicyMapInput

type GroupPolicyMapInput interface {
	pulumi.Input

	ToGroupPolicyMapOutput() GroupPolicyMapOutput
	ToGroupPolicyMapOutputWithContext(context.Context) GroupPolicyMapOutput
}

GroupPolicyMapInput is an input type that accepts GroupPolicyMap and GroupPolicyMapOutput values. You can construct a concrete instance of `GroupPolicyMapInput` via:

GroupPolicyMap{ "key": GroupPolicyArgs{...} }

type GroupPolicyMapOutput

type GroupPolicyMapOutput struct{ *pulumi.OutputState }

func (GroupPolicyMapOutput) ElementType

func (GroupPolicyMapOutput) ElementType() reflect.Type

func (GroupPolicyMapOutput) MapIndex

func (GroupPolicyMapOutput) ToGroupPolicyMapOutput

func (o GroupPolicyMapOutput) ToGroupPolicyMapOutput() GroupPolicyMapOutput

func (GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext

func (o GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput

type GroupPolicyOutput

type GroupPolicyOutput struct{ *pulumi.OutputState }

func (GroupPolicyOutput) ElementType

func (GroupPolicyOutput) ElementType() reflect.Type

func (GroupPolicyOutput) ToGroupPolicyOutput

func (o GroupPolicyOutput) ToGroupPolicyOutput() GroupPolicyOutput

func (GroupPolicyOutput) ToGroupPolicyOutputWithContext

func (o GroupPolicyOutput) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput

type GroupPolicyState

type GroupPolicyState struct {
	// The IAM group to attach to the policy.
	Group pulumi.StringPtrInput
	// The name of the policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
}

func (GroupPolicyState) ElementType

func (GroupPolicyState) ElementType() reflect.Type

type GroupState

type GroupState struct {
	// The ARN assigned by AWS for this group.
	Arn pulumi.StringPtrInput
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringPtrInput
	// Path in which to create the group.
	Path pulumi.StringPtrInput
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (GroupState) ElementType

func (GroupState) ElementType() reflect.Type

type InstanceProfile

type InstanceProfile struct {
	pulumi.CustomResourceState

	// ARN assigned by AWS to the instance profile.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Creation timestamp of the instance profile.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// Name of the role to add to the profile.
	Role pulumi.StringPtrOutput `pulumi:"role"`
	// Map of resource tags for the IAM Instance Profile. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// [Unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM instance profile.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			Path:             pulumi.String("/"),
			AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "    \"Version\": \"2012-10-17\",\n", "    \"Statement\": [\n", "        {\n", "            \"Action\": \"sts:AssumeRole\",\n", "            \"Principal\": {\n", "               \"Service\": \"ec2.amazonaws.com\"\n", "            },\n", "            \"Effect\": \"Allow\",\n", "            \"Sid\": \"\"\n", "        }\n", "    ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewInstanceProfile(ctx, "testProfile", &iam.InstanceProfileArgs{
			Role: role.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Instance Profiles can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/instanceProfile:InstanceProfile test_profile app-instance-profile-1

```

func GetInstanceProfile

func GetInstanceProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceProfileState, opts ...pulumi.ResourceOption) (*InstanceProfile, error)

GetInstanceProfile gets an existing InstanceProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstanceProfile

func NewInstanceProfile(ctx *pulumi.Context,
	name string, args *InstanceProfileArgs, opts ...pulumi.ResourceOption) (*InstanceProfile, error)

NewInstanceProfile registers a new resource with the given unique name, arguments, and options.

func (*InstanceProfile) ElementType

func (*InstanceProfile) ElementType() reflect.Type

func (*InstanceProfile) ToInstanceProfileOutput

func (i *InstanceProfile) ToInstanceProfileOutput() InstanceProfileOutput

func (*InstanceProfile) ToInstanceProfileOutputWithContext

func (i *InstanceProfile) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput

type InstanceProfileArgs

type InstanceProfileArgs struct {
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrInput
	// Name of the role to add to the profile.
	Role pulumi.Input
	// Map of resource tags for the IAM Instance Profile. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a InstanceProfile resource.

func (InstanceProfileArgs) ElementType

func (InstanceProfileArgs) ElementType() reflect.Type

type InstanceProfileArray

type InstanceProfileArray []InstanceProfileInput

func (InstanceProfileArray) ElementType

func (InstanceProfileArray) ElementType() reflect.Type

func (InstanceProfileArray) ToInstanceProfileArrayOutput

func (i InstanceProfileArray) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput

func (InstanceProfileArray) ToInstanceProfileArrayOutputWithContext

func (i InstanceProfileArray) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput

type InstanceProfileArrayInput

type InstanceProfileArrayInput interface {
	pulumi.Input

	ToInstanceProfileArrayOutput() InstanceProfileArrayOutput
	ToInstanceProfileArrayOutputWithContext(context.Context) InstanceProfileArrayOutput
}

InstanceProfileArrayInput is an input type that accepts InstanceProfileArray and InstanceProfileArrayOutput values. You can construct a concrete instance of `InstanceProfileArrayInput` via:

InstanceProfileArray{ InstanceProfileArgs{...} }

type InstanceProfileArrayOutput

type InstanceProfileArrayOutput struct{ *pulumi.OutputState }

func (InstanceProfileArrayOutput) ElementType

func (InstanceProfileArrayOutput) ElementType() reflect.Type

func (InstanceProfileArrayOutput) Index

func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutput

func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput

func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext

func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput

type InstanceProfileInput

type InstanceProfileInput interface {
	pulumi.Input

	ToInstanceProfileOutput() InstanceProfileOutput
	ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput
}

type InstanceProfileMap

type InstanceProfileMap map[string]InstanceProfileInput

func (InstanceProfileMap) ElementType

func (InstanceProfileMap) ElementType() reflect.Type

func (InstanceProfileMap) ToInstanceProfileMapOutput

func (i InstanceProfileMap) ToInstanceProfileMapOutput() InstanceProfileMapOutput

func (InstanceProfileMap) ToInstanceProfileMapOutputWithContext

func (i InstanceProfileMap) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput

type InstanceProfileMapInput

type InstanceProfileMapInput interface {
	pulumi.Input

	ToInstanceProfileMapOutput() InstanceProfileMapOutput
	ToInstanceProfileMapOutputWithContext(context.Context) InstanceProfileMapOutput
}

InstanceProfileMapInput is an input type that accepts InstanceProfileMap and InstanceProfileMapOutput values. You can construct a concrete instance of `InstanceProfileMapInput` via:

InstanceProfileMap{ "key": InstanceProfileArgs{...} }

type InstanceProfileMapOutput

type InstanceProfileMapOutput struct{ *pulumi.OutputState }

func (InstanceProfileMapOutput) ElementType

func (InstanceProfileMapOutput) ElementType() reflect.Type

func (InstanceProfileMapOutput) MapIndex

func (InstanceProfileMapOutput) ToInstanceProfileMapOutput

func (o InstanceProfileMapOutput) ToInstanceProfileMapOutput() InstanceProfileMapOutput

func (InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext

func (o InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput

type InstanceProfileOutput

type InstanceProfileOutput struct{ *pulumi.OutputState }

func (InstanceProfileOutput) ElementType

func (InstanceProfileOutput) ElementType() reflect.Type

func (InstanceProfileOutput) ToInstanceProfileOutput

func (o InstanceProfileOutput) ToInstanceProfileOutput() InstanceProfileOutput

func (InstanceProfileOutput) ToInstanceProfileOutputWithContext

func (o InstanceProfileOutput) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput

type InstanceProfileState

type InstanceProfileState struct {
	// ARN assigned by AWS to the instance profile.
	Arn pulumi.StringPtrInput
	// Creation timestamp of the instance profile.
	CreateDate pulumi.StringPtrInput
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrInput
	// Name of the role to add to the profile.
	Role pulumi.Input
	// Map of resource tags for the IAM Instance Profile. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// [Unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (InstanceProfileState) ElementType

func (InstanceProfileState) ElementType() reflect.Type

type LookupAccountAliasResult

type LookupAccountAliasResult struct {
	// The alias associated with the AWS account.
	AccountAlias string `pulumi:"accountAlias"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
}

A collection of values returned by getAccountAlias.

func LookupAccountAlias

func LookupAccountAlias(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*LookupAccountAliasResult, error)

The IAM Account Alias data source allows access to the account alias for the effective account in which this provider is working.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := iam.LookupAccountAlias(ctx, nil, nil)
		if err != nil {
			return err
		}
		ctx.Export("accountId", current.AccountAlias)
		return nil
	})
}

```

type LookupGroupArgs

type LookupGroupArgs struct {
	// The friendly IAM group name to match.
	GroupName string `pulumi:"groupName"`
}

A collection of arguments for invoking getGroup.

type LookupGroupOutputArgs added in v4.21.0

type LookupGroupOutputArgs struct {
	// The friendly IAM group name to match.
	GroupName pulumi.StringInput `pulumi:"groupName"`
}

A collection of arguments for invoking getGroup.

func (LookupGroupOutputArgs) ElementType added in v4.21.0

func (LookupGroupOutputArgs) ElementType() reflect.Type

type LookupGroupResult

type LookupGroupResult struct {
	// The Amazon Resource Name (ARN) specifying the iam user.
	Arn string `pulumi:"arn"`
	// The stable and unique string identifying the group.
	GroupId   string `pulumi:"groupId"`
	GroupName string `pulumi:"groupName"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The path to the iam user.
	Path string `pulumi:"path"`
	// List of objects containing group member information. See supported fields below.
	Users []GetGroupUser `pulumi:"users"`
}

A collection of values returned by getGroup.

func LookupGroup

func LookupGroup(ctx *pulumi.Context, args *LookupGroupArgs, opts ...pulumi.InvokeOption) (*LookupGroupResult, error)

This data source can be used to fetch information about a specific IAM group. By using this data source, you can reference IAM group properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupGroup(ctx, &iam.LookupGroupArgs{
			GroupName: "an_example_group_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupGroupResultOutput added in v4.21.0

type LookupGroupResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getGroup.

func LookupGroupOutput added in v4.21.0

func LookupGroupOutput(ctx *pulumi.Context, args LookupGroupOutputArgs, opts ...pulumi.InvokeOption) LookupGroupResultOutput

func (LookupGroupResultOutput) Arn added in v4.21.0

The Amazon Resource Name (ARN) specifying the iam user.

func (LookupGroupResultOutput) ElementType added in v4.21.0

func (LookupGroupResultOutput) ElementType() reflect.Type

func (LookupGroupResultOutput) GroupId added in v4.21.0

The stable and unique string identifying the group.

func (LookupGroupResultOutput) GroupName added in v4.21.0

func (LookupGroupResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (LookupGroupResultOutput) Path added in v4.21.0

The path to the iam user.

func (LookupGroupResultOutput) ToLookupGroupResultOutput added in v4.21.0

func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput

func (LookupGroupResultOutput) ToLookupGroupResultOutputWithContext added in v4.21.0

func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput

func (LookupGroupResultOutput) Users added in v4.21.0

List of objects containing group member information. See supported fields below.

type LookupInstanceProfileArgs

type LookupInstanceProfileArgs struct {
	// The friendly IAM instance profile name to match.
	Name string `pulumi:"name"`
}

A collection of arguments for invoking getInstanceProfile.

type LookupInstanceProfileOutputArgs added in v4.21.0

type LookupInstanceProfileOutputArgs struct {
	// The friendly IAM instance profile name to match.
	Name pulumi.StringInput `pulumi:"name"`
}

A collection of arguments for invoking getInstanceProfile.

func (LookupInstanceProfileOutputArgs) ElementType added in v4.21.0

type LookupInstanceProfileResult

type LookupInstanceProfileResult struct {
	// The Amazon Resource Name (ARN) specifying the instance profile.
	Arn string `pulumi:"arn"`
	// The string representation of the date the instance profile
	// was created.
	CreateDate string `pulumi:"createDate"`
	// The provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// The path to the instance profile.
	Path string `pulumi:"path"`
	// The role arn associated with this instance profile.
	RoleArn string `pulumi:"roleArn"`
	// The role id associated with this instance profile.
	RoleId string `pulumi:"roleId"`
	// The role name associated with this instance profile.
	RoleName string `pulumi:"roleName"`
}

A collection of values returned by getInstanceProfile.

func LookupInstanceProfile

func LookupInstanceProfile(ctx *pulumi.Context, args *LookupInstanceProfileArgs, opts ...pulumi.InvokeOption) (*LookupInstanceProfileResult, error)

This data source can be used to fetch information about a specific IAM instance profile. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupInstanceProfile(ctx, &iam.LookupInstanceProfileArgs{
			Name: "an_example_instance_profile_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupInstanceProfileResultOutput added in v4.21.0

type LookupInstanceProfileResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getInstanceProfile.

func LookupInstanceProfileOutput added in v4.21.0

func (LookupInstanceProfileResultOutput) Arn added in v4.21.0

The Amazon Resource Name (ARN) specifying the instance profile.

func (LookupInstanceProfileResultOutput) CreateDate added in v4.21.0

The string representation of the date the instance profile was created.

func (LookupInstanceProfileResultOutput) ElementType added in v4.21.0

func (LookupInstanceProfileResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (LookupInstanceProfileResultOutput) Name added in v4.21.0

func (LookupInstanceProfileResultOutput) Path added in v4.21.0

The path to the instance profile.

func (LookupInstanceProfileResultOutput) RoleArn added in v4.21.0

The role arn associated with this instance profile.

func (LookupInstanceProfileResultOutput) RoleId added in v4.21.0

The role id associated with this instance profile.

func (LookupInstanceProfileResultOutput) RoleName added in v4.21.0

The role name associated with this instance profile.

func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput added in v4.21.0

func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput() LookupInstanceProfileResultOutput

func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext added in v4.21.0

func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext(ctx context.Context) LookupInstanceProfileResultOutput

type LookupPolicyArgs

type LookupPolicyArgs struct {
	// The ARN of the IAM policy.
	Arn *string `pulumi:"arn"`
	// The name of the IAM policy.
	Name *string `pulumi:"name"`
	// The prefix of the path to the IAM policy. Defaults to a slash (`/`).
	PathPrefix *string `pulumi:"pathPrefix"`
	// Key-value mapping of tags for the IAM Policy.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getPolicy.

type LookupPolicyOutputArgs added in v4.21.0

type LookupPolicyOutputArgs struct {
	// The ARN of the IAM policy.
	Arn pulumi.StringPtrInput `pulumi:"arn"`
	// The name of the IAM policy.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// The prefix of the path to the IAM policy. Defaults to a slash (`/`).
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
	// Key-value mapping of tags for the IAM Policy.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getPolicy.

func (LookupPolicyOutputArgs) ElementType added in v4.21.0

func (LookupPolicyOutputArgs) ElementType() reflect.Type

type LookupPolicyResult

type LookupPolicyResult struct {
	Arn string `pulumi:"arn"`
	// The description of the policy.
	Description string `pulumi:"description"`
	// The provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// The path to the policy.
	Path       string  `pulumi:"path"`
	PathPrefix *string `pulumi:"pathPrefix"`
	// The policy document of the policy.
	Policy string `pulumi:"policy"`
	// The policy's ID.
	PolicyId string `pulumi:"policyId"`
	// Key-value mapping of tags for the IAM Policy.
	Tags map[string]string `pulumi:"tags"`
}

A collection of values returned by getPolicy.

func LookupPolicy

func LookupPolicy(ctx *pulumi.Context, args *LookupPolicyArgs, opts ...pulumi.InvokeOption) (*LookupPolicyResult, error)

This data source can be used to fetch information about a specific IAM policy.

## Example Usage ### By ARN

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{
			Arn: pulumi.StringRef("arn:aws:iam::123456789012:policy/UsersManageOwnCredentials"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### By Name

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{
			Name: pulumi.StringRef("test_policy"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupPolicyResultOutput added in v4.21.0

type LookupPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPolicy.

func LookupPolicyOutput added in v4.21.0

func LookupPolicyOutput(ctx *pulumi.Context, args LookupPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupPolicyResultOutput

func (LookupPolicyResultOutput) Arn added in v4.21.0

func (LookupPolicyResultOutput) Description added in v4.21.0

The description of the policy.

func (LookupPolicyResultOutput) ElementType added in v4.21.0

func (LookupPolicyResultOutput) ElementType() reflect.Type

func (LookupPolicyResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (LookupPolicyResultOutput) Name added in v4.21.0

func (LookupPolicyResultOutput) Path added in v4.21.0

The path to the policy.

func (LookupPolicyResultOutput) PathPrefix added in v4.21.0

func (LookupPolicyResultOutput) Policy added in v4.21.0

The policy document of the policy.

func (LookupPolicyResultOutput) PolicyId added in v4.21.0

The policy's ID.

func (LookupPolicyResultOutput) Tags added in v4.21.0

Key-value mapping of tags for the IAM Policy.

func (LookupPolicyResultOutput) ToLookupPolicyResultOutput added in v4.21.0

func (o LookupPolicyResultOutput) ToLookupPolicyResultOutput() LookupPolicyResultOutput

func (LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext added in v4.21.0

func (o LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext(ctx context.Context) LookupPolicyResultOutput

type LookupRoleArgs

type LookupRoleArgs struct {
	// The friendly IAM role name to match.
	Name string `pulumi:"name"`
	// The tags attached to the role.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getRole.

type LookupRoleOutputArgs added in v4.21.0

type LookupRoleOutputArgs struct {
	// The friendly IAM role name to match.
	Name pulumi.StringInput `pulumi:"name"`
	// The tags attached to the role.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getRole.

func (LookupRoleOutputArgs) ElementType added in v4.21.0

func (LookupRoleOutputArgs) ElementType() reflect.Type

type LookupRoleResult

type LookupRoleResult struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn string `pulumi:"arn"`
	// The policy document associated with the role.
	AssumeRolePolicy string `pulumi:"assumeRolePolicy"`
	// Creation date of the role in RFC 3339 format.
	CreateDate string `pulumi:"createDate"`
	// Description for the role.
	Description string `pulumi:"description"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Maximum session duration.
	MaxSessionDuration int    `pulumi:"maxSessionDuration"`
	Name               string `pulumi:"name"`
	// The path to the role.
	Path string `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary string `pulumi:"permissionsBoundary"`
	// The tags attached to the role.
	Tags map[string]string `pulumi:"tags"`
	// The stable and unique string identifying the role.
	UniqueId string `pulumi:"uniqueId"`
}

A collection of values returned by getRole.

func LookupRole

func LookupRole(ctx *pulumi.Context, args *LookupRoleArgs, opts ...pulumi.InvokeOption) (*LookupRoleResult, error)

This data source can be used to fetch information about a specific IAM role. By using this data source, you can reference IAM role properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupRole(ctx, &iam.LookupRoleArgs{
			Name: "an_example_role_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupRoleResultOutput added in v4.21.0

type LookupRoleResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRole.

func LookupRoleOutput added in v4.21.0

func LookupRoleOutput(ctx *pulumi.Context, args LookupRoleOutputArgs, opts ...pulumi.InvokeOption) LookupRoleResultOutput

func (LookupRoleResultOutput) Arn added in v4.21.0

The Amazon Resource Name (ARN) specifying the role.

func (LookupRoleResultOutput) AssumeRolePolicy added in v4.21.0

func (o LookupRoleResultOutput) AssumeRolePolicy() pulumi.StringOutput

The policy document associated with the role.

func (LookupRoleResultOutput) CreateDate added in v4.21.0

Creation date of the role in RFC 3339 format.

func (LookupRoleResultOutput) Description added in v4.21.0

func (o LookupRoleResultOutput) Description() pulumi.StringOutput

Description for the role.

func (LookupRoleResultOutput) ElementType added in v4.21.0

func (LookupRoleResultOutput) ElementType() reflect.Type

func (LookupRoleResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (LookupRoleResultOutput) MaxSessionDuration added in v4.21.0

func (o LookupRoleResultOutput) MaxSessionDuration() pulumi.IntOutput

Maximum session duration.

func (LookupRoleResultOutput) Name added in v4.21.0

func (LookupRoleResultOutput) Path added in v4.21.0

The path to the role.

func (LookupRoleResultOutput) PermissionsBoundary added in v4.21.0

func (o LookupRoleResultOutput) PermissionsBoundary() pulumi.StringOutput

The ARN of the policy that is used to set the permissions boundary for the role.

func (LookupRoleResultOutput) Tags added in v4.21.0

The tags attached to the role.

func (LookupRoleResultOutput) ToLookupRoleResultOutput added in v4.21.0

func (o LookupRoleResultOutput) ToLookupRoleResultOutput() LookupRoleResultOutput

func (LookupRoleResultOutput) ToLookupRoleResultOutputWithContext added in v4.21.0

func (o LookupRoleResultOutput) ToLookupRoleResultOutputWithContext(ctx context.Context) LookupRoleResultOutput

func (LookupRoleResultOutput) UniqueId added in v4.21.0

The stable and unique string identifying the role.

type LookupServerCertificateArgs

type LookupServerCertificateArgs struct {
	// sort results by expiration date. returns the certificate with expiration date in furthest in the future.
	Latest *bool `pulumi:"latest"`
	// exact name of the cert to lookup
	Name *string `pulumi:"name"`
	// prefix of cert to filter by
	NamePrefix *string `pulumi:"namePrefix"`
	// prefix of path to filter by
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getServerCertificate.

type LookupServerCertificateOutputArgs added in v4.21.0

type LookupServerCertificateOutputArgs struct {
	// sort results by expiration date. returns the certificate with expiration date in furthest in the future.
	Latest pulumi.BoolPtrInput `pulumi:"latest"`
	// exact name of the cert to lookup
	Name pulumi.StringPtrInput `pulumi:"name"`
	// prefix of cert to filter by
	NamePrefix pulumi.StringPtrInput `pulumi:"namePrefix"`
	// prefix of path to filter by
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getServerCertificate.

func (LookupServerCertificateOutputArgs) ElementType added in v4.21.0

type LookupServerCertificateResult

type LookupServerCertificateResult struct {
	Arn              string `pulumi:"arn"`
	CertificateBody  string `pulumi:"certificateBody"`
	CertificateChain string `pulumi:"certificateChain"`
	ExpirationDate   string `pulumi:"expirationDate"`
	// The provider-assigned unique ID for this managed resource.
	Id         string  `pulumi:"id"`
	Latest     *bool   `pulumi:"latest"`
	Name       string  `pulumi:"name"`
	NamePrefix *string `pulumi:"namePrefix"`
	Path       string  `pulumi:"path"`
	PathPrefix *string `pulumi:"pathPrefix"`
	UploadDate string  `pulumi:"uploadDate"`
}

A collection of values returned by getServerCertificate.

func LookupServerCertificate

func LookupServerCertificate(ctx *pulumi.Context, args *LookupServerCertificateArgs, opts ...pulumi.InvokeOption) (*LookupServerCertificateResult, error)

Use this data source to lookup information about IAM Server Certificates.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/elb"
"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		my_domain, err := iam.LookupServerCertificate(ctx, &iam.LookupServerCertificateArgs{
			NamePrefix: pulumi.StringRef("my-domain.org"),
			Latest:     pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		_, err = elb.NewLoadBalancer(ctx, "elb", &elb.LoadBalancerArgs{
			Listeners: elb.LoadBalancerListenerArray{
				&elb.LoadBalancerListenerArgs{
					InstancePort:     pulumi.Int(8000),
					InstanceProtocol: pulumi.String("https"),
					LbPort:           pulumi.Int(443),
					LbProtocol:       pulumi.String("https"),
					SslCertificateId: pulumi.String(my_domain.Arn),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupServerCertificateResultOutput added in v4.21.0

type LookupServerCertificateResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getServerCertificate.

func LookupServerCertificateOutput added in v4.21.0

func (LookupServerCertificateResultOutput) Arn added in v4.21.0

func (LookupServerCertificateResultOutput) CertificateBody added in v4.21.0

func (LookupServerCertificateResultOutput) CertificateChain added in v4.21.0

func (LookupServerCertificateResultOutput) ElementType added in v4.21.0

func (LookupServerCertificateResultOutput) ExpirationDate added in v4.21.0

func (LookupServerCertificateResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (LookupServerCertificateResultOutput) Latest added in v4.21.0

func (LookupServerCertificateResultOutput) Name added in v4.21.0

func (LookupServerCertificateResultOutput) NamePrefix added in v4.21.0

func (LookupServerCertificateResultOutput) Path added in v4.21.0

func (LookupServerCertificateResultOutput) PathPrefix added in v4.21.0

func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput added in v4.21.0

func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput() LookupServerCertificateResultOutput

func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext added in v4.21.0

func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext(ctx context.Context) LookupServerCertificateResultOutput

func (LookupServerCertificateResultOutput) UploadDate added in v4.21.0

type LookupUserArgs

type LookupUserArgs struct {
	// Map of key-value pairs associated with the user.
	Tags map[string]string `pulumi:"tags"`
	// The friendly IAM user name to match.
	UserName string `pulumi:"userName"`
}

A collection of arguments for invoking getUser.

type LookupUserOutputArgs added in v4.21.0

type LookupUserOutputArgs struct {
	// Map of key-value pairs associated with the user.
	Tags pulumi.StringMapInput `pulumi:"tags"`
	// The friendly IAM user name to match.
	UserName pulumi.StringInput `pulumi:"userName"`
}

A collection of arguments for invoking getUser.

func (LookupUserOutputArgs) ElementType added in v4.21.0

func (LookupUserOutputArgs) ElementType() reflect.Type

type LookupUserResult

type LookupUserResult struct {
	// The Amazon Resource Name (ARN) assigned by AWS for this user.
	Arn string `pulumi:"arn"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Path in which this user was created.
	Path string `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary string `pulumi:"permissionsBoundary"`
	// Map of key-value pairs associated with the user.
	Tags map[string]string `pulumi:"tags"`
	// The unique ID assigned by AWS for this user.
	UserId string `pulumi:"userId"`
	// The name associated to this User
	UserName string `pulumi:"userName"`
}

A collection of values returned by getUser.

func LookupUser

func LookupUser(ctx *pulumi.Context, args *LookupUserArgs, opts ...pulumi.InvokeOption) (*LookupUserResult, error)

This data source can be used to fetch information about a specific IAM user. By using this data source, you can reference IAM user properties without having to hard code ARNs or unique IDs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupUser(ctx, &iam.LookupUserArgs{
			UserName: "an_example_user_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupUserResultOutput added in v4.21.0

type LookupUserResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUser.

func LookupUserOutput added in v4.21.0

func LookupUserOutput(ctx *pulumi.Context, args LookupUserOutputArgs, opts ...pulumi.InvokeOption) LookupUserResultOutput

func (LookupUserResultOutput) Arn added in v4.21.0

The Amazon Resource Name (ARN) assigned by AWS for this user.

func (LookupUserResultOutput) ElementType added in v4.21.0

func (LookupUserResultOutput) ElementType() reflect.Type

func (LookupUserResultOutput) Id added in v4.21.0

The provider-assigned unique ID for this managed resource.

func (LookupUserResultOutput) Path added in v4.21.0

Path in which this user was created.

func (LookupUserResultOutput) PermissionsBoundary added in v4.21.0

func (o LookupUserResultOutput) PermissionsBoundary() pulumi.StringOutput

The ARN of the policy that is used to set the permissions boundary for the user.

func (LookupUserResultOutput) Tags added in v4.21.0

Map of key-value pairs associated with the user.

func (LookupUserResultOutput) ToLookupUserResultOutput added in v4.21.0

func (o LookupUserResultOutput) ToLookupUserResultOutput() LookupUserResultOutput

func (LookupUserResultOutput) ToLookupUserResultOutputWithContext added in v4.21.0

func (o LookupUserResultOutput) ToLookupUserResultOutputWithContext(ctx context.Context) LookupUserResultOutput

func (LookupUserResultOutput) UserId added in v4.21.0

The unique ID assigned by AWS for this user.

func (LookupUserResultOutput) UserName added in v4.21.0

The name associated to this User

type ManagedPolicy

type ManagedPolicy string

func (ManagedPolicy) ElementType

func (ManagedPolicy) ElementType() reflect.Type

func (ManagedPolicy) ToManagedPolicyOutput added in v4.13.0

func (e ManagedPolicy) ToManagedPolicyOutput() ManagedPolicyOutput

func (ManagedPolicy) ToManagedPolicyOutputWithContext added in v4.13.0

func (e ManagedPolicy) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput

func (ManagedPolicy) ToManagedPolicyPtrOutput added in v4.13.0

func (e ManagedPolicy) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicy) ToManagedPolicyPtrOutputWithContext added in v4.13.0

func (e ManagedPolicy) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicy) ToStringOutput

func (e ManagedPolicy) ToStringOutput() pulumi.StringOutput

func (ManagedPolicy) ToStringOutputWithContext

func (e ManagedPolicy) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ManagedPolicy) ToStringPtrOutput

func (e ManagedPolicy) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicy) ToStringPtrOutputWithContext

func (e ManagedPolicy) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ManagedPolicyInput added in v4.13.0

type ManagedPolicyInput interface {
	pulumi.Input

	ToManagedPolicyOutput() ManagedPolicyOutput
	ToManagedPolicyOutputWithContext(context.Context) ManagedPolicyOutput
}

ManagedPolicyInput is an input type that accepts ManagedPolicyArgs and ManagedPolicyOutput values. You can construct a concrete instance of `ManagedPolicyInput` via:

ManagedPolicyArgs{...}

type ManagedPolicyOutput added in v4.13.0

type ManagedPolicyOutput struct{ *pulumi.OutputState }

func (ManagedPolicyOutput) ElementType added in v4.13.0

func (ManagedPolicyOutput) ElementType() reflect.Type

func (ManagedPolicyOutput) ToManagedPolicyOutput added in v4.13.0

func (o ManagedPolicyOutput) ToManagedPolicyOutput() ManagedPolicyOutput

func (ManagedPolicyOutput) ToManagedPolicyOutputWithContext added in v4.13.0

func (o ManagedPolicyOutput) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput

func (ManagedPolicyOutput) ToManagedPolicyPtrOutput added in v4.13.0

func (o ManagedPolicyOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext added in v4.13.0

func (o ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicyOutput) ToStringOutput added in v4.13.0

func (o ManagedPolicyOutput) ToStringOutput() pulumi.StringOutput

func (ManagedPolicyOutput) ToStringOutputWithContext added in v4.13.0

func (o ManagedPolicyOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ManagedPolicyOutput) ToStringPtrOutput added in v4.13.0

func (o ManagedPolicyOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicyOutput) ToStringPtrOutputWithContext added in v4.13.0

func (o ManagedPolicyOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ManagedPolicyPtrInput added in v4.13.0

type ManagedPolicyPtrInput interface {
	pulumi.Input

	ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
	ToManagedPolicyPtrOutputWithContext(context.Context) ManagedPolicyPtrOutput
}

func ManagedPolicyPtr added in v4.13.0

func ManagedPolicyPtr(v string) ManagedPolicyPtrInput

type ManagedPolicyPtrOutput added in v4.13.0

type ManagedPolicyPtrOutput struct{ *pulumi.OutputState }

func (ManagedPolicyPtrOutput) Elem added in v4.13.0

func (ManagedPolicyPtrOutput) ElementType added in v4.13.0

func (ManagedPolicyPtrOutput) ElementType() reflect.Type

func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput added in v4.13.0

func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext added in v4.13.0

func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicyPtrOutput) ToStringPtrOutput added in v4.13.0

func (o ManagedPolicyPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicyPtrOutput) ToStringPtrOutputWithContext added in v4.13.0

func (o ManagedPolicyPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OpenIdConnectProvider

type OpenIdConnectProvider struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayOutput `pulumi:"clientIdLists"`
	// Map of resource tags for the IAM OIDC provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayOutput `pulumi:"thumbprintLists"`
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringOutput `pulumi:"url"`
}

Provides an IAM OpenID Connect provider.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewOpenIdConnectProvider(ctx, "default", &iam.OpenIdConnectProviderArgs{
			ClientIdLists: pulumi.StringArray{
				pulumi.String("266362248691-342342xasdasdasda-apps.googleusercontent.com"),
			},
			ThumbprintLists: pulumi.StringArray{},
			Url:             pulumi.String("https://accounts.google.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM OpenID Connect Providers can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/openIdConnectProvider:OpenIdConnectProvider default arn:aws:iam::123456789012:oidc-provider/accounts.google.com

```

func GetOpenIdConnectProvider

func GetOpenIdConnectProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OpenIdConnectProviderState, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)

GetOpenIdConnectProvider gets an existing OpenIdConnectProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOpenIdConnectProvider

func NewOpenIdConnectProvider(ctx *pulumi.Context,
	name string, args *OpenIdConnectProviderArgs, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)

NewOpenIdConnectProvider registers a new resource with the given unique name, arguments, and options.

func (*OpenIdConnectProvider) ElementType

func (*OpenIdConnectProvider) ElementType() reflect.Type

func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutput

func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput

func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext

func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput

type OpenIdConnectProviderArgs

type OpenIdConnectProviderArgs struct {
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayInput
	// Map of resource tags for the IAM OIDC provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayInput
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringInput
}

The set of arguments for constructing a OpenIdConnectProvider resource.

func (OpenIdConnectProviderArgs) ElementType

func (OpenIdConnectProviderArgs) ElementType() reflect.Type

type OpenIdConnectProviderArray

type OpenIdConnectProviderArray []OpenIdConnectProviderInput

func (OpenIdConnectProviderArray) ElementType

func (OpenIdConnectProviderArray) ElementType() reflect.Type

func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput

func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput

func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext

func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderArrayInput

type OpenIdConnectProviderArrayInput interface {
	pulumi.Input

	ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput
	ToOpenIdConnectProviderArrayOutputWithContext(context.Context) OpenIdConnectProviderArrayOutput
}

OpenIdConnectProviderArrayInput is an input type that accepts OpenIdConnectProviderArray and OpenIdConnectProviderArrayOutput values. You can construct a concrete instance of `OpenIdConnectProviderArrayInput` via:

OpenIdConnectProviderArray{ OpenIdConnectProviderArgs{...} }

type OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderArrayOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderArrayOutput) ElementType

func (OpenIdConnectProviderArrayOutput) Index

func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput

func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput

func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext

func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderInput

type OpenIdConnectProviderInput interface {
	pulumi.Input

	ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput
	ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput
}

type OpenIdConnectProviderMap

type OpenIdConnectProviderMap map[string]OpenIdConnectProviderInput

func (OpenIdConnectProviderMap) ElementType

func (OpenIdConnectProviderMap) ElementType() reflect.Type

func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput

func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput

func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext

func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput

type OpenIdConnectProviderMapInput

type OpenIdConnectProviderMapInput interface {
	pulumi.Input

	ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput
	ToOpenIdConnectProviderMapOutputWithContext(context.Context) OpenIdConnectProviderMapOutput
}

OpenIdConnectProviderMapInput is an input type that accepts OpenIdConnectProviderMap and OpenIdConnectProviderMapOutput values. You can construct a concrete instance of `OpenIdConnectProviderMapInput` via:

OpenIdConnectProviderMap{ "key": OpenIdConnectProviderArgs{...} }

type OpenIdConnectProviderMapOutput

type OpenIdConnectProviderMapOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderMapOutput) ElementType

func (OpenIdConnectProviderMapOutput) MapIndex

func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput

func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput

func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext

func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput

type OpenIdConnectProviderOutput

type OpenIdConnectProviderOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderOutput) ElementType

func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput

func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput

func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext

func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput

type OpenIdConnectProviderState

type OpenIdConnectProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringPtrInput
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayInput
	// Map of resource tags for the IAM OIDC provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayInput
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringPtrInput
}

func (OpenIdConnectProviderState) ElementType

func (OpenIdConnectProviderState) ElementType() reflect.Type

type Policy

type Policy struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS to this policy.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Description of the IAM policy.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// The policy's ID.
	PolicyId pulumi.StringOutput `pulumi:"policyId"`
	// Map of resource tags for the IAM Policy
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
}

Provides an IAM policy.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Path:        pulumi.String("/"),
			Description: pulumi.String("My test policy"),
			Policy:      pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Policies can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/policy:Policy administrator arn:aws:iam::123456789012:policy/UsersManageOwnCredentials

```

func GetPolicy

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs

type PolicyArgs struct {
	// Description of the IAM policy.
	Description pulumi.StringPtrInput
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// Map of resource tags for the IAM Policy
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray

type PolicyArray []PolicyInput

func (PolicyArray) ElementType

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via:

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index

func (PolicyArrayOutput) ToPolicyArrayOutput

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyAttachment

type PolicyAttachment struct {
	pulumi.CustomResourceState

	// The group(s) the policy should be applied to
	Groups pulumi.StringArrayOutput `pulumi:"groups"`
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The role(s) the policy should be applied to
	Roles pulumi.StringArrayOutput `pulumi:"roles"`
	// The user(s) the policy should be applied to
	Users pulumi.StringArrayOutput `pulumi:"users"`
}

Attaches a Managed IAM Policy to user(s), role(s), and/or group(s)

!> **WARNING:** The iam.PolicyAttachment resource creates **exclusive** attachments of IAM policies. Across the entire AWS account, all of the users/roles/groups to which a single policy is attached must be declared by a single iam.PolicyAttachment resource. This means that even any users/roles/groups that have the attached policy via any other mechanism (including other resources managed by this provider) will have that attached policy revoked by this resource. Consider `iam.RolePolicyAttachment`, `iam.UserPolicyAttachment`, or `iam.GroupPolicyAttachment` instead. These resources do not enforce exclusive attachment of an IAM policy.

> **NOTE:** The usage of this resource conflicts with the `iam.GroupPolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.UserPolicyAttachment` resources and will permanently show a difference if both are defined.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user, err := iam.NewUser(ctx, "user", nil)
		if err != nil {
			return err
		}
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": \"sts:AssumeRole\",\n", "      \"Principal\": {\n", "        \"Service\": \"ec2.amazonaws.com\"\n", "      },\n", "      \"Effect\": \"Allow\",\n", "      \"Sid\": \"\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewPolicyAttachment(ctx, "test-attach", &iam.PolicyAttachmentArgs{
			Users: pulumi.AnyArray{
				user.Name,
			},
			Roles: pulumi.AnyArray{
				role.Name,
			},
			Groups: pulumi.AnyArray{
				group.Name,
			},
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetPolicyAttachment

func GetPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyAttachmentState, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)

GetPolicyAttachment gets an existing PolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicyAttachment

func NewPolicyAttachment(ctx *pulumi.Context,
	name string, args *PolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)

NewPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*PolicyAttachment) ElementType

func (*PolicyAttachment) ElementType() reflect.Type

func (*PolicyAttachment) ToPolicyAttachmentOutput

func (i *PolicyAttachment) ToPolicyAttachmentOutput() PolicyAttachmentOutput

func (*PolicyAttachment) ToPolicyAttachmentOutputWithContext

func (i *PolicyAttachment) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput

type PolicyAttachmentArgs

type PolicyAttachmentArgs struct {
	// The group(s) the policy should be applied to
	Groups pulumi.ArrayInput
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringPtrInput
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The role(s) the policy should be applied to
	Roles pulumi.ArrayInput
	// The user(s) the policy should be applied to
	Users pulumi.ArrayInput
}

The set of arguments for constructing a PolicyAttachment resource.

func (PolicyAttachmentArgs) ElementType

func (PolicyAttachmentArgs) ElementType() reflect.Type

type PolicyAttachmentArray

type PolicyAttachmentArray []PolicyAttachmentInput

func (PolicyAttachmentArray) ElementType

func (PolicyAttachmentArray) ElementType() reflect.Type

func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutput

func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput

func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext

func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput

type PolicyAttachmentArrayInput

type PolicyAttachmentArrayInput interface {
	pulumi.Input

	ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput
	ToPolicyAttachmentArrayOutputWithContext(context.Context) PolicyAttachmentArrayOutput
}

PolicyAttachmentArrayInput is an input type that accepts PolicyAttachmentArray and PolicyAttachmentArrayOutput values. You can construct a concrete instance of `PolicyAttachmentArrayInput` via:

PolicyAttachmentArray{ PolicyAttachmentArgs{...} }

type PolicyAttachmentArrayOutput

type PolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentArrayOutput) ElementType

func (PolicyAttachmentArrayOutput) Index

func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput

func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput

func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext

func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput

type PolicyAttachmentInput

type PolicyAttachmentInput interface {
	pulumi.Input

	ToPolicyAttachmentOutput() PolicyAttachmentOutput
	ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput
}

type PolicyAttachmentMap

type PolicyAttachmentMap map[string]PolicyAttachmentInput

func (PolicyAttachmentMap) ElementType

func (PolicyAttachmentMap) ElementType() reflect.Type

func (PolicyAttachmentMap) ToPolicyAttachmentMapOutput

func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput

func (PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext

func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput

type PolicyAttachmentMapInput

type PolicyAttachmentMapInput interface {
	pulumi.Input

	ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput
	ToPolicyAttachmentMapOutputWithContext(context.Context) PolicyAttachmentMapOutput
}

PolicyAttachmentMapInput is an input type that accepts PolicyAttachmentMap and PolicyAttachmentMapOutput values. You can construct a concrete instance of `PolicyAttachmentMapInput` via:

PolicyAttachmentMap{ "key": PolicyAttachmentArgs{...} }

type PolicyAttachmentMapOutput

type PolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentMapOutput) ElementType

func (PolicyAttachmentMapOutput) ElementType() reflect.Type

func (PolicyAttachmentMapOutput) MapIndex

func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput

func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput

func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext

func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput

type PolicyAttachmentOutput

type PolicyAttachmentOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentOutput) ElementType

func (PolicyAttachmentOutput) ElementType() reflect.Type

func (PolicyAttachmentOutput) ToPolicyAttachmentOutput

func (o PolicyAttachmentOutput) ToPolicyAttachmentOutput() PolicyAttachmentOutput

func (PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext

func (o PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput

type PolicyAttachmentState

type PolicyAttachmentState struct {
	// The group(s) the policy should be applied to
	Groups pulumi.ArrayInput
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringPtrInput
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The role(s) the policy should be applied to
	Roles pulumi.ArrayInput
	// The user(s) the policy should be applied to
	Users pulumi.ArrayInput
}

func (PolicyAttachmentState) ElementType

func (PolicyAttachmentState) ElementType() reflect.Type

type PolicyInput

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via:

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex

func (PolicyMapOutput) ToPolicyMapOutput

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) ElementType

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) ToPolicyOutput

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyState

type PolicyState struct {
	// The ARN assigned by AWS to this policy.
	Arn pulumi.StringPtrInput
	// Description of the IAM policy.
	Description pulumi.StringPtrInput
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// The policy's ID.
	PolicyId pulumi.StringPtrInput
	// Map of resource tags for the IAM Policy
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapInput
}

func (PolicyState) ElementType

func (PolicyState) ElementType() reflect.Type

type Role

type Role struct {
	pulumi.CustomResourceState

	// Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Policy that grants an entity permission to assume the role.
	AssumeRolePolicy pulumi.StringOutput `pulumi:"assumeRolePolicy"`
	// Creation date of the IAM role.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Description of the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrOutput `pulumi:"forceDetachPolicies"`
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies RoleInlinePolicyArrayOutput `pulumi:"inlinePolicies"`
	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managedPolicyArns = []`) will cause the provider to remove _all_ managed policy attachments.
	ManagedPolicyArns pulumi.StringArrayOutput `pulumi:"managedPolicyArns"`
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrOutput `pulumi:"maxSessionDuration"`
	// Name of the role policy.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringOutput `pulumi:"namePrefix"`
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"`
	// Key-value mapping of tags for the IAM role. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Stable and unique string identifying the role.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM role.

> **NOTE:** If policies are attached to the role via the `iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `forceDetachPolicies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.RolePolicyAttachment` resource does not have this requirement.

> **NOTE:** If you use this resource's `managedPolicyArns` argument or `inlinePolicy` configuration blocks, this resource will take over exclusive management of the role's respective policy types (e.g., both policy types if both arguments are used). These arguments are incompatible with other ways of managing a role's policies, such as `iam.PolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.RolePolicy`. If you attempt to manage a role's policies by multiple means, you will get resource cycling and/or errors.

## Example Usage ### Basic Example

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": "sts:AssumeRole",
					"Effect": "Allow",
					"Sid":    "",
					"Principal": map[string]interface{}{
						"Service": "ec2.amazonaws.com",
					},
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err := iam.NewRole(ctx, "testRole", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.String(json0),
			Tags: pulumi.StringMap{
				"tag-key": pulumi.String("tag-value"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Using Data Source for Assume Role Policy

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		instance_assume_role_policy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"sts:AssumeRole",
					},
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						iam.GetPolicyDocumentStatementPrincipal{
							Type: "Service",
							Identifiers: []string{
								"ec2.amazonaws.com",
							},
						},
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewRole(ctx, "instance", &iam.RoleArgs{
			Path:             pulumi.String("/system/"),
			AssumeRolePolicy: pulumi.String(instance_assume_role_policy.Json),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Exclusive Inline Policies

This example creates an IAM role with two inline IAM policies. If someone adds another inline policy out-of-band, on the next apply, the provider will remove that policy. If someone deletes these policies out-of-band, the provider will recreate them.

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		inlinePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"ec2:DescribeAccountAttributes",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			InlinePolicies: iam.RoleInlinePolicyArray{
				&iam.RoleInlinePolicyArgs{
					Name:   pulumi.String("my_inline_policy"),
					Policy: pulumi.String(json0),
				},
				&iam.RoleInlinePolicyArgs{
					Name:   pulumi.String("policy-8675309"),
					Policy: pulumi.String(inlinePolicy.Json),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Removing Inline Policies

This example creates an IAM role with what appears to be empty IAM `inlinePolicy` argument instead of using `inlinePolicy` as a configuration block. The result is that if someone were to add an inline policy out-of-band, on the next apply, the provider will remove that policy.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			InlinePolicies: iam.RoleInlinePolicyArray{
				nil,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Exclusive Managed Policies

This example creates an IAM role and attaches two managed IAM policies. If someone attaches another managed policy out-of-band, on the next apply, the provider will detach that policy. If someone detaches these policies out-of-band, the provider will attach them again.

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		policyOne, err := iam.NewPolicy(ctx, "policyOne", &iam.PolicyArgs{
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		tmpJSON1, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"s3:ListAllMyBuckets",
						"s3:ListBucket",
						"s3:HeadBucket",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json1 := string(tmpJSON1)
		policyTwo, err := iam.NewPolicy(ctx, "policyTwo", &iam.PolicyArgs{
			Policy: pulumi.String(json1),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			ManagedPolicyArns: pulumi.StringArray{
				policyOne.Arn,
				policyTwo.Arn,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Removing Managed Policies

This example creates an IAM role with an empty `managedPolicyArns` argument. If someone attaches a policy out-of-band, on the next apply, the provider will detach that policy.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy:  pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			ManagedPolicyArns: pulumi.StringArray{},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Roles can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/role:Role developer developer_name

```

func GetRole

func GetRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RoleState, opts ...pulumi.ResourceOption) (*Role, error)

GetRole gets an existing Role resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRole

func NewRole(ctx *pulumi.Context,
	name string, args *RoleArgs, opts ...pulumi.ResourceOption) (*Role, error)

NewRole registers a new resource with the given unique name, arguments, and options.

func (*Role) ElementType

func (*Role) ElementType() reflect.Type

func (*Role) ToRoleOutput

func (i *Role) ToRoleOutput() RoleOutput

func (*Role) ToRoleOutputWithContext

func (i *Role) ToRoleOutputWithContext(ctx context.Context) RoleOutput

type RoleArgs

type RoleArgs struct {
	// Policy that grants an entity permission to assume the role.
	AssumeRolePolicy pulumi.Input
	// Description of the role.
	Description pulumi.StringPtrInput
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrInput
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies RoleInlinePolicyArrayInput
	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managedPolicyArns = []`) will cause the provider to remove _all_ managed policy attachments.
	ManagedPolicyArns pulumi.StringArrayInput
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrInput
	// Name of the role policy.
	Name pulumi.StringPtrInput
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Role resource.

func (RoleArgs) ElementType

func (RoleArgs) ElementType() reflect.Type

type RoleArray

type RoleArray []RoleInput

func (RoleArray) ElementType

func (RoleArray) ElementType() reflect.Type

func (RoleArray) ToRoleArrayOutput

func (i RoleArray) ToRoleArrayOutput() RoleArrayOutput

func (RoleArray) ToRoleArrayOutputWithContext

func (i RoleArray) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput

type RoleArrayInput

type RoleArrayInput interface {
	pulumi.Input

	ToRoleArrayOutput() RoleArrayOutput
	ToRoleArrayOutputWithContext(context.Context) RoleArrayOutput
}

RoleArrayInput is an input type that accepts RoleArray and RoleArrayOutput values. You can construct a concrete instance of `RoleArrayInput` via:

RoleArray{ RoleArgs{...} }

type RoleArrayOutput

type RoleArrayOutput struct{ *pulumi.OutputState }

func (RoleArrayOutput) ElementType

func (RoleArrayOutput) ElementType() reflect.Type

func (RoleArrayOutput) Index

func (RoleArrayOutput) ToRoleArrayOutput

func (o RoleArrayOutput) ToRoleArrayOutput() RoleArrayOutput

func (RoleArrayOutput) ToRoleArrayOutputWithContext

func (o RoleArrayOutput) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput

type RoleInlinePolicy

type RoleInlinePolicy struct {
	// Name of the role policy.
	Name *string `pulumi:"name"`
	// Policy document as a JSON formatted string.
	Policy *string `pulumi:"policy"`
}

type RoleInlinePolicyArgs

type RoleInlinePolicyArgs struct {
	// Name of the role policy.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// Policy document as a JSON formatted string.
	Policy pulumi.StringPtrInput `pulumi:"policy"`
}

func (RoleInlinePolicyArgs) ElementType

func (RoleInlinePolicyArgs) ElementType() reflect.Type

func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutput

func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput

func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext

func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput

type RoleInlinePolicyArray

type RoleInlinePolicyArray []RoleInlinePolicyInput

func (RoleInlinePolicyArray) ElementType

func (RoleInlinePolicyArray) ElementType() reflect.Type

func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput

func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput

func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext

func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput

type RoleInlinePolicyArrayInput

type RoleInlinePolicyArrayInput interface {
	pulumi.Input

	ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput
	ToRoleInlinePolicyArrayOutputWithContext(context.Context) RoleInlinePolicyArrayOutput
}

RoleInlinePolicyArrayInput is an input type that accepts RoleInlinePolicyArray and RoleInlinePolicyArrayOutput values. You can construct a concrete instance of `RoleInlinePolicyArrayInput` via:

RoleInlinePolicyArray{ RoleInlinePolicyArgs{...} }

type RoleInlinePolicyArrayOutput

type RoleInlinePolicyArrayOutput struct{ *pulumi.OutputState }

func (RoleInlinePolicyArrayOutput) ElementType

func (RoleInlinePolicyArrayOutput) Index

func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput

func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput

func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext

func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput

type RoleInlinePolicyInput

type RoleInlinePolicyInput interface {
	pulumi.Input

	ToRoleInlinePolicyOutput() RoleInlinePolicyOutput
	ToRoleInlinePolicyOutputWithContext(context.Context) RoleInlinePolicyOutput
}

RoleInlinePolicyInput is an input type that accepts RoleInlinePolicyArgs and RoleInlinePolicyOutput values. You can construct a concrete instance of `RoleInlinePolicyInput` via:

RoleInlinePolicyArgs{...}

type RoleInlinePolicyOutput

type RoleInlinePolicyOutput struct{ *pulumi.OutputState }

func (RoleInlinePolicyOutput) ElementType

func (RoleInlinePolicyOutput) ElementType() reflect.Type

func (RoleInlinePolicyOutput) Name

Name of the role policy.

func (RoleInlinePolicyOutput) Policy

Policy document as a JSON formatted string.

func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutput

func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput

func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext

func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput

type RoleInput

type RoleInput interface {
	pulumi.Input

	ToRoleOutput() RoleOutput
	ToRoleOutputWithContext(ctx context.Context) RoleOutput
}

type RoleMap

type RoleMap map[string]RoleInput

func (RoleMap) ElementType

func (RoleMap) ElementType() reflect.Type

func (RoleMap) ToRoleMapOutput

func (i RoleMap) ToRoleMapOutput() RoleMapOutput

func (RoleMap) ToRoleMapOutputWithContext

func (i RoleMap) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput

type RoleMapInput

type RoleMapInput interface {
	pulumi.Input

	ToRoleMapOutput() RoleMapOutput
	ToRoleMapOutputWithContext(context.Context) RoleMapOutput
}

RoleMapInput is an input type that accepts RoleMap and RoleMapOutput values. You can construct a concrete instance of `RoleMapInput` via:

RoleMap{ "key": RoleArgs{...} }

type RoleMapOutput

type RoleMapOutput struct{ *pulumi.OutputState }

func (RoleMapOutput) ElementType

func (RoleMapOutput) ElementType() reflect.Type

func (RoleMapOutput) MapIndex

func (RoleMapOutput) ToRoleMapOutput

func (o RoleMapOutput) ToRoleMapOutput() RoleMapOutput

func (RoleMapOutput) ToRoleMapOutputWithContext

func (o RoleMapOutput) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput

type RoleOutput

type RoleOutput struct{ *pulumi.OutputState }

func (RoleOutput) ElementType

func (RoleOutput) ElementType() reflect.Type

func (RoleOutput) ToRoleOutput

func (o RoleOutput) ToRoleOutput() RoleOutput

func (RoleOutput) ToRoleOutputWithContext

func (o RoleOutput) ToRoleOutputWithContext(ctx context.Context) RoleOutput

type RolePolicy

type RolePolicy struct {
	pulumi.CustomResourceState

	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// The IAM role to attach to the policy.
	Role pulumi.StringOutput `pulumi:"role"`
}

Provides an IAM role inline policy.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `inlinePolicy` argument. When using that argument and this resource, both will attempt to manage the role's inline policies and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": "sts:AssumeRole",
					"Effect": "Allow",
					"Sid":    "",
					"Principal": map[string]interface{}{
						"Service": "ec2.amazonaws.com",
					},
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		testRole, err := iam.NewRole(ctx, "testRole", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		tmpJSON1, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json1 := string(tmpJSON1)
		_, err = iam.NewRolePolicy(ctx, "testPolicy", &iam.RolePolicyArgs{
			Role:   testRole.ID(),
			Policy: pulumi.String(json1),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Role Policies can be imported using the `role_name:role_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/rolePolicy:RolePolicy mypolicy role_of_mypolicy_name:mypolicy_name

```

func GetRolePolicy

func GetRolePolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RolePolicyState, opts ...pulumi.ResourceOption) (*RolePolicy, error)

GetRolePolicy gets an existing RolePolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicy

func NewRolePolicy(ctx *pulumi.Context,
	name string, args *RolePolicyArgs, opts ...pulumi.ResourceOption) (*RolePolicy, error)

NewRolePolicy registers a new resource with the given unique name, arguments, and options.

func (*RolePolicy) ElementType

func (*RolePolicy) ElementType() reflect.Type

func (*RolePolicy) ToRolePolicyOutput

func (i *RolePolicy) ToRolePolicyOutput() RolePolicyOutput

func (*RolePolicy) ToRolePolicyOutputWithContext

func (i *RolePolicy) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput

type RolePolicyArgs

type RolePolicyArgs struct {
	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// The IAM role to attach to the policy.
	Role pulumi.Input
}

The set of arguments for constructing a RolePolicy resource.

func (RolePolicyArgs) ElementType

func (RolePolicyArgs) ElementType() reflect.Type

type RolePolicyArray

type RolePolicyArray []RolePolicyInput

func (RolePolicyArray) ElementType

func (RolePolicyArray) ElementType() reflect.Type

func (RolePolicyArray) ToRolePolicyArrayOutput

func (i RolePolicyArray) ToRolePolicyArrayOutput() RolePolicyArrayOutput

func (RolePolicyArray) ToRolePolicyArrayOutputWithContext

func (i RolePolicyArray) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput

type RolePolicyArrayInput

type RolePolicyArrayInput interface {
	pulumi.Input

	ToRolePolicyArrayOutput() RolePolicyArrayOutput
	ToRolePolicyArrayOutputWithContext(context.Context) RolePolicyArrayOutput
}

RolePolicyArrayInput is an input type that accepts RolePolicyArray and RolePolicyArrayOutput values. You can construct a concrete instance of `RolePolicyArrayInput` via:

RolePolicyArray{ RolePolicyArgs{...} }

type RolePolicyArrayOutput

type RolePolicyArrayOutput struct{ *pulumi.OutputState }

func (RolePolicyArrayOutput) ElementType

func (RolePolicyArrayOutput) ElementType() reflect.Type

func (RolePolicyArrayOutput) Index

func (RolePolicyArrayOutput) ToRolePolicyArrayOutput

func (o RolePolicyArrayOutput) ToRolePolicyArrayOutput() RolePolicyArrayOutput

func (RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext

func (o RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput

type RolePolicyAttachment

type RolePolicyAttachment struct {
	pulumi.CustomResourceState

	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The name of the IAM role to which the policy should be applied
	Role pulumi.StringOutput `pulumi:"role"`
}

Attaches a Managed IAM Policy to an IAM role

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": \"sts:AssumeRole\",\n", "      \"Principal\": {\n", "        \"Service\": \"ec2.amazonaws.com\"\n", "      },\n", "      \"Effect\": \"Allow\",\n", "      \"Sid\": \"\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRolePolicyAttachment(ctx, "test-attach", &iam.RolePolicyAttachmentArgs{
			Role:      role.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM role policy attachments can be imported using the role name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/rolePolicyAttachment:RolePolicyAttachment test-attach test-role/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetRolePolicyAttachment

func GetRolePolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RolePolicyAttachmentState, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)

GetRolePolicyAttachment gets an existing RolePolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicyAttachment

func NewRolePolicyAttachment(ctx *pulumi.Context,
	name string, args *RolePolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)

NewRolePolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*RolePolicyAttachment) ElementType

func (*RolePolicyAttachment) ElementType() reflect.Type

func (*RolePolicyAttachment) ToRolePolicyAttachmentOutput

func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput

func (*RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext

func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput

type RolePolicyAttachmentArgs

type RolePolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The name of the IAM role to which the policy should be applied
	Role pulumi.Input
}

The set of arguments for constructing a RolePolicyAttachment resource.

func (RolePolicyAttachmentArgs) ElementType

func (RolePolicyAttachmentArgs) ElementType() reflect.Type

type RolePolicyAttachmentArray

type RolePolicyAttachmentArray []RolePolicyAttachmentInput

func (RolePolicyAttachmentArray) ElementType

func (RolePolicyAttachmentArray) ElementType() reflect.Type

func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput

func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput

func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext

func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentArrayInput

type RolePolicyAttachmentArrayInput interface {
	pulumi.Input

	ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput
	ToRolePolicyAttachmentArrayOutputWithContext(context.Context) RolePolicyAttachmentArrayOutput
}

RolePolicyAttachmentArrayInput is an input type that accepts RolePolicyAttachmentArray and RolePolicyAttachmentArrayOutput values. You can construct a concrete instance of `RolePolicyAttachmentArrayInput` via:

RolePolicyAttachmentArray{ RolePolicyAttachmentArgs{...} }

type RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentArrayOutput) ElementType

func (RolePolicyAttachmentArrayOutput) Index

func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput

func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput

func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext

func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentInput

type RolePolicyAttachmentInput interface {
	pulumi.Input

	ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput
	ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput
}

type RolePolicyAttachmentMap

type RolePolicyAttachmentMap map[string]RolePolicyAttachmentInput

func (RolePolicyAttachmentMap) ElementType

func (RolePolicyAttachmentMap) ElementType() reflect.Type

func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput

func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput

func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext

func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput

type RolePolicyAttachmentMapInput

type RolePolicyAttachmentMapInput interface {
	pulumi.Input

	ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput
	ToRolePolicyAttachmentMapOutputWithContext(context.Context) RolePolicyAttachmentMapOutput
}

RolePolicyAttachmentMapInput is an input type that accepts RolePolicyAttachmentMap and RolePolicyAttachmentMapOutput values. You can construct a concrete instance of `RolePolicyAttachmentMapInput` via:

RolePolicyAttachmentMap{ "key": RolePolicyAttachmentArgs{...} }

type RolePolicyAttachmentMapOutput

type RolePolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentMapOutput) ElementType

func (RolePolicyAttachmentMapOutput) MapIndex

func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput

func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput

func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext

func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput

type RolePolicyAttachmentOutput

type RolePolicyAttachmentOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentOutput) ElementType

func (RolePolicyAttachmentOutput) ElementType() reflect.Type

func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput

func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput

func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext

func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput

type RolePolicyAttachmentState

type RolePolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The name of the IAM role to which the policy should be applied
	Role pulumi.Input
}

func (RolePolicyAttachmentState) ElementType

func (RolePolicyAttachmentState) ElementType() reflect.Type

type RolePolicyInput

type RolePolicyInput interface {
	pulumi.Input

	ToRolePolicyOutput() RolePolicyOutput
	ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput
}

type RolePolicyMap

type RolePolicyMap map[string]RolePolicyInput

func (RolePolicyMap) ElementType

func (RolePolicyMap) ElementType() reflect.Type

func (RolePolicyMap) ToRolePolicyMapOutput

func (i RolePolicyMap) ToRolePolicyMapOutput() RolePolicyMapOutput

func (RolePolicyMap) ToRolePolicyMapOutputWithContext

func (i RolePolicyMap) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput

type RolePolicyMapInput

type RolePolicyMapInput interface {
	pulumi.Input

	ToRolePolicyMapOutput() RolePolicyMapOutput
	ToRolePolicyMapOutputWithContext(context.Context) RolePolicyMapOutput
}

RolePolicyMapInput is an input type that accepts RolePolicyMap and RolePolicyMapOutput values. You can construct a concrete instance of `RolePolicyMapInput` via:

RolePolicyMap{ "key": RolePolicyArgs{...} }

type RolePolicyMapOutput

type RolePolicyMapOutput struct{ *pulumi.OutputState }

func (RolePolicyMapOutput) ElementType

func (RolePolicyMapOutput) ElementType() reflect.Type

func (RolePolicyMapOutput) MapIndex

func (RolePolicyMapOutput) ToRolePolicyMapOutput

func (o RolePolicyMapOutput) ToRolePolicyMapOutput() RolePolicyMapOutput

func (RolePolicyMapOutput) ToRolePolicyMapOutputWithContext

func (o RolePolicyMapOutput) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput

type RolePolicyOutput

type RolePolicyOutput struct{ *pulumi.OutputState }

func (RolePolicyOutput) ElementType

func (RolePolicyOutput) ElementType() reflect.Type

func (RolePolicyOutput) ToRolePolicyOutput

func (o RolePolicyOutput) ToRolePolicyOutput() RolePolicyOutput

func (RolePolicyOutput) ToRolePolicyOutputWithContext

func (o RolePolicyOutput) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput

type RolePolicyState

type RolePolicyState struct {
	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// The IAM role to attach to the policy.
	Role pulumi.Input
}

func (RolePolicyState) ElementType

func (RolePolicyState) ElementType() reflect.Type

type RoleState

type RoleState struct {
	// Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringPtrInput
	// Policy that grants an entity permission to assume the role.
	AssumeRolePolicy pulumi.Input
	// Creation date of the IAM role.
	CreateDate pulumi.StringPtrInput
	// Description of the role.
	Description pulumi.StringPtrInput
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrInput
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies RoleInlinePolicyArrayInput
	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managedPolicyArns = []`) will cause the provider to remove _all_ managed policy attachments.
	ManagedPolicyArns pulumi.StringArrayInput
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrInput
	// Name of the role policy.
	Name pulumi.StringPtrInput
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// Stable and unique string identifying the role.
	UniqueId pulumi.StringPtrInput
}

func (RoleState) ElementType

func (RoleState) ElementType() reflect.Type

type SamlProvider

type SamlProvider struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The name of the provider to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringOutput `pulumi:"samlMetadataDocument"`
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.
	ValidUntil pulumi.StringOutput `pulumi:"validUntil"`
}

Provides an IAM SAML provider.

## Example Usage

```go package main

import (

"io/ioutil"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := ioutil.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewSamlProvider(ctx, "default", &iam.SamlProviderArgs{
			SamlMetadataDocument: readFileOrPanic("saml-metadata.xml"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM SAML Providers can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/samlProvider:SamlProvider default arn:aws:iam::123456789012:saml-provider/SAMLADFS

```

func GetSamlProvider

func GetSamlProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SamlProviderState, opts ...pulumi.ResourceOption) (*SamlProvider, error)

GetSamlProvider gets an existing SamlProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSamlProvider

func NewSamlProvider(ctx *pulumi.Context,
	name string, args *SamlProviderArgs, opts ...pulumi.ResourceOption) (*SamlProvider, error)

NewSamlProvider registers a new resource with the given unique name, arguments, and options.

func (*SamlProvider) ElementType

func (*SamlProvider) ElementType() reflect.Type

func (*SamlProvider) ToSamlProviderOutput

func (i *SamlProvider) ToSamlProviderOutput() SamlProviderOutput

func (*SamlProvider) ToSamlProviderOutputWithContext

func (i *SamlProvider) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput

type SamlProviderArgs

type SamlProviderArgs struct {
	// The name of the provider to create.
	Name pulumi.StringPtrInput
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringInput
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a SamlProvider resource.

func (SamlProviderArgs) ElementType

func (SamlProviderArgs) ElementType() reflect.Type

type SamlProviderArray

type SamlProviderArray []SamlProviderInput

func (SamlProviderArray) ElementType

func (SamlProviderArray) ElementType() reflect.Type

func (SamlProviderArray) ToSamlProviderArrayOutput

func (i SamlProviderArray) ToSamlProviderArrayOutput() SamlProviderArrayOutput

func (SamlProviderArray) ToSamlProviderArrayOutputWithContext

func (i SamlProviderArray) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput

type SamlProviderArrayInput

type SamlProviderArrayInput interface {
	pulumi.Input

	ToSamlProviderArrayOutput() SamlProviderArrayOutput
	ToSamlProviderArrayOutputWithContext(context.Context) SamlProviderArrayOutput
}

SamlProviderArrayInput is an input type that accepts SamlProviderArray and SamlProviderArrayOutput values. You can construct a concrete instance of `SamlProviderArrayInput` via:

SamlProviderArray{ SamlProviderArgs{...} }

type SamlProviderArrayOutput

type SamlProviderArrayOutput struct{ *pulumi.OutputState }

func (SamlProviderArrayOutput) ElementType

func (SamlProviderArrayOutput) ElementType() reflect.Type

func (SamlProviderArrayOutput) Index

func (SamlProviderArrayOutput) ToSamlProviderArrayOutput

func (o SamlProviderArrayOutput) ToSamlProviderArrayOutput() SamlProviderArrayOutput

func (SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext

func (o SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput

type SamlProviderInput

type SamlProviderInput interface {
	pulumi.Input

	ToSamlProviderOutput() SamlProviderOutput
	ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput
}

type SamlProviderMap

type SamlProviderMap map[string]SamlProviderInput

func (SamlProviderMap) ElementType

func (SamlProviderMap) ElementType() reflect.Type

func (SamlProviderMap) ToSamlProviderMapOutput

func (i SamlProviderMap) ToSamlProviderMapOutput() SamlProviderMapOutput

func (SamlProviderMap) ToSamlProviderMapOutputWithContext

func (i SamlProviderMap) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput

type SamlProviderMapInput

type SamlProviderMapInput interface {
	pulumi.Input

	ToSamlProviderMapOutput() SamlProviderMapOutput
	ToSamlProviderMapOutputWithContext(context.Context) SamlProviderMapOutput
}

SamlProviderMapInput is an input type that accepts SamlProviderMap and SamlProviderMapOutput values. You can construct a concrete instance of `SamlProviderMapInput` via:

SamlProviderMap{ "key": SamlProviderArgs{...} }

type SamlProviderMapOutput

type SamlProviderMapOutput struct{ *pulumi.OutputState }

func (SamlProviderMapOutput) ElementType

func (SamlProviderMapOutput) ElementType() reflect.Type

func (SamlProviderMapOutput) MapIndex

func (SamlProviderMapOutput) ToSamlProviderMapOutput

func (o SamlProviderMapOutput) ToSamlProviderMapOutput() SamlProviderMapOutput

func (SamlProviderMapOutput) ToSamlProviderMapOutputWithContext

func (o SamlProviderMapOutput) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput

type SamlProviderOutput

type SamlProviderOutput struct{ *pulumi.OutputState }

func (SamlProviderOutput) ElementType

func (SamlProviderOutput) ElementType() reflect.Type

func (SamlProviderOutput) ToSamlProviderOutput

func (o SamlProviderOutput) ToSamlProviderOutput() SamlProviderOutput

func (SamlProviderOutput) ToSamlProviderOutputWithContext

func (o SamlProviderOutput) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput

type SamlProviderState

type SamlProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringPtrInput
	// The name of the provider to create.
	Name pulumi.StringPtrInput
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringPtrInput
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.
	ValidUntil pulumi.StringPtrInput
}

func (SamlProviderState) ElementType

func (SamlProviderState) ElementType() reflect.Type

type ServerCertificate

type ServerCertificate struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringOutput `pulumi:"certificateBody"`
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.
	Expiration pulumi.StringOutput `pulumi:"expiration"`
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// Map of resource tags for the server certificate. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.
	UploadDate pulumi.StringOutput `pulumi:"uploadDate"`
}

Provides an IAM Server Certificate resource to upload Server Certificates. Certs uploaded to IAM can easily work with other AWS services such as:

- AWS Elastic Beanstalk - Elastic Load Balancing - CloudFront - AWS OpsWorks

For information about server certificates in IAM, see [Managing Server Certificates][2] in AWS Documentation.

## Example Usage

**Using certs on file:**

```go package main

import (

"io/ioutil"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := ioutil.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{
			CertificateBody: readFileOrPanic("self-ca-cert.pem"),
			PrivateKey:      readFileOrPanic("test-key.pem"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

**Example with cert in-line:**

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServerCertificate(ctx, "testCertAlt", &iam.ServerCertificateArgs{
			CertificateBody: pulumi.String(fmt.Sprintf("%v%v%v%v", "-----BEGIN CERTIFICATE-----\n", "[......] # cert contents\n", "-----END CERTIFICATE-----\n", "\n")),
			PrivateKey:      pulumi.String(fmt.Sprintf("%v%v%v%v", "-----BEGIN RSA PRIVATE KEY-----\n", "[......] # cert contents\n", "-----END RSA PRIVATE KEY-----\n", "\n")),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

**Use in combination with an AWS ELB resource:**

Some properties of an IAM Server Certificates cannot be updated while they are in use. In order for this provider to effectively manage a Certificate in this situation, it is recommended you utilize the `namePrefix` attribute and enable the `createBeforeDestroy` [lifecycle block][lifecycle]. This will allow this provider to create a new, updated `iam.ServerCertificate` resource and replace it in dependant resources before attempting to destroy the old version.

```go package main

import (

"io/ioutil"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/elb"
"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := ioutil.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testCert, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{
			NamePrefix:      pulumi.String("example-cert"),
			CertificateBody: readFileOrPanic("self-ca-cert.pem"),
			PrivateKey:      readFileOrPanic("test-key.pem"),
		})
		if err != nil {
			return err
		}
		_, err = elb.NewLoadBalancer(ctx, "ourapp", &elb.LoadBalancerArgs{
			AvailabilityZones: pulumi.StringArray{
				pulumi.String("us-west-2a"),
			},
			CrossZoneLoadBalancing: pulumi.Bool(true),
			Listeners: elb.LoadBalancerListenerArray{
				&elb.LoadBalancerListenerArgs{
					InstancePort:     pulumi.Int(8000),
					InstanceProtocol: pulumi.String("http"),
					LbPort:           pulumi.Int(443),
					LbProtocol:       pulumi.String("https"),
					SslCertificateId: testCert.Arn,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Server Certificates can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/serverCertificate:ServerCertificate certificate example.com-certificate-until-2018

```

[1]https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html [2]https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html [lifecycle]/docs/configuration/resources.html

func GetServerCertificate

func GetServerCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerCertificateState, opts ...pulumi.ResourceOption) (*ServerCertificate, error)

GetServerCertificate gets an existing ServerCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerCertificate

func NewServerCertificate(ctx *pulumi.Context,
	name string, args *ServerCertificateArgs, opts ...pulumi.ResourceOption) (*ServerCertificate, error)

NewServerCertificate registers a new resource with the given unique name, arguments, and options.

func (*ServerCertificate) ElementType

func (*ServerCertificate) ElementType() reflect.Type

func (*ServerCertificate) ToServerCertificateOutput

func (i *ServerCertificate) ToServerCertificateOutput() ServerCertificateOutput

func (*ServerCertificate) ToServerCertificateOutputWithContext

func (i *ServerCertificate) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput

type ServerCertificateArgs

type ServerCertificateArgs struct {
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringInput
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrInput
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrInput
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringInput
	// Map of resource tags for the server certificate. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a ServerCertificate resource.

func (ServerCertificateArgs) ElementType

func (ServerCertificateArgs) ElementType() reflect.Type

type ServerCertificateArray

type ServerCertificateArray []ServerCertificateInput

func (ServerCertificateArray) ElementType

func (ServerCertificateArray) ElementType() reflect.Type

func (ServerCertificateArray) ToServerCertificateArrayOutput

func (i ServerCertificateArray) ToServerCertificateArrayOutput() ServerCertificateArrayOutput

func (ServerCertificateArray) ToServerCertificateArrayOutputWithContext

func (i ServerCertificateArray) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput

type ServerCertificateArrayInput

type ServerCertificateArrayInput interface {
	pulumi.Input

	ToServerCertificateArrayOutput() ServerCertificateArrayOutput
	ToServerCertificateArrayOutputWithContext(context.Context) ServerCertificateArrayOutput
}

ServerCertificateArrayInput is an input type that accepts ServerCertificateArray and ServerCertificateArrayOutput values. You can construct a concrete instance of `ServerCertificateArrayInput` via:

ServerCertificateArray{ ServerCertificateArgs{...} }

type ServerCertificateArrayOutput

type ServerCertificateArrayOutput struct{ *pulumi.OutputState }

func (ServerCertificateArrayOutput) ElementType

func (ServerCertificateArrayOutput) Index

func (ServerCertificateArrayOutput) ToServerCertificateArrayOutput

func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutput() ServerCertificateArrayOutput

func (ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext

func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput

type ServerCertificateInput

type ServerCertificateInput interface {
	pulumi.Input

	ToServerCertificateOutput() ServerCertificateOutput
	ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput
}

type ServerCertificateMap

type ServerCertificateMap map[string]ServerCertificateInput

func (ServerCertificateMap) ElementType

func (ServerCertificateMap) ElementType() reflect.Type

func (ServerCertificateMap) ToServerCertificateMapOutput

func (i ServerCertificateMap) ToServerCertificateMapOutput() ServerCertificateMapOutput

func (ServerCertificateMap) ToServerCertificateMapOutputWithContext

func (i ServerCertificateMap) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput

type ServerCertificateMapInput

type ServerCertificateMapInput interface {
	pulumi.Input

	ToServerCertificateMapOutput() ServerCertificateMapOutput
	ToServerCertificateMapOutputWithContext(context.Context) ServerCertificateMapOutput
}

ServerCertificateMapInput is an input type that accepts ServerCertificateMap and ServerCertificateMapOutput values. You can construct a concrete instance of `ServerCertificateMapInput` via:

ServerCertificateMap{ "key": ServerCertificateArgs{...} }

type ServerCertificateMapOutput

type ServerCertificateMapOutput struct{ *pulumi.OutputState }

func (ServerCertificateMapOutput) ElementType

func (ServerCertificateMapOutput) ElementType() reflect.Type

func (ServerCertificateMapOutput) MapIndex

func (ServerCertificateMapOutput) ToServerCertificateMapOutput

func (o ServerCertificateMapOutput) ToServerCertificateMapOutput() ServerCertificateMapOutput

func (ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext

func (o ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput

type ServerCertificateOutput

type ServerCertificateOutput struct{ *pulumi.OutputState }

func (ServerCertificateOutput) ElementType

func (ServerCertificateOutput) ElementType() reflect.Type

func (ServerCertificateOutput) ToServerCertificateOutput

func (o ServerCertificateOutput) ToServerCertificateOutput() ServerCertificateOutput

func (ServerCertificateOutput) ToServerCertificateOutputWithContext

func (o ServerCertificateOutput) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput

type ServerCertificateState

type ServerCertificateState struct {
	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn pulumi.StringPtrInput
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringPtrInput
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrInput
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.
	Expiration pulumi.StringPtrInput
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrInput
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringPtrInput
	// Map of resource tags for the server certificate. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.
	UploadDate pulumi.StringPtrInput
}

func (ServerCertificateState) ElementType

func (ServerCertificateState) ElementType() reflect.Type

type ServiceLinkedRole

type ServiceLinkedRole struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringOutput `pulumi:"awsServiceName"`
	// The creation date of the IAM role.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrOutput `pulumi:"customSuffix"`
	// The description of the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the role.
	Name pulumi.StringOutput `pulumi:"name"`
	// The path of the role.
	Path pulumi.StringOutput `pulumi:"path"`
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The stable and unique string identifying the role.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an [IAM service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServiceLinkedRole(ctx, "elasticbeanstalk", &iam.ServiceLinkedRoleArgs{
			AwsServiceName: pulumi.String("elasticbeanstalk.amazonaws.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM service-linked roles can be imported using role ARN, e.g.,

```sh

$ pulumi import aws:iam/serviceLinkedRole:ServiceLinkedRole elasticbeanstalk arn:aws:iam::123456789012:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk

```

func GetServiceLinkedRole

func GetServiceLinkedRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServiceLinkedRoleState, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)

GetServiceLinkedRole gets an existing ServiceLinkedRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServiceLinkedRole

func NewServiceLinkedRole(ctx *pulumi.Context,
	name string, args *ServiceLinkedRoleArgs, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)

NewServiceLinkedRole registers a new resource with the given unique name, arguments, and options.

func (*ServiceLinkedRole) ElementType

func (*ServiceLinkedRole) ElementType() reflect.Type

func (*ServiceLinkedRole) ToServiceLinkedRoleOutput

func (i *ServiceLinkedRole) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput

func (*ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext

func (i *ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput

type ServiceLinkedRoleArgs

type ServiceLinkedRoleArgs struct {
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringInput
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrInput
	// The description of the role.
	Description pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
}

The set of arguments for constructing a ServiceLinkedRole resource.

func (ServiceLinkedRoleArgs) ElementType

func (ServiceLinkedRoleArgs) ElementType() reflect.Type

type ServiceLinkedRoleArray

type ServiceLinkedRoleArray []ServiceLinkedRoleInput

func (ServiceLinkedRoleArray) ElementType

func (ServiceLinkedRoleArray) ElementType() reflect.Type

func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput

func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput

func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext

func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleArrayInput

type ServiceLinkedRoleArrayInput interface {
	pulumi.Input

	ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput
	ToServiceLinkedRoleArrayOutputWithContext(context.Context) ServiceLinkedRoleArrayOutput
}

ServiceLinkedRoleArrayInput is an input type that accepts ServiceLinkedRoleArray and ServiceLinkedRoleArrayOutput values. You can construct a concrete instance of `ServiceLinkedRoleArrayInput` via:

ServiceLinkedRoleArray{ ServiceLinkedRoleArgs{...} }

type ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleArrayOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleArrayOutput) ElementType

func (ServiceLinkedRoleArrayOutput) Index

func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput

func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput

func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext

func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleInput

type ServiceLinkedRoleInput interface {
	pulumi.Input

	ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput
	ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput
}

type ServiceLinkedRoleMap

type ServiceLinkedRoleMap map[string]ServiceLinkedRoleInput

func (ServiceLinkedRoleMap) ElementType

func (ServiceLinkedRoleMap) ElementType() reflect.Type

func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput

func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput

func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext

func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput

type ServiceLinkedRoleMapInput

type ServiceLinkedRoleMapInput interface {
	pulumi.Input

	ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput
	ToServiceLinkedRoleMapOutputWithContext(context.Context) ServiceLinkedRoleMapOutput
}

ServiceLinkedRoleMapInput is an input type that accepts ServiceLinkedRoleMap and ServiceLinkedRoleMapOutput values. You can construct a concrete instance of `ServiceLinkedRoleMapInput` via:

ServiceLinkedRoleMap{ "key": ServiceLinkedRoleArgs{...} }

type ServiceLinkedRoleMapOutput

type ServiceLinkedRoleMapOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleMapOutput) ElementType

func (ServiceLinkedRoleMapOutput) ElementType() reflect.Type

func (ServiceLinkedRoleMapOutput) MapIndex

func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput

func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput

func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext

func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput

type ServiceLinkedRoleOutput

type ServiceLinkedRoleOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleOutput) ElementType

func (ServiceLinkedRoleOutput) ElementType() reflect.Type

func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput

func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput

func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext

func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput

type ServiceLinkedRoleState

type ServiceLinkedRoleState struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringPtrInput
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringPtrInput
	// The creation date of the IAM role.
	CreateDate pulumi.StringPtrInput
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrInput
	// The description of the role.
	Description pulumi.StringPtrInput
	// The name of the role.
	Name pulumi.StringPtrInput
	// The path of the role.
	Path pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The stable and unique string identifying the role.
	UniqueId pulumi.StringPtrInput
}

func (ServiceLinkedRoleState) ElementType

func (ServiceLinkedRoleState) ElementType() reflect.Type

type SshKey

type SshKey struct {
	pulumi.CustomResourceState

	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringOutput `pulumi:"encoding"`
	// The MD5 message digest of the SSH public key.
	Fingerprint pulumi.StringOutput `pulumi:"fingerprint"`
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringOutput `pulumi:"publicKey"`
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringOutput `pulumi:"sshPublicKeyId"`
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringOutput `pulumi:"status"`
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringOutput `pulumi:"username"`
}

Uploads an SSH public key and associates it with the specified IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		userUser, err := iam.NewUser(ctx, "userUser", &iam.UserArgs{
			Path: pulumi.String("/"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewSshKey(ctx, "userSshKey", &iam.SshKeyArgs{
			Username:  userUser.Name,
			Encoding:  pulumi.String("SSH"),
			PublicKey: pulumi.String("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SSH public keys can be imported using the `username`, `ssh_public_key_id`, and `encoding` e.g.,

```sh

$ pulumi import aws:iam/sshKey:SshKey user user:APKAJNCNNJICVN7CFKCA:SSH

```

func GetSshKey

func GetSshKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SshKeyState, opts ...pulumi.ResourceOption) (*SshKey, error)

GetSshKey gets an existing SshKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSshKey

func NewSshKey(ctx *pulumi.Context,
	name string, args *SshKeyArgs, opts ...pulumi.ResourceOption) (*SshKey, error)

NewSshKey registers a new resource with the given unique name, arguments, and options.

func (*SshKey) ElementType

func (*SshKey) ElementType() reflect.Type

func (*SshKey) ToSshKeyOutput

func (i *SshKey) ToSshKeyOutput() SshKeyOutput

func (*SshKey) ToSshKeyOutputWithContext

func (i *SshKey) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput

type SshKeyArgs

type SshKeyArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringInput
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringInput
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringInput
}

The set of arguments for constructing a SshKey resource.

func (SshKeyArgs) ElementType

func (SshKeyArgs) ElementType() reflect.Type

type SshKeyArray

type SshKeyArray []SshKeyInput

func (SshKeyArray) ElementType

func (SshKeyArray) ElementType() reflect.Type

func (SshKeyArray) ToSshKeyArrayOutput

func (i SshKeyArray) ToSshKeyArrayOutput() SshKeyArrayOutput

func (SshKeyArray) ToSshKeyArrayOutputWithContext

func (i SshKeyArray) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput

type SshKeyArrayInput

type SshKeyArrayInput interface {
	pulumi.Input

	ToSshKeyArrayOutput() SshKeyArrayOutput
	ToSshKeyArrayOutputWithContext(context.Context) SshKeyArrayOutput
}

SshKeyArrayInput is an input type that accepts SshKeyArray and SshKeyArrayOutput values. You can construct a concrete instance of `SshKeyArrayInput` via:

SshKeyArray{ SshKeyArgs{...} }

type SshKeyArrayOutput

type SshKeyArrayOutput struct{ *pulumi.OutputState }

func (SshKeyArrayOutput) ElementType

func (SshKeyArrayOutput) ElementType() reflect.Type

func (SshKeyArrayOutput) Index

func (SshKeyArrayOutput) ToSshKeyArrayOutput

func (o SshKeyArrayOutput) ToSshKeyArrayOutput() SshKeyArrayOutput

func (SshKeyArrayOutput) ToSshKeyArrayOutputWithContext

func (o SshKeyArrayOutput) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput

type SshKeyInput

type SshKeyInput interface {
	pulumi.Input

	ToSshKeyOutput() SshKeyOutput
	ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput
}

type SshKeyMap

type SshKeyMap map[string]SshKeyInput

func (SshKeyMap) ElementType

func (SshKeyMap) ElementType() reflect.Type

func (SshKeyMap) ToSshKeyMapOutput

func (i SshKeyMap) ToSshKeyMapOutput() SshKeyMapOutput

func (SshKeyMap) ToSshKeyMapOutputWithContext

func (i SshKeyMap) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput

type SshKeyMapInput

type SshKeyMapInput interface {
	pulumi.Input

	ToSshKeyMapOutput() SshKeyMapOutput
	ToSshKeyMapOutputWithContext(context.Context) SshKeyMapOutput
}

SshKeyMapInput is an input type that accepts SshKeyMap and SshKeyMapOutput values. You can construct a concrete instance of `SshKeyMapInput` via:

SshKeyMap{ "key": SshKeyArgs{...} }

type SshKeyMapOutput

type SshKeyMapOutput struct{ *pulumi.OutputState }

func (SshKeyMapOutput) ElementType

func (SshKeyMapOutput) ElementType() reflect.Type

func (SshKeyMapOutput) MapIndex

func (SshKeyMapOutput) ToSshKeyMapOutput

func (o SshKeyMapOutput) ToSshKeyMapOutput() SshKeyMapOutput

func (SshKeyMapOutput) ToSshKeyMapOutputWithContext

func (o SshKeyMapOutput) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput

type SshKeyOutput

type SshKeyOutput struct{ *pulumi.OutputState }

func (SshKeyOutput) ElementType

func (SshKeyOutput) ElementType() reflect.Type

func (SshKeyOutput) ToSshKeyOutput

func (o SshKeyOutput) ToSshKeyOutput() SshKeyOutput

func (SshKeyOutput) ToSshKeyOutputWithContext

func (o SshKeyOutput) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput

type SshKeyState

type SshKeyState struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringPtrInput
	// The MD5 message digest of the SSH public key.
	Fingerprint pulumi.StringPtrInput
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringPtrInput
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringPtrInput
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringPtrInput
}

func (SshKeyState) ElementType

func (SshKeyState) ElementType() reflect.Type

type User

type User struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this user.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrOutput `pulumi:"forceDestroy"`
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringOutput `pulumi:"name"`
	// Path in which to create the user.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"`
	// Key-value mapping of tags for the IAM user
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM user.

> *NOTE:* If policies are attached to the user via the `iam.PolicyAttachment` resource and you are modifying the user `name` or `path`, the `forceDestroy` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.UserPolicyAttachment` resource (recommended) does not have this requirement.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
			Tags: pulumi.StringMap{
				"tag-key": pulumi.String("tag-value"),
			},
		})
		if err != nil {
			return err
		}
		_, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User: lbUser.Name,
		})
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Users can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/user:User lb loadbalancer

```

func GetUser

func GetUser(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserState, opts ...pulumi.ResourceOption) (*User, error)

GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUser

func NewUser(ctx *pulumi.Context,
	name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error)

NewUser registers a new resource with the given unique name, arguments, and options.

func (*User) ElementType

func (*User) ElementType() reflect.Type

func (*User) ToUserOutput

func (i *User) ToUserOutput() UserOutput

func (*User) ToUserOutputWithContext

func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput

type UserArgs

type UserArgs struct {
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrInput
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringPtrInput
	// Path in which to create the user.
	Path pulumi.StringPtrInput
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM user
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a User resource.

func (UserArgs) ElementType

func (UserArgs) ElementType() reflect.Type

type UserArray

type UserArray []UserInput

func (UserArray) ElementType

func (UserArray) ElementType() reflect.Type

func (UserArray) ToUserArrayOutput

func (i UserArray) ToUserArrayOutput() UserArrayOutput

func (UserArray) ToUserArrayOutputWithContext

func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput

type UserArrayInput

type UserArrayInput interface {
	pulumi.Input

	ToUserArrayOutput() UserArrayOutput
	ToUserArrayOutputWithContext(context.Context) UserArrayOutput
}

UserArrayInput is an input type that accepts UserArray and UserArrayOutput values. You can construct a concrete instance of `UserArrayInput` via:

UserArray{ UserArgs{...} }

type UserArrayOutput

type UserArrayOutput struct{ *pulumi.OutputState }

func (UserArrayOutput) ElementType

func (UserArrayOutput) ElementType() reflect.Type

func (UserArrayOutput) Index

func (UserArrayOutput) ToUserArrayOutput

func (o UserArrayOutput) ToUserArrayOutput() UserArrayOutput

func (UserArrayOutput) ToUserArrayOutputWithContext

func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput

type UserGroupMembership

type UserGroupMembership struct {
	pulumi.CustomResourceState

	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayOutput `pulumi:"groups"`
	// The name of the IAM User to add to groups
	User pulumi.StringOutput `pulumi:"user"`
}

Provides a resource for adding an IAM User to IAM Groups. This resource can be used multiple times with the same user for non-overlapping groups.

To exclusively manage the users in a group, see the `iam.GroupMembership` resource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user1, err := iam.NewUser(ctx, "user1", nil)
		if err != nil {
			return err
		}
		group1, err := iam.NewGroup(ctx, "group1", nil)
		if err != nil {
			return err
		}
		group2, err := iam.NewGroup(ctx, "group2", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserGroupMembership(ctx, "example1", &iam.UserGroupMembershipArgs{
			User: user1.Name,
			Groups: pulumi.StringArray{
				group1.Name,
				group2.Name,
			},
		})
		if err != nil {
			return err
		}
		group3, err := iam.NewGroup(ctx, "group3", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserGroupMembership(ctx, "example2", &iam.UserGroupMembershipArgs{
			User: user1.Name,
			Groups: pulumi.StringArray{
				group3.Name,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM user group membership can be imported using the user name and group names separated by `/`.

```sh

$ pulumi import aws:iam/userGroupMembership:UserGroupMembership example1 user1/group1/group2

```

func GetUserGroupMembership

func GetUserGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserGroupMembershipState, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)

GetUserGroupMembership gets an existing UserGroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserGroupMembership

func NewUserGroupMembership(ctx *pulumi.Context,
	name string, args *UserGroupMembershipArgs, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)

NewUserGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*UserGroupMembership) ElementType

func (*UserGroupMembership) ElementType() reflect.Type

func (*UserGroupMembership) ToUserGroupMembershipOutput

func (i *UserGroupMembership) ToUserGroupMembershipOutput() UserGroupMembershipOutput

func (*UserGroupMembership) ToUserGroupMembershipOutputWithContext

func (i *UserGroupMembership) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput

type UserGroupMembershipArgs

type UserGroupMembershipArgs struct {
	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayInput
	// The name of the IAM User to add to groups
	User pulumi.StringInput
}

The set of arguments for constructing a UserGroupMembership resource.

func (UserGroupMembershipArgs) ElementType

func (UserGroupMembershipArgs) ElementType() reflect.Type

type UserGroupMembershipArray

type UserGroupMembershipArray []UserGroupMembershipInput

func (UserGroupMembershipArray) ElementType

func (UserGroupMembershipArray) ElementType() reflect.Type

func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutput

func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput

func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext

func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput

type UserGroupMembershipArrayInput

type UserGroupMembershipArrayInput interface {
	pulumi.Input

	ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput
	ToUserGroupMembershipArrayOutputWithContext(context.Context) UserGroupMembershipArrayOutput
}

UserGroupMembershipArrayInput is an input type that accepts UserGroupMembershipArray and UserGroupMembershipArrayOutput values. You can construct a concrete instance of `UserGroupMembershipArrayInput` via:

UserGroupMembershipArray{ UserGroupMembershipArgs{...} }

type UserGroupMembershipArrayOutput

type UserGroupMembershipArrayOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipArrayOutput) ElementType

func (UserGroupMembershipArrayOutput) Index

func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput

func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput

func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext

func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput

type UserGroupMembershipInput

type UserGroupMembershipInput interface {
	pulumi.Input

	ToUserGroupMembershipOutput() UserGroupMembershipOutput
	ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput
}

type UserGroupMembershipMap

type UserGroupMembershipMap map[string]UserGroupMembershipInput

func (UserGroupMembershipMap) ElementType

func (UserGroupMembershipMap) ElementType() reflect.Type

func (UserGroupMembershipMap) ToUserGroupMembershipMapOutput

func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput

func (UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext

func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput

type UserGroupMembershipMapInput

type UserGroupMembershipMapInput interface {
	pulumi.Input

	ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput
	ToUserGroupMembershipMapOutputWithContext(context.Context) UserGroupMembershipMapOutput
}

UserGroupMembershipMapInput is an input type that accepts UserGroupMembershipMap and UserGroupMembershipMapOutput values. You can construct a concrete instance of `UserGroupMembershipMapInput` via:

UserGroupMembershipMap{ "key": UserGroupMembershipArgs{...} }

type UserGroupMembershipMapOutput

type UserGroupMembershipMapOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipMapOutput) ElementType

func (UserGroupMembershipMapOutput) MapIndex

func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput

func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput

func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext

func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput

type UserGroupMembershipOutput

type UserGroupMembershipOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipOutput) ElementType

func (UserGroupMembershipOutput) ElementType() reflect.Type

func (UserGroupMembershipOutput) ToUserGroupMembershipOutput

func (o UserGroupMembershipOutput) ToUserGroupMembershipOutput() UserGroupMembershipOutput

func (UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext

func (o UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput

type UserGroupMembershipState

type UserGroupMembershipState struct {
	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayInput
	// The name of the IAM User to add to groups
	User pulumi.StringPtrInput
}

func (UserGroupMembershipState) ElementType

func (UserGroupMembershipState) ElementType() reflect.Type

type UserInput

type UserInput interface {
	pulumi.Input

	ToUserOutput() UserOutput
	ToUserOutputWithContext(ctx context.Context) UserOutput
}

type UserLoginProfile

type UserLoginProfile struct {
	pulumi.CustomResourceState

	// The encrypted password, base64 encoded. Only available if password was handled on this provider resource creation, not import.
	EncryptedPassword pulumi.StringOutput `pulumi:"encryptedPassword"`
	// The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.
	KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"`
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.
	PasswordLength pulumi.IntPtrOutput `pulumi:"passwordLength"`
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.
	PasswordResetRequired pulumi.BoolPtrOutput `pulumi:"passwordResetRequired"`
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringOutput `pulumi:"pgpKey"`
	// The IAM user's name.
	User pulumi.StringOutput `pulumi:"user"`
}

Manages an IAM User Login Profile with limited support for password creation during this provider resource creation. Uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.

> To reset an IAM User login password via this provider, you can use delete and recreate this resource or change any of the arguments.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleUser, err := iam.NewUser(ctx, "exampleUser", &iam.UserArgs{
			Path:         pulumi.String("/"),
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		exampleUserLoginProfile, err := iam.NewUserLoginProfile(ctx, "exampleUserLoginProfile", &iam.UserLoginProfileArgs{
			User:   exampleUser.Name,
			PgpKey: pulumi.String("keybase:some_person_that_exists"),
		})
		if err != nil {
			return err
		}
		ctx.Export("password", exampleUserLoginProfile.EncryptedPassword)
		return nil
	})
}

```

## Import

IAM User Login Profiles can be imported without password information support via the IAM User name, e.g.,

```sh

$ pulumi import aws:iam/userLoginProfile:UserLoginProfile example myusername

```

Since this provider has no method to read the PGP or password information during import, use [`ignore_changes` argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to ignore them unless password recreation is desired. e.g. terraform resource "aws_iam_user_login_profile" "example" {

... other configuration ...

lifecycle {

ignore_changes = [

password_length,

password_reset_required,

pgp_key,

]

} }

func GetUserLoginProfile

func GetUserLoginProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserLoginProfileState, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)

GetUserLoginProfile gets an existing UserLoginProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserLoginProfile

func NewUserLoginProfile(ctx *pulumi.Context,
	name string, args *UserLoginProfileArgs, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)

NewUserLoginProfile registers a new resource with the given unique name, arguments, and options.

func (*UserLoginProfile) ElementType

func (*UserLoginProfile) ElementType() reflect.Type

func (*UserLoginProfile) ToUserLoginProfileOutput

func (i *UserLoginProfile) ToUserLoginProfileOutput() UserLoginProfileOutput

func (*UserLoginProfile) ToUserLoginProfileOutputWithContext

func (i *UserLoginProfile) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput

type UserLoginProfileArgs

type UserLoginProfileArgs struct {
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.
	PasswordLength pulumi.IntPtrInput
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.
	PasswordResetRequired pulumi.BoolPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringInput
	// The IAM user's name.
	User pulumi.StringInput
}

The set of arguments for constructing a UserLoginProfile resource.

func (UserLoginProfileArgs) ElementType

func (UserLoginProfileArgs) ElementType() reflect.Type

type UserLoginProfileArray

type UserLoginProfileArray []UserLoginProfileInput

func (UserLoginProfileArray) ElementType

func (UserLoginProfileArray) ElementType() reflect.Type

func (UserLoginProfileArray) ToUserLoginProfileArrayOutput

func (i UserLoginProfileArray) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput

func (UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext

func (i UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput

type UserLoginProfileArrayInput

type UserLoginProfileArrayInput interface {
	pulumi.Input

	ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput
	ToUserLoginProfileArrayOutputWithContext(context.Context) UserLoginProfileArrayOutput
}

UserLoginProfileArrayInput is an input type that accepts UserLoginProfileArray and UserLoginProfileArrayOutput values. You can construct a concrete instance of `UserLoginProfileArrayInput` via:

UserLoginProfileArray{ UserLoginProfileArgs{...} }

type UserLoginProfileArrayOutput

type UserLoginProfileArrayOutput struct{ *pulumi.OutputState }

func (UserLoginProfileArrayOutput) ElementType

func (UserLoginProfileArrayOutput) Index

func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput

func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput

func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext

func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput

type UserLoginProfileInput

type UserLoginProfileInput interface {
	pulumi.Input

	ToUserLoginProfileOutput() UserLoginProfileOutput
	ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput
}

type UserLoginProfileMap

type UserLoginProfileMap map[string]UserLoginProfileInput

func (UserLoginProfileMap) ElementType

func (UserLoginProfileMap) ElementType() reflect.Type

func (UserLoginProfileMap) ToUserLoginProfileMapOutput

func (i UserLoginProfileMap) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput

func (UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext

func (i UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput

type UserLoginProfileMapInput

type UserLoginProfileMapInput interface {
	pulumi.Input

	ToUserLoginProfileMapOutput() UserLoginProfileMapOutput
	ToUserLoginProfileMapOutputWithContext(context.Context) UserLoginProfileMapOutput
}

UserLoginProfileMapInput is an input type that accepts UserLoginProfileMap and UserLoginProfileMapOutput values. You can construct a concrete instance of `UserLoginProfileMapInput` via:

UserLoginProfileMap{ "key": UserLoginProfileArgs{...} }

type UserLoginProfileMapOutput

type UserLoginProfileMapOutput struct{ *pulumi.OutputState }

func (UserLoginProfileMapOutput) ElementType

func (UserLoginProfileMapOutput) ElementType() reflect.Type

func (UserLoginProfileMapOutput) MapIndex

func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutput

func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput

func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext

func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput

type UserLoginProfileOutput

type UserLoginProfileOutput struct{ *pulumi.OutputState }

func (UserLoginProfileOutput) ElementType

func (UserLoginProfileOutput) ElementType() reflect.Type

func (UserLoginProfileOutput) ToUserLoginProfileOutput

func (o UserLoginProfileOutput) ToUserLoginProfileOutput() UserLoginProfileOutput

func (UserLoginProfileOutput) ToUserLoginProfileOutputWithContext

func (o UserLoginProfileOutput) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput

type UserLoginProfileState

type UserLoginProfileState struct {
	// The encrypted password, base64 encoded. Only available if password was handled on this provider resource creation, not import.
	EncryptedPassword pulumi.StringPtrInput
	// The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.
	KeyFingerprint pulumi.StringPtrInput
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.
	PasswordLength pulumi.IntPtrInput
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument.
	PasswordResetRequired pulumi.BoolPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringPtrInput
	// The IAM user's name.
	User pulumi.StringPtrInput
}

func (UserLoginProfileState) ElementType

func (UserLoginProfileState) ElementType() reflect.Type

type UserMap

type UserMap map[string]UserInput

func (UserMap) ElementType

func (UserMap) ElementType() reflect.Type

func (UserMap) ToUserMapOutput

func (i UserMap) ToUserMapOutput() UserMapOutput

func (UserMap) ToUserMapOutputWithContext

func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput

type UserMapInput

type UserMapInput interface {
	pulumi.Input

	ToUserMapOutput() UserMapOutput
	ToUserMapOutputWithContext(context.Context) UserMapOutput
}

UserMapInput is an input type that accepts UserMap and UserMapOutput values. You can construct a concrete instance of `UserMapInput` via:

UserMap{ "key": UserArgs{...} }

type UserMapOutput

type UserMapOutput struct{ *pulumi.OutputState }

func (UserMapOutput) ElementType

func (UserMapOutput) ElementType() reflect.Type

func (UserMapOutput) MapIndex

func (UserMapOutput) ToUserMapOutput

func (o UserMapOutput) ToUserMapOutput() UserMapOutput

func (UserMapOutput) ToUserMapOutputWithContext

func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput

type UserOutput

type UserOutput struct{ *pulumi.OutputState }

func (UserOutput) ElementType

func (UserOutput) ElementType() reflect.Type

func (UserOutput) ToUserOutput

func (o UserOutput) ToUserOutput() UserOutput

func (UserOutput) ToUserOutputWithContext

func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput

type UserPolicy

type UserPolicy struct {
	pulumi.CustomResourceState

	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// IAM user to which to attach this policy.
	User pulumi.StringOutput `pulumi:"user"`
}

Provides an IAM policy attached to a user.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User: lbUser.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM User Policies can be imported using the `user_name:user_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/userPolicy:UserPolicy mypolicy user_of_mypolicy_name:mypolicy_name

```

func GetUserPolicy

func GetUserPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserPolicyState, opts ...pulumi.ResourceOption) (*UserPolicy, error)

GetUserPolicy gets an existing UserPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicy

func NewUserPolicy(ctx *pulumi.Context,
	name string, args *UserPolicyArgs, opts ...pulumi.ResourceOption) (*UserPolicy, error)

NewUserPolicy registers a new resource with the given unique name, arguments, and options.

func (*UserPolicy) ElementType

func (*UserPolicy) ElementType() reflect.Type

func (*UserPolicy) ToUserPolicyOutput

func (i *UserPolicy) ToUserPolicyOutput() UserPolicyOutput

func (*UserPolicy) ToUserPolicyOutputWithContext

func (i *UserPolicy) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput

type UserPolicyArgs

type UserPolicyArgs struct {
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// IAM user to which to attach this policy.
	User pulumi.StringInput
}

The set of arguments for constructing a UserPolicy resource.

func (UserPolicyArgs) ElementType

func (UserPolicyArgs) ElementType() reflect.Type

type UserPolicyArray

type UserPolicyArray []UserPolicyInput

func (UserPolicyArray) ElementType

func (UserPolicyArray) ElementType() reflect.Type

func (UserPolicyArray) ToUserPolicyArrayOutput

func (i UserPolicyArray) ToUserPolicyArrayOutput() UserPolicyArrayOutput

func (UserPolicyArray) ToUserPolicyArrayOutputWithContext

func (i UserPolicyArray) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput

type UserPolicyArrayInput

type UserPolicyArrayInput interface {
	pulumi.Input

	ToUserPolicyArrayOutput() UserPolicyArrayOutput
	ToUserPolicyArrayOutputWithContext(context.Context) UserPolicyArrayOutput
}

UserPolicyArrayInput is an input type that accepts UserPolicyArray and UserPolicyArrayOutput values. You can construct a concrete instance of `UserPolicyArrayInput` via:

UserPolicyArray{ UserPolicyArgs{...} }

type UserPolicyArrayOutput

type UserPolicyArrayOutput struct{ *pulumi.OutputState }

func (UserPolicyArrayOutput) ElementType

func (UserPolicyArrayOutput) ElementType() reflect.Type

func (UserPolicyArrayOutput) Index

func (UserPolicyArrayOutput) ToUserPolicyArrayOutput

func (o UserPolicyArrayOutput) ToUserPolicyArrayOutput() UserPolicyArrayOutput

func (UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext

func (o UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput

type UserPolicyAttachment

type UserPolicyAttachment struct {
	pulumi.CustomResourceState

	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The user the policy should be applied to
	User pulumi.StringOutput `pulumi:"user"`
}

Attaches a Managed IAM Policy to an IAM user

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user, err := iam.NewUser(ctx, "user", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any("{ ... policy JSON ... }"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicyAttachment(ctx, "test-attach", &iam.UserPolicyAttachmentArgs{
			User:      user.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM user policy attachments can be imported using the user name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/userPolicyAttachment:UserPolicyAttachment test-attach test-user/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetUserPolicyAttachment

func GetUserPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserPolicyAttachmentState, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)

GetUserPolicyAttachment gets an existing UserPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicyAttachment

func NewUserPolicyAttachment(ctx *pulumi.Context,
	name string, args *UserPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)

NewUserPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*UserPolicyAttachment) ElementType

func (*UserPolicyAttachment) ElementType() reflect.Type

func (*UserPolicyAttachment) ToUserPolicyAttachmentOutput

func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput

func (*UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext

func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput

type UserPolicyAttachmentArgs

type UserPolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The user the policy should be applied to
	User pulumi.Input
}

The set of arguments for constructing a UserPolicyAttachment resource.

func (UserPolicyAttachmentArgs) ElementType

func (UserPolicyAttachmentArgs) ElementType() reflect.Type

type UserPolicyAttachmentArray

type UserPolicyAttachmentArray []UserPolicyAttachmentInput

func (UserPolicyAttachmentArray) ElementType

func (UserPolicyAttachmentArray) ElementType() reflect.Type

func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput

func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput

func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext

func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentArrayInput

type UserPolicyAttachmentArrayInput interface {
	pulumi.Input

	ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput
	ToUserPolicyAttachmentArrayOutputWithContext(context.Context) UserPolicyAttachmentArrayOutput
}

UserPolicyAttachmentArrayInput is an input type that accepts UserPolicyAttachmentArray and UserPolicyAttachmentArrayOutput values. You can construct a concrete instance of `UserPolicyAttachmentArrayInput` via:

UserPolicyAttachmentArray{ UserPolicyAttachmentArgs{...} }

type UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentArrayOutput) ElementType

func (UserPolicyAttachmentArrayOutput) Index

func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput

func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput

func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext

func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentInput

type UserPolicyAttachmentInput interface {
	pulumi.Input

	ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput
	ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput
}

type UserPolicyAttachmentMap

type UserPolicyAttachmentMap map[string]UserPolicyAttachmentInput

func (UserPolicyAttachmentMap) ElementType

func (UserPolicyAttachmentMap) ElementType() reflect.Type

func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput

func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput

func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext

func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput

type UserPolicyAttachmentMapInput

type UserPolicyAttachmentMapInput interface {
	pulumi.Input

	ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput
	ToUserPolicyAttachmentMapOutputWithContext(context.Context) UserPolicyAttachmentMapOutput
}

UserPolicyAttachmentMapInput is an input type that accepts UserPolicyAttachmentMap and UserPolicyAttachmentMapOutput values. You can construct a concrete instance of `UserPolicyAttachmentMapInput` via:

UserPolicyAttachmentMap{ "key": UserPolicyAttachmentArgs{...} }

type UserPolicyAttachmentMapOutput

type UserPolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentMapOutput) ElementType

func (UserPolicyAttachmentMapOutput) MapIndex

func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput

func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput

func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext

func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput

type UserPolicyAttachmentOutput

type UserPolicyAttachmentOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentOutput) ElementType

func (UserPolicyAttachmentOutput) ElementType() reflect.Type

func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput

func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput

func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext

func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput

type UserPolicyAttachmentState

type UserPolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The user the policy should be applied to
	User pulumi.Input
}

func (UserPolicyAttachmentState) ElementType

func (UserPolicyAttachmentState) ElementType() reflect.Type

type UserPolicyInput

type UserPolicyInput interface {
	pulumi.Input

	ToUserPolicyOutput() UserPolicyOutput
	ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput
}

type UserPolicyMap

type UserPolicyMap map[string]UserPolicyInput

func (UserPolicyMap) ElementType

func (UserPolicyMap) ElementType() reflect.Type

func (UserPolicyMap) ToUserPolicyMapOutput

func (i UserPolicyMap) ToUserPolicyMapOutput() UserPolicyMapOutput

func (UserPolicyMap) ToUserPolicyMapOutputWithContext

func (i UserPolicyMap) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput

type UserPolicyMapInput

type UserPolicyMapInput interface {
	pulumi.Input

	ToUserPolicyMapOutput() UserPolicyMapOutput
	ToUserPolicyMapOutputWithContext(context.Context) UserPolicyMapOutput
}

UserPolicyMapInput is an input type that accepts UserPolicyMap and UserPolicyMapOutput values. You can construct a concrete instance of `UserPolicyMapInput` via:

UserPolicyMap{ "key": UserPolicyArgs{...} }

type UserPolicyMapOutput

type UserPolicyMapOutput struct{ *pulumi.OutputState }

func (UserPolicyMapOutput) ElementType

func (UserPolicyMapOutput) ElementType() reflect.Type

func (UserPolicyMapOutput) MapIndex

func (UserPolicyMapOutput) ToUserPolicyMapOutput

func (o UserPolicyMapOutput) ToUserPolicyMapOutput() UserPolicyMapOutput

func (UserPolicyMapOutput) ToUserPolicyMapOutputWithContext

func (o UserPolicyMapOutput) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput

type UserPolicyOutput

type UserPolicyOutput struct{ *pulumi.OutputState }

func (UserPolicyOutput) ElementType

func (UserPolicyOutput) ElementType() reflect.Type

func (UserPolicyOutput) ToUserPolicyOutput

func (o UserPolicyOutput) ToUserPolicyOutput() UserPolicyOutput

func (UserPolicyOutput) ToUserPolicyOutputWithContext

func (o UserPolicyOutput) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput

type UserPolicyState

type UserPolicyState struct {
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// IAM user to which to attach this policy.
	User pulumi.StringPtrInput
}

func (UserPolicyState) ElementType

func (UserPolicyState) ElementType() reflect.Type

type UserState

type UserState struct {
	// The ARN assigned by AWS for this user.
	Arn pulumi.StringPtrInput
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrInput
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringPtrInput
	// Path in which to create the user.
	Path pulumi.StringPtrInput
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM user
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapInput
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (UserState) ElementType

func (UserState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL