iam

package
v5.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 20, 2022 License: Apache-2.0 Imports: 7 Imported by: 28

Documentation

Index

Constants

View Source
const (
	ManagedPolicyAWSAccountActivityAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountActivityAccess")
	ManagedPolicyAWSAccountUsageReportAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountUsageReportAccess")
	ManagedPolicyAWSAgentlessDiscoveryService                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService")
	ManagedPolicyAWSApplicationDiscoveryAgentAccess             = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess")
	ManagedPolicyAWSApplicationDiscoveryServiceFullAccess       = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess")
	ManagedPolicyAWSBatchFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSBatchFullAccess")
	ManagedPolicyAWSBatchServiceRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole")
	ManagedPolicyAWSCertificateManagerFullAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess")
	ManagedPolicyAWSCertificateManagerReadOnly                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly")
	ManagedPolicyAWSCloudFormationReadOnlyAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess")
	ManagedPolicyAWSCloudHSMFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMFullAccess")
	ManagedPolicyAWSCloudHSMReadOnlyAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess")
	ManagedPolicyAWSCloudHSMRole                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole")
	ManagedPolicyAWSCloudTrailFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailFullAccess")
	ManagedPolicyAWSCloudTrailReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess")
	ManagedPolicyAWSCloudWatchLambdaInsightsExecutionRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudWatchLambdaInsightsExecutionRolePolicy")
	ManagedPolicyAWSCodeBuildAdminAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess")
	ManagedPolicyAWSCodeBuildDeveloperAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess")
	ManagedPolicyAWSCodeBuildReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess")
	ManagedPolicyAWSCodeCommitFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitFullAccess")
	ManagedPolicyAWSCodeCommitPowerUser                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitPowerUser")
	ManagedPolicyAWSCodeCommitReadOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitReadOnly")
	ManagedPolicyAWSCodeDeployDeployerAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess")
	ManagedPolicyAWSCodeDeployFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployFullAccess")
	ManagedPolicyAWSCodeDeployReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess")
	ManagedPolicyAWSCodeDeployRole                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole")
	ManagedPolicyAWSCodeDeployRoleForECS                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS")
	ManagedPolicyAWSCodePipelineApproverAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess")
	ManagedPolicyAWSCodePipelineCustomActionAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess")
	ManagedPolicyAWSCodePipelineFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineFullAccess")
	ManagedPolicyAWSCodePipelineReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineReadOnlyAccess")
	ManagedPolicyAWSCodeStarFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeStarFullAccess")
	ManagedPolicyAWSCodeStarServiceRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole")
	ManagedPolicyAWSConfigRole                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRole")
	ManagedPolicyAWSConfigRulesExecutionRole                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRulesExecutionRole")
	ManagedPolicyAWSConfigUserAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSConfigUserAccess")
	ManagedPolicyAWSConnector                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSConnector")
	ManagedPolicyAWSDataPipelineRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole")
	ManagedPolicy_AWSDataPipeline_FullAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_FullAccess")
	ManagedPolicy_AWSDataPipeline_PowerUser                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_PowerUser")
	ManagedPolicyAWSDeviceFarmFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess")
	ManagedPolicyAWSDirectConnectFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectFullAccess")
	ManagedPolicyAWSDirectConnectReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess")
	ManagedPolicyAWSDirectoryServiceFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess")
	ManagedPolicyAWSDirectoryServiceReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess")
	ManagedPolicyAWSElasticBeanstalkCustomPlatformforEC2Role    = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role")
	ManagedPolicyAWSElasticBeanstalkEnhancedHealth              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth")
	ManagedPolicyAWSElasticBeanstalkFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess")
	ManagedPolicyAWSElasticBeanstalkMulticontainerDocker        = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker")
	ManagedPolicyAWSElasticBeanstalkReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess")
	ManagedPolicyAWSElasticBeanstalkService                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService")
	ManagedPolicyAWSElasticBeanstalkWebTier                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier")
	// Deprecated: This has been deprecated in favour of `AWSElasticBeanstalkWorkerTier`
	ManagedPolicyAWSElasticBeanstakWorkerTier          = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier")
	ManagedPolicyAWSElasticBeanstalkWorkerTier         = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier")
	ManagedPolicyAWSGreengrassFullccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassFullAccess")
	ManagedPolicyAWSGreengrassResourceAccessRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy")
	ManagedPolicyAWSHealthFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSHealthFullAccess")
	ManagedPolicyAWSImportExportFullAccess             = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportFullAccess")
	ManagedPolicyAWSImportExportReadOnlyAccess         = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess")
	ManagedPolicyAWSIoTConfigAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigAccess")
	ManagedPolicyAWSIoTConfigReadOnlyAccess            = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigReadOnlyAccess")
	ManagedPolicyAWSIoTDataAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDataAccess")
	ManagedPolicyAWSIoTFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTFullAccess")
	ManagedPolicyAWSIoTLogging                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTLogging")
	ManagedPolicyAWSIoTRuleActions                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTRuleActions")
	ManagedPolicyAWSKeyManagementServicePowerUser      = ManagedPolicy("arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser")
	ManagedPolicyAWSLambdaBasicExecutionRole           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole")
	ManagedPolicyAWSLambdaDynamoDBExecutionRole        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole")
	ManagedPolicyAWSLambdaENIManagementAccess          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaENIManagementAccess")
	ManagedPolicyAWSLambdaExecute                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaExecute")
	// Deprecated: This has been deprecated in favour of `LambdaFullAccess`
	ManagedPolicyAWSLambdaFullAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaFullAccess")
	ManagedPolicyLambdaFullAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_FullAccess")
	ManagedPolicyAWSLambdaInvocationDynamoDB   = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB")
	ManagedPolicyAWSLambdaKinesisExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole")
	// Deprecated: This has been deprecated in favour of `LambdaReadOnlyAccess`
	ManagedPolicyAWSLambdaReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess")
	ManagedPolicyLambdaReadOnlyAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_ReadOnlyAccess")
	ManagedPolicyAWSLambdaRole                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaRole")
	ManagedPolicyAWSLambdaVPCAccessExecutionRole                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole")
	ManagedPolicyAWSMarketplaceFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceFullAccess")
	ManagedPolicyAWSMarketplaceGetEntitlements                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceGetEntitlements")
	ManagedPolicyAWSMarketplaceManageSubscriptions                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions")
	ManagedPolicyAWSMarketplaceMeteringFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess")
	ManagedPolicyAWSMarketplaceReadonly                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceRead-only")
	ManagedPolicy_AWSMobileHub_FullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_FullAccess")
	ManagedPolicy_AWSMobileHub_ReadOnly                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_ReadOnly")
	ManagedPolicy_AWSMobileHub_ServiceUseOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMobileHub_ServiceUseOnly")
	ManagedPolicyAWSOpsWorksCMInstanceProfileRole                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole")
	ManagedPolicyAWSOpsWorksCMServiceRole                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole")
	ManagedPolicyAWSOpsWorksCloudWatchLogs                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCloudWatchLogs")
	ManagedPolicyAWSOpsWorksFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksFullAccess")
	ManagedPolicyAWSOpsWorksInstanceRegistration                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksInstanceRegistration")
	ManagedPolicyAWSOpsWorksRegisterCLI                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI")
	ManagedPolicyAWSOpsWorksRole                                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole")
	ManagedPolicyAWSQuickSightDescribeRD                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS")
	ManagedPolicyAWSQuickSightDescribeRedshift                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift")
	ManagedPolicyAWSQuickSightListIAM                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightListIAM")
	ManagedPolicyAWSQuicksightAthenaAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuicksightAthenaAccess")
	ManagedPolicyAWSStepFunctionsConsoleFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsConsoleFullAccess")
	ManagedPolicyAWSStepFunctionsFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsFullAccess")
	ManagedPolicyAWSStepFunctionsReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess")
	ManagedPolicyAWSStorageGatewayFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess")
	ManagedPolicyAWSStorageGatewayReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess")
	ManagedPolicyAWSSupportAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAccess")
	ManagedPolicyAWSWAFFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFFullAccess")
	ManagedPolicyAWSWAFReadOnlyAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess")
	ManagedPolicyAWSXrayFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayFullAccess")
	ManagedPolicyAWSXrayReadOnlyAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess")
	ManagedPolicyAWSXrayWriteOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess")
	ManagedPolicyAWSXRayDaemonWriteAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess")
	ManagedPolicyAdministratorAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess")
	ManagedPolicyAmazonAPIGatewayAdministrator                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator")
	ManagedPolicyAmazonAPIGatewayInvokeFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess")
	ManagedPolicyAmazonAPIGatewayPushToCloudWatchLogs                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs")
	ManagedPolicyAmazonAppStreamFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamFullAccess")
	ManagedPolicyAmazonAppStreamReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess")
	ManagedPolicyAmazonAppStreamServiceAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAppStreamServiceAccess")
	ManagedPolicyAmazonAthenaFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAthenaFullAccess")
	ManagedPolicyAmazonCloudDirectoryFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryFullAccess")
	ManagedPolicyAmazonCloudDirectoryReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess")
	ManagedPolicyAmazonCognitoDeveloperAuthenticatedIdentities         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities")
	ManagedPolicyAmazonCognitoPowerUser                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoPowerUser")
	ManagedPolicyAmazonCognitoReadOnly                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoReadOnly")
	ManagedPolicyAmazonDMSCloudWatchLogsRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole")
	ManagedPolicyAmazonDMSRedshiftS3Role                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role")
	ManagedPolicyAmazonDMSVPCManagementRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole")
	ManagedPolicyAmazonDRSVPCManagement                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDRSVPCManagement")
	ManagedPolicyAmazonDynamoDBFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess")
	ManagedPolicyAmazonDynamoDBFullAccesswithDataPipeline              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline")
	ManagedPolicyAmazonDynamoDBReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess")
	ManagedPolicyAmazonEC2ContainerRegistryFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess")
	ManagedPolicyAmazonEC2ContainerRegistryPowerUser                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser")
	ManagedPolicyAmazonEC2ContainerRegistryReadOnly                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly")
	ManagedPolicyAmazonEC2ContainerServiceAutoscaleRole                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole")
	ManagedPolicyAmazonEC2ContainerServiceFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess")
	ManagedPolicyAmazonEC2ContainerServiceRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole")
	ManagedPolicyAmazonEC2ContainerServiceforEC2Role                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role")
	ManagedPolicyEC2InstanceProfileForImageBuilder                     = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilder")
	ManagedPolicyAmazonEC2FullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2FullAccess")
	ManagedPolicyAmazonEC2ReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess")
	ManagedPolicyAmazonEC2ReportsAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReportsAccess")
	ManagedPolicyAmazonEC2RoleforAWSCodeDeploy                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy")
	ManagedPolicyAmazonEC2RoleforDataPipelineRole                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole")
	ManagedPolicyAmazonEC2RoleforSSM                                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM")
	ManagedPolicyAmazonEC2SpotFleetAutoscaleRole                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole")
	ManagedPolicyAmazonEC2SpotFleetRole                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole")
	ManagedPolicyAmazonEC2SpotFleetTaggingRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole")
	ManagedPolicyAmazonECSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonECS_FullAccess")
	ManagedPolicyAmazonECSServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy")
	ManagedPolicyAmazonECSTaskExecutionRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy")
	ManagedPolicyAmazonESFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESFullAccess")
	ManagedPolicyAmazonESReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESReadOnlyAccess")
	ManagedPolicyAmazonElastiCacheFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess")
	ManagedPolicyAmazonElastiCacheReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess")
	ManagedPolicyAmazonElasticFileSystemFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess")
	ManagedPolicyAmazonElasticFileSystemReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess")
	ManagedPolicyAmazonElasticMapReduceFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess")
	ManagedPolicyAmazonElasticMapReduceReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess")
	ManagedPolicyAmazonElasticMapReduceRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole")
	ManagedPolicyAmazonElasticMapReduceforAutoScalingRole              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole")
	ManagedPolicyAmazonElasticMapReduceforEC2Role                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role")
	ManagedPolicyAmazonElasticTranscoderFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderFullAccess")
	ManagedPolicyAmazonElasticTranscoderJobsSubmitter                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderJobsSubmitter")
	ManagedPolicyAmazonElasticTranscoderReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderReadOnlyAccess")
	ManagedPolicyAmazonElasticTranscoderRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole")
	ManagedPolicyAmazonGlacierFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierFullAccess")
	ManagedPolicyAmazonGlacierReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess")
	ManagedPolicyAmazonInspectorFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorFullAccess")
	ManagedPolicyAmazonInspectorReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorReadOnlyAccess")
	ManagedPolicyAmazonKinesisAnalyticsFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsFullAccess")
	ManagedPolicyAmazonKinesisAnalyticsReadOnly                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsReadOnly")
	ManagedPolicyAmazonKinesisFirehoseFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseFullAccess")
	ManagedPolicyAmazonKinesisFirehoseReadOnlyAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess")
	ManagedPolicyAmazonKinesisFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFullAccess")
	ManagedPolicyAmazonKinesisReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess")
	ManagedPolicyAmazonLexFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexFullAccess")
	ManagedPolicyAmazonLexReadOnly                                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexReadOnly")
	ManagedPolicyAmazonLexRunBotsOnly                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexRunBotsOnly")
	ManagedPolicyAmazonMachineLearningBatchPredictionsAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess")
	ManagedPolicyAmazonMachineLearningCreateOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess")
	ManagedPolicyAmazonMachineLearningFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess")
	ManagedPolicyAmazonMachineLearningManageRealTimeEndpointOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess")
	ManagedPolicyAmazonMachineLearningReadOnlyAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess")
	ManagedPolicyAmazonMachineLearningRealTimePredictionOnlyAccess     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess")
	ManagedPolicyAmazonMachineLearningRoleforRedshiftDataSource        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource")
	ManagedPolicyAmazonMechanicalTurkFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkFullAccess")
	ManagedPolicyAmazonMechanicalTurkReadOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkReadOnly")
	ManagedPolicyAmazonMobileAnalyticsFinancialReportAccess            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess")
	ManagedPolicyAmazonMobileAnalyticsFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess")
	ManagedPolicyAmazonMobileAnalyticsNonfinancialReportAccess         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess")
	ManagedPolicyAmazonMobileAnalyticsWriteOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess")
	ManagedPolicyAmazonPollyFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyFullAccess")
	ManagedPolicyAmazonPollyReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyReadOnlyAccess")
	ManagedPolicyAmazonRDSDirectoryServiceAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess")
	ManagedPolicyAmazonRDSEnhancedMonitoringRole                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole")
	ManagedPolicyAmazonRDSDataFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSDataFullAccess")
	ManagedPolicyAmazonRDSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSFullAccess")
	ManagedPolicyAmazonRDSReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess")
	ManagedPolicyAmazonRedshiftFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftFullAccess")
	ManagedPolicyAmazonRedshiftReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess")
	ManagedPolicyAmazonRekognitionFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionFullAccess")
	ManagedPolicyAmazonRekognitionReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionReadOnlyAccess")
	ManagedPolicyAmazonRoute53DomainsFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess")
	ManagedPolicyAmazonRoute53DomainsReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess")
	ManagedPolicyAmazonRoute53FullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53FullAccess")
	ManagedPolicyAmazonRoute53ReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess")
	ManagedPolicyAmazonS3FullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3FullAccess")
	ManagedPolicyAmazonS3ReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess")
	ManagedPolicyAmazonSESFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESFullAccess")
	ManagedPolicyAmazonSESReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess")
	ManagedPolicyAmazonSNSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSFullAccess")
	ManagedPolicyAmazonSNSReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess")
	ManagedPolicyAmazonSNSRole                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSNSRole")
	ManagedPolicyAmazonSQSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSFullAccess")
	ManagedPolicyAmazonSQSReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess")
	ManagedPolicyAWSLambdaSQSQueueExecutionRole                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole")
	ManagedPolicyAmazonSSMAutomationApproverAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMAutomationApproverAccess")
	ManagedPolicyAmazonSSMAutomationRole                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole")
	ManagedPolicyAmazonSSMDirectoryServiceAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMDirectoryServiceAccess")
	ManagedPolicyAmazonSSMFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMFullAccess")
	ManagedPolicyAmazonSSMMaintenanceWindowRole                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole")
	ManagedPolicyAmazonSSMPatchAssociation                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMPatchAssociation")
	ManagedPolicyAmazonSSMReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess")
	ManagedPolicyAmazonSSMManagedInstanceCore                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore")
	ManagedPolicyAmazonVPCFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCFullAccess")
	ManagedPolicyAmazonVPCReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess")
	ManagedPolicyAmazonWorkMailFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailFullAccess")
	ManagedPolicyAmazonWorkMailReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess")
	ManagedPolicyAmazonWorkSpacesAdmin                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesAdmin")
	ManagedPolicyAmazonWorkSpacesApplicationManagerAdminAccess         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess")
	ManagedPolicyAmazonZocaloFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloFullAccess")
	ManagedPolicyAmazonZocaloReadOnlyAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess")
	ManagedPolicyApplicationAutoScalingForAmazonAppStreamAccess        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess")
	ManagedPolicyAutoScalingConsoleFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleFullAccess")
	ManagedPolicyAutoScalingConsoleReadOnlyAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleReadOnlyAccess")
	ManagedPolicyAutoScalingFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingFullAccess")
	ManagedPolicyAutoScalingNotificationAccessRole                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole")
	ManagedPolicyAutoScalingReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingReadOnlyAccess")
	ManagedPolicyBilling                                               = ManagedPolicy("arn:aws:iam::aws:policy/job-function/Billing")
	ManagedPolicyCloudFrontFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontFullAccess")
	ManagedPolicyCloudFrontReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess")
	ManagedPolicyCloudSearchFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchFullAccess")
	ManagedPolicyCloudSearchReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess")
	ManagedPolicyCloudWatchActionsEC2Access                            = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchActionsEC2Access")
	ManagedPolicyCloudWatchEventsBuiltInTargetExecutionAccess          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess")
	ManagedPolicyCloudWatchEventsFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsFullAccess")
	ManagedPolicyCloudWatchEventsInvocationAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess")
	ManagedPolicyCloudWatchEventsReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsReadOnlyAccess")
	ManagedPolicyCloudWatchFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchFullAccess")
	ManagedPolicyCloudWatchLogsFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsFullAccess")
	ManagedPolicyCloudWatchLogsReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess")
	ManagedPolicyCloudWatchReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess")
	ManagedPolicyDataScientist                                         = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DataScientist")
	ManagedPolicyDatabaseAdministrator                                 = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DatabaseAdministrator")
	ManagedPolicyIAMFullAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/IAMFullAccess")
	ManagedPolicyIAMReadOnlyAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/IAMReadOnlyAccess")
	ManagedPolicyIAMSelfManageServiceSpecificCredentials               = ManagedPolicy("arn:aws:iam::aws:policy/IAMSelfManageServiceSpecificCredentials")
	ManagedPolicyIAMUserChangePassword                                 = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserChangePassword")
	ManagedPolicyIAMUserSSHKeys                                        = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserSSHKeys")
	ManagedPolicyNetworkAdministrator                                  = ManagedPolicy("arn:aws:iam::aws:policy/job-function/NetworkAdministrator")
	ManagedPolicyPowerUserAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/PowerUserAccess")
	ManagedPolicyRDSCloudHsmAuthorizationRole                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole")
	ManagedPolicyReadOnlyAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/ReadOnlyAccess")
	ManagedPolicyResourceGroupsandTagEditorFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess")
	ManagedPolicyResourceGroupsandTagEditorReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess")
	ManagedPolicySecretsManagerReadWrite                               = ManagedPolicy("arn:aws:iam::aws:policy/SecretsManagerReadWrite")
	ManagedPolicySecurityAudit                                         = ManagedPolicy("arn:aws:iam::aws:policy/SecurityAudit")
	ManagedPolicyServerMigrationConnector                              = ManagedPolicy("arn:aws:iam::aws:policy/ServerMigrationConnector")
	ManagedPolicyServerMigrationServiceRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRole")
	ManagedPolicyServiceCatalogAdminFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminFullAccess")
	ManagedPolicyServiceCatalogAdminReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminReadOnlyAccess")
	ManagedPolicyServiceCatalogEndUserAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserAccess")
	ManagedPolicyServiceCatalogEndUserFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserFullAccess")
	ManagedPolicySimpleWorkflowFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/SimpleWorkflowFullAccess")
	ManagedPolicySupportUser                                           = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SupportUser")
	ManagedPolicySystemAdministrator                                   = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SystemAdministrator")
	ManagedPolicyVMImportExportRoleForAWSConnector                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector")
	ManagedPolicyViewOnlyAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/job-function/ViewOnlyAccess")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessKey

type AccessKey struct {
	pulumi.CustomResourceState

	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate                 pulumi.StringOutput `pulumi:"createDate"`
	EncryptedSecret            pulumi.StringOutput `pulumi:"encryptedSecret"`
	EncryptedSesSmtpPasswordV4 pulumi.StringOutput `pulumi:"encryptedSesSmtpPasswordV4"`
	// Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.
	KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"`
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute.
	PgpKey pulumi.StringPtrOutput `pulumi:"pgpKey"`
	// Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
	Secret pulumi.StringOutput `pulumi:"secret"`
	// Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).
	SesSmtpPasswordV4 pulumi.StringOutput `pulumi:"sesSmtpPasswordV4"`
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// IAM user to associate with this access key.
	User pulumi.StringOutput `pulumi:"user"`
}

Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
		})
		if err != nil {
			return err
		}
		lbAccessKey, err := iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User:   lbUser.Name,
			PgpKey: pulumi.String("keybase:some_person_that_exists"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		ctx.Export("secret", lbAccessKey.EncryptedSecret)
		return nil
	})
}

```

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testUser, err := iam.NewUser(ctx, "testUser", &iam.UserArgs{
			Path: pulumi.String("/test/"),
		})
		if err != nil {
			return err
		}
		testAccessKey, err := iam.NewAccessKey(ctx, "testAccessKey", &iam.AccessKeyArgs{
			User: testUser.Name,
		})
		if err != nil {
			return err
		}
		ctx.Export("awsIamSmtpPasswordV4", testAccessKey.SesSmtpPasswordV4)
		return nil
	})
}

```

## Import

IAM Access Keys can be imported using the identifier, e.g.,

```sh

$ pulumi import aws:iam/accessKey:AccessKey example AKIA1234567890

```

Resource attributes such as `encrypted_secret`, `key_fingerprint`, `pgp_key`, `secret`, `ses_smtp_password_v4`, and `encrypted_ses_smtp_password_v4` are not available for imported resources as this information cannot be read from the IAM API.

func GetAccessKey

func GetAccessKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessKeyState, opts ...pulumi.ResourceOption) (*AccessKey, error)

GetAccessKey gets an existing AccessKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessKey

func NewAccessKey(ctx *pulumi.Context,
	name string, args *AccessKeyArgs, opts ...pulumi.ResourceOption) (*AccessKey, error)

NewAccessKey registers a new resource with the given unique name, arguments, and options.

func (*AccessKey) ElementType

func (*AccessKey) ElementType() reflect.Type

func (*AccessKey) ToAccessKeyOutput

func (i *AccessKey) ToAccessKeyOutput() AccessKeyOutput

func (*AccessKey) ToAccessKeyOutputWithContext

func (i *AccessKey) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput

type AccessKeyArgs

type AccessKeyArgs struct {
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute.
	PgpKey pulumi.StringPtrInput
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrInput
	// IAM user to associate with this access key.
	User pulumi.StringInput
}

The set of arguments for constructing a AccessKey resource.

func (AccessKeyArgs) ElementType

func (AccessKeyArgs) ElementType() reflect.Type

type AccessKeyArray

type AccessKeyArray []AccessKeyInput

func (AccessKeyArray) ElementType

func (AccessKeyArray) ElementType() reflect.Type

func (AccessKeyArray) ToAccessKeyArrayOutput

func (i AccessKeyArray) ToAccessKeyArrayOutput() AccessKeyArrayOutput

func (AccessKeyArray) ToAccessKeyArrayOutputWithContext

func (i AccessKeyArray) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput

type AccessKeyArrayInput

type AccessKeyArrayInput interface {
	pulumi.Input

	ToAccessKeyArrayOutput() AccessKeyArrayOutput
	ToAccessKeyArrayOutputWithContext(context.Context) AccessKeyArrayOutput
}

AccessKeyArrayInput is an input type that accepts AccessKeyArray and AccessKeyArrayOutput values. You can construct a concrete instance of `AccessKeyArrayInput` via:

AccessKeyArray{ AccessKeyArgs{...} }

type AccessKeyArrayOutput

type AccessKeyArrayOutput struct{ *pulumi.OutputState }

func (AccessKeyArrayOutput) ElementType

func (AccessKeyArrayOutput) ElementType() reflect.Type

func (AccessKeyArrayOutput) Index

func (AccessKeyArrayOutput) ToAccessKeyArrayOutput

func (o AccessKeyArrayOutput) ToAccessKeyArrayOutput() AccessKeyArrayOutput

func (AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext

func (o AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput

type AccessKeyInput

type AccessKeyInput interface {
	pulumi.Input

	ToAccessKeyOutput() AccessKeyOutput
	ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput
}

type AccessKeyMap

type AccessKeyMap map[string]AccessKeyInput

func (AccessKeyMap) ElementType

func (AccessKeyMap) ElementType() reflect.Type

func (AccessKeyMap) ToAccessKeyMapOutput

func (i AccessKeyMap) ToAccessKeyMapOutput() AccessKeyMapOutput

func (AccessKeyMap) ToAccessKeyMapOutputWithContext

func (i AccessKeyMap) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput

type AccessKeyMapInput

type AccessKeyMapInput interface {
	pulumi.Input

	ToAccessKeyMapOutput() AccessKeyMapOutput
	ToAccessKeyMapOutputWithContext(context.Context) AccessKeyMapOutput
}

AccessKeyMapInput is an input type that accepts AccessKeyMap and AccessKeyMapOutput values. You can construct a concrete instance of `AccessKeyMapInput` via:

AccessKeyMap{ "key": AccessKeyArgs{...} }

type AccessKeyMapOutput

type AccessKeyMapOutput struct{ *pulumi.OutputState }

func (AccessKeyMapOutput) ElementType

func (AccessKeyMapOutput) ElementType() reflect.Type

func (AccessKeyMapOutput) MapIndex

func (AccessKeyMapOutput) ToAccessKeyMapOutput

func (o AccessKeyMapOutput) ToAccessKeyMapOutput() AccessKeyMapOutput

func (AccessKeyMapOutput) ToAccessKeyMapOutputWithContext

func (o AccessKeyMapOutput) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput

type AccessKeyOutput

type AccessKeyOutput struct{ *pulumi.OutputState }

func (AccessKeyOutput) CreateDate added in v5.4.0

func (o AccessKeyOutput) CreateDate() pulumi.StringOutput

Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.

func (AccessKeyOutput) ElementType

func (AccessKeyOutput) ElementType() reflect.Type

func (AccessKeyOutput) EncryptedSecret added in v5.4.0

func (o AccessKeyOutput) EncryptedSecret() pulumi.StringOutput

func (AccessKeyOutput) EncryptedSesSmtpPasswordV4 added in v5.4.0

func (o AccessKeyOutput) EncryptedSesSmtpPasswordV4() pulumi.StringOutput

func (AccessKeyOutput) KeyFingerprint added in v5.4.0

func (o AccessKeyOutput) KeyFingerprint() pulumi.StringOutput

Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.

func (AccessKeyOutput) PgpKey added in v5.4.0

Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute.

func (AccessKeyOutput) Secret added in v5.4.0

func (o AccessKeyOutput) Secret() pulumi.StringOutput

Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.

func (AccessKeyOutput) SesSmtpPasswordV4 added in v5.4.0

func (o AccessKeyOutput) SesSmtpPasswordV4() pulumi.StringOutput

Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).

func (AccessKeyOutput) Status added in v5.4.0

Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.

func (AccessKeyOutput) ToAccessKeyOutput

func (o AccessKeyOutput) ToAccessKeyOutput() AccessKeyOutput

func (AccessKeyOutput) ToAccessKeyOutputWithContext

func (o AccessKeyOutput) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput

func (AccessKeyOutput) User added in v5.4.0

IAM user to associate with this access key.

type AccessKeyState

type AccessKeyState struct {
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate                 pulumi.StringPtrInput
	EncryptedSecret            pulumi.StringPtrInput
	EncryptedSesSmtpPasswordV4 pulumi.StringPtrInput
	// Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.
	KeyFingerprint pulumi.StringPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute.
	PgpKey pulumi.StringPtrInput
	// Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
	Secret pulumi.StringPtrInput
	// Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).
	SesSmtpPasswordV4 pulumi.StringPtrInput
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrInput
	// IAM user to associate with this access key.
	User pulumi.StringPtrInput
}

func (AccessKeyState) ElementType

func (AccessKeyState) ElementType() reflect.Type

type AccountAlias

type AccountAlias struct {
	pulumi.CustomResourceState

	// The account alias
	AccountAlias pulumi.StringOutput `pulumi:"accountAlias"`
}

> **Note:** There is only a single account alias per AWS account.

Manages the account alias for the AWS Account.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewAccountAlias(ctx, "alias", &iam.AccountAliasArgs{
			AccountAlias: pulumi.String("my-account-alias"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

The current Account Alias can be imported using the `account_alias`, e.g.,

```sh

$ pulumi import aws:iam/accountAlias:AccountAlias alias my-account-alias

```

func GetAccountAlias

func GetAccountAlias(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccountAliasState, opts ...pulumi.ResourceOption) (*AccountAlias, error)

GetAccountAlias gets an existing AccountAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountAlias

func NewAccountAlias(ctx *pulumi.Context,
	name string, args *AccountAliasArgs, opts ...pulumi.ResourceOption) (*AccountAlias, error)

NewAccountAlias registers a new resource with the given unique name, arguments, and options.

func (*AccountAlias) ElementType

func (*AccountAlias) ElementType() reflect.Type

func (*AccountAlias) ToAccountAliasOutput

func (i *AccountAlias) ToAccountAliasOutput() AccountAliasOutput

func (*AccountAlias) ToAccountAliasOutputWithContext

func (i *AccountAlias) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput

type AccountAliasArgs

type AccountAliasArgs struct {
	// The account alias
	AccountAlias pulumi.StringInput
}

The set of arguments for constructing a AccountAlias resource.

func (AccountAliasArgs) ElementType

func (AccountAliasArgs) ElementType() reflect.Type

type AccountAliasArray

type AccountAliasArray []AccountAliasInput

func (AccountAliasArray) ElementType

func (AccountAliasArray) ElementType() reflect.Type

func (AccountAliasArray) ToAccountAliasArrayOutput

func (i AccountAliasArray) ToAccountAliasArrayOutput() AccountAliasArrayOutput

func (AccountAliasArray) ToAccountAliasArrayOutputWithContext

func (i AccountAliasArray) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput

type AccountAliasArrayInput

type AccountAliasArrayInput interface {
	pulumi.Input

	ToAccountAliasArrayOutput() AccountAliasArrayOutput
	ToAccountAliasArrayOutputWithContext(context.Context) AccountAliasArrayOutput
}

AccountAliasArrayInput is an input type that accepts AccountAliasArray and AccountAliasArrayOutput values. You can construct a concrete instance of `AccountAliasArrayInput` via:

AccountAliasArray{ AccountAliasArgs{...} }

type AccountAliasArrayOutput

type AccountAliasArrayOutput struct{ *pulumi.OutputState }

func (AccountAliasArrayOutput) ElementType

func (AccountAliasArrayOutput) ElementType() reflect.Type

func (AccountAliasArrayOutput) Index

func (AccountAliasArrayOutput) ToAccountAliasArrayOutput

func (o AccountAliasArrayOutput) ToAccountAliasArrayOutput() AccountAliasArrayOutput

func (AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext

func (o AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput

type AccountAliasInput

type AccountAliasInput interface {
	pulumi.Input

	ToAccountAliasOutput() AccountAliasOutput
	ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput
}

type AccountAliasMap

type AccountAliasMap map[string]AccountAliasInput

func (AccountAliasMap) ElementType

func (AccountAliasMap) ElementType() reflect.Type

func (AccountAliasMap) ToAccountAliasMapOutput

func (i AccountAliasMap) ToAccountAliasMapOutput() AccountAliasMapOutput

func (AccountAliasMap) ToAccountAliasMapOutputWithContext

func (i AccountAliasMap) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput

type AccountAliasMapInput

type AccountAliasMapInput interface {
	pulumi.Input

	ToAccountAliasMapOutput() AccountAliasMapOutput
	ToAccountAliasMapOutputWithContext(context.Context) AccountAliasMapOutput
}

AccountAliasMapInput is an input type that accepts AccountAliasMap and AccountAliasMapOutput values. You can construct a concrete instance of `AccountAliasMapInput` via:

AccountAliasMap{ "key": AccountAliasArgs{...} }

type AccountAliasMapOutput

type AccountAliasMapOutput struct{ *pulumi.OutputState }

func (AccountAliasMapOutput) ElementType

func (AccountAliasMapOutput) ElementType() reflect.Type

func (AccountAliasMapOutput) MapIndex

func (AccountAliasMapOutput) ToAccountAliasMapOutput

func (o AccountAliasMapOutput) ToAccountAliasMapOutput() AccountAliasMapOutput

func (AccountAliasMapOutput) ToAccountAliasMapOutputWithContext

func (o AccountAliasMapOutput) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput

type AccountAliasOutput

type AccountAliasOutput struct{ *pulumi.OutputState }

func (AccountAliasOutput) AccountAlias added in v5.4.0

func (o AccountAliasOutput) AccountAlias() pulumi.StringOutput

The account alias

func (AccountAliasOutput) ElementType

func (AccountAliasOutput) ElementType() reflect.Type

func (AccountAliasOutput) ToAccountAliasOutput

func (o AccountAliasOutput) ToAccountAliasOutput() AccountAliasOutput

func (AccountAliasOutput) ToAccountAliasOutputWithContext

func (o AccountAliasOutput) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput

type AccountAliasState

type AccountAliasState struct {
	// The account alias
	AccountAlias pulumi.StringPtrInput
}

func (AccountAliasState) ElementType

func (AccountAliasState) ElementType() reflect.Type

type AccountPasswordPolicy

type AccountPasswordPolicy struct {
	pulumi.CustomResourceState

	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrOutput `pulumi:"allowUsersToChangePassword"`
	// Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.
	ExpirePasswords pulumi.BoolOutput `pulumi:"expirePasswords"`
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolOutput `pulumi:"hardExpiry"`
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntOutput `pulumi:"maxPasswordAge"`
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrOutput `pulumi:"minimumPasswordLength"`
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntOutput `pulumi:"passwordReusePrevention"`
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolOutput `pulumi:"requireLowercaseCharacters"`
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolOutput `pulumi:"requireNumbers"`
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolOutput `pulumi:"requireSymbols"`
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolOutput `pulumi:"requireUppercaseCharacters"`
}

> **Note:** There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.

Manages Password Policy for the AWS Account. See more about [Account Password Policy](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html) in the official AWS docs.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewAccountPasswordPolicy(ctx, "strict", &iam.AccountPasswordPolicyArgs{
			AllowUsersToChangePassword: pulumi.Bool(true),
			MinimumPasswordLength:      pulumi.Int(8),
			RequireLowercaseCharacters: pulumi.Bool(true),
			RequireNumbers:             pulumi.Bool(true),
			RequireSymbols:             pulumi.Bool(true),
			RequireUppercaseCharacters: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Account Password Policy can be imported using the word `iam-account-password-policy`, e.g.,

```sh

$ pulumi import aws:iam/accountPasswordPolicy:AccountPasswordPolicy strict iam-account-password-policy

```

func GetAccountPasswordPolicy

func GetAccountPasswordPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccountPasswordPolicyState, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)

GetAccountPasswordPolicy gets an existing AccountPasswordPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountPasswordPolicy

func NewAccountPasswordPolicy(ctx *pulumi.Context,
	name string, args *AccountPasswordPolicyArgs, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)

NewAccountPasswordPolicy registers a new resource with the given unique name, arguments, and options.

func (*AccountPasswordPolicy) ElementType

func (*AccountPasswordPolicy) ElementType() reflect.Type

func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutput

func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput

func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext

func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput

type AccountPasswordPolicyArgs

type AccountPasswordPolicyArgs struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrInput
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolPtrInput
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntPtrInput
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrInput
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntPtrInput
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolPtrInput
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolPtrInput
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolPtrInput
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolPtrInput
}

The set of arguments for constructing a AccountPasswordPolicy resource.

func (AccountPasswordPolicyArgs) ElementType

func (AccountPasswordPolicyArgs) ElementType() reflect.Type

type AccountPasswordPolicyArray

type AccountPasswordPolicyArray []AccountPasswordPolicyInput

func (AccountPasswordPolicyArray) ElementType

func (AccountPasswordPolicyArray) ElementType() reflect.Type

func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput

func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput

func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext

func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyArrayInput

type AccountPasswordPolicyArrayInput interface {
	pulumi.Input

	ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput
	ToAccountPasswordPolicyArrayOutputWithContext(context.Context) AccountPasswordPolicyArrayOutput
}

AccountPasswordPolicyArrayInput is an input type that accepts AccountPasswordPolicyArray and AccountPasswordPolicyArrayOutput values. You can construct a concrete instance of `AccountPasswordPolicyArrayInput` via:

AccountPasswordPolicyArray{ AccountPasswordPolicyArgs{...} }

type AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyArrayOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyArrayOutput) ElementType

func (AccountPasswordPolicyArrayOutput) Index

func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput

func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput

func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext

func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyInput

type AccountPasswordPolicyInput interface {
	pulumi.Input

	ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput
	ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput
}

type AccountPasswordPolicyMap

type AccountPasswordPolicyMap map[string]AccountPasswordPolicyInput

func (AccountPasswordPolicyMap) ElementType

func (AccountPasswordPolicyMap) ElementType() reflect.Type

func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput

func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput

func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext

func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput

type AccountPasswordPolicyMapInput

type AccountPasswordPolicyMapInput interface {
	pulumi.Input

	ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput
	ToAccountPasswordPolicyMapOutputWithContext(context.Context) AccountPasswordPolicyMapOutput
}

AccountPasswordPolicyMapInput is an input type that accepts AccountPasswordPolicyMap and AccountPasswordPolicyMapOutput values. You can construct a concrete instance of `AccountPasswordPolicyMapInput` via:

AccountPasswordPolicyMap{ "key": AccountPasswordPolicyArgs{...} }

type AccountPasswordPolicyMapOutput

type AccountPasswordPolicyMapOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyMapOutput) ElementType

func (AccountPasswordPolicyMapOutput) MapIndex

func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput

func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput

func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext

func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput

type AccountPasswordPolicyOutput

type AccountPasswordPolicyOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyOutput) AllowUsersToChangePassword added in v5.4.0

func (o AccountPasswordPolicyOutput) AllowUsersToChangePassword() pulumi.BoolPtrOutput

Whether to allow users to change their own password

func (AccountPasswordPolicyOutput) ElementType

func (AccountPasswordPolicyOutput) ExpirePasswords added in v5.4.0

func (o AccountPasswordPolicyOutput) ExpirePasswords() pulumi.BoolOutput

Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.

func (AccountPasswordPolicyOutput) HardExpiry added in v5.4.0

Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)

func (AccountPasswordPolicyOutput) MaxPasswordAge added in v5.4.0

func (o AccountPasswordPolicyOutput) MaxPasswordAge() pulumi.IntOutput

The number of days that an user password is valid.

func (AccountPasswordPolicyOutput) MinimumPasswordLength added in v5.4.0

func (o AccountPasswordPolicyOutput) MinimumPasswordLength() pulumi.IntPtrOutput

Minimum length to require for user passwords.

func (AccountPasswordPolicyOutput) PasswordReusePrevention added in v5.4.0

func (o AccountPasswordPolicyOutput) PasswordReusePrevention() pulumi.IntOutput

The number of previous passwords that users are prevented from reusing.

func (AccountPasswordPolicyOutput) RequireLowercaseCharacters added in v5.4.0

func (o AccountPasswordPolicyOutput) RequireLowercaseCharacters() pulumi.BoolOutput

Whether to require lowercase characters for user passwords.

func (AccountPasswordPolicyOutput) RequireNumbers added in v5.4.0

func (o AccountPasswordPolicyOutput) RequireNumbers() pulumi.BoolOutput

Whether to require numbers for user passwords.

func (AccountPasswordPolicyOutput) RequireSymbols added in v5.4.0

func (o AccountPasswordPolicyOutput) RequireSymbols() pulumi.BoolOutput

Whether to require symbols for user passwords.

func (AccountPasswordPolicyOutput) RequireUppercaseCharacters added in v5.4.0

func (o AccountPasswordPolicyOutput) RequireUppercaseCharacters() pulumi.BoolOutput

Whether to require uppercase characters for user passwords.

func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput

func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput

func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext

func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput

type AccountPasswordPolicyState

type AccountPasswordPolicyState struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrInput
	// Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.
	ExpirePasswords pulumi.BoolPtrInput
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolPtrInput
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntPtrInput
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrInput
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntPtrInput
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolPtrInput
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolPtrInput
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolPtrInput
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolPtrInput
}

func (AccountPasswordPolicyState) ElementType

func (AccountPasswordPolicyState) ElementType() reflect.Type

type GetGroupUser

type GetGroupUser struct {
	// The Amazon Resource Name (ARN) specifying the iam user.
	Arn string `pulumi:"arn"`
	// The path to the iam user.
	Path string `pulumi:"path"`
	// The stable and unique string identifying the iam user.
	UserId string `pulumi:"userId"`
	// The name of the iam user.
	UserName string `pulumi:"userName"`
}

type GetGroupUserArgs

type GetGroupUserArgs struct {
	// The Amazon Resource Name (ARN) specifying the iam user.
	Arn pulumi.StringInput `pulumi:"arn"`
	// The path to the iam user.
	Path pulumi.StringInput `pulumi:"path"`
	// The stable and unique string identifying the iam user.
	UserId pulumi.StringInput `pulumi:"userId"`
	// The name of the iam user.
	UserName pulumi.StringInput `pulumi:"userName"`
}

func (GetGroupUserArgs) ElementType

func (GetGroupUserArgs) ElementType() reflect.Type

func (GetGroupUserArgs) ToGetGroupUserOutput

func (i GetGroupUserArgs) ToGetGroupUserOutput() GetGroupUserOutput

func (GetGroupUserArgs) ToGetGroupUserOutputWithContext

func (i GetGroupUserArgs) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput

type GetGroupUserArray

type GetGroupUserArray []GetGroupUserInput

func (GetGroupUserArray) ElementType

func (GetGroupUserArray) ElementType() reflect.Type

func (GetGroupUserArray) ToGetGroupUserArrayOutput

func (i GetGroupUserArray) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput

func (GetGroupUserArray) ToGetGroupUserArrayOutputWithContext

func (i GetGroupUserArray) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput

type GetGroupUserArrayInput

type GetGroupUserArrayInput interface {
	pulumi.Input

	ToGetGroupUserArrayOutput() GetGroupUserArrayOutput
	ToGetGroupUserArrayOutputWithContext(context.Context) GetGroupUserArrayOutput
}

GetGroupUserArrayInput is an input type that accepts GetGroupUserArray and GetGroupUserArrayOutput values. You can construct a concrete instance of `GetGroupUserArrayInput` via:

GetGroupUserArray{ GetGroupUserArgs{...} }

type GetGroupUserArrayOutput

type GetGroupUserArrayOutput struct{ *pulumi.OutputState }

func (GetGroupUserArrayOutput) ElementType

func (GetGroupUserArrayOutput) ElementType() reflect.Type

func (GetGroupUserArrayOutput) Index

func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutput

func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput

func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext

func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput

type GetGroupUserInput

type GetGroupUserInput interface {
	pulumi.Input

	ToGetGroupUserOutput() GetGroupUserOutput
	ToGetGroupUserOutputWithContext(context.Context) GetGroupUserOutput
}

GetGroupUserInput is an input type that accepts GetGroupUserArgs and GetGroupUserOutput values. You can construct a concrete instance of `GetGroupUserInput` via:

GetGroupUserArgs{...}

type GetGroupUserOutput

type GetGroupUserOutput struct{ *pulumi.OutputState }

func (GetGroupUserOutput) Arn

The Amazon Resource Name (ARN) specifying the iam user.

func (GetGroupUserOutput) ElementType

func (GetGroupUserOutput) ElementType() reflect.Type

func (GetGroupUserOutput) Path

The path to the iam user.

func (GetGroupUserOutput) ToGetGroupUserOutput

func (o GetGroupUserOutput) ToGetGroupUserOutput() GetGroupUserOutput

func (GetGroupUserOutput) ToGetGroupUserOutputWithContext

func (o GetGroupUserOutput) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput

func (GetGroupUserOutput) UserId

The stable and unique string identifying the iam user.

func (GetGroupUserOutput) UserName

func (o GetGroupUserOutput) UserName() pulumi.StringOutput

The name of the iam user.

type GetInstanceProfilesArgs added in v5.5.0

type GetInstanceProfilesArgs struct {
	// The IAM role name.
	RoleName string `pulumi:"roleName"`
}

A collection of arguments for invoking getInstanceProfiles.

type GetInstanceProfilesOutputArgs added in v5.5.0

type GetInstanceProfilesOutputArgs struct {
	// The IAM role name.
	RoleName pulumi.StringInput `pulumi:"roleName"`
}

A collection of arguments for invoking getInstanceProfiles.

func (GetInstanceProfilesOutputArgs) ElementType added in v5.5.0

type GetInstanceProfilesResult added in v5.5.0

type GetInstanceProfilesResult struct {
	// Set of Amazon Resource Name (ARN) specifying the instance profile.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Set of IAM instance profile names.
	Names []string `pulumi:"names"`
	// Set of IAM instance profile paths.
	Paths    []string `pulumi:"paths"`
	RoleName string   `pulumi:"roleName"`
}

A collection of values returned by getInstanceProfiles.

func GetInstanceProfiles added in v5.5.0

func GetInstanceProfiles(ctx *pulumi.Context, args *GetInstanceProfilesArgs, opts ...pulumi.InvokeOption) (*GetInstanceProfilesResult, error)

This data source can be used to fetch information about all IAM instance profiles under a role. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetInstanceProfiles(ctx, &iam.GetInstanceProfilesArgs{
			RoleName: "an_example_iam_role_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetInstanceProfilesResultOutput added in v5.5.0

type GetInstanceProfilesResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getInstanceProfiles.

func GetInstanceProfilesOutput added in v5.5.0

func (GetInstanceProfilesResultOutput) Arns added in v5.5.0

Set of Amazon Resource Name (ARN) specifying the instance profile.

func (GetInstanceProfilesResultOutput) ElementType added in v5.5.0

func (GetInstanceProfilesResultOutput) Id added in v5.5.0

The provider-assigned unique ID for this managed resource.

func (GetInstanceProfilesResultOutput) Names added in v5.5.0

Set of IAM instance profile names.

func (GetInstanceProfilesResultOutput) Paths added in v5.5.0

Set of IAM instance profile paths.

func (GetInstanceProfilesResultOutput) RoleName added in v5.5.0

func (GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutput added in v5.5.0

func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutput() GetInstanceProfilesResultOutput

func (GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutputWithContext added in v5.5.0

func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutputWithContext(ctx context.Context) GetInstanceProfilesResultOutput

type GetOpenidConnectProviderArgs added in v5.1.0

type GetOpenidConnectProviderArgs struct {
	// The Amazon Resource Name (ARN) specifying the OpenID Connect provider.
	Arn *string `pulumi:"arn"`
	// Map of resource tags for the IAM OIDC provider.
	Tags map[string]string `pulumi:"tags"`
	// The URL of the OpenID Connect provider.
	Url *string `pulumi:"url"`
}

A collection of arguments for invoking getOpenidConnectProvider.

type GetOpenidConnectProviderOutputArgs added in v5.1.0

type GetOpenidConnectProviderOutputArgs struct {
	// The Amazon Resource Name (ARN) specifying the OpenID Connect provider.
	Arn pulumi.StringPtrInput `pulumi:"arn"`
	// Map of resource tags for the IAM OIDC provider.
	Tags pulumi.StringMapInput `pulumi:"tags"`
	// The URL of the OpenID Connect provider.
	Url pulumi.StringPtrInput `pulumi:"url"`
}

A collection of arguments for invoking getOpenidConnectProvider.

func (GetOpenidConnectProviderOutputArgs) ElementType added in v5.1.0

type GetOpenidConnectProviderResult added in v5.1.0

type GetOpenidConnectProviderResult struct {
	Arn string `pulumi:"arn"`
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists []string `pulumi:"clientIdLists"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Map of resource tags for the IAM OIDC provider.
	Tags map[string]string `pulumi:"tags"`
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists []string `pulumi:"thumbprintLists"`
	Url             string   `pulumi:"url"`
}

A collection of values returned by getOpenidConnectProvider.

func GetOpenidConnectProvider added in v5.1.0

func GetOpenidConnectProvider(ctx *pulumi.Context, args *GetOpenidConnectProviderArgs, opts ...pulumi.InvokeOption) (*GetOpenidConnectProviderResult, error)

This data source can be used to fetch information about a specific IAM OpenID Connect provider. By using this data source, you can retrieve the the resource information by either its `arn` or `url`.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetOpenidConnectProvider(ctx, &iam.GetOpenidConnectProviderArgs{
			Arn: pulumi.StringRef("arn:aws:iam::123456789012:oidc-provider/accounts.google.com"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetOpenidConnectProvider(ctx, &iam.GetOpenidConnectProviderArgs{
			Url: pulumi.StringRef("https://accounts.google.com"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetOpenidConnectProviderResultOutput added in v5.1.0

type GetOpenidConnectProviderResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getOpenidConnectProvider.

func (GetOpenidConnectProviderResultOutput) Arn added in v5.1.0

func (GetOpenidConnectProviderResultOutput) ClientIdLists added in v5.1.0

A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)

func (GetOpenidConnectProviderResultOutput) ElementType added in v5.1.0

func (GetOpenidConnectProviderResultOutput) Id added in v5.1.0

The provider-assigned unique ID for this managed resource.

func (GetOpenidConnectProviderResultOutput) Tags added in v5.1.0

Map of resource tags for the IAM OIDC provider.

func (GetOpenidConnectProviderResultOutput) ThumbprintLists added in v5.1.0

A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).

func (GetOpenidConnectProviderResultOutput) ToGetOpenidConnectProviderResultOutput added in v5.1.0

func (o GetOpenidConnectProviderResultOutput) ToGetOpenidConnectProviderResultOutput() GetOpenidConnectProviderResultOutput

func (GetOpenidConnectProviderResultOutput) ToGetOpenidConnectProviderResultOutputWithContext added in v5.1.0

func (o GetOpenidConnectProviderResultOutput) ToGetOpenidConnectProviderResultOutputWithContext(ctx context.Context) GetOpenidConnectProviderResultOutput

func (GetOpenidConnectProviderResultOutput) Url added in v5.1.0

type GetPolicyDocumentArgs

type GetPolicyDocumentArgs struct {
	// - IAM policy document whose statements with non-blank `sid`s will override statements with the same `sid` from documents assigned to the `sourceJson`, `sourcePolicyDocuments`, and `overridePolicyDocuments` arguments. Non-overriding statements will be added to the exported document.
	//
	// Deprecated: Use the attribute "override_policy_documents" instead.
	OverrideJson *string `pulumi:"overrideJson"`
	// List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from documents provided in the `sourceJson` and `sourcePolicyDocuments` arguments.  Non-overriding statements will be added to the exported document.
	OverridePolicyDocuments []string `pulumi:"overridePolicyDocuments"`
	// ID for the policy document.
	PolicyId *string `pulumi:"policyId"`
	// - IAM policy document used as a base for the exported policy document. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	//
	// Deprecated: Use the attribute "source_policy_documents" instead.
	SourceJson *string `pulumi:"sourceJson"`
	// List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` or `sourceJson` must have unique `sid`s. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	SourcePolicyDocuments []string `pulumi:"sourcePolicyDocuments"`
	// Configuration block for a policy statement. Detailed below.
	Statements []GetPolicyDocumentStatement `pulumi:"statements"`
	// IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getPolicyDocument.

type GetPolicyDocumentOutputArgs

type GetPolicyDocumentOutputArgs struct {
	// - IAM policy document whose statements with non-blank `sid`s will override statements with the same `sid` from documents assigned to the `sourceJson`, `sourcePolicyDocuments`, and `overridePolicyDocuments` arguments. Non-overriding statements will be added to the exported document.
	//
	// Deprecated: Use the attribute "override_policy_documents" instead.
	OverrideJson pulumi.StringPtrInput `pulumi:"overrideJson"`
	// List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from documents provided in the `sourceJson` and `sourcePolicyDocuments` arguments.  Non-overriding statements will be added to the exported document.
	OverridePolicyDocuments pulumi.StringArrayInput `pulumi:"overridePolicyDocuments"`
	// ID for the policy document.
	PolicyId pulumi.StringPtrInput `pulumi:"policyId"`
	// - IAM policy document used as a base for the exported policy document. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	//
	// Deprecated: Use the attribute "source_policy_documents" instead.
	SourceJson pulumi.StringPtrInput `pulumi:"sourceJson"`
	// List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` or `sourceJson` must have unique `sid`s. Statements with the same `sid` from documents assigned to the `overrideJson` and `overridePolicyDocuments` arguments will override source statements.
	SourcePolicyDocuments pulumi.StringArrayInput `pulumi:"sourcePolicyDocuments"`
	// Configuration block for a policy statement. Detailed below.
	Statements GetPolicyDocumentStatementArrayInput `pulumi:"statements"`
	// IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getPolicyDocument.

func (GetPolicyDocumentOutputArgs) ElementType

type GetPolicyDocumentResult

type GetPolicyDocumentResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Standard JSON policy document rendered based on the arguments above.
	Json string `pulumi:"json"`
	// Deprecated: Use the attribute "override_policy_documents" instead.
	OverrideJson            *string  `pulumi:"overrideJson"`
	OverridePolicyDocuments []string `pulumi:"overridePolicyDocuments"`
	PolicyId                *string  `pulumi:"policyId"`
	// Deprecated: Use the attribute "source_policy_documents" instead.
	SourceJson            *string                      `pulumi:"sourceJson"`
	SourcePolicyDocuments []string                     `pulumi:"sourcePolicyDocuments"`
	Statements            []GetPolicyDocumentStatement `pulumi:"statements"`
	Version               *string                      `pulumi:"version"`
}

A collection of values returned by getPolicyDocument.

func GetPolicyDocument

func GetPolicyDocument(ctx *pulumi.Context, args *GetPolicyDocumentArgs, opts ...pulumi.InvokeOption) (*GetPolicyDocumentResult, error)

Generates an IAM policy document in JSON format for use with resources that expect policy documents such as `iam.Policy`.

Using this data source to generate policy documents is *optional*. It is also valid to use literal JSON strings in your configuration or to use the `file` interpolation function to read a raw JSON policy document from a file.

## Example Usage ### Basic Example

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplePolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("1"),
					Actions: []string{
						"s3:ListAllMyBuckets",
						"s3:GetBucketLocation",
					},
					Resources: []string{
						"arn:aws:s3:::*",
					},
				},
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"s3:ListBucket",
					},
					Resources: []string{
						fmt.Sprintf("%v%v", "arn:aws:s3:::", _var.S3_bucket_name),
					},
					Conditions: []iam.GetPolicyDocumentStatementCondition{
						iam.GetPolicyDocumentStatementCondition{
							Test:     "StringLike",
							Variable: "s3:prefix",
							Values: []string{
								"",
								"home/",
								"home/&{aws:username}/",
							},
						},
					},
				},
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"s3:*",
					},
					Resources: []string{
						fmt.Sprintf("%v%v%v", "arn:aws:s3:::", _var.S3_bucket_name, "/home/&{aws:username}"),
						fmt.Sprintf("%v%v%v", "arn:aws:s3:::", _var.S3_bucket_name, "/home/&{aws:username}/*"),
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewPolicy(ctx, "examplePolicy", &iam.PolicyArgs{
			Path:   pulumi.String("/"),
			Policy: pulumi.String(examplePolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetPolicyDocumentResultOutput

type GetPolicyDocumentResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPolicyDocument.

func (GetPolicyDocumentResultOutput) ElementType

func (GetPolicyDocumentResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetPolicyDocumentResultOutput) Json

Standard JSON policy document rendered based on the arguments above.

func (GetPolicyDocumentResultOutput) OverrideJson deprecated

Deprecated: Use the attribute "override_policy_documents" instead.

func (GetPolicyDocumentResultOutput) OverridePolicyDocuments

func (o GetPolicyDocumentResultOutput) OverridePolicyDocuments() pulumi.StringArrayOutput

func (GetPolicyDocumentResultOutput) PolicyId

func (GetPolicyDocumentResultOutput) SourceJson deprecated

Deprecated: Use the attribute "source_policy_documents" instead.

func (GetPolicyDocumentResultOutput) SourcePolicyDocuments

func (o GetPolicyDocumentResultOutput) SourcePolicyDocuments() pulumi.StringArrayOutput

func (GetPolicyDocumentResultOutput) Statements

func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput

func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput() GetPolicyDocumentResultOutput

func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext

func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext(ctx context.Context) GetPolicyDocumentResultOutput

func (GetPolicyDocumentResultOutput) Version

type GetPolicyDocumentStatement

type GetPolicyDocumentStatement struct {
	// List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.
	Actions []string `pulumi:"actions"`
	// Configuration block for a condition. Detailed below.
	Conditions []GetPolicyDocumentStatementCondition `pulumi:"conditions"`
	// Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.
	Effect *string `pulumi:"effect"`
	// List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.
	NotActions []string `pulumi:"notActions"`
	// Like `principals` except these are principals that the statement does *not* apply to.
	NotPrincipals []GetPolicyDocumentStatementNotPrincipal `pulumi:"notPrincipals"`
	// List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.
	NotResources []string `pulumi:"notResources"`
	// Configuration block for principals. Detailed below.
	Principals []GetPolicyDocumentStatementPrincipal `pulumi:"principals"`
	// List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.
	Resources []string `pulumi:"resources"`
	// Sid (statement ID) is an identifier for a policy statement.
	Sid *string `pulumi:"sid"`
}

type GetPolicyDocumentStatementArgs

type GetPolicyDocumentStatementArgs struct {
	// List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.
	Actions pulumi.StringArrayInput `pulumi:"actions"`
	// Configuration block for a condition. Detailed below.
	Conditions GetPolicyDocumentStatementConditionArrayInput `pulumi:"conditions"`
	// Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.
	Effect pulumi.StringPtrInput `pulumi:"effect"`
	// List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.
	NotActions pulumi.StringArrayInput `pulumi:"notActions"`
	// Like `principals` except these are principals that the statement does *not* apply to.
	NotPrincipals GetPolicyDocumentStatementNotPrincipalArrayInput `pulumi:"notPrincipals"`
	// List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.
	NotResources pulumi.StringArrayInput `pulumi:"notResources"`
	// Configuration block for principals. Detailed below.
	Principals GetPolicyDocumentStatementPrincipalArrayInput `pulumi:"principals"`
	// List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.
	Resources pulumi.StringArrayInput `pulumi:"resources"`
	// Sid (statement ID) is an identifier for a policy statement.
	Sid pulumi.StringPtrInput `pulumi:"sid"`
}

func (GetPolicyDocumentStatementArgs) ElementType

func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput

func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput

func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext

func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementArray

type GetPolicyDocumentStatementArray []GetPolicyDocumentStatementInput

func (GetPolicyDocumentStatementArray) ElementType

func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput

func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput

func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext

func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementArrayInput

type GetPolicyDocumentStatementArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput
	ToGetPolicyDocumentStatementArrayOutputWithContext(context.Context) GetPolicyDocumentStatementArrayOutput
}

GetPolicyDocumentStatementArrayInput is an input type that accepts GetPolicyDocumentStatementArray and GetPolicyDocumentStatementArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementArrayInput` via:

GetPolicyDocumentStatementArray{ GetPolicyDocumentStatementArgs{...} }

type GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementArrayOutput) ElementType

func (GetPolicyDocumentStatementArrayOutput) Index

func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput

func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput

func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext

func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementCondition

type GetPolicyDocumentStatementCondition struct {
	// Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.
	Test string `pulumi:"test"`
	// Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.
	Values []string `pulumi:"values"`
	// Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.
	Variable string `pulumi:"variable"`
}

type GetPolicyDocumentStatementConditionArgs

type GetPolicyDocumentStatementConditionArgs struct {
	// Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.
	Test pulumi.StringInput `pulumi:"test"`
	// Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.
	Values pulumi.StringArrayInput `pulumi:"values"`
	// Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.
	Variable pulumi.StringInput `pulumi:"variable"`
}

func (GetPolicyDocumentStatementConditionArgs) ElementType

func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput

func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext

func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput

type GetPolicyDocumentStatementConditionArray

type GetPolicyDocumentStatementConditionArray []GetPolicyDocumentStatementConditionInput

func (GetPolicyDocumentStatementConditionArray) ElementType

func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput

func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput

func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext

func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionArrayInput

type GetPolicyDocumentStatementConditionArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput
	ToGetPolicyDocumentStatementConditionArrayOutputWithContext(context.Context) GetPolicyDocumentStatementConditionArrayOutput
}

GetPolicyDocumentStatementConditionArrayInput is an input type that accepts GetPolicyDocumentStatementConditionArray and GetPolicyDocumentStatementConditionArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionArrayInput` via:

GetPolicyDocumentStatementConditionArray{ GetPolicyDocumentStatementConditionArgs{...} }

type GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementConditionArrayOutput) ElementType

func (GetPolicyDocumentStatementConditionArrayOutput) Index

func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput

func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput

func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext

func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionInput

type GetPolicyDocumentStatementConditionInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput
	ToGetPolicyDocumentStatementConditionOutputWithContext(context.Context) GetPolicyDocumentStatementConditionOutput
}

GetPolicyDocumentStatementConditionInput is an input type that accepts GetPolicyDocumentStatementConditionArgs and GetPolicyDocumentStatementConditionOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionInput` via:

GetPolicyDocumentStatementConditionArgs{...}

type GetPolicyDocumentStatementConditionOutput

type GetPolicyDocumentStatementConditionOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementConditionOutput) ElementType

func (GetPolicyDocumentStatementConditionOutput) Test

Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.

func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput

func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext

func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionOutput) Values

Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.

func (GetPolicyDocumentStatementConditionOutput) Variable

Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.

type GetPolicyDocumentStatementInput

type GetPolicyDocumentStatementInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput
	ToGetPolicyDocumentStatementOutputWithContext(context.Context) GetPolicyDocumentStatementOutput
}

GetPolicyDocumentStatementInput is an input type that accepts GetPolicyDocumentStatementArgs and GetPolicyDocumentStatementOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementInput` via:

GetPolicyDocumentStatementArgs{...}

type GetPolicyDocumentStatementNotPrincipal

type GetPolicyDocumentStatementNotPrincipal struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers []string `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type string `pulumi:"type"`
}

type GetPolicyDocumentStatementNotPrincipalArgs

type GetPolicyDocumentStatementNotPrincipalArgs struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers pulumi.StringArrayInput `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type pulumi.StringInput `pulumi:"type"`
}

func (GetPolicyDocumentStatementNotPrincipalArgs) ElementType

func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput

func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext

func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput

type GetPolicyDocumentStatementNotPrincipalArray

type GetPolicyDocumentStatementNotPrincipalArray []GetPolicyDocumentStatementNotPrincipalInput

func (GetPolicyDocumentStatementNotPrincipalArray) ElementType

func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput

func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput

func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext

func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalArrayInput

type GetPolicyDocumentStatementNotPrincipalArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput
	ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput
}

GetPolicyDocumentStatementNotPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArray and GetPolicyDocumentStatementNotPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalArrayInput` via:

GetPolicyDocumentStatementNotPrincipalArray{ GetPolicyDocumentStatementNotPrincipalArgs{...} }

type GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ElementType

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) Index

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput

func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext

func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalInput

type GetPolicyDocumentStatementNotPrincipalInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput
	ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalOutput
}

GetPolicyDocumentStatementNotPrincipalInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArgs and GetPolicyDocumentStatementNotPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalInput` via:

GetPolicyDocumentStatementNotPrincipalArgs{...}

type GetPolicyDocumentStatementNotPrincipalOutput

type GetPolicyDocumentStatementNotPrincipalOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementNotPrincipalOutput) ElementType

func (GetPolicyDocumentStatementNotPrincipalOutput) Identifiers

List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.

func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput

func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext

func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalOutput) Type

Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.

type GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementOutput) Actions

List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.

func (GetPolicyDocumentStatementOutput) Conditions

Configuration block for a condition. Detailed below.

func (GetPolicyDocumentStatementOutput) Effect

Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.

func (GetPolicyDocumentStatementOutput) ElementType

func (GetPolicyDocumentStatementOutput) NotActions

List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.

func (GetPolicyDocumentStatementOutput) NotPrincipals

Like `principals` except these are principals that the statement does *not* apply to.

func (GetPolicyDocumentStatementOutput) NotResources

List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.

func (GetPolicyDocumentStatementOutput) Principals

Configuration block for principals. Detailed below.

func (GetPolicyDocumentStatementOutput) Resources

List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.

func (GetPolicyDocumentStatementOutput) Sid

Sid (statement ID) is an identifier for a policy statement.

func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput

func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput

func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext

func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementPrincipal

type GetPolicyDocumentStatementPrincipal struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers []string `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type string `pulumi:"type"`
}

type GetPolicyDocumentStatementPrincipalArgs

type GetPolicyDocumentStatementPrincipalArgs struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers pulumi.StringArrayInput `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type pulumi.StringInput `pulumi:"type"`
}

func (GetPolicyDocumentStatementPrincipalArgs) ElementType

func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput

func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext

func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput

type GetPolicyDocumentStatementPrincipalArray

type GetPolicyDocumentStatementPrincipalArray []GetPolicyDocumentStatementPrincipalInput

func (GetPolicyDocumentStatementPrincipalArray) ElementType

func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput

func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput

func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext

func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalArrayInput

type GetPolicyDocumentStatementPrincipalArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput
	ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalArrayOutput
}

GetPolicyDocumentStatementPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementPrincipalArray and GetPolicyDocumentStatementPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalArrayInput` via:

GetPolicyDocumentStatementPrincipalArray{ GetPolicyDocumentStatementPrincipalArgs{...} }

type GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementPrincipalArrayOutput) ElementType

func (GetPolicyDocumentStatementPrincipalArrayOutput) Index

func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput

func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput

func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext

func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalInput

type GetPolicyDocumentStatementPrincipalInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput
	ToGetPolicyDocumentStatementPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalOutput
}

GetPolicyDocumentStatementPrincipalInput is an input type that accepts GetPolicyDocumentStatementPrincipalArgs and GetPolicyDocumentStatementPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalInput` via:

GetPolicyDocumentStatementPrincipalArgs{...}

type GetPolicyDocumentStatementPrincipalOutput

type GetPolicyDocumentStatementPrincipalOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementPrincipalOutput) ElementType

func (GetPolicyDocumentStatementPrincipalOutput) Identifiers

List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.

func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput

func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext

func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalOutput) Type

Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.

type GetRolesArgs

type GetRolesArgs struct {
	// A regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex *string `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1].
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getRoles.

type GetRolesOutputArgs

type GetRolesOutputArgs struct {
	// A regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1].
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getRoles.

func (GetRolesOutputArgs) ElementType

func (GetRolesOutputArgs) ElementType() reflect.Type

type GetRolesResult

type GetRolesResult struct {
	// Set of ARNs of the matched IAM roles.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id        string  `pulumi:"id"`
	NameRegex *string `pulumi:"nameRegex"`
	// Set of Names of the matched IAM roles.
	Names      []string `pulumi:"names"`
	PathPrefix *string  `pulumi:"pathPrefix"`
}

A collection of values returned by getRoles.

func GetRoles

func GetRoles(ctx *pulumi.Context, args *GetRolesArgs, opts ...pulumi.InvokeOption) (*GetRolesResult, error)

Use this data source to get the ARNs and Names of IAM Roles.

## Example Usage ### All roles in an account

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles filtered by name regex

Roles whose role-name contains `project`

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			NameRegex: pulumi.StringRef(".*project.*"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			PathPrefix: pulumi.StringRef("/custom-path"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles provisioned by AWS SSO

Roles in the account filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

Specific role in the account filtered by name regex and path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			NameRegex:  pulumi.StringRef("AWSReservedSSO_permission_set_name_.*"),
			PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetRolesResultOutput

type GetRolesResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRoles.

func (GetRolesResultOutput) Arns

Set of ARNs of the matched IAM roles.

func (GetRolesResultOutput) ElementType

func (GetRolesResultOutput) ElementType() reflect.Type

func (GetRolesResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetRolesResultOutput) NameRegex

func (GetRolesResultOutput) Names

Set of Names of the matched IAM roles.

func (GetRolesResultOutput) PathPrefix

func (GetRolesResultOutput) ToGetRolesResultOutput

func (o GetRolesResultOutput) ToGetRolesResultOutput() GetRolesResultOutput

func (GetRolesResultOutput) ToGetRolesResultOutputWithContext

func (o GetRolesResultOutput) ToGetRolesResultOutputWithContext(ctx context.Context) GetRolesResultOutput

type GetSessionContextArgs

type GetSessionContextArgs struct {
	// ARN for an assumed role.
	Arn string `pulumi:"arn"`
}

A collection of arguments for invoking getSessionContext.

type GetSessionContextOutputArgs

type GetSessionContextOutputArgs struct {
	// ARN for an assumed role.
	Arn pulumi.StringInput `pulumi:"arn"`
}

A collection of arguments for invoking getSessionContext.

func (GetSessionContextOutputArgs) ElementType

type GetSessionContextResult

type GetSessionContextResult struct {
	Arn string `pulumi:"arn"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`.
	IssuerArn string `pulumi:"issuerArn"`
	// Unique identifier of the IAM role that issues the STS assumed role.
	IssuerId string `pulumi:"issuerId"`
	// Name of the source role. Only available if `arn` corresponds to an STS assumed role.
	IssuerName string `pulumi:"issuerName"`
	// Name of the STS session. Only available if `arn` corresponds to an STS assumed role.
	SessionName string `pulumi:"sessionName"`
}

A collection of values returned by getSessionContext.

type GetSessionContextResultOutput

type GetSessionContextResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSessionContext.

func (GetSessionContextResultOutput) Arn

func (GetSessionContextResultOutput) ElementType

func (GetSessionContextResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetSessionContextResultOutput) IssuerArn

IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`.

func (GetSessionContextResultOutput) IssuerId

Unique identifier of the IAM role that issues the STS assumed role.

func (GetSessionContextResultOutput) IssuerName

Name of the source role. Only available if `arn` corresponds to an STS assumed role.

func (GetSessionContextResultOutput) SessionName

Name of the STS session. Only available if `arn` corresponds to an STS assumed role.

func (GetSessionContextResultOutput) ToGetSessionContextResultOutput

func (o GetSessionContextResultOutput) ToGetSessionContextResultOutput() GetSessionContextResultOutput

func (GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext

func (o GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext(ctx context.Context) GetSessionContextResultOutput

type GetUserSshKeyArgs

type GetUserSshKeyArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding string `pulumi:"encoding"`
	// The unique identifier for the SSH public key.
	SshPublicKeyId string `pulumi:"sshPublicKeyId"`
	// The name of the IAM user associated with the SSH public key.
	Username string `pulumi:"username"`
}

A collection of arguments for invoking getUserSshKey.

type GetUserSshKeyOutputArgs

type GetUserSshKeyOutputArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringInput `pulumi:"encoding"`
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringInput `pulumi:"sshPublicKeyId"`
	// The name of the IAM user associated with the SSH public key.
	Username pulumi.StringInput `pulumi:"username"`
}

A collection of arguments for invoking getUserSshKey.

func (GetUserSshKeyOutputArgs) ElementType

func (GetUserSshKeyOutputArgs) ElementType() reflect.Type

type GetUserSshKeyResult

type GetUserSshKeyResult struct {
	Encoding string `pulumi:"encoding"`
	// The MD5 message digest of the SSH public key.
	Fingerprint string `pulumi:"fingerprint"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The SSH public key.
	PublicKey      string `pulumi:"publicKey"`
	SshPublicKeyId string `pulumi:"sshPublicKeyId"`
	// The status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.
	Status   string `pulumi:"status"`
	Username string `pulumi:"username"`
}

A collection of values returned by getUserSshKey.

func GetUserSshKey

func GetUserSshKey(ctx *pulumi.Context, args *GetUserSshKeyArgs, opts ...pulumi.InvokeOption) (*GetUserSshKeyResult, error)

Use this data source to get information about a SSH public key associated with the specified IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUserSshKey(ctx, &iam.GetUserSshKeyArgs{
			Encoding:       "SSH",
			SshPublicKeyId: "APKARUZ32GUTKIGARLXE",
			Username:       "test-user",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetUserSshKeyResultOutput

type GetUserSshKeyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUserSshKey.

func (GetUserSshKeyResultOutput) ElementType

func (GetUserSshKeyResultOutput) ElementType() reflect.Type

func (GetUserSshKeyResultOutput) Encoding

func (GetUserSshKeyResultOutput) Fingerprint

The MD5 message digest of the SSH public key.

func (GetUserSshKeyResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetUserSshKeyResultOutput) PublicKey

The SSH public key.

func (GetUserSshKeyResultOutput) SshPublicKeyId

func (o GetUserSshKeyResultOutput) SshPublicKeyId() pulumi.StringOutput

func (GetUserSshKeyResultOutput) Status

The status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.

func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput

func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput() GetUserSshKeyResultOutput

func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext

func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext(ctx context.Context) GetUserSshKeyResultOutput

func (GetUserSshKeyResultOutput) Username

type GetUsersArgs

type GetUsersArgs struct {
	// A regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex *string `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1].
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getUsers.

type GetUsersOutputArgs

type GetUsersOutputArgs struct {
	// A regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API.
	// This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other
	// options to narrow down the list AWS returns.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// The path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1].
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getUsers.

func (GetUsersOutputArgs) ElementType

func (GetUsersOutputArgs) ElementType() reflect.Type

type GetUsersResult

type GetUsersResult struct {
	// Set of ARNs of the matched IAM users.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id        string  `pulumi:"id"`
	NameRegex *string `pulumi:"nameRegex"`
	// Set of Names of the matched IAM users.
	Names      []string `pulumi:"names"`
	PathPrefix *string  `pulumi:"pathPrefix"`
}

A collection of values returned by getUsers.

func GetUsers

func GetUsers(ctx *pulumi.Context, args *GetUsersArgs, opts ...pulumi.InvokeOption) (*GetUsersResult, error)

Use this data source to get the ARNs and Names of IAM Users.

## Example Usage ### All users in an account

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Users filtered by name regex

Users whose username contains `abc`

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, &iam.GetUsersArgs{
			NameRegex: pulumi.StringRef(".*abc.*"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Users filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, &iam.GetUsersArgs{
			PathPrefix: pulumi.StringRef("/custom-path"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetUsersResultOutput

type GetUsersResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUsers.

func (GetUsersResultOutput) Arns

Set of ARNs of the matched IAM users.

func (GetUsersResultOutput) ElementType

func (GetUsersResultOutput) ElementType() reflect.Type

func (GetUsersResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetUsersResultOutput) NameRegex

func (GetUsersResultOutput) Names

Set of Names of the matched IAM users.

func (GetUsersResultOutput) PathPrefix

func (GetUsersResultOutput) ToGetUsersResultOutput

func (o GetUsersResultOutput) ToGetUsersResultOutput() GetUsersResultOutput

func (GetUsersResultOutput) ToGetUsersResultOutputWithContext

func (o GetUsersResultOutput) ToGetUsersResultOutputWithContext(ctx context.Context) GetUsersResultOutput

type Group

type Group struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this group.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringOutput `pulumi:"name"`
	// Path in which to create the group.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewGroup(ctx, "developers", &iam.GroupArgs{
			Path: pulumi.String("/users/"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Groups can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/group:Group developers developers

```

func GetGroup

func GetGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupState, opts ...pulumi.ResourceOption) (*Group, error)

GetGroup gets an existing Group resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroup

func NewGroup(ctx *pulumi.Context,
	name string, args *GroupArgs, opts ...pulumi.ResourceOption) (*Group, error)

NewGroup registers a new resource with the given unique name, arguments, and options.

func (*Group) ElementType

func (*Group) ElementType() reflect.Type

func (*Group) ToGroupOutput

func (i *Group) ToGroupOutput() GroupOutput

func (*Group) ToGroupOutputWithContext

func (i *Group) ToGroupOutputWithContext(ctx context.Context) GroupOutput

type GroupArgs

type GroupArgs struct {
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringPtrInput
	// Path in which to create the group.
	Path pulumi.StringPtrInput
}

The set of arguments for constructing a Group resource.

func (GroupArgs) ElementType

func (GroupArgs) ElementType() reflect.Type

type GroupArray

type GroupArray []GroupInput

func (GroupArray) ElementType

func (GroupArray) ElementType() reflect.Type

func (GroupArray) ToGroupArrayOutput

func (i GroupArray) ToGroupArrayOutput() GroupArrayOutput

func (GroupArray) ToGroupArrayOutputWithContext

func (i GroupArray) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupArrayInput

type GroupArrayInput interface {
	pulumi.Input

	ToGroupArrayOutput() GroupArrayOutput
	ToGroupArrayOutputWithContext(context.Context) GroupArrayOutput
}

GroupArrayInput is an input type that accepts GroupArray and GroupArrayOutput values. You can construct a concrete instance of `GroupArrayInput` via:

GroupArray{ GroupArgs{...} }

type GroupArrayOutput

type GroupArrayOutput struct{ *pulumi.OutputState }

func (GroupArrayOutput) ElementType

func (GroupArrayOutput) ElementType() reflect.Type

func (GroupArrayOutput) Index

func (GroupArrayOutput) ToGroupArrayOutput

func (o GroupArrayOutput) ToGroupArrayOutput() GroupArrayOutput

func (GroupArrayOutput) ToGroupArrayOutputWithContext

func (o GroupArrayOutput) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupInput

type GroupInput interface {
	pulumi.Input

	ToGroupOutput() GroupOutput
	ToGroupOutputWithContext(ctx context.Context) GroupOutput
}

type GroupMap

type GroupMap map[string]GroupInput

func (GroupMap) ElementType

func (GroupMap) ElementType() reflect.Type

func (GroupMap) ToGroupMapOutput

func (i GroupMap) ToGroupMapOutput() GroupMapOutput

func (GroupMap) ToGroupMapOutputWithContext

func (i GroupMap) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMapInput

type GroupMapInput interface {
	pulumi.Input

	ToGroupMapOutput() GroupMapOutput
	ToGroupMapOutputWithContext(context.Context) GroupMapOutput
}

GroupMapInput is an input type that accepts GroupMap and GroupMapOutput values. You can construct a concrete instance of `GroupMapInput` via:

GroupMap{ "key": GroupArgs{...} }

type GroupMapOutput

type GroupMapOutput struct{ *pulumi.OutputState }

func (GroupMapOutput) ElementType

func (GroupMapOutput) ElementType() reflect.Type

func (GroupMapOutput) MapIndex

func (GroupMapOutput) ToGroupMapOutput

func (o GroupMapOutput) ToGroupMapOutput() GroupMapOutput

func (GroupMapOutput) ToGroupMapOutputWithContext

func (o GroupMapOutput) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMembership

type GroupMembership struct {
	pulumi.CustomResourceState

	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringOutput `pulumi:"group"`
	// The name to identify the Group Membership
	Name pulumi.StringOutput `pulumi:"name"`
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayOutput `pulumi:"users"`
}

> **WARNING:** Multiple iam.GroupMembership resources with the same group name will produce inconsistent behavior!

Provides a top level resource to manage IAM Group membership for IAM Users. For more information on managing IAM Groups or IAM Users, see IAM Groups or IAM Users

> **Note:** `iam.GroupMembership` will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the `iam.UserGroupMembership` resource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		userOne, err := iam.NewUser(ctx, "userOne", nil)
		if err != nil {
			return err
		}
		userTwo, err := iam.NewUser(ctx, "userTwo", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewGroupMembership(ctx, "team", &iam.GroupMembershipArgs{
			Users: pulumi.StringArray{
				userOne.Name,
				userTwo.Name,
			},
			Group: group.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetGroupMembership

func GetGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupMembershipState, opts ...pulumi.ResourceOption) (*GroupMembership, error)

GetGroupMembership gets an existing GroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupMembership

func NewGroupMembership(ctx *pulumi.Context,
	name string, args *GroupMembershipArgs, opts ...pulumi.ResourceOption) (*GroupMembership, error)

NewGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*GroupMembership) ElementType

func (*GroupMembership) ElementType() reflect.Type

func (*GroupMembership) ToGroupMembershipOutput

func (i *GroupMembership) ToGroupMembershipOutput() GroupMembershipOutput

func (*GroupMembership) ToGroupMembershipOutputWithContext

func (i *GroupMembership) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput

type GroupMembershipArgs

type GroupMembershipArgs struct {
	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringInput
	// The name to identify the Group Membership
	Name pulumi.StringPtrInput
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayInput
}

The set of arguments for constructing a GroupMembership resource.

func (GroupMembershipArgs) ElementType

func (GroupMembershipArgs) ElementType() reflect.Type

type GroupMembershipArray

type GroupMembershipArray []GroupMembershipInput

func (GroupMembershipArray) ElementType

func (GroupMembershipArray) ElementType() reflect.Type

func (GroupMembershipArray) ToGroupMembershipArrayOutput

func (i GroupMembershipArray) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput

func (GroupMembershipArray) ToGroupMembershipArrayOutputWithContext

func (i GroupMembershipArray) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput

type GroupMembershipArrayInput

type GroupMembershipArrayInput interface {
	pulumi.Input

	ToGroupMembershipArrayOutput() GroupMembershipArrayOutput
	ToGroupMembershipArrayOutputWithContext(context.Context) GroupMembershipArrayOutput
}

GroupMembershipArrayInput is an input type that accepts GroupMembershipArray and GroupMembershipArrayOutput values. You can construct a concrete instance of `GroupMembershipArrayInput` via:

GroupMembershipArray{ GroupMembershipArgs{...} }

type GroupMembershipArrayOutput

type GroupMembershipArrayOutput struct{ *pulumi.OutputState }

func (GroupMembershipArrayOutput) ElementType

func (GroupMembershipArrayOutput) ElementType() reflect.Type

func (GroupMembershipArrayOutput) Index

func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutput

func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput

func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext

func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput

type GroupMembershipInput

type GroupMembershipInput interface {
	pulumi.Input

	ToGroupMembershipOutput() GroupMembershipOutput
	ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput
}

type GroupMembershipMap

type GroupMembershipMap map[string]GroupMembershipInput

func (GroupMembershipMap) ElementType

func (GroupMembershipMap) ElementType() reflect.Type

func (GroupMembershipMap) ToGroupMembershipMapOutput

func (i GroupMembershipMap) ToGroupMembershipMapOutput() GroupMembershipMapOutput

func (GroupMembershipMap) ToGroupMembershipMapOutputWithContext

func (i GroupMembershipMap) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput

type GroupMembershipMapInput

type GroupMembershipMapInput interface {
	pulumi.Input

	ToGroupMembershipMapOutput() GroupMembershipMapOutput
	ToGroupMembershipMapOutputWithContext(context.Context) GroupMembershipMapOutput
}

GroupMembershipMapInput is an input type that accepts GroupMembershipMap and GroupMembershipMapOutput values. You can construct a concrete instance of `GroupMembershipMapInput` via:

GroupMembershipMap{ "key": GroupMembershipArgs{...} }

type GroupMembershipMapOutput

type GroupMembershipMapOutput struct{ *pulumi.OutputState }

func (GroupMembershipMapOutput) ElementType

func (GroupMembershipMapOutput) ElementType() reflect.Type

func (GroupMembershipMapOutput) MapIndex

func (GroupMembershipMapOutput) ToGroupMembershipMapOutput

func (o GroupMembershipMapOutput) ToGroupMembershipMapOutput() GroupMembershipMapOutput

func (GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext

func (o GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput

type GroupMembershipOutput

type GroupMembershipOutput struct{ *pulumi.OutputState }

func (GroupMembershipOutput) ElementType

func (GroupMembershipOutput) ElementType() reflect.Type

func (GroupMembershipOutput) Group added in v5.4.0

The IAM Group name to attach the list of `users` to

func (GroupMembershipOutput) Name added in v5.4.0

The name to identify the Group Membership

func (GroupMembershipOutput) ToGroupMembershipOutput

func (o GroupMembershipOutput) ToGroupMembershipOutput() GroupMembershipOutput

func (GroupMembershipOutput) ToGroupMembershipOutputWithContext

func (o GroupMembershipOutput) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput

func (GroupMembershipOutput) Users added in v5.4.0

A list of IAM User names to associate with the Group

type GroupMembershipState

type GroupMembershipState struct {
	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringPtrInput
	// The name to identify the Group Membership
	Name pulumi.StringPtrInput
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayInput
}

func (GroupMembershipState) ElementType

func (GroupMembershipState) ElementType() reflect.Type

type GroupOutput

type GroupOutput struct{ *pulumi.OutputState }

func (GroupOutput) Arn added in v5.4.0

The ARN assigned by AWS for this group.

func (GroupOutput) ElementType

func (GroupOutput) ElementType() reflect.Type

func (GroupOutput) Name added in v5.4.0

func (o GroupOutput) Name() pulumi.StringOutput

The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".

func (GroupOutput) Path added in v5.4.0

Path in which to create the group.

func (GroupOutput) ToGroupOutput

func (o GroupOutput) ToGroupOutput() GroupOutput

func (GroupOutput) ToGroupOutputWithContext

func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput

func (GroupOutput) UniqueId added in v5.4.0

func (o GroupOutput) UniqueId() pulumi.StringOutput

The [unique ID][1] assigned by AWS.

type GroupPolicy

type GroupPolicy struct {
	pulumi.CustomResourceState

	// The IAM group to attach to the policy.
	Group pulumi.StringOutput `pulumi:"group"`
	// The name of the policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
}

Provides an IAM policy attached to a group.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myDevelopers, err := iam.NewGroup(ctx, "myDevelopers", &iam.GroupArgs{
			Path: pulumi.String("/users/"),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewGroupPolicy(ctx, "myDeveloperPolicy", &iam.GroupPolicyArgs{
			Group:  myDevelopers.Name,
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Group Policies can be imported using the `group_name:group_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/groupPolicy:GroupPolicy mypolicy group_of_mypolicy_name:mypolicy_name

```

func GetGroupPolicy

func GetGroupPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupPolicyState, opts ...pulumi.ResourceOption) (*GroupPolicy, error)

GetGroupPolicy gets an existing GroupPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicy

func NewGroupPolicy(ctx *pulumi.Context,
	name string, args *GroupPolicyArgs, opts ...pulumi.ResourceOption) (*GroupPolicy, error)

NewGroupPolicy registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicy) ElementType

func (*GroupPolicy) ElementType() reflect.Type

func (*GroupPolicy) ToGroupPolicyOutput

func (i *GroupPolicy) ToGroupPolicyOutput() GroupPolicyOutput

func (*GroupPolicy) ToGroupPolicyOutputWithContext

func (i *GroupPolicy) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput

type GroupPolicyArgs

type GroupPolicyArgs struct {
	// The IAM group to attach to the policy.
	Group pulumi.StringInput
	// The name of the policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
}

The set of arguments for constructing a GroupPolicy resource.

func (GroupPolicyArgs) ElementType

func (GroupPolicyArgs) ElementType() reflect.Type

type GroupPolicyArray

type GroupPolicyArray []GroupPolicyInput

func (GroupPolicyArray) ElementType

func (GroupPolicyArray) ElementType() reflect.Type

func (GroupPolicyArray) ToGroupPolicyArrayOutput

func (i GroupPolicyArray) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput

func (GroupPolicyArray) ToGroupPolicyArrayOutputWithContext

func (i GroupPolicyArray) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput

type GroupPolicyArrayInput

type GroupPolicyArrayInput interface {
	pulumi.Input

	ToGroupPolicyArrayOutput() GroupPolicyArrayOutput
	ToGroupPolicyArrayOutputWithContext(context.Context) GroupPolicyArrayOutput
}

GroupPolicyArrayInput is an input type that accepts GroupPolicyArray and GroupPolicyArrayOutput values. You can construct a concrete instance of `GroupPolicyArrayInput` via:

GroupPolicyArray{ GroupPolicyArgs{...} }

type GroupPolicyArrayOutput

type GroupPolicyArrayOutput struct{ *pulumi.OutputState }

func (GroupPolicyArrayOutput) ElementType

func (GroupPolicyArrayOutput) ElementType() reflect.Type

func (GroupPolicyArrayOutput) Index

func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutput

func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput

func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext

func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput

type GroupPolicyAttachment

type GroupPolicyAttachment struct {
	pulumi.CustomResourceState

	// The group the policy should be applied to
	Group pulumi.StringOutput `pulumi:"group"`
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
}

Attaches a Managed IAM Policy to an IAM group

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any("{ ... policy JSON ... }"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewGroupPolicyAttachment(ctx, "test-attach", &iam.GroupPolicyAttachmentArgs{
			Group:     group.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM group policy attachments can be imported using the group name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/groupPolicyAttachment:GroupPolicyAttachment test-attach test-group/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetGroupPolicyAttachment

func GetGroupPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupPolicyAttachmentState, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)

GetGroupPolicyAttachment gets an existing GroupPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicyAttachment

func NewGroupPolicyAttachment(ctx *pulumi.Context,
	name string, args *GroupPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)

NewGroupPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicyAttachment) ElementType

func (*GroupPolicyAttachment) ElementType() reflect.Type

func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutput

func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput

func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext

func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput

type GroupPolicyAttachmentArgs

type GroupPolicyAttachmentArgs struct {
	// The group the policy should be applied to
	Group pulumi.Input
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
}

The set of arguments for constructing a GroupPolicyAttachment resource.

func (GroupPolicyAttachmentArgs) ElementType

func (GroupPolicyAttachmentArgs) ElementType() reflect.Type

type GroupPolicyAttachmentArray

type GroupPolicyAttachmentArray []GroupPolicyAttachmentInput

func (GroupPolicyAttachmentArray) ElementType

func (GroupPolicyAttachmentArray) ElementType() reflect.Type

func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput

func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput

func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext

func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentArrayInput

type GroupPolicyAttachmentArrayInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput
	ToGroupPolicyAttachmentArrayOutputWithContext(context.Context) GroupPolicyAttachmentArrayOutput
}

GroupPolicyAttachmentArrayInput is an input type that accepts GroupPolicyAttachmentArray and GroupPolicyAttachmentArrayOutput values. You can construct a concrete instance of `GroupPolicyAttachmentArrayInput` via:

GroupPolicyAttachmentArray{ GroupPolicyAttachmentArgs{...} }

type GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentArrayOutput) ElementType

func (GroupPolicyAttachmentArrayOutput) Index

func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput

func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput

func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext

func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentInput

type GroupPolicyAttachmentInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput
	ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput
}

type GroupPolicyAttachmentMap

type GroupPolicyAttachmentMap map[string]GroupPolicyAttachmentInput

func (GroupPolicyAttachmentMap) ElementType

func (GroupPolicyAttachmentMap) ElementType() reflect.Type

func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput

func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput

func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext

func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentMapInput

type GroupPolicyAttachmentMapInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput
	ToGroupPolicyAttachmentMapOutputWithContext(context.Context) GroupPolicyAttachmentMapOutput
}

GroupPolicyAttachmentMapInput is an input type that accepts GroupPolicyAttachmentMap and GroupPolicyAttachmentMapOutput values. You can construct a concrete instance of `GroupPolicyAttachmentMapInput` via:

GroupPolicyAttachmentMap{ "key": GroupPolicyAttachmentArgs{...} }

type GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentMapOutput) ElementType

func (GroupPolicyAttachmentMapOutput) MapIndex

func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput

func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput

func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext

func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentOutput

type GroupPolicyAttachmentOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentOutput) ElementType

func (GroupPolicyAttachmentOutput) Group added in v5.4.0

The group the policy should be applied to

func (GroupPolicyAttachmentOutput) PolicyArn added in v5.4.0

The ARN of the policy you want to apply

func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput

func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput

func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext

func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput

type GroupPolicyAttachmentState

type GroupPolicyAttachmentState struct {
	// The group the policy should be applied to
	Group pulumi.Input
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
}

func (GroupPolicyAttachmentState) ElementType

func (GroupPolicyAttachmentState) ElementType() reflect.Type

type GroupPolicyInput

type GroupPolicyInput interface {
	pulumi.Input

	ToGroupPolicyOutput() GroupPolicyOutput
	ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput
}

type GroupPolicyMap

type GroupPolicyMap map[string]GroupPolicyInput

func (GroupPolicyMap) ElementType

func (GroupPolicyMap) ElementType() reflect.Type

func (GroupPolicyMap) ToGroupPolicyMapOutput

func (i GroupPolicyMap) ToGroupPolicyMapOutput() GroupPolicyMapOutput

func (GroupPolicyMap) ToGroupPolicyMapOutputWithContext

func (i GroupPolicyMap) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput

type GroupPolicyMapInput

type GroupPolicyMapInput interface {
	pulumi.Input

	ToGroupPolicyMapOutput() GroupPolicyMapOutput
	ToGroupPolicyMapOutputWithContext(context.Context) GroupPolicyMapOutput
}

GroupPolicyMapInput is an input type that accepts GroupPolicyMap and GroupPolicyMapOutput values. You can construct a concrete instance of `GroupPolicyMapInput` via:

GroupPolicyMap{ "key": GroupPolicyArgs{...} }

type GroupPolicyMapOutput

type GroupPolicyMapOutput struct{ *pulumi.OutputState }

func (GroupPolicyMapOutput) ElementType

func (GroupPolicyMapOutput) ElementType() reflect.Type

func (GroupPolicyMapOutput) MapIndex

func (GroupPolicyMapOutput) ToGroupPolicyMapOutput

func (o GroupPolicyMapOutput) ToGroupPolicyMapOutput() GroupPolicyMapOutput

func (GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext

func (o GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput

type GroupPolicyOutput

type GroupPolicyOutput struct{ *pulumi.OutputState }

func (GroupPolicyOutput) ElementType

func (GroupPolicyOutput) ElementType() reflect.Type

func (GroupPolicyOutput) Group added in v5.4.0

The IAM group to attach to the policy.

func (GroupPolicyOutput) Name added in v5.4.0

The name of the policy. If omitted, this provider will assign a random, unique name.

func (GroupPolicyOutput) NamePrefix added in v5.4.0

func (o GroupPolicyOutput) NamePrefix() pulumi.StringPtrOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (GroupPolicyOutput) Policy added in v5.4.0

The policy document. This is a JSON formatted string.

func (GroupPolicyOutput) ToGroupPolicyOutput

func (o GroupPolicyOutput) ToGroupPolicyOutput() GroupPolicyOutput

func (GroupPolicyOutput) ToGroupPolicyOutputWithContext

func (o GroupPolicyOutput) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput

type GroupPolicyState

type GroupPolicyState struct {
	// The IAM group to attach to the policy.
	Group pulumi.StringPtrInput
	// The name of the policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
}

func (GroupPolicyState) ElementType

func (GroupPolicyState) ElementType() reflect.Type

type GroupState

type GroupState struct {
	// The ARN assigned by AWS for this group.
	Arn pulumi.StringPtrInput
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringPtrInput
	// Path in which to create the group.
	Path pulumi.StringPtrInput
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (GroupState) ElementType

func (GroupState) ElementType() reflect.Type

type InstanceProfile

type InstanceProfile struct {
	pulumi.CustomResourceState

	// ARN assigned by AWS to the instance profile.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Creation timestamp of the instance profile.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// Name of the role to add to the profile.
	Role pulumi.StringPtrOutput `pulumi:"role"`
	// Map of resource tags for the IAM Instance Profile. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// [Unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM instance profile.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			Path:             pulumi.String("/"),
			AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "    \"Version\": \"2012-10-17\",\n", "    \"Statement\": [\n", "        {\n", "            \"Action\": \"sts:AssumeRole\",\n", "            \"Principal\": {\n", "               \"Service\": \"ec2.amazonaws.com\"\n", "            },\n", "            \"Effect\": \"Allow\",\n", "            \"Sid\": \"\"\n", "        }\n", "    ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewInstanceProfile(ctx, "testProfile", &iam.InstanceProfileArgs{
			Role: role.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Instance Profiles can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/instanceProfile:InstanceProfile test_profile app-instance-profile-1

```

func GetInstanceProfile

func GetInstanceProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceProfileState, opts ...pulumi.ResourceOption) (*InstanceProfile, error)

GetInstanceProfile gets an existing InstanceProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstanceProfile

func NewInstanceProfile(ctx *pulumi.Context,
	name string, args *InstanceProfileArgs, opts ...pulumi.ResourceOption) (*InstanceProfile, error)

NewInstanceProfile registers a new resource with the given unique name, arguments, and options.

func (*InstanceProfile) ElementType

func (*InstanceProfile) ElementType() reflect.Type

func (*InstanceProfile) ToInstanceProfileOutput

func (i *InstanceProfile) ToInstanceProfileOutput() InstanceProfileOutput

func (*InstanceProfile) ToInstanceProfileOutputWithContext

func (i *InstanceProfile) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput

type InstanceProfileArgs

type InstanceProfileArgs struct {
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrInput
	// Name of the role to add to the profile.
	Role pulumi.Input
	// Map of resource tags for the IAM Instance Profile. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a InstanceProfile resource.

func (InstanceProfileArgs) ElementType

func (InstanceProfileArgs) ElementType() reflect.Type

type InstanceProfileArray

type InstanceProfileArray []InstanceProfileInput

func (InstanceProfileArray) ElementType

func (InstanceProfileArray) ElementType() reflect.Type

func (InstanceProfileArray) ToInstanceProfileArrayOutput

func (i InstanceProfileArray) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput

func (InstanceProfileArray) ToInstanceProfileArrayOutputWithContext

func (i InstanceProfileArray) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput

type InstanceProfileArrayInput

type InstanceProfileArrayInput interface {
	pulumi.Input

	ToInstanceProfileArrayOutput() InstanceProfileArrayOutput
	ToInstanceProfileArrayOutputWithContext(context.Context) InstanceProfileArrayOutput
}

InstanceProfileArrayInput is an input type that accepts InstanceProfileArray and InstanceProfileArrayOutput values. You can construct a concrete instance of `InstanceProfileArrayInput` via:

InstanceProfileArray{ InstanceProfileArgs{...} }

type InstanceProfileArrayOutput

type InstanceProfileArrayOutput struct{ *pulumi.OutputState }

func (InstanceProfileArrayOutput) ElementType

func (InstanceProfileArrayOutput) ElementType() reflect.Type

func (InstanceProfileArrayOutput) Index

func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutput

func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput

func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext

func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput

type InstanceProfileInput

type InstanceProfileInput interface {
	pulumi.Input

	ToInstanceProfileOutput() InstanceProfileOutput
	ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput
}

type InstanceProfileMap

type InstanceProfileMap map[string]InstanceProfileInput

func (InstanceProfileMap) ElementType

func (InstanceProfileMap) ElementType() reflect.Type

func (InstanceProfileMap) ToInstanceProfileMapOutput

func (i InstanceProfileMap) ToInstanceProfileMapOutput() InstanceProfileMapOutput

func (InstanceProfileMap) ToInstanceProfileMapOutputWithContext

func (i InstanceProfileMap) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput

type InstanceProfileMapInput

type InstanceProfileMapInput interface {
	pulumi.Input

	ToInstanceProfileMapOutput() InstanceProfileMapOutput
	ToInstanceProfileMapOutputWithContext(context.Context) InstanceProfileMapOutput
}

InstanceProfileMapInput is an input type that accepts InstanceProfileMap and InstanceProfileMapOutput values. You can construct a concrete instance of `InstanceProfileMapInput` via:

InstanceProfileMap{ "key": InstanceProfileArgs{...} }

type InstanceProfileMapOutput

type InstanceProfileMapOutput struct{ *pulumi.OutputState }

func (InstanceProfileMapOutput) ElementType

func (InstanceProfileMapOutput) ElementType() reflect.Type

func (InstanceProfileMapOutput) MapIndex

func (InstanceProfileMapOutput) ToInstanceProfileMapOutput

func (o InstanceProfileMapOutput) ToInstanceProfileMapOutput() InstanceProfileMapOutput

func (InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext

func (o InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput

type InstanceProfileOutput

type InstanceProfileOutput struct{ *pulumi.OutputState }

func (InstanceProfileOutput) Arn added in v5.4.0

ARN assigned by AWS to the instance profile.

func (InstanceProfileOutput) CreateDate added in v5.4.0

func (o InstanceProfileOutput) CreateDate() pulumi.StringOutput

Creation timestamp of the instance profile.

func (InstanceProfileOutput) ElementType

func (InstanceProfileOutput) ElementType() reflect.Type

func (InstanceProfileOutput) Name added in v5.4.0

Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.

func (InstanceProfileOutput) NamePrefix added in v5.4.0

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (InstanceProfileOutput) Path added in v5.4.0

Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.

func (InstanceProfileOutput) Role added in v5.4.0

Name of the role to add to the profile.

func (InstanceProfileOutput) Tags added in v5.4.0

Map of resource tags for the IAM Instance Profile. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (InstanceProfileOutput) TagsAll added in v5.4.0

A map of tags assigned to the resource, including those inherited from the provider .

func (InstanceProfileOutput) ToInstanceProfileOutput

func (o InstanceProfileOutput) ToInstanceProfileOutput() InstanceProfileOutput

func (InstanceProfileOutput) ToInstanceProfileOutputWithContext

func (o InstanceProfileOutput) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput

func (InstanceProfileOutput) UniqueId added in v5.4.0

[Unique ID][1] assigned by AWS.

type InstanceProfileState

type InstanceProfileState struct {
	// ARN assigned by AWS to the instance profile.
	Arn pulumi.StringPtrInput
	// Creation timestamp of the instance profile.
	CreateDate pulumi.StringPtrInput
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrInput
	// Name of the role to add to the profile.
	Role pulumi.Input
	// Map of resource tags for the IAM Instance Profile. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// [Unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (InstanceProfileState) ElementType

func (InstanceProfileState) ElementType() reflect.Type

type LookupAccountAliasResult

type LookupAccountAliasResult struct {
	// The alias associated with the AWS account.
	AccountAlias string `pulumi:"accountAlias"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
}

A collection of values returned by getAccountAlias.

func LookupAccountAlias

func LookupAccountAlias(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*LookupAccountAliasResult, error)

The IAM Account Alias data source allows access to the account alias for the effective account in which this provider is working.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := iam.LookupAccountAlias(ctx, nil, nil)
		if err != nil {
			return err
		}
		ctx.Export("accountId", current.AccountAlias)
		return nil
	})
}

```

type LookupGroupArgs

type LookupGroupArgs struct {
	// The friendly IAM group name to match.
	GroupName string `pulumi:"groupName"`
}

A collection of arguments for invoking getGroup.

type LookupGroupOutputArgs

type LookupGroupOutputArgs struct {
	// The friendly IAM group name to match.
	GroupName pulumi.StringInput `pulumi:"groupName"`
}

A collection of arguments for invoking getGroup.

func (LookupGroupOutputArgs) ElementType

func (LookupGroupOutputArgs) ElementType() reflect.Type

type LookupGroupResult

type LookupGroupResult struct {
	// The Amazon Resource Name (ARN) specifying the iam user.
	Arn string `pulumi:"arn"`
	// The stable and unique string identifying the group.
	GroupId   string `pulumi:"groupId"`
	GroupName string `pulumi:"groupName"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The path to the iam user.
	Path string `pulumi:"path"`
	// List of objects containing group member information. See supported fields below.
	Users []GetGroupUser `pulumi:"users"`
}

A collection of values returned by getGroup.

func LookupGroup

func LookupGroup(ctx *pulumi.Context, args *LookupGroupArgs, opts ...pulumi.InvokeOption) (*LookupGroupResult, error)

This data source can be used to fetch information about a specific IAM group. By using this data source, you can reference IAM group properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupGroup(ctx, &iam.LookupGroupArgs{
			GroupName: "an_example_group_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupGroupResultOutput

type LookupGroupResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getGroup.

func (LookupGroupResultOutput) Arn

The Amazon Resource Name (ARN) specifying the iam user.

func (LookupGroupResultOutput) ElementType

func (LookupGroupResultOutput) ElementType() reflect.Type

func (LookupGroupResultOutput) GroupId

The stable and unique string identifying the group.

func (LookupGroupResultOutput) GroupName

func (LookupGroupResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupGroupResultOutput) Path

The path to the iam user.

func (LookupGroupResultOutput) ToLookupGroupResultOutput

func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput

func (LookupGroupResultOutput) ToLookupGroupResultOutputWithContext

func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput

func (LookupGroupResultOutput) Users

List of objects containing group member information. See supported fields below.

type LookupInstanceProfileArgs

type LookupInstanceProfileArgs struct {
	// The friendly IAM instance profile name to match.
	Name string `pulumi:"name"`
}

A collection of arguments for invoking getInstanceProfile.

type LookupInstanceProfileOutputArgs

type LookupInstanceProfileOutputArgs struct {
	// The friendly IAM instance profile name to match.
	Name pulumi.StringInput `pulumi:"name"`
}

A collection of arguments for invoking getInstanceProfile.

func (LookupInstanceProfileOutputArgs) ElementType

type LookupInstanceProfileResult

type LookupInstanceProfileResult struct {
	// The Amazon Resource Name (ARN) specifying the instance profile.
	Arn string `pulumi:"arn"`
	// The string representation of the date the instance profile
	// was created.
	CreateDate string `pulumi:"createDate"`
	// The provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// The path to the instance profile.
	Path string `pulumi:"path"`
	// The role arn associated with this instance profile.
	RoleArn string `pulumi:"roleArn"`
	// The role id associated with this instance profile.
	RoleId string `pulumi:"roleId"`
	// The role name associated with this instance profile.
	RoleName string `pulumi:"roleName"`
}

A collection of values returned by getInstanceProfile.

func LookupInstanceProfile

func LookupInstanceProfile(ctx *pulumi.Context, args *LookupInstanceProfileArgs, opts ...pulumi.InvokeOption) (*LookupInstanceProfileResult, error)

This data source can be used to fetch information about a specific IAM instance profile. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupInstanceProfile(ctx, &iam.LookupInstanceProfileArgs{
			Name: "an_example_instance_profile_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupInstanceProfileResultOutput

type LookupInstanceProfileResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getInstanceProfile.

func (LookupInstanceProfileResultOutput) Arn

The Amazon Resource Name (ARN) specifying the instance profile.

func (LookupInstanceProfileResultOutput) CreateDate

The string representation of the date the instance profile was created.

func (LookupInstanceProfileResultOutput) ElementType

func (LookupInstanceProfileResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupInstanceProfileResultOutput) Name

func (LookupInstanceProfileResultOutput) Path

The path to the instance profile.

func (LookupInstanceProfileResultOutput) RoleArn

The role arn associated with this instance profile.

func (LookupInstanceProfileResultOutput) RoleId

The role id associated with this instance profile.

func (LookupInstanceProfileResultOutput) RoleName

The role name associated with this instance profile.

func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput

func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput() LookupInstanceProfileResultOutput

func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext

func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext(ctx context.Context) LookupInstanceProfileResultOutput

type LookupPolicyArgs

type LookupPolicyArgs struct {
	// The ARN of the IAM policy.
	Arn *string `pulumi:"arn"`
	// The name of the IAM policy.
	Name *string `pulumi:"name"`
	// The prefix of the path to the IAM policy. Defaults to a slash (`/`).
	PathPrefix *string `pulumi:"pathPrefix"`
	// Key-value mapping of tags for the IAM Policy.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getPolicy.

type LookupPolicyOutputArgs

type LookupPolicyOutputArgs struct {
	// The ARN of the IAM policy.
	Arn pulumi.StringPtrInput `pulumi:"arn"`
	// The name of the IAM policy.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// The prefix of the path to the IAM policy. Defaults to a slash (`/`).
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
	// Key-value mapping of tags for the IAM Policy.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getPolicy.

func (LookupPolicyOutputArgs) ElementType

func (LookupPolicyOutputArgs) ElementType() reflect.Type

type LookupPolicyResult

type LookupPolicyResult struct {
	Arn string `pulumi:"arn"`
	// The description of the policy.
	Description string `pulumi:"description"`
	// The provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// The path to the policy.
	Path       string  `pulumi:"path"`
	PathPrefix *string `pulumi:"pathPrefix"`
	// The policy document of the policy.
	Policy string `pulumi:"policy"`
	// The policy's ID.
	PolicyId string `pulumi:"policyId"`
	// Key-value mapping of tags for the IAM Policy.
	Tags map[string]string `pulumi:"tags"`
}

A collection of values returned by getPolicy.

func LookupPolicy

func LookupPolicy(ctx *pulumi.Context, args *LookupPolicyArgs, opts ...pulumi.InvokeOption) (*LookupPolicyResult, error)

This data source can be used to fetch information about a specific IAM policy.

## Example Usage ### By ARN

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{
			Arn: pulumi.StringRef("arn:aws:iam::123456789012:policy/UsersManageOwnCredentials"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### By Name

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{
			Name: pulumi.StringRef("test_policy"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupPolicyResultOutput

type LookupPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPolicy.

func (LookupPolicyResultOutput) Arn

func (LookupPolicyResultOutput) Description

The description of the policy.

func (LookupPolicyResultOutput) ElementType

func (LookupPolicyResultOutput) ElementType() reflect.Type

func (LookupPolicyResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupPolicyResultOutput) Name

func (LookupPolicyResultOutput) Path

The path to the policy.

func (LookupPolicyResultOutput) PathPrefix

func (LookupPolicyResultOutput) Policy

The policy document of the policy.

func (LookupPolicyResultOutput) PolicyId

The policy's ID.

func (LookupPolicyResultOutput) Tags

Key-value mapping of tags for the IAM Policy.

func (LookupPolicyResultOutput) ToLookupPolicyResultOutput

func (o LookupPolicyResultOutput) ToLookupPolicyResultOutput() LookupPolicyResultOutput

func (LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext

func (o LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext(ctx context.Context) LookupPolicyResultOutput

type LookupRoleArgs

type LookupRoleArgs struct {
	// The friendly IAM role name to match.
	Name string `pulumi:"name"`
	// The tags attached to the role.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getRole.

type LookupRoleOutputArgs

type LookupRoleOutputArgs struct {
	// The friendly IAM role name to match.
	Name pulumi.StringInput `pulumi:"name"`
	// The tags attached to the role.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getRole.

func (LookupRoleOutputArgs) ElementType

func (LookupRoleOutputArgs) ElementType() reflect.Type

type LookupRoleResult

type LookupRoleResult struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn string `pulumi:"arn"`
	// The policy document associated with the role.
	AssumeRolePolicy string `pulumi:"assumeRolePolicy"`
	// Creation date of the role in RFC 3339 format.
	CreateDate string `pulumi:"createDate"`
	// Description for the role.
	Description string `pulumi:"description"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Maximum session duration.
	MaxSessionDuration int    `pulumi:"maxSessionDuration"`
	Name               string `pulumi:"name"`
	// The path to the role.
	Path string `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary string `pulumi:"permissionsBoundary"`
	// The tags attached to the role.
	Tags map[string]string `pulumi:"tags"`
	// The stable and unique string identifying the role.
	UniqueId string `pulumi:"uniqueId"`
}

A collection of values returned by getRole.

func LookupRole

func LookupRole(ctx *pulumi.Context, args *LookupRoleArgs, opts ...pulumi.InvokeOption) (*LookupRoleResult, error)

This data source can be used to fetch information about a specific IAM role. By using this data source, you can reference IAM role properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupRole(ctx, &iam.LookupRoleArgs{
			Name: "an_example_role_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupRoleResultOutput

type LookupRoleResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRole.

func (LookupRoleResultOutput) Arn

The Amazon Resource Name (ARN) specifying the role.

func (LookupRoleResultOutput) AssumeRolePolicy

func (o LookupRoleResultOutput) AssumeRolePolicy() pulumi.StringOutput

The policy document associated with the role.

func (LookupRoleResultOutput) CreateDate

Creation date of the role in RFC 3339 format.

func (LookupRoleResultOutput) Description

func (o LookupRoleResultOutput) Description() pulumi.StringOutput

Description for the role.

func (LookupRoleResultOutput) ElementType

func (LookupRoleResultOutput) ElementType() reflect.Type

func (LookupRoleResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupRoleResultOutput) MaxSessionDuration

func (o LookupRoleResultOutput) MaxSessionDuration() pulumi.IntOutput

Maximum session duration.

func (LookupRoleResultOutput) Name

func (LookupRoleResultOutput) Path

The path to the role.

func (LookupRoleResultOutput) PermissionsBoundary

func (o LookupRoleResultOutput) PermissionsBoundary() pulumi.StringOutput

The ARN of the policy that is used to set the permissions boundary for the role.

func (LookupRoleResultOutput) Tags

The tags attached to the role.

func (LookupRoleResultOutput) ToLookupRoleResultOutput

func (o LookupRoleResultOutput) ToLookupRoleResultOutput() LookupRoleResultOutput

func (LookupRoleResultOutput) ToLookupRoleResultOutputWithContext

func (o LookupRoleResultOutput) ToLookupRoleResultOutputWithContext(ctx context.Context) LookupRoleResultOutput

func (LookupRoleResultOutput) UniqueId

The stable and unique string identifying the role.

type LookupSamlProviderArgs added in v5.2.0

type LookupSamlProviderArgs struct {
	// The ARN assigned by AWS for the provider.
	Arn string `pulumi:"arn"`
	// The tags attached to the SAML provider.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getSamlProvider.

type LookupSamlProviderOutputArgs added in v5.2.0

type LookupSamlProviderOutputArgs struct {
	// The ARN assigned by AWS for the provider.
	Arn pulumi.StringInput `pulumi:"arn"`
	// The tags attached to the SAML provider.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getSamlProvider.

func (LookupSamlProviderOutputArgs) ElementType added in v5.2.0

type LookupSamlProviderResult added in v5.2.0

type LookupSamlProviderResult struct {
	Arn string `pulumi:"arn"`
	// Creation date of the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.
	CreateDate string `pulumi:"createDate"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The name of the provider.
	Name string `pulumi:"name"`
	// The XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument string `pulumi:"samlMetadataDocument"`
	// The tags attached to the SAML provider.
	Tags map[string]string `pulumi:"tags"`
	// The expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2007 15:04:05 MST`.
	ValidUntil string `pulumi:"validUntil"`
}

A collection of values returned by getSamlProvider.

func LookupSamlProvider added in v5.2.0

func LookupSamlProvider(ctx *pulumi.Context, args *LookupSamlProviderArgs, opts ...pulumi.InvokeOption) (*LookupSamlProviderResult, error)

This data source can be used to fetch information about a specific IAM SAML provider. This will allow you to easily retrieve the metadata document of an existing SAML provider.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupSamlProvider(ctx, &iam.LookupSamlProviderArgs{
			Arn: "arn:aws:iam::123456789:saml-provider/myprovider",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSamlProviderResultOutput added in v5.2.0

type LookupSamlProviderResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSamlProvider.

func LookupSamlProviderOutput added in v5.2.0

func (LookupSamlProviderResultOutput) Arn added in v5.2.0

func (LookupSamlProviderResultOutput) CreateDate added in v5.2.0

Creation date of the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.

func (LookupSamlProviderResultOutput) ElementType added in v5.2.0

func (LookupSamlProviderResultOutput) Id added in v5.2.0

The provider-assigned unique ID for this managed resource.

func (LookupSamlProviderResultOutput) Name added in v5.2.0

The name of the provider.

func (LookupSamlProviderResultOutput) SamlMetadataDocument added in v5.2.0

func (o LookupSamlProviderResultOutput) SamlMetadataDocument() pulumi.StringOutput

The XML document generated by an identity provider that supports SAML 2.0.

func (LookupSamlProviderResultOutput) Tags added in v5.2.0

The tags attached to the SAML provider.

func (LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutput added in v5.2.0

func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutput() LookupSamlProviderResultOutput

func (LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutputWithContext added in v5.2.0

func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutputWithContext(ctx context.Context) LookupSamlProviderResultOutput

func (LookupSamlProviderResultOutput) ValidUntil added in v5.2.0

The expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2007 15:04:05 MST`.

type LookupServerCertificateArgs

type LookupServerCertificateArgs struct {
	// sort results by expiration date. returns the certificate with expiration date in furthest in the future.
	Latest *bool `pulumi:"latest"`
	// exact name of the cert to lookup
	Name *string `pulumi:"name"`
	// prefix of cert to filter by
	NamePrefix *string `pulumi:"namePrefix"`
	// prefix of path to filter by
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getServerCertificate.

type LookupServerCertificateOutputArgs

type LookupServerCertificateOutputArgs struct {
	// sort results by expiration date. returns the certificate with expiration date in furthest in the future.
	Latest pulumi.BoolPtrInput `pulumi:"latest"`
	// exact name of the cert to lookup
	Name pulumi.StringPtrInput `pulumi:"name"`
	// prefix of cert to filter by
	NamePrefix pulumi.StringPtrInput `pulumi:"namePrefix"`
	// prefix of path to filter by
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getServerCertificate.

func (LookupServerCertificateOutputArgs) ElementType

type LookupServerCertificateResult

type LookupServerCertificateResult struct {
	Arn              string `pulumi:"arn"`
	CertificateBody  string `pulumi:"certificateBody"`
	CertificateChain string `pulumi:"certificateChain"`
	ExpirationDate   string `pulumi:"expirationDate"`
	// The provider-assigned unique ID for this managed resource.
	Id         string  `pulumi:"id"`
	Latest     *bool   `pulumi:"latest"`
	Name       string  `pulumi:"name"`
	NamePrefix *string `pulumi:"namePrefix"`
	Path       string  `pulumi:"path"`
	PathPrefix *string `pulumi:"pathPrefix"`
	UploadDate string  `pulumi:"uploadDate"`
}

A collection of values returned by getServerCertificate.

func LookupServerCertificate

func LookupServerCertificate(ctx *pulumi.Context, args *LookupServerCertificateArgs, opts ...pulumi.InvokeOption) (*LookupServerCertificateResult, error)

Use this data source to lookup information about IAM Server Certificates.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/elb"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		my_domain, err := iam.LookupServerCertificate(ctx, &iam.LookupServerCertificateArgs{
			NamePrefix: pulumi.StringRef("my-domain.org"),
			Latest:     pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		_, err = elb.NewLoadBalancer(ctx, "elb", &elb.LoadBalancerArgs{
			Listeners: elb.LoadBalancerListenerArray{
				&elb.LoadBalancerListenerArgs{
					InstancePort:     pulumi.Int(8000),
					InstanceProtocol: pulumi.String("https"),
					LbPort:           pulumi.Int(443),
					LbProtocol:       pulumi.String("https"),
					SslCertificateId: pulumi.String(my_domain.Arn),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupServerCertificateResultOutput

type LookupServerCertificateResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getServerCertificate.

func (LookupServerCertificateResultOutput) Arn

func (LookupServerCertificateResultOutput) CertificateBody

func (LookupServerCertificateResultOutput) CertificateChain

func (LookupServerCertificateResultOutput) ElementType

func (LookupServerCertificateResultOutput) ExpirationDate

func (LookupServerCertificateResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupServerCertificateResultOutput) Latest

func (LookupServerCertificateResultOutput) Name

func (LookupServerCertificateResultOutput) NamePrefix

func (LookupServerCertificateResultOutput) Path

func (LookupServerCertificateResultOutput) PathPrefix

func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput

func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput() LookupServerCertificateResultOutput

func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext

func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext(ctx context.Context) LookupServerCertificateResultOutput

func (LookupServerCertificateResultOutput) UploadDate

type LookupUserArgs

type LookupUserArgs struct {
	// Map of key-value pairs associated with the user.
	Tags map[string]string `pulumi:"tags"`
	// The friendly IAM user name to match.
	UserName string `pulumi:"userName"`
}

A collection of arguments for invoking getUser.

type LookupUserOutputArgs

type LookupUserOutputArgs struct {
	// Map of key-value pairs associated with the user.
	Tags pulumi.StringMapInput `pulumi:"tags"`
	// The friendly IAM user name to match.
	UserName pulumi.StringInput `pulumi:"userName"`
}

A collection of arguments for invoking getUser.

func (LookupUserOutputArgs) ElementType

func (LookupUserOutputArgs) ElementType() reflect.Type

type LookupUserResult

type LookupUserResult struct {
	// The Amazon Resource Name (ARN) assigned by AWS for this user.
	Arn string `pulumi:"arn"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Path in which this user was created.
	Path string `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary string `pulumi:"permissionsBoundary"`
	// Map of key-value pairs associated with the user.
	Tags map[string]string `pulumi:"tags"`
	// The unique ID assigned by AWS for this user.
	UserId string `pulumi:"userId"`
	// The name associated to this User
	UserName string `pulumi:"userName"`
}

A collection of values returned by getUser.

func LookupUser

func LookupUser(ctx *pulumi.Context, args *LookupUserArgs, opts ...pulumi.InvokeOption) (*LookupUserResult, error)

This data source can be used to fetch information about a specific IAM user. By using this data source, you can reference IAM user properties without having to hard code ARNs or unique IDs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupUser(ctx, &iam.LookupUserArgs{
			UserName: "an_example_user_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupUserResultOutput

type LookupUserResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUser.

func (LookupUserResultOutput) Arn

The Amazon Resource Name (ARN) assigned by AWS for this user.

func (LookupUserResultOutput) ElementType

func (LookupUserResultOutput) ElementType() reflect.Type

func (LookupUserResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupUserResultOutput) Path

Path in which this user was created.

func (LookupUserResultOutput) PermissionsBoundary

func (o LookupUserResultOutput) PermissionsBoundary() pulumi.StringOutput

The ARN of the policy that is used to set the permissions boundary for the user.

func (LookupUserResultOutput) Tags

Map of key-value pairs associated with the user.

func (LookupUserResultOutput) ToLookupUserResultOutput

func (o LookupUserResultOutput) ToLookupUserResultOutput() LookupUserResultOutput

func (LookupUserResultOutput) ToLookupUserResultOutputWithContext

func (o LookupUserResultOutput) ToLookupUserResultOutputWithContext(ctx context.Context) LookupUserResultOutput

func (LookupUserResultOutput) UserId

The unique ID assigned by AWS for this user.

func (LookupUserResultOutput) UserName

The name associated to this User

type ManagedPolicy

type ManagedPolicy string

func (ManagedPolicy) ElementType

func (ManagedPolicy) ElementType() reflect.Type

func (ManagedPolicy) ToManagedPolicyOutput

func (e ManagedPolicy) ToManagedPolicyOutput() ManagedPolicyOutput

func (ManagedPolicy) ToManagedPolicyOutputWithContext

func (e ManagedPolicy) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput

func (ManagedPolicy) ToManagedPolicyPtrOutput

func (e ManagedPolicy) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicy) ToManagedPolicyPtrOutputWithContext

func (e ManagedPolicy) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicy) ToStringOutput

func (e ManagedPolicy) ToStringOutput() pulumi.StringOutput

func (ManagedPolicy) ToStringOutputWithContext

func (e ManagedPolicy) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ManagedPolicy) ToStringPtrOutput

func (e ManagedPolicy) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicy) ToStringPtrOutputWithContext

func (e ManagedPolicy) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ManagedPolicyInput

type ManagedPolicyInput interface {
	pulumi.Input

	ToManagedPolicyOutput() ManagedPolicyOutput
	ToManagedPolicyOutputWithContext(context.Context) ManagedPolicyOutput
}

ManagedPolicyInput is an input type that accepts ManagedPolicyArgs and ManagedPolicyOutput values. You can construct a concrete instance of `ManagedPolicyInput` via:

ManagedPolicyArgs{...}

type ManagedPolicyOutput

type ManagedPolicyOutput struct{ *pulumi.OutputState }

func (ManagedPolicyOutput) ElementType

func (ManagedPolicyOutput) ElementType() reflect.Type

func (ManagedPolicyOutput) ToManagedPolicyOutput

func (o ManagedPolicyOutput) ToManagedPolicyOutput() ManagedPolicyOutput

func (ManagedPolicyOutput) ToManagedPolicyOutputWithContext

func (o ManagedPolicyOutput) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput

func (ManagedPolicyOutput) ToManagedPolicyPtrOutput

func (o ManagedPolicyOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext

func (o ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicyOutput) ToStringOutput

func (o ManagedPolicyOutput) ToStringOutput() pulumi.StringOutput

func (ManagedPolicyOutput) ToStringOutputWithContext

func (o ManagedPolicyOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ManagedPolicyOutput) ToStringPtrOutput

func (o ManagedPolicyOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicyOutput) ToStringPtrOutputWithContext

func (o ManagedPolicyOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ManagedPolicyPtrInput

type ManagedPolicyPtrInput interface {
	pulumi.Input

	ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
	ToManagedPolicyPtrOutputWithContext(context.Context) ManagedPolicyPtrOutput
}

func ManagedPolicyPtr

func ManagedPolicyPtr(v string) ManagedPolicyPtrInput

type ManagedPolicyPtrOutput

type ManagedPolicyPtrOutput struct{ *pulumi.OutputState }

func (ManagedPolicyPtrOutput) Elem

func (ManagedPolicyPtrOutput) ElementType

func (ManagedPolicyPtrOutput) ElementType() reflect.Type

func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput

func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext

func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicyPtrOutput) ToStringPtrOutput

func (o ManagedPolicyPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicyPtrOutput) ToStringPtrOutputWithContext

func (o ManagedPolicyPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OpenIdConnectProvider

type OpenIdConnectProvider struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayOutput `pulumi:"clientIdLists"`
	// Map of resource tags for the IAM OIDC provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayOutput `pulumi:"thumbprintLists"`
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringOutput `pulumi:"url"`
}

Provides an IAM OpenID Connect provider.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewOpenIdConnectProvider(ctx, "default", &iam.OpenIdConnectProviderArgs{
			ClientIdLists: pulumi.StringArray{
				pulumi.String("266362248691-342342xasdasdasda-apps.googleusercontent.com"),
			},
			ThumbprintLists: pulumi.StringArray{},
			Url:             pulumi.String("https://accounts.google.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM OpenID Connect Providers can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/openIdConnectProvider:OpenIdConnectProvider default arn:aws:iam::123456789012:oidc-provider/accounts.google.com

```

func GetOpenIdConnectProvider

func GetOpenIdConnectProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OpenIdConnectProviderState, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)

GetOpenIdConnectProvider gets an existing OpenIdConnectProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOpenIdConnectProvider

func NewOpenIdConnectProvider(ctx *pulumi.Context,
	name string, args *OpenIdConnectProviderArgs, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)

NewOpenIdConnectProvider registers a new resource with the given unique name, arguments, and options.

func (*OpenIdConnectProvider) ElementType

func (*OpenIdConnectProvider) ElementType() reflect.Type

func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutput

func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput

func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext

func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput

type OpenIdConnectProviderArgs

type OpenIdConnectProviderArgs struct {
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayInput
	// Map of resource tags for the IAM OIDC provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayInput
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringInput
}

The set of arguments for constructing a OpenIdConnectProvider resource.

func (OpenIdConnectProviderArgs) ElementType

func (OpenIdConnectProviderArgs) ElementType() reflect.Type

type OpenIdConnectProviderArray

type OpenIdConnectProviderArray []OpenIdConnectProviderInput

func (OpenIdConnectProviderArray) ElementType

func (OpenIdConnectProviderArray) ElementType() reflect.Type

func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput

func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput

func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext

func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderArrayInput

type OpenIdConnectProviderArrayInput interface {
	pulumi.Input

	ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput
	ToOpenIdConnectProviderArrayOutputWithContext(context.Context) OpenIdConnectProviderArrayOutput
}

OpenIdConnectProviderArrayInput is an input type that accepts OpenIdConnectProviderArray and OpenIdConnectProviderArrayOutput values. You can construct a concrete instance of `OpenIdConnectProviderArrayInput` via:

OpenIdConnectProviderArray{ OpenIdConnectProviderArgs{...} }

type OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderArrayOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderArrayOutput) ElementType

func (OpenIdConnectProviderArrayOutput) Index

func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput

func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput

func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext

func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderInput

type OpenIdConnectProviderInput interface {
	pulumi.Input

	ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput
	ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput
}

type OpenIdConnectProviderMap

type OpenIdConnectProviderMap map[string]OpenIdConnectProviderInput

func (OpenIdConnectProviderMap) ElementType

func (OpenIdConnectProviderMap) ElementType() reflect.Type

func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput

func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput

func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext

func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput

type OpenIdConnectProviderMapInput

type OpenIdConnectProviderMapInput interface {
	pulumi.Input

	ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput
	ToOpenIdConnectProviderMapOutputWithContext(context.Context) OpenIdConnectProviderMapOutput
}

OpenIdConnectProviderMapInput is an input type that accepts OpenIdConnectProviderMap and OpenIdConnectProviderMapOutput values. You can construct a concrete instance of `OpenIdConnectProviderMapInput` via:

OpenIdConnectProviderMap{ "key": OpenIdConnectProviderArgs{...} }

type OpenIdConnectProviderMapOutput

type OpenIdConnectProviderMapOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderMapOutput) ElementType

func (OpenIdConnectProviderMapOutput) MapIndex

func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput

func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput

func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext

func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput

type OpenIdConnectProviderOutput

type OpenIdConnectProviderOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderOutput) Arn added in v5.4.0

The ARN assigned by AWS for this provider.

func (OpenIdConnectProviderOutput) ClientIdLists added in v5.4.0

A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)

func (OpenIdConnectProviderOutput) ElementType

func (OpenIdConnectProviderOutput) Tags added in v5.4.0

Map of resource tags for the IAM OIDC provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (OpenIdConnectProviderOutput) TagsAll added in v5.4.0

A map of tags assigned to the resource, including those inherited from the provider .

func (OpenIdConnectProviderOutput) ThumbprintLists added in v5.4.0

A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).

func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput

func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput

func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext

func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput

func (OpenIdConnectProviderOutput) Url added in v5.4.0

The URL of the identity provider. Corresponds to the _iss_ claim.

type OpenIdConnectProviderState

type OpenIdConnectProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringPtrInput
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayInput
	// Map of resource tags for the IAM OIDC provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayInput
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringPtrInput
}

func (OpenIdConnectProviderState) ElementType

func (OpenIdConnectProviderState) ElementType() reflect.Type

type Policy

type Policy struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS to this policy.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Description of the IAM policy.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// The policy's ID.
	PolicyId pulumi.StringOutput `pulumi:"policyId"`
	// Map of resource tags for the IAM Policy
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
}

Provides an IAM policy.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Path:        pulumi.String("/"),
			Description: pulumi.String("My test policy"),
			Policy:      pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Policies can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/policy:Policy administrator arn:aws:iam::123456789012:policy/UsersManageOwnCredentials

```

func GetPolicy

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs

type PolicyArgs struct {
	// Description of the IAM policy.
	Description pulumi.StringPtrInput
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// Map of resource tags for the IAM Policy
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray

type PolicyArray []PolicyInput

func (PolicyArray) ElementType

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via:

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index

func (PolicyArrayOutput) ToPolicyArrayOutput

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyAttachment

type PolicyAttachment struct {
	pulumi.CustomResourceState

	// The group(s) the policy should be applied to
	Groups pulumi.StringArrayOutput `pulumi:"groups"`
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The role(s) the policy should be applied to
	Roles pulumi.StringArrayOutput `pulumi:"roles"`
	// The user(s) the policy should be applied to
	Users pulumi.StringArrayOutput `pulumi:"users"`
}

Attaches a Managed IAM Policy to user(s), role(s), and/or group(s)

!> **WARNING:** The iam.PolicyAttachment resource creates **exclusive** attachments of IAM policies. Across the entire AWS account, all of the users/roles/groups to which a single policy is attached must be declared by a single iam.PolicyAttachment resource. This means that even any users/roles/groups that have the attached policy via any other mechanism (including other resources managed by this provider) will have that attached policy revoked by this resource. Consider `iam.RolePolicyAttachment`, `iam.UserPolicyAttachment`, or `iam.GroupPolicyAttachment` instead. These resources do not enforce exclusive attachment of an IAM policy.

> **NOTE:** The usage of this resource conflicts with the `iam.GroupPolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.UserPolicyAttachment` resources and will permanently show a difference if both are defined.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user, err := iam.NewUser(ctx, "user", nil)
		if err != nil {
			return err
		}
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": \"sts:AssumeRole\",\n", "      \"Principal\": {\n", "        \"Service\": \"ec2.amazonaws.com\"\n", "      },\n", "      \"Effect\": \"Allow\",\n", "      \"Sid\": \"\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewPolicyAttachment(ctx, "test-attach", &iam.PolicyAttachmentArgs{
			Users: pulumi.AnyArray{
				user.Name,
			},
			Roles: pulumi.AnyArray{
				role.Name,
			},
			Groups: pulumi.AnyArray{
				group.Name,
			},
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetPolicyAttachment

func GetPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyAttachmentState, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)

GetPolicyAttachment gets an existing PolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicyAttachment

func NewPolicyAttachment(ctx *pulumi.Context,
	name string, args *PolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)

NewPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*PolicyAttachment) ElementType

func (*PolicyAttachment) ElementType() reflect.Type

func (*PolicyAttachment) ToPolicyAttachmentOutput

func (i *PolicyAttachment) ToPolicyAttachmentOutput() PolicyAttachmentOutput

func (*PolicyAttachment) ToPolicyAttachmentOutputWithContext

func (i *PolicyAttachment) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput

type PolicyAttachmentArgs

type PolicyAttachmentArgs struct {
	// The group(s) the policy should be applied to
	Groups pulumi.ArrayInput
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringPtrInput
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The role(s) the policy should be applied to
	Roles pulumi.ArrayInput
	// The user(s) the policy should be applied to
	Users pulumi.ArrayInput
}

The set of arguments for constructing a PolicyAttachment resource.

func (PolicyAttachmentArgs) ElementType

func (PolicyAttachmentArgs) ElementType() reflect.Type

type PolicyAttachmentArray

type PolicyAttachmentArray []PolicyAttachmentInput

func (PolicyAttachmentArray) ElementType

func (PolicyAttachmentArray) ElementType() reflect.Type

func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutput

func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput

func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext

func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput

type PolicyAttachmentArrayInput

type PolicyAttachmentArrayInput interface {
	pulumi.Input

	ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput
	ToPolicyAttachmentArrayOutputWithContext(context.Context) PolicyAttachmentArrayOutput
}

PolicyAttachmentArrayInput is an input type that accepts PolicyAttachmentArray and PolicyAttachmentArrayOutput values. You can construct a concrete instance of `PolicyAttachmentArrayInput` via:

PolicyAttachmentArray{ PolicyAttachmentArgs{...} }

type PolicyAttachmentArrayOutput

type PolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentArrayOutput) ElementType

func (PolicyAttachmentArrayOutput) Index

func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput

func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput

func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext

func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput

type PolicyAttachmentInput

type PolicyAttachmentInput interface {
	pulumi.Input

	ToPolicyAttachmentOutput() PolicyAttachmentOutput
	ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput
}

type PolicyAttachmentMap

type PolicyAttachmentMap map[string]PolicyAttachmentInput

func (PolicyAttachmentMap) ElementType

func (PolicyAttachmentMap) ElementType() reflect.Type

func (PolicyAttachmentMap) ToPolicyAttachmentMapOutput

func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput

func (PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext

func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput

type PolicyAttachmentMapInput

type PolicyAttachmentMapInput interface {
	pulumi.Input

	ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput
	ToPolicyAttachmentMapOutputWithContext(context.Context) PolicyAttachmentMapOutput
}

PolicyAttachmentMapInput is an input type that accepts PolicyAttachmentMap and PolicyAttachmentMapOutput values. You can construct a concrete instance of `PolicyAttachmentMapInput` via:

PolicyAttachmentMap{ "key": PolicyAttachmentArgs{...} }

type PolicyAttachmentMapOutput

type PolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentMapOutput) ElementType

func (PolicyAttachmentMapOutput) ElementType() reflect.Type

func (PolicyAttachmentMapOutput) MapIndex

func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput

func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput

func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext

func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput

type PolicyAttachmentOutput

type PolicyAttachmentOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentOutput) ElementType

func (PolicyAttachmentOutput) ElementType() reflect.Type

func (PolicyAttachmentOutput) Groups added in v5.4.0

The group(s) the policy should be applied to

func (PolicyAttachmentOutput) Name added in v5.4.0

The name of the attachment. This cannot be an empty string.

func (PolicyAttachmentOutput) PolicyArn added in v5.4.0

The ARN of the policy you want to apply

func (PolicyAttachmentOutput) Roles added in v5.4.0

The role(s) the policy should be applied to

func (PolicyAttachmentOutput) ToPolicyAttachmentOutput

func (o PolicyAttachmentOutput) ToPolicyAttachmentOutput() PolicyAttachmentOutput

func (PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext

func (o PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput

func (PolicyAttachmentOutput) Users added in v5.4.0

The user(s) the policy should be applied to

type PolicyAttachmentState

type PolicyAttachmentState struct {
	// The group(s) the policy should be applied to
	Groups pulumi.ArrayInput
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringPtrInput
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The role(s) the policy should be applied to
	Roles pulumi.ArrayInput
	// The user(s) the policy should be applied to
	Users pulumi.ArrayInput
}

func (PolicyAttachmentState) ElementType

func (PolicyAttachmentState) ElementType() reflect.Type

type PolicyInput

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via:

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex

func (PolicyMapOutput) ToPolicyMapOutput

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) Arn added in v5.4.0

The ARN assigned by AWS to this policy.

func (PolicyOutput) Description added in v5.4.0

func (o PolicyOutput) Description() pulumi.StringPtrOutput

Description of the IAM policy.

func (PolicyOutput) ElementType

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) Name added in v5.4.0

func (o PolicyOutput) Name() pulumi.StringOutput

The name of the policy. If omitted, this provider will assign a random, unique name.

func (PolicyOutput) NamePrefix added in v5.4.0

func (o PolicyOutput) NamePrefix() pulumi.StringPtrOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (PolicyOutput) Path added in v5.4.0

Path in which to create the policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.

func (PolicyOutput) Policy added in v5.4.0

func (o PolicyOutput) Policy() pulumi.StringOutput

The policy document. This is a JSON formatted string.

func (PolicyOutput) PolicyId added in v5.4.0

func (o PolicyOutput) PolicyId() pulumi.StringOutput

The policy's ID.

func (PolicyOutput) Tags added in v5.4.0

Map of resource tags for the IAM Policy

func (PolicyOutput) TagsAll added in v5.4.0

func (o PolicyOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider.

func (PolicyOutput) ToPolicyOutput

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyState

type PolicyState struct {
	// The ARN assigned by AWS to this policy.
	Arn pulumi.StringPtrInput
	// Description of the IAM policy.
	Description pulumi.StringPtrInput
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// The policy's ID.
	PolicyId pulumi.StringPtrInput
	// Map of resource tags for the IAM Policy
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapInput
}

func (PolicyState) ElementType

func (PolicyState) ElementType() reflect.Type

type Role

type Role struct {
	pulumi.CustomResourceState

	// Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Policy that grants an entity permission to assume the role.
	AssumeRolePolicy pulumi.StringOutput `pulumi:"assumeRolePolicy"`
	// Creation date of the IAM role.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Description of the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrOutput `pulumi:"forceDetachPolicies"`
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies RoleInlinePolicyArrayOutput `pulumi:"inlinePolicies"`
	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managedPolicyArns = []`) will cause the provider to remove _all_ managed policy attachments.
	ManagedPolicyArns pulumi.StringArrayOutput `pulumi:"managedPolicyArns"`
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrOutput `pulumi:"maxSessionDuration"`
	// Name of the role policy.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringOutput `pulumi:"namePrefix"`
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"`
	// Key-value mapping of tags for the IAM role. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Stable and unique string identifying the role.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM role.

> **NOTE:** If policies are attached to the role via the `iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `forceDetachPolicies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.RolePolicyAttachment` resource does not have this requirement.

> **NOTE:** If you use this resource's `managedPolicyArns` argument or `inlinePolicy` configuration blocks, this resource will take over exclusive management of the role's respective policy types (e.g., both policy types if both arguments are used). These arguments are incompatible with other ways of managing a role's policies, such as `iam.PolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.RolePolicy`. If you attempt to manage a role's policies by multiple means, you will get resource cycling and/or errors.

## Example Usage ### Basic Example

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": "sts:AssumeRole",
					"Effect": "Allow",
					"Sid":    "",
					"Principal": map[string]interface{}{
						"Service": "ec2.amazonaws.com",
					},
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err := iam.NewRole(ctx, "testRole", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.String(json0),
			Tags: pulumi.StringMap{
				"tag-key": pulumi.String("tag-value"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Using Data Source for Assume Role Policy

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		instance_assume_role_policy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"sts:AssumeRole",
					},
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						iam.GetPolicyDocumentStatementPrincipal{
							Type: "Service",
							Identifiers: []string{
								"ec2.amazonaws.com",
							},
						},
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewRole(ctx, "instance", &iam.RoleArgs{
			Path:             pulumi.String("/system/"),
			AssumeRolePolicy: pulumi.String(instance_assume_role_policy.Json),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Exclusive Inline Policies

This example creates an IAM role with two inline IAM policies. If someone adds another inline policy out-of-band, on the next apply, the provider will remove that policy. If someone deletes these policies out-of-band, the provider will recreate them.

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		inlinePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"ec2:DescribeAccountAttributes",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			InlinePolicies: iam.RoleInlinePolicyArray{
				&iam.RoleInlinePolicyArgs{
					Name:   pulumi.String("my_inline_policy"),
					Policy: pulumi.String(json0),
				},
				&iam.RoleInlinePolicyArgs{
					Name:   pulumi.String("policy-8675309"),
					Policy: pulumi.String(inlinePolicy.Json),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Removing Inline Policies

This example creates an IAM role with what appears to be empty IAM `inlinePolicy` argument instead of using `inlinePolicy` as a configuration block. The result is that if someone were to add an inline policy out-of-band, on the next apply, the provider will remove that policy.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			InlinePolicies: iam.RoleInlinePolicyArray{
				nil,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Exclusive Managed Policies

This example creates an IAM role and attaches two managed IAM policies. If someone attaches another managed policy out-of-band, on the next apply, the provider will detach that policy. If someone detaches these policies out-of-band, the provider will attach them again.

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		policyOne, err := iam.NewPolicy(ctx, "policyOne", &iam.PolicyArgs{
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		tmpJSON1, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"s3:ListAllMyBuckets",
						"s3:ListBucket",
						"s3:HeadBucket",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json1 := string(tmpJSON1)
		policyTwo, err := iam.NewPolicy(ctx, "policyTwo", &iam.PolicyArgs{
			Policy: pulumi.String(json1),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			ManagedPolicyArns: pulumi.StringArray{
				policyOne.Arn,
				policyTwo.Arn,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Removing Managed Policies

This example creates an IAM role with an empty `managedPolicyArns` argument. If someone attaches a policy out-of-band, on the next apply, the provider will detach that policy.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy:  pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			ManagedPolicyArns: pulumi.StringArray{},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Roles can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/role:Role developer developer_name

```

func GetRole

func GetRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RoleState, opts ...pulumi.ResourceOption) (*Role, error)

GetRole gets an existing Role resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRole

func NewRole(ctx *pulumi.Context,
	name string, args *RoleArgs, opts ...pulumi.ResourceOption) (*Role, error)

NewRole registers a new resource with the given unique name, arguments, and options.

func (*Role) ElementType

func (*Role) ElementType() reflect.Type

func (*Role) ToRoleOutput

func (i *Role) ToRoleOutput() RoleOutput

func (*Role) ToRoleOutputWithContext

func (i *Role) ToRoleOutputWithContext(ctx context.Context) RoleOutput

type RoleArgs

type RoleArgs struct {
	// Policy that grants an entity permission to assume the role.
	AssumeRolePolicy pulumi.Input
	// Description of the role.
	Description pulumi.StringPtrInput
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrInput
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies RoleInlinePolicyArrayInput
	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managedPolicyArns = []`) will cause the provider to remove _all_ managed policy attachments.
	ManagedPolicyArns pulumi.StringArrayInput
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrInput
	// Name of the role policy.
	Name pulumi.StringPtrInput
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Role resource.

func (RoleArgs) ElementType

func (RoleArgs) ElementType() reflect.Type

type RoleArray

type RoleArray []RoleInput

func (RoleArray) ElementType

func (RoleArray) ElementType() reflect.Type

func (RoleArray) ToRoleArrayOutput

func (i RoleArray) ToRoleArrayOutput() RoleArrayOutput

func (RoleArray) ToRoleArrayOutputWithContext

func (i RoleArray) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput

type RoleArrayInput

type RoleArrayInput interface {
	pulumi.Input

	ToRoleArrayOutput() RoleArrayOutput
	ToRoleArrayOutputWithContext(context.Context) RoleArrayOutput
}

RoleArrayInput is an input type that accepts RoleArray and RoleArrayOutput values. You can construct a concrete instance of `RoleArrayInput` via:

RoleArray{ RoleArgs{...} }

type RoleArrayOutput

type RoleArrayOutput struct{ *pulumi.OutputState }

func (RoleArrayOutput) ElementType

func (RoleArrayOutput) ElementType() reflect.Type

func (RoleArrayOutput) Index

func (RoleArrayOutput) ToRoleArrayOutput

func (o RoleArrayOutput) ToRoleArrayOutput() RoleArrayOutput

func (RoleArrayOutput) ToRoleArrayOutputWithContext

func (o RoleArrayOutput) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput

type RoleInlinePolicy

type RoleInlinePolicy struct {
	// Name of the role policy.
	Name *string `pulumi:"name"`
	// Policy document as a JSON formatted string.
	Policy *string `pulumi:"policy"`
}

type RoleInlinePolicyArgs

type RoleInlinePolicyArgs struct {
	// Name of the role policy.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// Policy document as a JSON formatted string.
	Policy pulumi.StringPtrInput `pulumi:"policy"`
}

func (RoleInlinePolicyArgs) ElementType

func (RoleInlinePolicyArgs) ElementType() reflect.Type

func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutput

func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput

func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext

func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput

type RoleInlinePolicyArray

type RoleInlinePolicyArray []RoleInlinePolicyInput

func (RoleInlinePolicyArray) ElementType

func (RoleInlinePolicyArray) ElementType() reflect.Type

func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput

func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput

func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext

func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput

type RoleInlinePolicyArrayInput

type RoleInlinePolicyArrayInput interface {
	pulumi.Input

	ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput
	ToRoleInlinePolicyArrayOutputWithContext(context.Context) RoleInlinePolicyArrayOutput
}

RoleInlinePolicyArrayInput is an input type that accepts RoleInlinePolicyArray and RoleInlinePolicyArrayOutput values. You can construct a concrete instance of `RoleInlinePolicyArrayInput` via:

RoleInlinePolicyArray{ RoleInlinePolicyArgs{...} }

type RoleInlinePolicyArrayOutput

type RoleInlinePolicyArrayOutput struct{ *pulumi.OutputState }

func (RoleInlinePolicyArrayOutput) ElementType

func (RoleInlinePolicyArrayOutput) Index

func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput

func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput

func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext

func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput

type RoleInlinePolicyInput

type RoleInlinePolicyInput interface {
	pulumi.Input

	ToRoleInlinePolicyOutput() RoleInlinePolicyOutput
	ToRoleInlinePolicyOutputWithContext(context.Context) RoleInlinePolicyOutput
}

RoleInlinePolicyInput is an input type that accepts RoleInlinePolicyArgs and RoleInlinePolicyOutput values. You can construct a concrete instance of `RoleInlinePolicyInput` via:

RoleInlinePolicyArgs{...}

type RoleInlinePolicyOutput

type RoleInlinePolicyOutput struct{ *pulumi.OutputState }

func (RoleInlinePolicyOutput) ElementType

func (RoleInlinePolicyOutput) ElementType() reflect.Type

func (RoleInlinePolicyOutput) Name

Name of the role policy.

func (RoleInlinePolicyOutput) Policy

Policy document as a JSON formatted string.

func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutput

func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput

func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext

func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput

type RoleInput

type RoleInput interface {
	pulumi.Input

	ToRoleOutput() RoleOutput
	ToRoleOutputWithContext(ctx context.Context) RoleOutput
}

type RoleMap

type RoleMap map[string]RoleInput

func (RoleMap) ElementType

func (RoleMap) ElementType() reflect.Type

func (RoleMap) ToRoleMapOutput

func (i RoleMap) ToRoleMapOutput() RoleMapOutput

func (RoleMap) ToRoleMapOutputWithContext

func (i RoleMap) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput

type RoleMapInput

type RoleMapInput interface {
	pulumi.Input

	ToRoleMapOutput() RoleMapOutput
	ToRoleMapOutputWithContext(context.Context) RoleMapOutput
}

RoleMapInput is an input type that accepts RoleMap and RoleMapOutput values. You can construct a concrete instance of `RoleMapInput` via:

RoleMap{ "key": RoleArgs{...} }

type RoleMapOutput

type RoleMapOutput struct{ *pulumi.OutputState }

func (RoleMapOutput) ElementType

func (RoleMapOutput) ElementType() reflect.Type

func (RoleMapOutput) MapIndex

func (RoleMapOutput) ToRoleMapOutput

func (o RoleMapOutput) ToRoleMapOutput() RoleMapOutput

func (RoleMapOutput) ToRoleMapOutputWithContext

func (o RoleMapOutput) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput

type RoleOutput

type RoleOutput struct{ *pulumi.OutputState }

func (RoleOutput) Arn added in v5.4.0

func (o RoleOutput) Arn() pulumi.StringOutput

Amazon Resource Name (ARN) specifying the role.

func (RoleOutput) AssumeRolePolicy added in v5.4.0

func (o RoleOutput) AssumeRolePolicy() pulumi.StringOutput

Policy that grants an entity permission to assume the role.

func (RoleOutput) CreateDate added in v5.4.0

func (o RoleOutput) CreateDate() pulumi.StringOutput

Creation date of the IAM role.

func (RoleOutput) Description added in v5.4.0

func (o RoleOutput) Description() pulumi.StringPtrOutput

Description of the role.

func (RoleOutput) ElementType

func (RoleOutput) ElementType() reflect.Type

func (RoleOutput) ForceDetachPolicies added in v5.4.0

func (o RoleOutput) ForceDetachPolicies() pulumi.BoolPtrOutput

Whether to force detaching any policies the role has before destroying it. Defaults to `false`.

func (RoleOutput) InlinePolicies added in v5.4.0

func (o RoleOutput) InlinePolicies() RoleInlinePolicyArrayOutput

Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.

func (RoleOutput) ManagedPolicyArns added in v5.4.0

func (o RoleOutput) ManagedPolicyArns() pulumi.StringArrayOutput

Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managedPolicyArns = []`) will cause the provider to remove _all_ managed policy attachments.

func (RoleOutput) MaxSessionDuration added in v5.4.0

func (o RoleOutput) MaxSessionDuration() pulumi.IntPtrOutput

Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.

func (RoleOutput) Name added in v5.4.0

func (o RoleOutput) Name() pulumi.StringOutput

Name of the role policy.

func (RoleOutput) NamePrefix added in v5.4.0

func (o RoleOutput) NamePrefix() pulumi.StringOutput

Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.

func (RoleOutput) Path added in v5.4.0

Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.

func (RoleOutput) PermissionsBoundary added in v5.4.0

func (o RoleOutput) PermissionsBoundary() pulumi.StringPtrOutput

ARN of the policy that is used to set the permissions boundary for the role.

func (RoleOutput) Tags added in v5.4.0

Key-value mapping of tags for the IAM role. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (RoleOutput) TagsAll added in v5.4.0

func (o RoleOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider .

func (RoleOutput) ToRoleOutput

func (o RoleOutput) ToRoleOutput() RoleOutput

func (RoleOutput) ToRoleOutputWithContext

func (o RoleOutput) ToRoleOutputWithContext(ctx context.Context) RoleOutput

func (RoleOutput) UniqueId added in v5.4.0

func (o RoleOutput) UniqueId() pulumi.StringOutput

Stable and unique string identifying the role.

type RolePolicy

type RolePolicy struct {
	pulumi.CustomResourceState

	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// The IAM role to attach to the policy.
	Role pulumi.StringOutput `pulumi:"role"`
}

Provides an IAM role inline policy.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `inlinePolicy` argument. When using that argument and this resource, both will attempt to manage the role's inline policies and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": "sts:AssumeRole",
					"Effect": "Allow",
					"Sid":    "",
					"Principal": map[string]interface{}{
						"Service": "ec2.amazonaws.com",
					},
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		testRole, err := iam.NewRole(ctx, "testRole", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		tmpJSON1, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json1 := string(tmpJSON1)
		_, err = iam.NewRolePolicy(ctx, "testPolicy", &iam.RolePolicyArgs{
			Role:   testRole.ID(),
			Policy: pulumi.String(json1),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Role Policies can be imported using the `role_name:role_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/rolePolicy:RolePolicy mypolicy role_of_mypolicy_name:mypolicy_name

```

func GetRolePolicy

func GetRolePolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RolePolicyState, opts ...pulumi.ResourceOption) (*RolePolicy, error)

GetRolePolicy gets an existing RolePolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicy

func NewRolePolicy(ctx *pulumi.Context,
	name string, args *RolePolicyArgs, opts ...pulumi.ResourceOption) (*RolePolicy, error)

NewRolePolicy registers a new resource with the given unique name, arguments, and options.

func (*RolePolicy) ElementType

func (*RolePolicy) ElementType() reflect.Type

func (*RolePolicy) ToRolePolicyOutput

func (i *RolePolicy) ToRolePolicyOutput() RolePolicyOutput

func (*RolePolicy) ToRolePolicyOutputWithContext

func (i *RolePolicy) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput

type RolePolicyArgs

type RolePolicyArgs struct {
	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// The IAM role to attach to the policy.
	Role pulumi.Input
}

The set of arguments for constructing a RolePolicy resource.

func (RolePolicyArgs) ElementType

func (RolePolicyArgs) ElementType() reflect.Type

type RolePolicyArray

type RolePolicyArray []RolePolicyInput

func (RolePolicyArray) ElementType

func (RolePolicyArray) ElementType() reflect.Type

func (RolePolicyArray) ToRolePolicyArrayOutput

func (i RolePolicyArray) ToRolePolicyArrayOutput() RolePolicyArrayOutput

func (RolePolicyArray) ToRolePolicyArrayOutputWithContext

func (i RolePolicyArray) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput

type RolePolicyArrayInput

type RolePolicyArrayInput interface {
	pulumi.Input

	ToRolePolicyArrayOutput() RolePolicyArrayOutput
	ToRolePolicyArrayOutputWithContext(context.Context) RolePolicyArrayOutput
}

RolePolicyArrayInput is an input type that accepts RolePolicyArray and RolePolicyArrayOutput values. You can construct a concrete instance of `RolePolicyArrayInput` via:

RolePolicyArray{ RolePolicyArgs{...} }

type RolePolicyArrayOutput

type RolePolicyArrayOutput struct{ *pulumi.OutputState }

func (RolePolicyArrayOutput) ElementType

func (RolePolicyArrayOutput) ElementType() reflect.Type

func (RolePolicyArrayOutput) Index

func (RolePolicyArrayOutput) ToRolePolicyArrayOutput

func (o RolePolicyArrayOutput) ToRolePolicyArrayOutput() RolePolicyArrayOutput

func (RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext

func (o RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput

type RolePolicyAttachment

type RolePolicyAttachment struct {
	pulumi.CustomResourceState

	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The name of the IAM role to which the policy should be applied
	Role pulumi.StringOutput `pulumi:"role"`
}

Attaches a Managed IAM Policy to an IAM role

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": \"sts:AssumeRole\",\n", "      \"Principal\": {\n", "        \"Service\": \"ec2.amazonaws.com\"\n", "      },\n", "      \"Effect\": \"Allow\",\n", "      \"Sid\": \"\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRolePolicyAttachment(ctx, "test-attach", &iam.RolePolicyAttachmentArgs{
			Role:      role.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM role policy attachments can be imported using the role name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/rolePolicyAttachment:RolePolicyAttachment test-attach test-role/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetRolePolicyAttachment

func GetRolePolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RolePolicyAttachmentState, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)

GetRolePolicyAttachment gets an existing RolePolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicyAttachment

func NewRolePolicyAttachment(ctx *pulumi.Context,
	name string, args *RolePolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)

NewRolePolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*RolePolicyAttachment) ElementType

func (*RolePolicyAttachment) ElementType() reflect.Type

func (*RolePolicyAttachment) ToRolePolicyAttachmentOutput

func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput

func (*RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext

func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput

type RolePolicyAttachmentArgs

type RolePolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The name of the IAM role to which the policy should be applied
	Role pulumi.Input
}

The set of arguments for constructing a RolePolicyAttachment resource.

func (RolePolicyAttachmentArgs) ElementType

func (RolePolicyAttachmentArgs) ElementType() reflect.Type

type RolePolicyAttachmentArray

type RolePolicyAttachmentArray []RolePolicyAttachmentInput

func (RolePolicyAttachmentArray) ElementType

func (RolePolicyAttachmentArray) ElementType() reflect.Type

func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput

func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput

func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext

func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentArrayInput

type RolePolicyAttachmentArrayInput interface {
	pulumi.Input

	ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput
	ToRolePolicyAttachmentArrayOutputWithContext(context.Context) RolePolicyAttachmentArrayOutput
}

RolePolicyAttachmentArrayInput is an input type that accepts RolePolicyAttachmentArray and RolePolicyAttachmentArrayOutput values. You can construct a concrete instance of `RolePolicyAttachmentArrayInput` via:

RolePolicyAttachmentArray{ RolePolicyAttachmentArgs{...} }

type RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentArrayOutput) ElementType

func (RolePolicyAttachmentArrayOutput) Index

func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput

func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput

func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext

func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentInput

type RolePolicyAttachmentInput interface {
	pulumi.Input

	ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput
	ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput
}

type RolePolicyAttachmentMap

type RolePolicyAttachmentMap map[string]RolePolicyAttachmentInput

func (RolePolicyAttachmentMap) ElementType

func (RolePolicyAttachmentMap) ElementType() reflect.Type

func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput

func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput

func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext

func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput

type RolePolicyAttachmentMapInput

type RolePolicyAttachmentMapInput interface {
	pulumi.Input

	ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput
	ToRolePolicyAttachmentMapOutputWithContext(context.Context) RolePolicyAttachmentMapOutput
}

RolePolicyAttachmentMapInput is an input type that accepts RolePolicyAttachmentMap and RolePolicyAttachmentMapOutput values. You can construct a concrete instance of `RolePolicyAttachmentMapInput` via:

RolePolicyAttachmentMap{ "key": RolePolicyAttachmentArgs{...} }

type RolePolicyAttachmentMapOutput

type RolePolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentMapOutput) ElementType

func (RolePolicyAttachmentMapOutput) MapIndex

func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput

func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput

func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext

func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput

type RolePolicyAttachmentOutput

type RolePolicyAttachmentOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentOutput) ElementType

func (RolePolicyAttachmentOutput) ElementType() reflect.Type

func (RolePolicyAttachmentOutput) PolicyArn added in v5.4.0

The ARN of the policy you want to apply

func (RolePolicyAttachmentOutput) Role added in v5.4.0

The name of the IAM role to which the policy should be applied

func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput

func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput

func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext

func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput

type RolePolicyAttachmentState

type RolePolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The name of the IAM role to which the policy should be applied
	Role pulumi.Input
}

func (RolePolicyAttachmentState) ElementType

func (RolePolicyAttachmentState) ElementType() reflect.Type

type RolePolicyInput

type RolePolicyInput interface {
	pulumi.Input

	ToRolePolicyOutput() RolePolicyOutput
	ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput
}

type RolePolicyMap

type RolePolicyMap map[string]RolePolicyInput

func (RolePolicyMap) ElementType

func (RolePolicyMap) ElementType() reflect.Type

func (RolePolicyMap) ToRolePolicyMapOutput

func (i RolePolicyMap) ToRolePolicyMapOutput() RolePolicyMapOutput

func (RolePolicyMap) ToRolePolicyMapOutputWithContext

func (i RolePolicyMap) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput

type RolePolicyMapInput

type RolePolicyMapInput interface {
	pulumi.Input

	ToRolePolicyMapOutput() RolePolicyMapOutput
	ToRolePolicyMapOutputWithContext(context.Context) RolePolicyMapOutput
}

RolePolicyMapInput is an input type that accepts RolePolicyMap and RolePolicyMapOutput values. You can construct a concrete instance of `RolePolicyMapInput` via:

RolePolicyMap{ "key": RolePolicyArgs{...} }

type RolePolicyMapOutput

type RolePolicyMapOutput struct{ *pulumi.OutputState }

func (RolePolicyMapOutput) ElementType

func (RolePolicyMapOutput) ElementType() reflect.Type

func (RolePolicyMapOutput) MapIndex

func (RolePolicyMapOutput) ToRolePolicyMapOutput

func (o RolePolicyMapOutput) ToRolePolicyMapOutput() RolePolicyMapOutput

func (RolePolicyMapOutput) ToRolePolicyMapOutputWithContext

func (o RolePolicyMapOutput) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput

type RolePolicyOutput

type RolePolicyOutput struct{ *pulumi.OutputState }

func (RolePolicyOutput) ElementType

func (RolePolicyOutput) ElementType() reflect.Type

func (RolePolicyOutput) Name added in v5.4.0

The name of the role policy. If omitted, this provider will assign a random, unique name.

func (RolePolicyOutput) NamePrefix added in v5.4.0

func (o RolePolicyOutput) NamePrefix() pulumi.StringPtrOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (RolePolicyOutput) Policy added in v5.4.0

The policy document. This is a JSON formatted string.

func (RolePolicyOutput) Role added in v5.4.0

The IAM role to attach to the policy.

func (RolePolicyOutput) ToRolePolicyOutput

func (o RolePolicyOutput) ToRolePolicyOutput() RolePolicyOutput

func (RolePolicyOutput) ToRolePolicyOutputWithContext

func (o RolePolicyOutput) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput

type RolePolicyState

type RolePolicyState struct {
	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// The IAM role to attach to the policy.
	Role pulumi.Input
}

func (RolePolicyState) ElementType

func (RolePolicyState) ElementType() reflect.Type

type RoleState

type RoleState struct {
	// Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringPtrInput
	// Policy that grants an entity permission to assume the role.
	AssumeRolePolicy pulumi.Input
	// Creation date of the IAM role.
	CreateDate pulumi.StringPtrInput
	// Description of the role.
	Description pulumi.StringPtrInput
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrInput
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, this provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies RoleInlinePolicyArrayInput
	// Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, this provider will ignore policy attachments to this resource. When configured, the provider will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., `managedPolicyArns = []`) will cause the provider to remove _all_ managed policy attachments.
	ManagedPolicyArns pulumi.StringArrayInput
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrInput
	// Name of the role policy.
	Name pulumi.StringPtrInput
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// Stable and unique string identifying the role.
	UniqueId pulumi.StringPtrInput
}

func (RoleState) ElementType

func (RoleState) ElementType() reflect.Type

type SamlProvider

type SamlProvider struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The name of the provider to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringOutput `pulumi:"samlMetadataDocument"`
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.
	ValidUntil pulumi.StringOutput `pulumi:"validUntil"`
}

Provides an IAM SAML provider.

## Example Usage

```go package main

import (

"io/ioutil"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := ioutil.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewSamlProvider(ctx, "default", &iam.SamlProviderArgs{
			SamlMetadataDocument: readFileOrPanic("saml-metadata.xml"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM SAML Providers can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/samlProvider:SamlProvider default arn:aws:iam::123456789012:saml-provider/SAMLADFS

```

func GetSamlProvider

func GetSamlProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SamlProviderState, opts ...pulumi.ResourceOption) (*SamlProvider, error)

GetSamlProvider gets an existing SamlProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSamlProvider

func NewSamlProvider(ctx *pulumi.Context,
	name string, args *SamlProviderArgs, opts ...pulumi.ResourceOption) (*SamlProvider, error)

NewSamlProvider registers a new resource with the given unique name, arguments, and options.

func (*SamlProvider) ElementType

func (*SamlProvider) ElementType() reflect.Type

func (*SamlProvider) ToSamlProviderOutput

func (i *SamlProvider) ToSamlProviderOutput() SamlProviderOutput

func (*SamlProvider) ToSamlProviderOutputWithContext

func (i *SamlProvider) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput

type SamlProviderArgs

type SamlProviderArgs struct {
	// The name of the provider to create.
	Name pulumi.StringPtrInput
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringInput
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a SamlProvider resource.

func (SamlProviderArgs) ElementType

func (SamlProviderArgs) ElementType() reflect.Type

type SamlProviderArray

type SamlProviderArray []SamlProviderInput

func (SamlProviderArray) ElementType

func (SamlProviderArray) ElementType() reflect.Type

func (SamlProviderArray) ToSamlProviderArrayOutput

func (i SamlProviderArray) ToSamlProviderArrayOutput() SamlProviderArrayOutput

func (SamlProviderArray) ToSamlProviderArrayOutputWithContext

func (i SamlProviderArray) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput

type SamlProviderArrayInput

type SamlProviderArrayInput interface {
	pulumi.Input

	ToSamlProviderArrayOutput() SamlProviderArrayOutput
	ToSamlProviderArrayOutputWithContext(context.Context) SamlProviderArrayOutput
}

SamlProviderArrayInput is an input type that accepts SamlProviderArray and SamlProviderArrayOutput values. You can construct a concrete instance of `SamlProviderArrayInput` via:

SamlProviderArray{ SamlProviderArgs{...} }

type SamlProviderArrayOutput

type SamlProviderArrayOutput struct{ *pulumi.OutputState }

func (SamlProviderArrayOutput) ElementType

func (SamlProviderArrayOutput) ElementType() reflect.Type

func (SamlProviderArrayOutput) Index

func (SamlProviderArrayOutput) ToSamlProviderArrayOutput

func (o SamlProviderArrayOutput) ToSamlProviderArrayOutput() SamlProviderArrayOutput

func (SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext

func (o SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput

type SamlProviderInput

type SamlProviderInput interface {
	pulumi.Input

	ToSamlProviderOutput() SamlProviderOutput
	ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput
}

type SamlProviderMap

type SamlProviderMap map[string]SamlProviderInput

func (SamlProviderMap) ElementType

func (SamlProviderMap) ElementType() reflect.Type

func (SamlProviderMap) ToSamlProviderMapOutput

func (i SamlProviderMap) ToSamlProviderMapOutput() SamlProviderMapOutput

func (SamlProviderMap) ToSamlProviderMapOutputWithContext

func (i SamlProviderMap) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput

type SamlProviderMapInput

type SamlProviderMapInput interface {
	pulumi.Input

	ToSamlProviderMapOutput() SamlProviderMapOutput
	ToSamlProviderMapOutputWithContext(context.Context) SamlProviderMapOutput
}

SamlProviderMapInput is an input type that accepts SamlProviderMap and SamlProviderMapOutput values. You can construct a concrete instance of `SamlProviderMapInput` via:

SamlProviderMap{ "key": SamlProviderArgs{...} }

type SamlProviderMapOutput

type SamlProviderMapOutput struct{ *pulumi.OutputState }

func (SamlProviderMapOutput) ElementType

func (SamlProviderMapOutput) ElementType() reflect.Type

func (SamlProviderMapOutput) MapIndex

func (SamlProviderMapOutput) ToSamlProviderMapOutput

func (o SamlProviderMapOutput) ToSamlProviderMapOutput() SamlProviderMapOutput

func (SamlProviderMapOutput) ToSamlProviderMapOutputWithContext

func (o SamlProviderMapOutput) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput

type SamlProviderOutput

type SamlProviderOutput struct{ *pulumi.OutputState }

func (SamlProviderOutput) Arn added in v5.4.0

The ARN assigned by AWS for this provider.

func (SamlProviderOutput) ElementType

func (SamlProviderOutput) ElementType() reflect.Type

func (SamlProviderOutput) Name added in v5.4.0

The name of the provider to create.

func (SamlProviderOutput) SamlMetadataDocument added in v5.4.0

func (o SamlProviderOutput) SamlMetadataDocument() pulumi.StringOutput

An XML document generated by an identity provider that supports SAML 2.0.

func (SamlProviderOutput) Tags added in v5.4.0

Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (SamlProviderOutput) TagsAll added in v5.4.0

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (SamlProviderOutput) ToSamlProviderOutput

func (o SamlProviderOutput) ToSamlProviderOutput() SamlProviderOutput

func (SamlProviderOutput) ToSamlProviderOutputWithContext

func (o SamlProviderOutput) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput

func (SamlProviderOutput) ValidUntil added in v5.4.0

func (o SamlProviderOutput) ValidUntil() pulumi.StringOutput

The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.

type SamlProviderState

type SamlProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringPtrInput
	// The name of the provider to create.
	Name pulumi.StringPtrInput
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringPtrInput
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.
	ValidUntil pulumi.StringPtrInput
}

func (SamlProviderState) ElementType

func (SamlProviderState) ElementType() reflect.Type

type ServerCertificate

type ServerCertificate struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringOutput `pulumi:"certificateBody"`
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.
	Expiration pulumi.StringOutput `pulumi:"expiration"`
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// Map of resource tags for the server certificate. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.
	UploadDate pulumi.StringOutput `pulumi:"uploadDate"`
}

Provides an IAM Server Certificate resource to upload Server Certificates. Certs uploaded to IAM can easily work with other AWS services such as:

- AWS Elastic Beanstalk - Elastic Load Balancing - CloudFront - AWS OpsWorks

For information about server certificates in IAM, see [Managing Server Certificates][2] in AWS Documentation.

## Example Usage

**Using certs on file:**

```go package main

import (

"io/ioutil"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := ioutil.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{
			CertificateBody: readFileOrPanic("self-ca-cert.pem"),
			PrivateKey:      readFileOrPanic("test-key.pem"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

**Example with cert in-line:**

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServerCertificate(ctx, "testCertAlt", &iam.ServerCertificateArgs{
			CertificateBody: pulumi.String(fmt.Sprintf("%v%v%v%v", "-----BEGIN CERTIFICATE-----\n", "[......] # cert contents\n", "-----END CERTIFICATE-----\n", "\n")),
			PrivateKey:      pulumi.String(fmt.Sprintf("%v%v%v%v", "-----BEGIN RSA PRIVATE KEY-----\n", "[......] # cert contents\n", "-----END RSA PRIVATE KEY-----\n", "\n")),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

**Use in combination with an AWS ELB resource:**

Some properties of an IAM Server Certificates cannot be updated while they are in use. In order for this provider to effectively manage a Certificate in this situation, it is recommended you utilize the `namePrefix` attribute and enable the `createBeforeDestroy` [lifecycle block][lifecycle]. This will allow this provider to create a new, updated `iam.ServerCertificate` resource and replace it in dependant resources before attempting to destroy the old version.

```go package main

import (

"io/ioutil"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/elb"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := ioutil.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testCert, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{
			NamePrefix:      pulumi.String("example-cert"),
			CertificateBody: readFileOrPanic("self-ca-cert.pem"),
			PrivateKey:      readFileOrPanic("test-key.pem"),
		})
		if err != nil {
			return err
		}
		_, err = elb.NewLoadBalancer(ctx, "ourapp", &elb.LoadBalancerArgs{
			AvailabilityZones: pulumi.StringArray{
				pulumi.String("us-west-2a"),
			},
			CrossZoneLoadBalancing: pulumi.Bool(true),
			Listeners: elb.LoadBalancerListenerArray{
				&elb.LoadBalancerListenerArgs{
					InstancePort:     pulumi.Int(8000),
					InstanceProtocol: pulumi.String("http"),
					LbPort:           pulumi.Int(443),
					LbProtocol:       pulumi.String("https"),
					SslCertificateId: testCert.Arn,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Server Certificates can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/serverCertificate:ServerCertificate certificate example.com-certificate-until-2018

```

[1]https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html [2]https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html [lifecycle]/docs/configuration/resources.html

func GetServerCertificate

func GetServerCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerCertificateState, opts ...pulumi.ResourceOption) (*ServerCertificate, error)

GetServerCertificate gets an existing ServerCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerCertificate

func NewServerCertificate(ctx *pulumi.Context,
	name string, args *ServerCertificateArgs, opts ...pulumi.ResourceOption) (*ServerCertificate, error)

NewServerCertificate registers a new resource with the given unique name, arguments, and options.

func (*ServerCertificate) ElementType

func (*ServerCertificate) ElementType() reflect.Type

func (*ServerCertificate) ToServerCertificateOutput

func (i *ServerCertificate) ToServerCertificateOutput() ServerCertificateOutput

func (*ServerCertificate) ToServerCertificateOutputWithContext

func (i *ServerCertificate) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput

type ServerCertificateArgs

type ServerCertificateArgs struct {
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringInput
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrInput
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrInput
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringInput
	// Map of resource tags for the server certificate. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a ServerCertificate resource.

func (ServerCertificateArgs) ElementType

func (ServerCertificateArgs) ElementType() reflect.Type

type ServerCertificateArray

type ServerCertificateArray []ServerCertificateInput

func (ServerCertificateArray) ElementType

func (ServerCertificateArray) ElementType() reflect.Type

func (ServerCertificateArray) ToServerCertificateArrayOutput

func (i ServerCertificateArray) ToServerCertificateArrayOutput() ServerCertificateArrayOutput

func (ServerCertificateArray) ToServerCertificateArrayOutputWithContext

func (i ServerCertificateArray) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput

type ServerCertificateArrayInput

type ServerCertificateArrayInput interface {
	pulumi.Input

	ToServerCertificateArrayOutput() ServerCertificateArrayOutput
	ToServerCertificateArrayOutputWithContext(context.Context) ServerCertificateArrayOutput
}

ServerCertificateArrayInput is an input type that accepts ServerCertificateArray and ServerCertificateArrayOutput values. You can construct a concrete instance of `ServerCertificateArrayInput` via:

ServerCertificateArray{ ServerCertificateArgs{...} }

type ServerCertificateArrayOutput

type ServerCertificateArrayOutput struct{ *pulumi.OutputState }

func (ServerCertificateArrayOutput) ElementType

func (ServerCertificateArrayOutput) Index

func (ServerCertificateArrayOutput) ToServerCertificateArrayOutput

func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutput() ServerCertificateArrayOutput

func (ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext

func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput

type ServerCertificateInput

type ServerCertificateInput interface {
	pulumi.Input

	ToServerCertificateOutput() ServerCertificateOutput
	ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput
}

type ServerCertificateMap

type ServerCertificateMap map[string]ServerCertificateInput

func (ServerCertificateMap) ElementType

func (ServerCertificateMap) ElementType() reflect.Type

func (ServerCertificateMap) ToServerCertificateMapOutput

func (i ServerCertificateMap) ToServerCertificateMapOutput() ServerCertificateMapOutput

func (ServerCertificateMap) ToServerCertificateMapOutputWithContext

func (i ServerCertificateMap) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput

type ServerCertificateMapInput

type ServerCertificateMapInput interface {
	pulumi.Input

	ToServerCertificateMapOutput() ServerCertificateMapOutput
	ToServerCertificateMapOutputWithContext(context.Context) ServerCertificateMapOutput
}

ServerCertificateMapInput is an input type that accepts ServerCertificateMap and ServerCertificateMapOutput values. You can construct a concrete instance of `ServerCertificateMapInput` via:

ServerCertificateMap{ "key": ServerCertificateArgs{...} }

type ServerCertificateMapOutput

type ServerCertificateMapOutput struct{ *pulumi.OutputState }

func (ServerCertificateMapOutput) ElementType

func (ServerCertificateMapOutput) ElementType() reflect.Type

func (ServerCertificateMapOutput) MapIndex

func (ServerCertificateMapOutput) ToServerCertificateMapOutput

func (o ServerCertificateMapOutput) ToServerCertificateMapOutput() ServerCertificateMapOutput

func (ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext

func (o ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput

type ServerCertificateOutput

type ServerCertificateOutput struct{ *pulumi.OutputState }

func (ServerCertificateOutput) Arn added in v5.4.0

The Amazon Resource Name (ARN) specifying the server certificate.

func (ServerCertificateOutput) CertificateBody added in v5.4.0

func (o ServerCertificateOutput) CertificateBody() pulumi.StringOutput

The contents of the public key certificate in PEM-encoded format.

func (ServerCertificateOutput) CertificateChain added in v5.4.0

func (o ServerCertificateOutput) CertificateChain() pulumi.StringPtrOutput

The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.

func (ServerCertificateOutput) ElementType

func (ServerCertificateOutput) ElementType() reflect.Type

func (ServerCertificateOutput) Expiration added in v5.4.0

Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.

func (ServerCertificateOutput) Name added in v5.4.0

The name of the Server Certificate. Do not include the path in this value. If omitted, this provider will assign a random, unique name.

func (ServerCertificateOutput) NamePrefix added in v5.4.0

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (ServerCertificateOutput) Path added in v5.4.0

The IAM path for the server certificate. If it is not included, it defaults to a slash (/). If this certificate is for use with AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.

func (ServerCertificateOutput) PrivateKey added in v5.4.0

The contents of the private key in PEM-encoded format.

func (ServerCertificateOutput) Tags added in v5.4.0

Map of resource tags for the server certificate. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (ServerCertificateOutput) TagsAll added in v5.4.0

A map of tags assigned to the resource, including those inherited from the provider .

func (ServerCertificateOutput) ToServerCertificateOutput

func (o ServerCertificateOutput) ToServerCertificateOutput() ServerCertificateOutput

func (ServerCertificateOutput) ToServerCertificateOutputWithContext

func (o ServerCertificateOutput) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput

func (ServerCertificateOutput) UploadDate added in v5.4.0

Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.

type ServerCertificateState

type ServerCertificateState struct {
	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn pulumi.StringPtrInput
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringPtrInput
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrInput
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.
	Expiration pulumi.StringPtrInput
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrInput
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringPtrInput
	// Map of resource tags for the server certificate. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider .
	TagsAll pulumi.StringMapInput
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.
	UploadDate pulumi.StringPtrInput
}

func (ServerCertificateState) ElementType

func (ServerCertificateState) ElementType() reflect.Type

type ServiceLinkedRole

type ServiceLinkedRole struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringOutput `pulumi:"awsServiceName"`
	// The creation date of the IAM role.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrOutput `pulumi:"customSuffix"`
	// The description of the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the role.
	Name pulumi.StringOutput `pulumi:"name"`
	// The path of the role.
	Path pulumi.StringOutput `pulumi:"path"`
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The stable and unique string identifying the role.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an [IAM service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServiceLinkedRole(ctx, "elasticbeanstalk", &iam.ServiceLinkedRoleArgs{
			AwsServiceName: pulumi.String("elasticbeanstalk.amazonaws.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM service-linked roles can be imported using role ARN, e.g.,

```sh

$ pulumi import aws:iam/serviceLinkedRole:ServiceLinkedRole elasticbeanstalk arn:aws:iam::123456789012:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk

```

func GetServiceLinkedRole

func GetServiceLinkedRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServiceLinkedRoleState, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)

GetServiceLinkedRole gets an existing ServiceLinkedRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServiceLinkedRole

func NewServiceLinkedRole(ctx *pulumi.Context,
	name string, args *ServiceLinkedRoleArgs, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)

NewServiceLinkedRole registers a new resource with the given unique name, arguments, and options.

func (*ServiceLinkedRole) ElementType

func (*ServiceLinkedRole) ElementType() reflect.Type

func (*ServiceLinkedRole) ToServiceLinkedRoleOutput

func (i *ServiceLinkedRole) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput

func (*ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext

func (i *ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput

type ServiceLinkedRoleArgs

type ServiceLinkedRoleArgs struct {
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringInput
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrInput
	// The description of the role.
	Description pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a ServiceLinkedRole resource.

func (ServiceLinkedRoleArgs) ElementType

func (ServiceLinkedRoleArgs) ElementType() reflect.Type

type ServiceLinkedRoleArray

type ServiceLinkedRoleArray []ServiceLinkedRoleInput

func (ServiceLinkedRoleArray) ElementType

func (ServiceLinkedRoleArray) ElementType() reflect.Type

func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput

func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput

func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext

func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleArrayInput

type ServiceLinkedRoleArrayInput interface {
	pulumi.Input

	ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput
	ToServiceLinkedRoleArrayOutputWithContext(context.Context) ServiceLinkedRoleArrayOutput
}

ServiceLinkedRoleArrayInput is an input type that accepts ServiceLinkedRoleArray and ServiceLinkedRoleArrayOutput values. You can construct a concrete instance of `ServiceLinkedRoleArrayInput` via:

ServiceLinkedRoleArray{ ServiceLinkedRoleArgs{...} }

type ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleArrayOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleArrayOutput) ElementType

func (ServiceLinkedRoleArrayOutput) Index

func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput

func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput

func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext

func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleInput

type ServiceLinkedRoleInput interface {
	pulumi.Input

	ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput
	ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput
}

type ServiceLinkedRoleMap

type ServiceLinkedRoleMap map[string]ServiceLinkedRoleInput

func (ServiceLinkedRoleMap) ElementType

func (ServiceLinkedRoleMap) ElementType() reflect.Type

func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput

func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput

func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext

func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput

type ServiceLinkedRoleMapInput

type ServiceLinkedRoleMapInput interface {
	pulumi.Input

	ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput
	ToServiceLinkedRoleMapOutputWithContext(context.Context) ServiceLinkedRoleMapOutput
}

ServiceLinkedRoleMapInput is an input type that accepts ServiceLinkedRoleMap and ServiceLinkedRoleMapOutput values. You can construct a concrete instance of `ServiceLinkedRoleMapInput` via:

ServiceLinkedRoleMap{ "key": ServiceLinkedRoleArgs{...} }

type ServiceLinkedRoleMapOutput

type ServiceLinkedRoleMapOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleMapOutput) ElementType

func (ServiceLinkedRoleMapOutput) ElementType() reflect.Type

func (ServiceLinkedRoleMapOutput) MapIndex

func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput

func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput

func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext

func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput

type ServiceLinkedRoleOutput

type ServiceLinkedRoleOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleOutput) Arn added in v5.4.0

The Amazon Resource Name (ARN) specifying the role.

func (ServiceLinkedRoleOutput) AwsServiceName added in v5.4.0

func (o ServiceLinkedRoleOutput) AwsServiceName() pulumi.StringOutput

The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).

func (ServiceLinkedRoleOutput) CreateDate added in v5.4.0

The creation date of the IAM role.

func (ServiceLinkedRoleOutput) CustomSuffix added in v5.4.0

Additional string appended to the role name. Not all AWS services support custom suffixes.

func (ServiceLinkedRoleOutput) Description added in v5.4.0

The description of the role.

func (ServiceLinkedRoleOutput) ElementType

func (ServiceLinkedRoleOutput) ElementType() reflect.Type

func (ServiceLinkedRoleOutput) Name added in v5.4.0

The name of the role.

func (ServiceLinkedRoleOutput) Path added in v5.4.0

The path of the role.

func (ServiceLinkedRoleOutput) Tags added in v5.4.0

Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (ServiceLinkedRoleOutput) TagsAll added in v5.4.0

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput

func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput

func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext

func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput

func (ServiceLinkedRoleOutput) UniqueId added in v5.4.0

The stable and unique string identifying the role.

type ServiceLinkedRoleState

type ServiceLinkedRoleState struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringPtrInput
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringPtrInput
	// The creation date of the IAM role.
	CreateDate pulumi.StringPtrInput
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrInput
	// The description of the role.
	Description pulumi.StringPtrInput
	// The name of the role.
	Name pulumi.StringPtrInput
	// The path of the role.
	Path pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The stable and unique string identifying the role.
	UniqueId pulumi.StringPtrInput
}

func (ServiceLinkedRoleState) ElementType

func (ServiceLinkedRoleState) ElementType() reflect.Type

type ServiceSpecificCredential added in v5.1.0

type ServiceSpecificCredential struct {
	pulumi.CustomResourceState

	// The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.
	ServiceName pulumi.StringOutput `pulumi:"serviceName"`
	// The generated password for the service-specific credential.
	ServicePassword pulumi.StringOutput `pulumi:"servicePassword"`
	// The unique identifier for the service-specific credential.
	ServiceSpecificCredentialId pulumi.StringOutput `pulumi:"serviceSpecificCredentialId"`
	// The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.
	ServiceUserName pulumi.StringOutput `pulumi:"serviceUserName"`
	// The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.
	UserName pulumi.StringOutput `pulumi:"userName"`
}

Provides an IAM Service Specific Credential.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleUser, err := iam.NewUser(ctx, "exampleUser", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewServiceSpecificCredential(ctx, "exampleServiceSpecificCredential", &iam.ServiceSpecificCredentialArgs{
			ServiceName: pulumi.String("codecommit.amazonaws.com"),
			UserName:    exampleUser.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Service Specific Credentials can be imported using the `service_name:user_name:service_specific_credential_id`, e.g.

```sh

$ pulumi import aws:iam/serviceSpecificCredential:ServiceSpecificCredential default `codecommit.amazonaws.com:example:some-id`

```

func GetServiceSpecificCredential added in v5.1.0

func GetServiceSpecificCredential(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServiceSpecificCredentialState, opts ...pulumi.ResourceOption) (*ServiceSpecificCredential, error)

GetServiceSpecificCredential gets an existing ServiceSpecificCredential resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServiceSpecificCredential added in v5.1.0

func NewServiceSpecificCredential(ctx *pulumi.Context,
	name string, args *ServiceSpecificCredentialArgs, opts ...pulumi.ResourceOption) (*ServiceSpecificCredential, error)

NewServiceSpecificCredential registers a new resource with the given unique name, arguments, and options.

func (*ServiceSpecificCredential) ElementType added in v5.1.0

func (*ServiceSpecificCredential) ElementType() reflect.Type

func (*ServiceSpecificCredential) ToServiceSpecificCredentialOutput added in v5.1.0

func (i *ServiceSpecificCredential) ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput

func (*ServiceSpecificCredential) ToServiceSpecificCredentialOutputWithContext added in v5.1.0

func (i *ServiceSpecificCredential) ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput

type ServiceSpecificCredentialArgs added in v5.1.0

type ServiceSpecificCredentialArgs struct {
	// The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.
	ServiceName pulumi.StringInput
	// The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.
	UserName pulumi.StringInput
}

The set of arguments for constructing a ServiceSpecificCredential resource.

func (ServiceSpecificCredentialArgs) ElementType added in v5.1.0

type ServiceSpecificCredentialArray added in v5.1.0

type ServiceSpecificCredentialArray []ServiceSpecificCredentialInput

func (ServiceSpecificCredentialArray) ElementType added in v5.1.0

func (ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutput added in v5.1.0

func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput

func (ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutputWithContext added in v5.1.0

func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput

type ServiceSpecificCredentialArrayInput added in v5.1.0

type ServiceSpecificCredentialArrayInput interface {
	pulumi.Input

	ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput
	ToServiceSpecificCredentialArrayOutputWithContext(context.Context) ServiceSpecificCredentialArrayOutput
}

ServiceSpecificCredentialArrayInput is an input type that accepts ServiceSpecificCredentialArray and ServiceSpecificCredentialArrayOutput values. You can construct a concrete instance of `ServiceSpecificCredentialArrayInput` via:

ServiceSpecificCredentialArray{ ServiceSpecificCredentialArgs{...} }

type ServiceSpecificCredentialArrayOutput added in v5.1.0

type ServiceSpecificCredentialArrayOutput struct{ *pulumi.OutputState }

func (ServiceSpecificCredentialArrayOutput) ElementType added in v5.1.0

func (ServiceSpecificCredentialArrayOutput) Index added in v5.1.0

func (ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutput added in v5.1.0

func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput

func (ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutputWithContext added in v5.1.0

func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput

type ServiceSpecificCredentialInput added in v5.1.0

type ServiceSpecificCredentialInput interface {
	pulumi.Input

	ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput
	ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput
}

type ServiceSpecificCredentialMap added in v5.1.0

type ServiceSpecificCredentialMap map[string]ServiceSpecificCredentialInput

func (ServiceSpecificCredentialMap) ElementType added in v5.1.0

func (ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutput added in v5.1.0

func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput

func (ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutputWithContext added in v5.1.0

func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput

type ServiceSpecificCredentialMapInput added in v5.1.0

type ServiceSpecificCredentialMapInput interface {
	pulumi.Input

	ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput
	ToServiceSpecificCredentialMapOutputWithContext(context.Context) ServiceSpecificCredentialMapOutput
}

ServiceSpecificCredentialMapInput is an input type that accepts ServiceSpecificCredentialMap and ServiceSpecificCredentialMapOutput values. You can construct a concrete instance of `ServiceSpecificCredentialMapInput` via:

ServiceSpecificCredentialMap{ "key": ServiceSpecificCredentialArgs{...} }

type ServiceSpecificCredentialMapOutput added in v5.1.0

type ServiceSpecificCredentialMapOutput struct{ *pulumi.OutputState }

func (ServiceSpecificCredentialMapOutput) ElementType added in v5.1.0

func (ServiceSpecificCredentialMapOutput) MapIndex added in v5.1.0

func (ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutput added in v5.1.0

func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput

func (ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutputWithContext added in v5.1.0

func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput

type ServiceSpecificCredentialOutput added in v5.1.0

type ServiceSpecificCredentialOutput struct{ *pulumi.OutputState }

func (ServiceSpecificCredentialOutput) ElementType added in v5.1.0

func (ServiceSpecificCredentialOutput) ServiceName added in v5.4.0

The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.

func (ServiceSpecificCredentialOutput) ServicePassword added in v5.4.0

The generated password for the service-specific credential.

func (ServiceSpecificCredentialOutput) ServiceSpecificCredentialId added in v5.4.0

func (o ServiceSpecificCredentialOutput) ServiceSpecificCredentialId() pulumi.StringOutput

The unique identifier for the service-specific credential.

func (ServiceSpecificCredentialOutput) ServiceUserName added in v5.4.0

The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.

func (ServiceSpecificCredentialOutput) Status added in v5.4.0

The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.

func (ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutput added in v5.1.0

func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput

func (ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutputWithContext added in v5.1.0

func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput

func (ServiceSpecificCredentialOutput) UserName added in v5.4.0

The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.

type ServiceSpecificCredentialState added in v5.1.0

type ServiceSpecificCredentialState struct {
	// The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.
	ServiceName pulumi.StringPtrInput
	// The generated password for the service-specific credential.
	ServicePassword pulumi.StringPtrInput
	// The unique identifier for the service-specific credential.
	ServiceSpecificCredentialId pulumi.StringPtrInput
	// The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.
	ServiceUserName pulumi.StringPtrInput
	// The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.
	UserName pulumi.StringPtrInput
}

func (ServiceSpecificCredentialState) ElementType added in v5.1.0

type SigningCertificate added in v5.1.0

type SigningCertificate struct {
	pulumi.CustomResourceState

	// The contents of the signing certificate in PEM-encoded format.
	CertificateBody pulumi.StringOutput `pulumi:"certificateBody"`
	// The ID for the signing certificate.
	CertificateId pulumi.StringOutput `pulumi:"certificateId"`
	// The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// The name of the user the signing certificate is for.
	UserName pulumi.StringOutput `pulumi:"userName"`
}

## Import

IAM Signing Certificates can be imported using the `id`, e.g.,

```sh

$ pulumi import aws:iam/signingCertificate:SigningCertificate certificate IDIDIDIDID:user-name

```

func GetSigningCertificate added in v5.1.0

func GetSigningCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SigningCertificateState, opts ...pulumi.ResourceOption) (*SigningCertificate, error)

GetSigningCertificate gets an existing SigningCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSigningCertificate added in v5.1.0

func NewSigningCertificate(ctx *pulumi.Context,
	name string, args *SigningCertificateArgs, opts ...pulumi.ResourceOption) (*SigningCertificate, error)

NewSigningCertificate registers a new resource with the given unique name, arguments, and options.

func (*SigningCertificate) ElementType added in v5.1.0

func (*SigningCertificate) ElementType() reflect.Type

func (*SigningCertificate) ToSigningCertificateOutput added in v5.1.0

func (i *SigningCertificate) ToSigningCertificateOutput() SigningCertificateOutput

func (*SigningCertificate) ToSigningCertificateOutputWithContext added in v5.1.0

func (i *SigningCertificate) ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput

type SigningCertificateArgs added in v5.1.0

type SigningCertificateArgs struct {
	// The contents of the signing certificate in PEM-encoded format.
	CertificateBody pulumi.StringInput
	// The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.
	Status pulumi.StringPtrInput
	// The name of the user the signing certificate is for.
	UserName pulumi.StringInput
}

The set of arguments for constructing a SigningCertificate resource.

func (SigningCertificateArgs) ElementType added in v5.1.0

func (SigningCertificateArgs) ElementType() reflect.Type

type SigningCertificateArray added in v5.1.0

type SigningCertificateArray []SigningCertificateInput

func (SigningCertificateArray) ElementType added in v5.1.0

func (SigningCertificateArray) ElementType() reflect.Type

func (SigningCertificateArray) ToSigningCertificateArrayOutput added in v5.1.0

func (i SigningCertificateArray) ToSigningCertificateArrayOutput() SigningCertificateArrayOutput

func (SigningCertificateArray) ToSigningCertificateArrayOutputWithContext added in v5.1.0

func (i SigningCertificateArray) ToSigningCertificateArrayOutputWithContext(ctx context.Context) SigningCertificateArrayOutput

type SigningCertificateArrayInput added in v5.1.0

type SigningCertificateArrayInput interface {
	pulumi.Input

	ToSigningCertificateArrayOutput() SigningCertificateArrayOutput
	ToSigningCertificateArrayOutputWithContext(context.Context) SigningCertificateArrayOutput
}

SigningCertificateArrayInput is an input type that accepts SigningCertificateArray and SigningCertificateArrayOutput values. You can construct a concrete instance of `SigningCertificateArrayInput` via:

SigningCertificateArray{ SigningCertificateArgs{...} }

type SigningCertificateArrayOutput added in v5.1.0

type SigningCertificateArrayOutput struct{ *pulumi.OutputState }

func (SigningCertificateArrayOutput) ElementType added in v5.1.0

func (SigningCertificateArrayOutput) Index added in v5.1.0

func (SigningCertificateArrayOutput) ToSigningCertificateArrayOutput added in v5.1.0

func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutput() SigningCertificateArrayOutput

func (SigningCertificateArrayOutput) ToSigningCertificateArrayOutputWithContext added in v5.1.0

func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutputWithContext(ctx context.Context) SigningCertificateArrayOutput

type SigningCertificateInput added in v5.1.0

type SigningCertificateInput interface {
	pulumi.Input

	ToSigningCertificateOutput() SigningCertificateOutput
	ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput
}

type SigningCertificateMap added in v5.1.0

type SigningCertificateMap map[string]SigningCertificateInput

func (SigningCertificateMap) ElementType added in v5.1.0

func (SigningCertificateMap) ElementType() reflect.Type

func (SigningCertificateMap) ToSigningCertificateMapOutput added in v5.1.0

func (i SigningCertificateMap) ToSigningCertificateMapOutput() SigningCertificateMapOutput

func (SigningCertificateMap) ToSigningCertificateMapOutputWithContext added in v5.1.0

func (i SigningCertificateMap) ToSigningCertificateMapOutputWithContext(ctx context.Context) SigningCertificateMapOutput

type SigningCertificateMapInput added in v5.1.0

type SigningCertificateMapInput interface {
	pulumi.Input

	ToSigningCertificateMapOutput() SigningCertificateMapOutput
	ToSigningCertificateMapOutputWithContext(context.Context) SigningCertificateMapOutput
}

SigningCertificateMapInput is an input type that accepts SigningCertificateMap and SigningCertificateMapOutput values. You can construct a concrete instance of `SigningCertificateMapInput` via:

SigningCertificateMap{ "key": SigningCertificateArgs{...} }

type SigningCertificateMapOutput added in v5.1.0

type SigningCertificateMapOutput struct{ *pulumi.OutputState }

func (SigningCertificateMapOutput) ElementType added in v5.1.0

func (SigningCertificateMapOutput) MapIndex added in v5.1.0

func (SigningCertificateMapOutput) ToSigningCertificateMapOutput added in v5.1.0

func (o SigningCertificateMapOutput) ToSigningCertificateMapOutput() SigningCertificateMapOutput

func (SigningCertificateMapOutput) ToSigningCertificateMapOutputWithContext added in v5.1.0

func (o SigningCertificateMapOutput) ToSigningCertificateMapOutputWithContext(ctx context.Context) SigningCertificateMapOutput

type SigningCertificateOutput added in v5.1.0

type SigningCertificateOutput struct{ *pulumi.OutputState }

func (SigningCertificateOutput) CertificateBody added in v5.4.0

func (o SigningCertificateOutput) CertificateBody() pulumi.StringOutput

The contents of the signing certificate in PEM-encoded format.

func (SigningCertificateOutput) CertificateId added in v5.4.0

func (o SigningCertificateOutput) CertificateId() pulumi.StringOutput

The ID for the signing certificate.

func (SigningCertificateOutput) ElementType added in v5.1.0

func (SigningCertificateOutput) ElementType() reflect.Type

func (SigningCertificateOutput) Status added in v5.4.0

The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.

func (SigningCertificateOutput) ToSigningCertificateOutput added in v5.1.0

func (o SigningCertificateOutput) ToSigningCertificateOutput() SigningCertificateOutput

func (SigningCertificateOutput) ToSigningCertificateOutputWithContext added in v5.1.0

func (o SigningCertificateOutput) ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput

func (SigningCertificateOutput) UserName added in v5.4.0

The name of the user the signing certificate is for.

type SigningCertificateState added in v5.1.0

type SigningCertificateState struct {
	// The contents of the signing certificate in PEM-encoded format.
	CertificateBody pulumi.StringPtrInput
	// The ID for the signing certificate.
	CertificateId pulumi.StringPtrInput
	// The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.
	Status pulumi.StringPtrInput
	// The name of the user the signing certificate is for.
	UserName pulumi.StringPtrInput
}

func (SigningCertificateState) ElementType added in v5.1.0

func (SigningCertificateState) ElementType() reflect.Type

type SshKey

type SshKey struct {
	pulumi.CustomResourceState

	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringOutput `pulumi:"encoding"`
	// The MD5 message digest of the SSH public key.
	Fingerprint pulumi.StringOutput `pulumi:"fingerprint"`
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringOutput `pulumi:"publicKey"`
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringOutput `pulumi:"sshPublicKeyId"`
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringOutput `pulumi:"status"`
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringOutput `pulumi:"username"`
}

Uploads an SSH public key and associates it with the specified IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		userUser, err := iam.NewUser(ctx, "userUser", &iam.UserArgs{
			Path: pulumi.String("/"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewSshKey(ctx, "userSshKey", &iam.SshKeyArgs{
			Username:  userUser.Name,
			Encoding:  pulumi.String("SSH"),
			PublicKey: pulumi.String("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SSH public keys can be imported using the `username`, `ssh_public_key_id`, and `encoding` e.g.,

```sh

$ pulumi import aws:iam/sshKey:SshKey user user:APKAJNCNNJICVN7CFKCA:SSH

```

func GetSshKey

func GetSshKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SshKeyState, opts ...pulumi.ResourceOption) (*SshKey, error)

GetSshKey gets an existing SshKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSshKey

func NewSshKey(ctx *pulumi.Context,
	name string, args *SshKeyArgs, opts ...pulumi.ResourceOption) (*SshKey, error)

NewSshKey registers a new resource with the given unique name, arguments, and options.

func (*SshKey) ElementType

func (*SshKey) ElementType() reflect.Type

func (*SshKey) ToSshKeyOutput

func (i *SshKey) ToSshKeyOutput() SshKeyOutput

func (*SshKey) ToSshKeyOutputWithContext

func (i *SshKey) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput

type SshKeyArgs

type SshKeyArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringInput
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringInput
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringInput
}

The set of arguments for constructing a SshKey resource.

func (SshKeyArgs) ElementType

func (SshKeyArgs) ElementType() reflect.Type

type SshKeyArray

type SshKeyArray []SshKeyInput

func (SshKeyArray) ElementType

func (SshKeyArray) ElementType() reflect.Type

func (SshKeyArray) ToSshKeyArrayOutput

func (i SshKeyArray) ToSshKeyArrayOutput() SshKeyArrayOutput

func (SshKeyArray) ToSshKeyArrayOutputWithContext

func (i SshKeyArray) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput

type SshKeyArrayInput

type SshKeyArrayInput interface {
	pulumi.Input

	ToSshKeyArrayOutput() SshKeyArrayOutput
	ToSshKeyArrayOutputWithContext(context.Context) SshKeyArrayOutput
}

SshKeyArrayInput is an input type that accepts SshKeyArray and SshKeyArrayOutput values. You can construct a concrete instance of `SshKeyArrayInput` via:

SshKeyArray{ SshKeyArgs{...} }

type SshKeyArrayOutput

type SshKeyArrayOutput struct{ *pulumi.OutputState }

func (SshKeyArrayOutput) ElementType

func (SshKeyArrayOutput) ElementType() reflect.Type

func (SshKeyArrayOutput) Index

func (SshKeyArrayOutput) ToSshKeyArrayOutput

func (o SshKeyArrayOutput) ToSshKeyArrayOutput() SshKeyArrayOutput

func (SshKeyArrayOutput) ToSshKeyArrayOutputWithContext

func (o SshKeyArrayOutput) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput

type SshKeyInput

type SshKeyInput interface {
	pulumi.Input

	ToSshKeyOutput() SshKeyOutput
	ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput
}

type SshKeyMap

type SshKeyMap map[string]SshKeyInput

func (SshKeyMap) ElementType

func (SshKeyMap) ElementType() reflect.Type

func (SshKeyMap) ToSshKeyMapOutput

func (i SshKeyMap) ToSshKeyMapOutput() SshKeyMapOutput

func (SshKeyMap) ToSshKeyMapOutputWithContext

func (i SshKeyMap) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput

type SshKeyMapInput

type SshKeyMapInput interface {
	pulumi.Input

	ToSshKeyMapOutput() SshKeyMapOutput
	ToSshKeyMapOutputWithContext(context.Context) SshKeyMapOutput
}

SshKeyMapInput is an input type that accepts SshKeyMap and SshKeyMapOutput values. You can construct a concrete instance of `SshKeyMapInput` via:

SshKeyMap{ "key": SshKeyArgs{...} }

type SshKeyMapOutput

type SshKeyMapOutput struct{ *pulumi.OutputState }

func (SshKeyMapOutput) ElementType

func (SshKeyMapOutput) ElementType() reflect.Type

func (SshKeyMapOutput) MapIndex

func (SshKeyMapOutput) ToSshKeyMapOutput

func (o SshKeyMapOutput) ToSshKeyMapOutput() SshKeyMapOutput

func (SshKeyMapOutput) ToSshKeyMapOutputWithContext

func (o SshKeyMapOutput) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput

type SshKeyOutput

type SshKeyOutput struct{ *pulumi.OutputState }

func (SshKeyOutput) ElementType

func (SshKeyOutput) ElementType() reflect.Type

func (SshKeyOutput) Encoding added in v5.4.0

func (o SshKeyOutput) Encoding() pulumi.StringOutput

Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.

func (SshKeyOutput) Fingerprint added in v5.4.0

func (o SshKeyOutput) Fingerprint() pulumi.StringOutput

The MD5 message digest of the SSH public key.

func (SshKeyOutput) PublicKey added in v5.4.0

func (o SshKeyOutput) PublicKey() pulumi.StringOutput

The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.

func (SshKeyOutput) SshPublicKeyId added in v5.4.0

func (o SshKeyOutput) SshPublicKeyId() pulumi.StringOutput

The unique identifier for the SSH public key.

func (SshKeyOutput) Status added in v5.4.0

func (o SshKeyOutput) Status() pulumi.StringOutput

The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.

func (SshKeyOutput) ToSshKeyOutput

func (o SshKeyOutput) ToSshKeyOutput() SshKeyOutput

func (SshKeyOutput) ToSshKeyOutputWithContext

func (o SshKeyOutput) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput

func (SshKeyOutput) Username added in v5.4.0

func (o SshKeyOutput) Username() pulumi.StringOutput

The name of the IAM user to associate the SSH public key with.

type SshKeyState

type SshKeyState struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringPtrInput
	// The MD5 message digest of the SSH public key.
	Fingerprint pulumi.StringPtrInput
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringPtrInput
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringPtrInput
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringPtrInput
}

func (SshKeyState) ElementType

func (SshKeyState) ElementType() reflect.Type

type User

type User struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this user.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrOutput `pulumi:"forceDestroy"`
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringOutput `pulumi:"name"`
	// Path in which to create the user.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"`
	// Key-value mapping of tags for the IAM user
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM user.

> *NOTE:* If policies are attached to the user via the `iam.PolicyAttachment` resource and you are modifying the user `name` or `path`, the `forceDestroy` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.UserPolicyAttachment` resource (recommended) does not have this requirement.

## Example Usage

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
			Tags: pulumi.StringMap{
				"tag-key": pulumi.String("tag-value"),
			},
		})
		if err != nil {
			return err
		}
		_, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User: lbUser.Name,
		})
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"ec2:Describe*\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"*\"\n", "    }\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Users can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/user:User lb loadbalancer

```

func GetUser

func GetUser(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserState, opts ...pulumi.ResourceOption) (*User, error)

GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUser

func NewUser(ctx *pulumi.Context,
	name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error)

NewUser registers a new resource with the given unique name, arguments, and options.

func (*User) ElementType

func (*User) ElementType() reflect.Type

func (*User) ToUserOutput

func (i *User) ToUserOutput() UserOutput

func (*User) ToUserOutputWithContext

func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput

type UserArgs

type UserArgs struct {
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrInput
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringPtrInput
	// Path in which to create the user.
	Path pulumi.StringPtrInput
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM user
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a User resource.

func (UserArgs) ElementType

func (UserArgs) ElementType() reflect.Type

type UserArray

type UserArray []UserInput

func (UserArray) ElementType

func (UserArray) ElementType() reflect.Type

func (UserArray) ToUserArrayOutput

func (i UserArray) ToUserArrayOutput() UserArrayOutput

func (UserArray) ToUserArrayOutputWithContext

func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput

type UserArrayInput

type UserArrayInput interface {
	pulumi.Input

	ToUserArrayOutput() UserArrayOutput
	ToUserArrayOutputWithContext(context.Context) UserArrayOutput
}

UserArrayInput is an input type that accepts UserArray and UserArrayOutput values. You can construct a concrete instance of `UserArrayInput` via:

UserArray{ UserArgs{...} }

type UserArrayOutput

type UserArrayOutput struct{ *pulumi.OutputState }

func (UserArrayOutput) ElementType

func (UserArrayOutput) ElementType() reflect.Type

func (UserArrayOutput) Index

func (UserArrayOutput) ToUserArrayOutput

func (o UserArrayOutput) ToUserArrayOutput() UserArrayOutput

func (UserArrayOutput) ToUserArrayOutputWithContext

func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput

type UserGroupMembership

type UserGroupMembership struct {
	pulumi.CustomResourceState

	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayOutput `pulumi:"groups"`
	// The name of the IAM User to add to groups
	User pulumi.StringOutput `pulumi:"user"`
}

Provides a resource for adding an IAM User to IAM Groups. This resource can be used multiple times with the same user for non-overlapping groups.

To exclusively manage the users in a group, see the `iam.GroupMembership` resource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user1, err := iam.NewUser(ctx, "user1", nil)
		if err != nil {
			return err
		}
		group1, err := iam.NewGroup(ctx, "group1", nil)
		if err != nil {
			return err
		}
		group2, err := iam.NewGroup(ctx, "group2", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserGroupMembership(ctx, "example1", &iam.UserGroupMembershipArgs{
			User: user1.Name,
			Groups: pulumi.StringArray{
				group1.Name,
				group2.Name,
			},
		})
		if err != nil {
			return err
		}
		group3, err := iam.NewGroup(ctx, "group3", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserGroupMembership(ctx, "example2", &iam.UserGroupMembershipArgs{
			User: user1.Name,
			Groups: pulumi.StringArray{
				group3.Name,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM user group membership can be imported using the user name and group names separated by `/`.

```sh

$ pulumi import aws:iam/userGroupMembership:UserGroupMembership example1 user1/group1/group2

```

func GetUserGroupMembership

func GetUserGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserGroupMembershipState, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)

GetUserGroupMembership gets an existing UserGroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserGroupMembership

func NewUserGroupMembership(ctx *pulumi.Context,
	name string, args *UserGroupMembershipArgs, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)

NewUserGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*UserGroupMembership) ElementType

func (*UserGroupMembership) ElementType() reflect.Type

func (*UserGroupMembership) ToUserGroupMembershipOutput

func (i *UserGroupMembership) ToUserGroupMembershipOutput() UserGroupMembershipOutput

func (*UserGroupMembership) ToUserGroupMembershipOutputWithContext

func (i *UserGroupMembership) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput

type UserGroupMembershipArgs

type UserGroupMembershipArgs struct {
	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayInput
	// The name of the IAM User to add to groups
	User pulumi.StringInput
}

The set of arguments for constructing a UserGroupMembership resource.

func (UserGroupMembershipArgs) ElementType

func (UserGroupMembershipArgs) ElementType() reflect.Type

type UserGroupMembershipArray

type UserGroupMembershipArray []UserGroupMembershipInput

func (UserGroupMembershipArray) ElementType

func (UserGroupMembershipArray) ElementType() reflect.Type

func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutput

func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput

func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext

func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput

type UserGroupMembershipArrayInput

type UserGroupMembershipArrayInput interface {
	pulumi.Input

	ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput
	ToUserGroupMembershipArrayOutputWithContext(context.Context) UserGroupMembershipArrayOutput
}

UserGroupMembershipArrayInput is an input type that accepts UserGroupMembershipArray and UserGroupMembershipArrayOutput values. You can construct a concrete instance of `UserGroupMembershipArrayInput` via:

UserGroupMembershipArray{ UserGroupMembershipArgs{...} }

type UserGroupMembershipArrayOutput

type UserGroupMembershipArrayOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipArrayOutput) ElementType

func (UserGroupMembershipArrayOutput) Index

func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput

func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput

func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext

func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput

type UserGroupMembershipInput

type UserGroupMembershipInput interface {
	pulumi.Input

	ToUserGroupMembershipOutput() UserGroupMembershipOutput
	ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput
}

type UserGroupMembershipMap

type UserGroupMembershipMap map[string]UserGroupMembershipInput

func (UserGroupMembershipMap) ElementType

func (UserGroupMembershipMap) ElementType() reflect.Type

func (UserGroupMembershipMap) ToUserGroupMembershipMapOutput

func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput

func (UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext

func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput

type UserGroupMembershipMapInput

type UserGroupMembershipMapInput interface {
	pulumi.Input

	ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput
	ToUserGroupMembershipMapOutputWithContext(context.Context) UserGroupMembershipMapOutput
}

UserGroupMembershipMapInput is an input type that accepts UserGroupMembershipMap and UserGroupMembershipMapOutput values. You can construct a concrete instance of `UserGroupMembershipMapInput` via:

UserGroupMembershipMap{ "key": UserGroupMembershipArgs{...} }

type UserGroupMembershipMapOutput

type UserGroupMembershipMapOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipMapOutput) ElementType

func (UserGroupMembershipMapOutput) MapIndex

func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput

func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput

func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext

func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput

type UserGroupMembershipOutput

type UserGroupMembershipOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipOutput) ElementType

func (UserGroupMembershipOutput) ElementType() reflect.Type

func (UserGroupMembershipOutput) Groups added in v5.4.0

A list of IAM Groups to add the user to

func (UserGroupMembershipOutput) ToUserGroupMembershipOutput

func (o UserGroupMembershipOutput) ToUserGroupMembershipOutput() UserGroupMembershipOutput

func (UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext

func (o UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput

func (UserGroupMembershipOutput) User added in v5.4.0

The name of the IAM User to add to groups

type UserGroupMembershipState

type UserGroupMembershipState struct {
	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayInput
	// The name of the IAM User to add to groups
	User pulumi.StringPtrInput
}

func (UserGroupMembershipState) ElementType

func (UserGroupMembershipState) ElementType() reflect.Type

type UserInput

type UserInput interface {
	pulumi.Input

	ToUserOutput() UserOutput
	ToUserOutputWithContext(ctx context.Context) UserOutput
}

type UserLoginProfile

type UserLoginProfile struct {
	pulumi.CustomResourceState

	EncryptedPassword pulumi.StringOutput `pulumi:"encryptedPassword"`
	// The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.
	KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"`
	// The plain text password, only available when `pgpKey` is not provided.
	Password pulumi.StringOutput `pulumi:"password"`
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.
	PasswordLength pulumi.IntPtrOutput `pulumi:"passwordLength"`
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.
	PasswordResetRequired pulumi.BoolOutput `pulumi:"passwordResetRequired"`
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringPtrOutput `pulumi:"pgpKey"`
	// The IAM user's name.
	User pulumi.StringOutput `pulumi:"user"`
}

Manages an IAM User Login Profile with limited support for password creation during this provider resource creation. Uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.

> To reset an IAM User login password via this provider, you can use delete and recreate this resource or change any of the arguments.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleUser, err := iam.NewUser(ctx, "exampleUser", &iam.UserArgs{
			Path:         pulumi.String("/"),
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		exampleUserLoginProfile, err := iam.NewUserLoginProfile(ctx, "exampleUserLoginProfile", &iam.UserLoginProfileArgs{
			User:   exampleUser.Name,
			PgpKey: pulumi.String("keybase:some_person_that_exists"),
		})
		if err != nil {
			return err
		}
		ctx.Export("password", exampleUserLoginProfile.EncryptedPassword)
		return nil
	})
}

```

## Import

IAM User Login Profiles can be imported without password information support via the IAM User name, e.g.,

```sh

$ pulumi import aws:iam/userLoginProfile:UserLoginProfile example myusername

```

Since this provider has no method to read the PGP or password information during import, use [`ignore_changes` argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to ignore them unless password recreation is desired. e.g. terraform resource "aws_iam_user_login_profile" "example" {

... other configuration ...

lifecycle {

ignore_changes = [

password_length,

password_reset_required,

pgp_key,

]

} }

func GetUserLoginProfile

func GetUserLoginProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserLoginProfileState, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)

GetUserLoginProfile gets an existing UserLoginProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserLoginProfile

func NewUserLoginProfile(ctx *pulumi.Context,
	name string, args *UserLoginProfileArgs, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)

NewUserLoginProfile registers a new resource with the given unique name, arguments, and options.

func (*UserLoginProfile) ElementType

func (*UserLoginProfile) ElementType() reflect.Type

func (*UserLoginProfile) ToUserLoginProfileOutput

func (i *UserLoginProfile) ToUserLoginProfileOutput() UserLoginProfileOutput

func (*UserLoginProfile) ToUserLoginProfileOutputWithContext

func (i *UserLoginProfile) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput

type UserLoginProfileArgs

type UserLoginProfileArgs struct {
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.
	PasswordLength pulumi.IntPtrInput
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.
	PasswordResetRequired pulumi.BoolPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringPtrInput
	// The IAM user's name.
	User pulumi.StringInput
}

The set of arguments for constructing a UserLoginProfile resource.

func (UserLoginProfileArgs) ElementType

func (UserLoginProfileArgs) ElementType() reflect.Type

type UserLoginProfileArray

type UserLoginProfileArray []UserLoginProfileInput

func (UserLoginProfileArray) ElementType

func (UserLoginProfileArray) ElementType() reflect.Type

func (UserLoginProfileArray) ToUserLoginProfileArrayOutput

func (i UserLoginProfileArray) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput

func (UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext

func (i UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput

type UserLoginProfileArrayInput

type UserLoginProfileArrayInput interface {
	pulumi.Input

	ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput
	ToUserLoginProfileArrayOutputWithContext(context.Context) UserLoginProfileArrayOutput
}

UserLoginProfileArrayInput is an input type that accepts UserLoginProfileArray and UserLoginProfileArrayOutput values. You can construct a concrete instance of `UserLoginProfileArrayInput` via:

UserLoginProfileArray{ UserLoginProfileArgs{...} }

type UserLoginProfileArrayOutput

type UserLoginProfileArrayOutput struct{ *pulumi.OutputState }

func (UserLoginProfileArrayOutput) ElementType

func (UserLoginProfileArrayOutput) Index

func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput

func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput

func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext

func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput

type UserLoginProfileInput

type UserLoginProfileInput interface {
	pulumi.Input

	ToUserLoginProfileOutput() UserLoginProfileOutput
	ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput
}

type UserLoginProfileMap

type UserLoginProfileMap map[string]UserLoginProfileInput

func (UserLoginProfileMap) ElementType

func (UserLoginProfileMap) ElementType() reflect.Type

func (UserLoginProfileMap) ToUserLoginProfileMapOutput

func (i UserLoginProfileMap) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput

func (UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext

func (i UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput

type UserLoginProfileMapInput

type UserLoginProfileMapInput interface {
	pulumi.Input

	ToUserLoginProfileMapOutput() UserLoginProfileMapOutput
	ToUserLoginProfileMapOutputWithContext(context.Context) UserLoginProfileMapOutput
}

UserLoginProfileMapInput is an input type that accepts UserLoginProfileMap and UserLoginProfileMapOutput values. You can construct a concrete instance of `UserLoginProfileMapInput` via:

UserLoginProfileMap{ "key": UserLoginProfileArgs{...} }

type UserLoginProfileMapOutput

type UserLoginProfileMapOutput struct{ *pulumi.OutputState }

func (UserLoginProfileMapOutput) ElementType

func (UserLoginProfileMapOutput) ElementType() reflect.Type

func (UserLoginProfileMapOutput) MapIndex

func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutput

func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput

func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext

func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput

type UserLoginProfileOutput

type UserLoginProfileOutput struct{ *pulumi.OutputState }

func (UserLoginProfileOutput) ElementType

func (UserLoginProfileOutput) ElementType() reflect.Type

func (UserLoginProfileOutput) EncryptedPassword added in v5.4.0

func (o UserLoginProfileOutput) EncryptedPassword() pulumi.StringOutput

func (UserLoginProfileOutput) KeyFingerprint added in v5.4.0

func (o UserLoginProfileOutput) KeyFingerprint() pulumi.StringOutput

The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.

func (UserLoginProfileOutput) Password added in v5.4.0

The plain text password, only available when `pgpKey` is not provided.

func (UserLoginProfileOutput) PasswordLength added in v5.4.0

func (o UserLoginProfileOutput) PasswordLength() pulumi.IntPtrOutput

The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.

func (UserLoginProfileOutput) PasswordResetRequired added in v5.4.0

func (o UserLoginProfileOutput) PasswordResetRequired() pulumi.BoolOutput

Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.

func (UserLoginProfileOutput) PgpKey added in v5.4.0

Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.

func (UserLoginProfileOutput) ToUserLoginProfileOutput

func (o UserLoginProfileOutput) ToUserLoginProfileOutput() UserLoginProfileOutput

func (UserLoginProfileOutput) ToUserLoginProfileOutputWithContext

func (o UserLoginProfileOutput) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput

func (UserLoginProfileOutput) User added in v5.4.0

The IAM user's name.

type UserLoginProfileState

type UserLoginProfileState struct {
	EncryptedPassword pulumi.StringPtrInput
	// The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.
	KeyFingerprint pulumi.StringPtrInput
	// The plain text password, only available when `pgpKey` is not provided.
	Password pulumi.StringPtrInput
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.
	PasswordLength pulumi.IntPtrInput
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.
	PasswordResetRequired pulumi.BoolPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringPtrInput
	// The IAM user's name.
	User pulumi.StringPtrInput
}

func (UserLoginProfileState) ElementType

func (UserLoginProfileState) ElementType() reflect.Type

type UserMap

type UserMap map[string]UserInput

func (UserMap) ElementType

func (UserMap) ElementType() reflect.Type

func (UserMap) ToUserMapOutput

func (i UserMap) ToUserMapOutput() UserMapOutput

func (UserMap) ToUserMapOutputWithContext

func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput

type UserMapInput

type UserMapInput interface {
	pulumi.Input

	ToUserMapOutput() UserMapOutput
	ToUserMapOutputWithContext(context.Context) UserMapOutput
}

UserMapInput is an input type that accepts UserMap and UserMapOutput values. You can construct a concrete instance of `UserMapInput` via:

UserMap{ "key": UserArgs{...} }

type UserMapOutput

type UserMapOutput struct{ *pulumi.OutputState }

func (UserMapOutput) ElementType

func (UserMapOutput) ElementType() reflect.Type

func (UserMapOutput) MapIndex

func (UserMapOutput) ToUserMapOutput

func (o UserMapOutput) ToUserMapOutput() UserMapOutput

func (UserMapOutput) ToUserMapOutputWithContext

func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput

type UserOutput

type UserOutput struct{ *pulumi.OutputState }

func (UserOutput) Arn added in v5.4.0

func (o UserOutput) Arn() pulumi.StringOutput

The ARN assigned by AWS for this user.

func (UserOutput) ElementType

func (UserOutput) ElementType() reflect.Type

func (UserOutput) ForceDestroy added in v5.4.0

func (o UserOutput) ForceDestroy() pulumi.BoolPtrOutput

When destroying this user, destroy even if it has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy` a user with non-provider-managed access keys and login profile will fail to be destroyed.

func (UserOutput) Name added in v5.4.0

func (o UserOutput) Name() pulumi.StringOutput

The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".

func (UserOutput) Path added in v5.4.0

Path in which to create the user.

func (UserOutput) PermissionsBoundary added in v5.4.0

func (o UserOutput) PermissionsBoundary() pulumi.StringPtrOutput

The ARN of the policy that is used to set the permissions boundary for the user.

func (UserOutput) Tags added in v5.4.0

Key-value mapping of tags for the IAM user

func (UserOutput) TagsAll added in v5.4.0

func (o UserOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider.

func (UserOutput) ToUserOutput

func (o UserOutput) ToUserOutput() UserOutput

func (UserOutput) ToUserOutputWithContext

func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput

func (UserOutput) UniqueId added in v5.4.0

func (o UserOutput) UniqueId() pulumi.StringOutput

The [unique ID][1] assigned by AWS.

type UserPolicy

type UserPolicy struct {
	pulumi.CustomResourceState

	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// IAM user to which to attach this policy.
	User pulumi.StringOutput `pulumi:"user"`
}

Provides an IAM policy attached to a user.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User: lbUser.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM User Policies can be imported using the `user_name:user_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/userPolicy:UserPolicy mypolicy user_of_mypolicy_name:mypolicy_name

```

func GetUserPolicy

func GetUserPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserPolicyState, opts ...pulumi.ResourceOption) (*UserPolicy, error)

GetUserPolicy gets an existing UserPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicy

func NewUserPolicy(ctx *pulumi.Context,
	name string, args *UserPolicyArgs, opts ...pulumi.ResourceOption) (*UserPolicy, error)

NewUserPolicy registers a new resource with the given unique name, arguments, and options.

func (*UserPolicy) ElementType

func (*UserPolicy) ElementType() reflect.Type

func (*UserPolicy) ToUserPolicyOutput

func (i *UserPolicy) ToUserPolicyOutput() UserPolicyOutput

func (*UserPolicy) ToUserPolicyOutputWithContext

func (i *UserPolicy) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput

type UserPolicyArgs

type UserPolicyArgs struct {
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// IAM user to which to attach this policy.
	User pulumi.StringInput
}

The set of arguments for constructing a UserPolicy resource.

func (UserPolicyArgs) ElementType

func (UserPolicyArgs) ElementType() reflect.Type

type UserPolicyArray

type UserPolicyArray []UserPolicyInput

func (UserPolicyArray) ElementType

func (UserPolicyArray) ElementType() reflect.Type

func (UserPolicyArray) ToUserPolicyArrayOutput

func (i UserPolicyArray) ToUserPolicyArrayOutput() UserPolicyArrayOutput

func (UserPolicyArray) ToUserPolicyArrayOutputWithContext

func (i UserPolicyArray) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput

type UserPolicyArrayInput

type UserPolicyArrayInput interface {
	pulumi.Input

	ToUserPolicyArrayOutput() UserPolicyArrayOutput
	ToUserPolicyArrayOutputWithContext(context.Context) UserPolicyArrayOutput
}

UserPolicyArrayInput is an input type that accepts UserPolicyArray and UserPolicyArrayOutput values. You can construct a concrete instance of `UserPolicyArrayInput` via:

UserPolicyArray{ UserPolicyArgs{...} }

type UserPolicyArrayOutput

type UserPolicyArrayOutput struct{ *pulumi.OutputState }

func (UserPolicyArrayOutput) ElementType

func (UserPolicyArrayOutput) ElementType() reflect.Type

func (UserPolicyArrayOutput) Index

func (UserPolicyArrayOutput) ToUserPolicyArrayOutput

func (o UserPolicyArrayOutput) ToUserPolicyArrayOutput() UserPolicyArrayOutput

func (UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext

func (o UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput

type UserPolicyAttachment

type UserPolicyAttachment struct {
	pulumi.CustomResourceState

	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The user the policy should be applied to
	User pulumi.StringOutput `pulumi:"user"`
}

Attaches a Managed IAM Policy to an IAM user

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user, err := iam.NewUser(ctx, "user", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any("{ ... policy JSON ... }"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicyAttachment(ctx, "test-attach", &iam.UserPolicyAttachmentArgs{
			User:      user.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM user policy attachments can be imported using the user name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/userPolicyAttachment:UserPolicyAttachment test-attach test-user/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetUserPolicyAttachment

func GetUserPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserPolicyAttachmentState, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)

GetUserPolicyAttachment gets an existing UserPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicyAttachment

func NewUserPolicyAttachment(ctx *pulumi.Context,
	name string, args *UserPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)

NewUserPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*UserPolicyAttachment) ElementType

func (*UserPolicyAttachment) ElementType() reflect.Type

func (*UserPolicyAttachment) ToUserPolicyAttachmentOutput

func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput

func (*UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext

func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput

type UserPolicyAttachmentArgs

type UserPolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The user the policy should be applied to
	User pulumi.Input
}

The set of arguments for constructing a UserPolicyAttachment resource.

func (UserPolicyAttachmentArgs) ElementType

func (UserPolicyAttachmentArgs) ElementType() reflect.Type

type UserPolicyAttachmentArray

type UserPolicyAttachmentArray []UserPolicyAttachmentInput

func (UserPolicyAttachmentArray) ElementType

func (UserPolicyAttachmentArray) ElementType() reflect.Type

func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput

func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput

func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext

func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentArrayInput

type UserPolicyAttachmentArrayInput interface {
	pulumi.Input

	ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput
	ToUserPolicyAttachmentArrayOutputWithContext(context.Context) UserPolicyAttachmentArrayOutput
}

UserPolicyAttachmentArrayInput is an input type that accepts UserPolicyAttachmentArray and UserPolicyAttachmentArrayOutput values. You can construct a concrete instance of `UserPolicyAttachmentArrayInput` via:

UserPolicyAttachmentArray{ UserPolicyAttachmentArgs{...} }

type UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentArrayOutput) ElementType

func (UserPolicyAttachmentArrayOutput) Index

func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput

func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput

func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext

func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentInput

type UserPolicyAttachmentInput interface {
	pulumi.Input

	ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput
	ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput
}

type UserPolicyAttachmentMap

type UserPolicyAttachmentMap map[string]UserPolicyAttachmentInput

func (UserPolicyAttachmentMap) ElementType

func (UserPolicyAttachmentMap) ElementType() reflect.Type

func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput

func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput

func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext

func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput

type UserPolicyAttachmentMapInput

type UserPolicyAttachmentMapInput interface {
	pulumi.Input

	ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput
	ToUserPolicyAttachmentMapOutputWithContext(context.Context) UserPolicyAttachmentMapOutput
}

UserPolicyAttachmentMapInput is an input type that accepts UserPolicyAttachmentMap and UserPolicyAttachmentMapOutput values. You can construct a concrete instance of `UserPolicyAttachmentMapInput` via:

UserPolicyAttachmentMap{ "key": UserPolicyAttachmentArgs{...} }

type UserPolicyAttachmentMapOutput

type UserPolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentMapOutput) ElementType

func (UserPolicyAttachmentMapOutput) MapIndex

func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput

func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput

func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext

func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput

type UserPolicyAttachmentOutput

type UserPolicyAttachmentOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentOutput) ElementType

func (UserPolicyAttachmentOutput) ElementType() reflect.Type

func (UserPolicyAttachmentOutput) PolicyArn added in v5.4.0

The ARN of the policy you want to apply

func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput

func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput

func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext

func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput

func (UserPolicyAttachmentOutput) User added in v5.4.0

The user the policy should be applied to

type UserPolicyAttachmentState

type UserPolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The user the policy should be applied to
	User pulumi.Input
}

func (UserPolicyAttachmentState) ElementType

func (UserPolicyAttachmentState) ElementType() reflect.Type

type UserPolicyInput

type UserPolicyInput interface {
	pulumi.Input

	ToUserPolicyOutput() UserPolicyOutput
	ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput
}

type UserPolicyMap

type UserPolicyMap map[string]UserPolicyInput

func (UserPolicyMap) ElementType

func (UserPolicyMap) ElementType() reflect.Type

func (UserPolicyMap) ToUserPolicyMapOutput

func (i UserPolicyMap) ToUserPolicyMapOutput() UserPolicyMapOutput

func (UserPolicyMap) ToUserPolicyMapOutputWithContext

func (i UserPolicyMap) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput

type UserPolicyMapInput

type UserPolicyMapInput interface {
	pulumi.Input

	ToUserPolicyMapOutput() UserPolicyMapOutput
	ToUserPolicyMapOutputWithContext(context.Context) UserPolicyMapOutput
}

UserPolicyMapInput is an input type that accepts UserPolicyMap and UserPolicyMapOutput values. You can construct a concrete instance of `UserPolicyMapInput` via:

UserPolicyMap{ "key": UserPolicyArgs{...} }

type UserPolicyMapOutput

type UserPolicyMapOutput struct{ *pulumi.OutputState }

func (UserPolicyMapOutput) ElementType

func (UserPolicyMapOutput) ElementType() reflect.Type

func (UserPolicyMapOutput) MapIndex

func (UserPolicyMapOutput) ToUserPolicyMapOutput

func (o UserPolicyMapOutput) ToUserPolicyMapOutput() UserPolicyMapOutput

func (UserPolicyMapOutput) ToUserPolicyMapOutputWithContext

func (o UserPolicyMapOutput) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput

type UserPolicyOutput

type UserPolicyOutput struct{ *pulumi.OutputState }

func (UserPolicyOutput) ElementType

func (UserPolicyOutput) ElementType() reflect.Type

func (UserPolicyOutput) Name added in v5.4.0

The name of the policy. If omitted, this provider will assign a random, unique name.

func (UserPolicyOutput) NamePrefix added in v5.4.0

func (o UserPolicyOutput) NamePrefix() pulumi.StringPtrOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (UserPolicyOutput) Policy added in v5.4.0

The policy document. This is a JSON formatted string.

func (UserPolicyOutput) ToUserPolicyOutput

func (o UserPolicyOutput) ToUserPolicyOutput() UserPolicyOutput

func (UserPolicyOutput) ToUserPolicyOutputWithContext

func (o UserPolicyOutput) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput

func (UserPolicyOutput) User added in v5.4.0

IAM user to which to attach this policy.

type UserPolicyState

type UserPolicyState struct {
	// The name of the policy. If omitted, this provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// IAM user to which to attach this policy.
	User pulumi.StringPtrInput
}

func (UserPolicyState) ElementType

func (UserPolicyState) ElementType() reflect.Type

type UserState

type UserState struct {
	// The ARN assigned by AWS for this user.
	Arn pulumi.StringPtrInput
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrInput
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringPtrInput
	// Path in which to create the user.
	Path pulumi.StringPtrInput
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM user
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider.
	TagsAll pulumi.StringMapInput
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (UserState) ElementType

func (UserState) ElementType() reflect.Type

type VirtualMfaDevice added in v5.1.0

type VirtualMfaDevice struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the virtual mfa device.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded.
	Base32StringSeed pulumi.StringOutput `pulumi:"base32StringSeed"`
	// The path for the virtual MFA device.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID otherwise), and Base32String is the seed in base32 format.
	QrCodePng pulumi.StringOutput `pulumi:"qrCodePng"`
	// Map of resource tags for the virtual mfa device. If configured with a provider [`defaultTags` configuration block](https://www.terraform.io/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider [`defaultTags` configuration block](https://www.terraform.io/docs/providers/aws/index.html#default_tags-configuration-block).
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
	VirtualMfaDeviceName pulumi.StringOutput `pulumi:"virtualMfaDeviceName"`
}

## Example Usage

**Using certs on file:**

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewVirtualMfaDevice(ctx, "example", &iam.VirtualMfaDeviceArgs{
			VirtualMfaDeviceName: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Virtual MFA Devices can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/virtualMfaDevice:VirtualMfaDevice example arn:aws:iam::123456789012:mfa/example

```

func GetVirtualMfaDevice added in v5.1.0

func GetVirtualMfaDevice(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *VirtualMfaDeviceState, opts ...pulumi.ResourceOption) (*VirtualMfaDevice, error)

GetVirtualMfaDevice gets an existing VirtualMfaDevice resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewVirtualMfaDevice added in v5.1.0

func NewVirtualMfaDevice(ctx *pulumi.Context,
	name string, args *VirtualMfaDeviceArgs, opts ...pulumi.ResourceOption) (*VirtualMfaDevice, error)

NewVirtualMfaDevice registers a new resource with the given unique name, arguments, and options.

func (*VirtualMfaDevice) ElementType added in v5.1.0

func (*VirtualMfaDevice) ElementType() reflect.Type

func (*VirtualMfaDevice) ToVirtualMfaDeviceOutput added in v5.1.0

func (i *VirtualMfaDevice) ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput

func (*VirtualMfaDevice) ToVirtualMfaDeviceOutputWithContext added in v5.1.0

func (i *VirtualMfaDevice) ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput

type VirtualMfaDeviceArgs added in v5.1.0

type VirtualMfaDeviceArgs struct {
	// The path for the virtual MFA device.
	Path pulumi.StringPtrInput
	// Map of resource tags for the virtual mfa device. If configured with a provider [`defaultTags` configuration block](https://www.terraform.io/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
	VirtualMfaDeviceName pulumi.StringInput
}

The set of arguments for constructing a VirtualMfaDevice resource.

func (VirtualMfaDeviceArgs) ElementType added in v5.1.0

func (VirtualMfaDeviceArgs) ElementType() reflect.Type

type VirtualMfaDeviceArray added in v5.1.0

type VirtualMfaDeviceArray []VirtualMfaDeviceInput

func (VirtualMfaDeviceArray) ElementType added in v5.1.0

func (VirtualMfaDeviceArray) ElementType() reflect.Type

func (VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutput added in v5.1.0

func (i VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput

func (VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutputWithContext added in v5.1.0

func (i VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutputWithContext(ctx context.Context) VirtualMfaDeviceArrayOutput

type VirtualMfaDeviceArrayInput added in v5.1.0

type VirtualMfaDeviceArrayInput interface {
	pulumi.Input

	ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput
	ToVirtualMfaDeviceArrayOutputWithContext(context.Context) VirtualMfaDeviceArrayOutput
}

VirtualMfaDeviceArrayInput is an input type that accepts VirtualMfaDeviceArray and VirtualMfaDeviceArrayOutput values. You can construct a concrete instance of `VirtualMfaDeviceArrayInput` via:

VirtualMfaDeviceArray{ VirtualMfaDeviceArgs{...} }

type VirtualMfaDeviceArrayOutput added in v5.1.0

type VirtualMfaDeviceArrayOutput struct{ *pulumi.OutputState }

func (VirtualMfaDeviceArrayOutput) ElementType added in v5.1.0

func (VirtualMfaDeviceArrayOutput) Index added in v5.1.0

func (VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutput added in v5.1.0

func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput

func (VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutputWithContext added in v5.1.0

func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutputWithContext(ctx context.Context) VirtualMfaDeviceArrayOutput

type VirtualMfaDeviceInput added in v5.1.0

type VirtualMfaDeviceInput interface {
	pulumi.Input

	ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput
	ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput
}

type VirtualMfaDeviceMap added in v5.1.0

type VirtualMfaDeviceMap map[string]VirtualMfaDeviceInput

func (VirtualMfaDeviceMap) ElementType added in v5.1.0

func (VirtualMfaDeviceMap) ElementType() reflect.Type

func (VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutput added in v5.1.0

func (i VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput

func (VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutputWithContext added in v5.1.0

func (i VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutputWithContext(ctx context.Context) VirtualMfaDeviceMapOutput

type VirtualMfaDeviceMapInput added in v5.1.0

type VirtualMfaDeviceMapInput interface {
	pulumi.Input

	ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput
	ToVirtualMfaDeviceMapOutputWithContext(context.Context) VirtualMfaDeviceMapOutput
}

VirtualMfaDeviceMapInput is an input type that accepts VirtualMfaDeviceMap and VirtualMfaDeviceMapOutput values. You can construct a concrete instance of `VirtualMfaDeviceMapInput` via:

VirtualMfaDeviceMap{ "key": VirtualMfaDeviceArgs{...} }

type VirtualMfaDeviceMapOutput added in v5.1.0

type VirtualMfaDeviceMapOutput struct{ *pulumi.OutputState }

func (VirtualMfaDeviceMapOutput) ElementType added in v5.1.0

func (VirtualMfaDeviceMapOutput) ElementType() reflect.Type

func (VirtualMfaDeviceMapOutput) MapIndex added in v5.1.0

func (VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutput added in v5.1.0

func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput

func (VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutputWithContext added in v5.1.0

func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutputWithContext(ctx context.Context) VirtualMfaDeviceMapOutput

type VirtualMfaDeviceOutput added in v5.1.0

type VirtualMfaDeviceOutput struct{ *pulumi.OutputState }

func (VirtualMfaDeviceOutput) Arn added in v5.4.0

The Amazon Resource Name (ARN) specifying the virtual mfa device.

func (VirtualMfaDeviceOutput) Base32StringSeed added in v5.4.0

func (o VirtualMfaDeviceOutput) Base32StringSeed() pulumi.StringOutput

The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded.

func (VirtualMfaDeviceOutput) ElementType added in v5.1.0

func (VirtualMfaDeviceOutput) ElementType() reflect.Type

func (VirtualMfaDeviceOutput) Path added in v5.4.0

The path for the virtual MFA device.

func (VirtualMfaDeviceOutput) QrCodePng added in v5.4.0

A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID otherwise), and Base32String is the seed in base32 format.

func (VirtualMfaDeviceOutput) Tags added in v5.4.0

Map of resource tags for the virtual mfa device. If configured with a provider [`defaultTags` configuration block](https://www.terraform.io/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.

func (VirtualMfaDeviceOutput) TagsAll added in v5.4.0

A map of tags assigned to the resource, including those inherited from the provider [`defaultTags` configuration block](https://www.terraform.io/docs/providers/aws/index.html#default_tags-configuration-block).

func (VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutput added in v5.1.0

func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput

func (VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutputWithContext added in v5.1.0

func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput

func (VirtualMfaDeviceOutput) VirtualMfaDeviceName added in v5.4.0

func (o VirtualMfaDeviceOutput) VirtualMfaDeviceName() pulumi.StringOutput

The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.

type VirtualMfaDeviceState added in v5.1.0

type VirtualMfaDeviceState struct {
	// The Amazon Resource Name (ARN) specifying the virtual mfa device.
	Arn pulumi.StringPtrInput
	// The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded.
	Base32StringSeed pulumi.StringPtrInput
	// The path for the virtual MFA device.
	Path pulumi.StringPtrInput
	// A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID otherwise), and Base32String is the seed in base32 format.
	QrCodePng pulumi.StringPtrInput
	// Map of resource tags for the virtual mfa device. If configured with a provider [`defaultTags` configuration block](https://www.terraform.io/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider [`defaultTags` configuration block](https://www.terraform.io/docs/providers/aws/index.html#default_tags-configuration-block).
	TagsAll pulumi.StringMapInput
	// The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
	VirtualMfaDeviceName pulumi.StringPtrInput
}

func (VirtualMfaDeviceState) ElementType added in v5.1.0

func (VirtualMfaDeviceState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL