Documentation ¶
Index ¶
- Constants
- type AccessKey
- type AccessKeyArgs
- type AccessKeyArray
- type AccessKeyArrayInput
- type AccessKeyArrayOutput
- func (AccessKeyArrayOutput) ElementType() reflect.Type
- func (o AccessKeyArrayOutput) Index(i pulumi.IntInput) AccessKeyOutput
- func (o AccessKeyArrayOutput) ToAccessKeyArrayOutput() AccessKeyArrayOutput
- func (o AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput
- type AccessKeyInput
- type AccessKeyMap
- type AccessKeyMapInput
- type AccessKeyMapOutput
- type AccessKeyOutput
- func (o AccessKeyOutput) CreateDate() pulumi.StringOutput
- func (AccessKeyOutput) ElementType() reflect.Type
- func (o AccessKeyOutput) EncryptedSecret() pulumi.StringOutput
- func (o AccessKeyOutput) EncryptedSesSmtpPasswordV4() pulumi.StringOutput
- func (o AccessKeyOutput) KeyFingerprint() pulumi.StringOutput
- func (o AccessKeyOutput) PgpKey() pulumi.StringPtrOutput
- func (o AccessKeyOutput) Secret() pulumi.StringOutput
- func (o AccessKeyOutput) SesSmtpPasswordV4() pulumi.StringOutput
- func (o AccessKeyOutput) Status() pulumi.StringPtrOutput
- func (o AccessKeyOutput) ToAccessKeyOutput() AccessKeyOutput
- func (o AccessKeyOutput) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput
- func (o AccessKeyOutput) User() pulumi.StringOutput
- type AccessKeyState
- type AccountAlias
- type AccountAliasArgs
- type AccountAliasArray
- type AccountAliasArrayInput
- type AccountAliasArrayOutput
- func (AccountAliasArrayOutput) ElementType() reflect.Type
- func (o AccountAliasArrayOutput) Index(i pulumi.IntInput) AccountAliasOutput
- func (o AccountAliasArrayOutput) ToAccountAliasArrayOutput() AccountAliasArrayOutput
- func (o AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput
- type AccountAliasInput
- type AccountAliasMap
- type AccountAliasMapInput
- type AccountAliasMapOutput
- func (AccountAliasMapOutput) ElementType() reflect.Type
- func (o AccountAliasMapOutput) MapIndex(k pulumi.StringInput) AccountAliasOutput
- func (o AccountAliasMapOutput) ToAccountAliasMapOutput() AccountAliasMapOutput
- func (o AccountAliasMapOutput) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput
- type AccountAliasOutput
- type AccountAliasState
- type AccountPasswordPolicy
- type AccountPasswordPolicyArgs
- type AccountPasswordPolicyArray
- func (AccountPasswordPolicyArray) ElementType() reflect.Type
- func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput
- func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput
- type AccountPasswordPolicyArrayInput
- type AccountPasswordPolicyArrayOutput
- func (AccountPasswordPolicyArrayOutput) ElementType() reflect.Type
- func (o AccountPasswordPolicyArrayOutput) Index(i pulumi.IntInput) AccountPasswordPolicyOutput
- func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput
- func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput
- type AccountPasswordPolicyInput
- type AccountPasswordPolicyMap
- type AccountPasswordPolicyMapInput
- type AccountPasswordPolicyMapOutput
- func (AccountPasswordPolicyMapOutput) ElementType() reflect.Type
- func (o AccountPasswordPolicyMapOutput) MapIndex(k pulumi.StringInput) AccountPasswordPolicyOutput
- func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput
- func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput
- type AccountPasswordPolicyOutput
- func (o AccountPasswordPolicyOutput) AllowUsersToChangePassword() pulumi.BoolPtrOutput
- func (AccountPasswordPolicyOutput) ElementType() reflect.Type
- func (o AccountPasswordPolicyOutput) ExpirePasswords() pulumi.BoolOutput
- func (o AccountPasswordPolicyOutput) HardExpiry() pulumi.BoolOutput
- func (o AccountPasswordPolicyOutput) MaxPasswordAge() pulumi.IntOutput
- func (o AccountPasswordPolicyOutput) MinimumPasswordLength() pulumi.IntPtrOutput
- func (o AccountPasswordPolicyOutput) PasswordReusePrevention() pulumi.IntOutput
- func (o AccountPasswordPolicyOutput) RequireLowercaseCharacters() pulumi.BoolOutput
- func (o AccountPasswordPolicyOutput) RequireNumbers() pulumi.BoolOutput
- func (o AccountPasswordPolicyOutput) RequireSymbols() pulumi.BoolOutput
- func (o AccountPasswordPolicyOutput) RequireUppercaseCharacters() pulumi.BoolOutput
- func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput
- func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput
- type AccountPasswordPolicyState
- type GetAccessKeysAccessKey
- type GetAccessKeysAccessKeyArgs
- type GetAccessKeysAccessKeyArray
- func (GetAccessKeysAccessKeyArray) ElementType() reflect.Type
- func (i GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput
- func (i GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyArrayOutput
- type GetAccessKeysAccessKeyArrayInput
- type GetAccessKeysAccessKeyArrayOutput
- func (GetAccessKeysAccessKeyArrayOutput) ElementType() reflect.Type
- func (o GetAccessKeysAccessKeyArrayOutput) Index(i pulumi.IntInput) GetAccessKeysAccessKeyOutput
- func (o GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput
- func (o GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyArrayOutput
- type GetAccessKeysAccessKeyInput
- type GetAccessKeysAccessKeyOutput
- func (o GetAccessKeysAccessKeyOutput) AccessKeyId() pulumi.StringOutput
- func (o GetAccessKeysAccessKeyOutput) CreateDate() pulumi.StringOutput
- func (GetAccessKeysAccessKeyOutput) ElementType() reflect.Type
- func (o GetAccessKeysAccessKeyOutput) Status() pulumi.StringOutput
- func (o GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutput() GetAccessKeysAccessKeyOutput
- func (o GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyOutput
- type GetAccessKeysArgs
- type GetAccessKeysOutputArgs
- type GetAccessKeysResult
- type GetAccessKeysResultOutput
- func (o GetAccessKeysResultOutput) AccessKeys() GetAccessKeysAccessKeyArrayOutput
- func (GetAccessKeysResultOutput) ElementType() reflect.Type
- func (o GetAccessKeysResultOutput) Id() pulumi.StringOutput
- func (o GetAccessKeysResultOutput) ToGetAccessKeysResultOutput() GetAccessKeysResultOutput
- func (o GetAccessKeysResultOutput) ToGetAccessKeysResultOutputWithContext(ctx context.Context) GetAccessKeysResultOutput
- func (o GetAccessKeysResultOutput) User() pulumi.StringOutput
- type GetGroupUser
- type GetGroupUserArgs
- type GetGroupUserArray
- type GetGroupUserArrayInput
- type GetGroupUserArrayOutput
- func (GetGroupUserArrayOutput) ElementType() reflect.Type
- func (o GetGroupUserArrayOutput) Index(i pulumi.IntInput) GetGroupUserOutput
- func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput
- func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput
- type GetGroupUserInput
- type GetGroupUserOutput
- func (o GetGroupUserOutput) Arn() pulumi.StringOutput
- func (GetGroupUserOutput) ElementType() reflect.Type
- func (o GetGroupUserOutput) Path() pulumi.StringOutput
- func (o GetGroupUserOutput) ToGetGroupUserOutput() GetGroupUserOutput
- func (o GetGroupUserOutput) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput
- func (o GetGroupUserOutput) UserId() pulumi.StringOutput
- func (o GetGroupUserOutput) UserName() pulumi.StringOutput
- type GetInstanceProfilesArgs
- type GetInstanceProfilesOutputArgs
- type GetInstanceProfilesResult
- type GetInstanceProfilesResultOutput
- func (o GetInstanceProfilesResultOutput) Arns() pulumi.StringArrayOutput
- func (GetInstanceProfilesResultOutput) ElementType() reflect.Type
- func (o GetInstanceProfilesResultOutput) Id() pulumi.StringOutput
- func (o GetInstanceProfilesResultOutput) Names() pulumi.StringArrayOutput
- func (o GetInstanceProfilesResultOutput) Paths() pulumi.StringArrayOutput
- func (o GetInstanceProfilesResultOutput) RoleName() pulumi.StringOutput
- func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutput() GetInstanceProfilesResultOutput
- func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutputWithContext(ctx context.Context) GetInstanceProfilesResultOutput
- type GetPolicyDocumentArgs
- type GetPolicyDocumentOutputArgs
- type GetPolicyDocumentResult
- type GetPolicyDocumentResultOutput
- func (GetPolicyDocumentResultOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentResultOutput) Id() pulumi.StringOutput
- func (o GetPolicyDocumentResultOutput) Json() pulumi.StringOutput
- func (o GetPolicyDocumentResultOutput) OverridePolicyDocuments() pulumi.StringArrayOutput
- func (o GetPolicyDocumentResultOutput) PolicyId() pulumi.StringPtrOutput
- func (o GetPolicyDocumentResultOutput) SourcePolicyDocuments() pulumi.StringArrayOutput
- func (o GetPolicyDocumentResultOutput) Statements() GetPolicyDocumentStatementArrayOutput
- func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput() GetPolicyDocumentResultOutput
- func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext(ctx context.Context) GetPolicyDocumentResultOutput
- func (o GetPolicyDocumentResultOutput) Version() pulumi.StringPtrOutput
- type GetPolicyDocumentStatement
- type GetPolicyDocumentStatementArgs
- func (GetPolicyDocumentStatementArgs) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput
- func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput
- type GetPolicyDocumentStatementArray
- func (GetPolicyDocumentStatementArray) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput
- func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput
- type GetPolicyDocumentStatementArrayInput
- type GetPolicyDocumentStatementArrayOutput
- func (GetPolicyDocumentStatementArrayOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentStatementOutput
- func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput
- func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput
- type GetPolicyDocumentStatementCondition
- type GetPolicyDocumentStatementConditionArgs
- func (GetPolicyDocumentStatementConditionArgs) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput
- func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput
- type GetPolicyDocumentStatementConditionArray
- func (GetPolicyDocumentStatementConditionArray) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput
- func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput
- type GetPolicyDocumentStatementConditionArrayInput
- type GetPolicyDocumentStatementConditionArrayOutput
- func (GetPolicyDocumentStatementConditionArrayOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementConditionArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentStatementConditionOutput
- func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput
- func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput
- type GetPolicyDocumentStatementConditionInput
- type GetPolicyDocumentStatementConditionOutput
- func (GetPolicyDocumentStatementConditionOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementConditionOutput) Test() pulumi.StringOutput
- func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput
- func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput
- func (o GetPolicyDocumentStatementConditionOutput) Values() pulumi.StringArrayOutput
- func (o GetPolicyDocumentStatementConditionOutput) Variable() pulumi.StringOutput
- type GetPolicyDocumentStatementInput
- type GetPolicyDocumentStatementNotPrincipal
- type GetPolicyDocumentStatementNotPrincipalArgs
- func (GetPolicyDocumentStatementNotPrincipalArgs) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput
- func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput
- type GetPolicyDocumentStatementNotPrincipalArray
- func (GetPolicyDocumentStatementNotPrincipalArray) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput
- func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput
- type GetPolicyDocumentStatementNotPrincipalArrayInput
- type GetPolicyDocumentStatementNotPrincipalArrayOutput
- func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentStatementNotPrincipalOutput
- func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput
- func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput
- type GetPolicyDocumentStatementNotPrincipalInput
- type GetPolicyDocumentStatementNotPrincipalOutput
- func (GetPolicyDocumentStatementNotPrincipalOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementNotPrincipalOutput) Identifiers() pulumi.StringArrayOutput
- func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput
- func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput
- func (o GetPolicyDocumentStatementNotPrincipalOutput) Type() pulumi.StringOutput
- type GetPolicyDocumentStatementOutput
- func (o GetPolicyDocumentStatementOutput) Actions() pulumi.StringArrayOutput
- func (o GetPolicyDocumentStatementOutput) Conditions() GetPolicyDocumentStatementConditionArrayOutput
- func (o GetPolicyDocumentStatementOutput) Effect() pulumi.StringPtrOutput
- func (GetPolicyDocumentStatementOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementOutput) NotActions() pulumi.StringArrayOutput
- func (o GetPolicyDocumentStatementOutput) NotPrincipals() GetPolicyDocumentStatementNotPrincipalArrayOutput
- func (o GetPolicyDocumentStatementOutput) NotResources() pulumi.StringArrayOutput
- func (o GetPolicyDocumentStatementOutput) Principals() GetPolicyDocumentStatementPrincipalArrayOutput
- func (o GetPolicyDocumentStatementOutput) Resources() pulumi.StringArrayOutput
- func (o GetPolicyDocumentStatementOutput) Sid() pulumi.StringPtrOutput
- func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput
- func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput
- type GetPolicyDocumentStatementPrincipal
- type GetPolicyDocumentStatementPrincipalArgs
- func (GetPolicyDocumentStatementPrincipalArgs) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput
- func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput
- type GetPolicyDocumentStatementPrincipalArray
- func (GetPolicyDocumentStatementPrincipalArray) ElementType() reflect.Type
- func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput
- func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput
- type GetPolicyDocumentStatementPrincipalArrayInput
- type GetPolicyDocumentStatementPrincipalArrayOutput
- func (GetPolicyDocumentStatementPrincipalArrayOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementPrincipalArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentStatementPrincipalOutput
- func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput
- func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput
- type GetPolicyDocumentStatementPrincipalInput
- type GetPolicyDocumentStatementPrincipalOutput
- func (GetPolicyDocumentStatementPrincipalOutput) ElementType() reflect.Type
- func (o GetPolicyDocumentStatementPrincipalOutput) Identifiers() pulumi.StringArrayOutput
- func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput
- func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput
- func (o GetPolicyDocumentStatementPrincipalOutput) Type() pulumi.StringOutput
- type GetPrincipalPolicySimulationContext
- type GetPrincipalPolicySimulationContextArgs
- func (GetPrincipalPolicySimulationContextArgs) ElementType() reflect.Type
- func (i GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput
- func (i GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextOutput
- type GetPrincipalPolicySimulationContextArray
- func (GetPrincipalPolicySimulationContextArray) ElementType() reflect.Type
- func (i GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput
- func (i GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextArrayOutput
- type GetPrincipalPolicySimulationContextArrayInput
- type GetPrincipalPolicySimulationContextArrayOutput
- func (GetPrincipalPolicySimulationContextArrayOutput) ElementType() reflect.Type
- func (o GetPrincipalPolicySimulationContextArrayOutput) Index(i pulumi.IntInput) GetPrincipalPolicySimulationContextOutput
- func (o GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput
- func (o GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextArrayOutput
- type GetPrincipalPolicySimulationContextInput
- type GetPrincipalPolicySimulationContextOutput
- func (GetPrincipalPolicySimulationContextOutput) ElementType() reflect.Type
- func (o GetPrincipalPolicySimulationContextOutput) Key() pulumi.StringOutput
- func (o GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput
- func (o GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextOutput
- func (o GetPrincipalPolicySimulationContextOutput) Type() pulumi.StringOutput
- func (o GetPrincipalPolicySimulationContextOutput) Values() pulumi.StringArrayOutput
- type GetPrincipalPolicySimulationResult
- type GetPrincipalPolicySimulationResultArgs
- func (GetPrincipalPolicySimulationResultArgs) ElementType() reflect.Type
- func (i GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput
- func (i GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultOutput
- type GetPrincipalPolicySimulationResultArray
- func (GetPrincipalPolicySimulationResultArray) ElementType() reflect.Type
- func (i GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput
- func (i GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultArrayOutput
- type GetPrincipalPolicySimulationResultArrayInput
- type GetPrincipalPolicySimulationResultArrayOutput
- func (GetPrincipalPolicySimulationResultArrayOutput) ElementType() reflect.Type
- func (o GetPrincipalPolicySimulationResultArrayOutput) Index(i pulumi.IntInput) GetPrincipalPolicySimulationResultOutput
- func (o GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput
- func (o GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultArrayOutput
- type GetPrincipalPolicySimulationResultInput
- type GetPrincipalPolicySimulationResultMatchedStatement
- type GetPrincipalPolicySimulationResultMatchedStatementArgs
- func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ElementType() reflect.Type
- func (i GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutput() GetPrincipalPolicySimulationResultMatchedStatementOutput
- func (i GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput
- type GetPrincipalPolicySimulationResultMatchedStatementArray
- func (GetPrincipalPolicySimulationResultMatchedStatementArray) ElementType() reflect.Type
- func (i GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
- func (i GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
- type GetPrincipalPolicySimulationResultMatchedStatementArrayInput
- type GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
- func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ElementType() reflect.Type
- func (o GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) Index(i pulumi.IntInput) GetPrincipalPolicySimulationResultMatchedStatementOutput
- func (o GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
- func (o GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
- type GetPrincipalPolicySimulationResultMatchedStatementInput
- type GetPrincipalPolicySimulationResultMatchedStatementOutput
- func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ElementType() reflect.Type
- func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyId() pulumi.StringOutput
- func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyType() pulumi.StringOutput
- func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutput() GetPrincipalPolicySimulationResultMatchedStatementOutput
- func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput
- type GetPrincipalPolicySimulationResultOutput
- func (o GetPrincipalPolicySimulationResultOutput) ActionName() pulumi.StringOutput
- func (o GetPrincipalPolicySimulationResultOutput) Allowed() pulumi.BoolOutput
- func (o GetPrincipalPolicySimulationResultOutput) Decision() pulumi.StringOutput
- func (o GetPrincipalPolicySimulationResultOutput) DecisionDetails() pulumi.StringMapOutput
- func (GetPrincipalPolicySimulationResultOutput) ElementType() reflect.Type
- func (o GetPrincipalPolicySimulationResultOutput) MatchedStatements() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
- func (o GetPrincipalPolicySimulationResultOutput) MissingContextKeys() pulumi.StringArrayOutput
- func (o GetPrincipalPolicySimulationResultOutput) ResourceArn() pulumi.StringOutput
- func (o GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput
- func (o GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultOutput
- type GetRoleRoleLastUsed
- type GetRoleRoleLastUsedArgs
- type GetRoleRoleLastUsedArray
- type GetRoleRoleLastUsedArrayInput
- type GetRoleRoleLastUsedArrayOutput
- func (GetRoleRoleLastUsedArrayOutput) ElementType() reflect.Type
- func (o GetRoleRoleLastUsedArrayOutput) Index(i pulumi.IntInput) GetRoleRoleLastUsedOutput
- func (o GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutput() GetRoleRoleLastUsedArrayOutput
- func (o GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutputWithContext(ctx context.Context) GetRoleRoleLastUsedArrayOutput
- type GetRoleRoleLastUsedInput
- type GetRoleRoleLastUsedOutput
- func (GetRoleRoleLastUsedOutput) ElementType() reflect.Type
- func (o GetRoleRoleLastUsedOutput) LastUsedDate() pulumi.StringOutput
- func (o GetRoleRoleLastUsedOutput) Region() pulumi.StringOutput
- func (o GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutput() GetRoleRoleLastUsedOutput
- func (o GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutputWithContext(ctx context.Context) GetRoleRoleLastUsedOutput
- type GetRolesArgs
- type GetRolesOutputArgs
- type GetRolesResult
- type GetRolesResultOutput
- func (o GetRolesResultOutput) Arns() pulumi.StringArrayOutput
- func (GetRolesResultOutput) ElementType() reflect.Type
- func (o GetRolesResultOutput) Id() pulumi.StringOutput
- func (o GetRolesResultOutput) NameRegex() pulumi.StringPtrOutput
- func (o GetRolesResultOutput) Names() pulumi.StringArrayOutput
- func (o GetRolesResultOutput) PathPrefix() pulumi.StringPtrOutput
- func (o GetRolesResultOutput) ToGetRolesResultOutput() GetRolesResultOutput
- func (o GetRolesResultOutput) ToGetRolesResultOutputWithContext(ctx context.Context) GetRolesResultOutput
- type GetSessionContextArgs
- type GetSessionContextOutputArgs
- type GetSessionContextResult
- type GetSessionContextResultOutput
- func (o GetSessionContextResultOutput) Arn() pulumi.StringOutput
- func (GetSessionContextResultOutput) ElementType() reflect.Type
- func (o GetSessionContextResultOutput) Id() pulumi.StringOutput
- func (o GetSessionContextResultOutput) IssuerArn() pulumi.StringOutput
- func (o GetSessionContextResultOutput) IssuerId() pulumi.StringOutput
- func (o GetSessionContextResultOutput) IssuerName() pulumi.StringOutput
- func (o GetSessionContextResultOutput) SessionName() pulumi.StringOutput
- func (o GetSessionContextResultOutput) ToGetSessionContextResultOutput() GetSessionContextResultOutput
- func (o GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext(ctx context.Context) GetSessionContextResultOutput
- type GetUserSshKeyArgs
- type GetUserSshKeyOutputArgs
- type GetUserSshKeyResult
- type GetUserSshKeyResultOutput
- func (GetUserSshKeyResultOutput) ElementType() reflect.Type
- func (o GetUserSshKeyResultOutput) Encoding() pulumi.StringOutput
- func (o GetUserSshKeyResultOutput) Fingerprint() pulumi.StringOutput
- func (o GetUserSshKeyResultOutput) Id() pulumi.StringOutput
- func (o GetUserSshKeyResultOutput) PublicKey() pulumi.StringOutput
- func (o GetUserSshKeyResultOutput) SshPublicKeyId() pulumi.StringOutput
- func (o GetUserSshKeyResultOutput) Status() pulumi.StringOutput
- func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput() GetUserSshKeyResultOutput
- func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext(ctx context.Context) GetUserSshKeyResultOutput
- func (o GetUserSshKeyResultOutput) Username() pulumi.StringOutput
- type GetUsersArgs
- type GetUsersOutputArgs
- type GetUsersResult
- type GetUsersResultOutput
- func (o GetUsersResultOutput) Arns() pulumi.StringArrayOutput
- func (GetUsersResultOutput) ElementType() reflect.Type
- func (o GetUsersResultOutput) Id() pulumi.StringOutput
- func (o GetUsersResultOutput) NameRegex() pulumi.StringPtrOutput
- func (o GetUsersResultOutput) Names() pulumi.StringArrayOutput
- func (o GetUsersResultOutput) PathPrefix() pulumi.StringPtrOutput
- func (o GetUsersResultOutput) ToGetUsersResultOutput() GetUsersResultOutput
- func (o GetUsersResultOutput) ToGetUsersResultOutputWithContext(ctx context.Context) GetUsersResultOutput
- type Group
- type GroupArgs
- type GroupArray
- type GroupArrayInput
- type GroupArrayOutput
- type GroupInput
- type GroupMap
- type GroupMapInput
- type GroupMapOutput
- type GroupMembership
- type GroupMembershipArgs
- type GroupMembershipArray
- type GroupMembershipArrayInput
- type GroupMembershipArrayOutput
- func (GroupMembershipArrayOutput) ElementType() reflect.Type
- func (o GroupMembershipArrayOutput) Index(i pulumi.IntInput) GroupMembershipOutput
- func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput
- func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput
- type GroupMembershipInput
- type GroupMembershipMap
- type GroupMembershipMapInput
- type GroupMembershipMapOutput
- func (GroupMembershipMapOutput) ElementType() reflect.Type
- func (o GroupMembershipMapOutput) MapIndex(k pulumi.StringInput) GroupMembershipOutput
- func (o GroupMembershipMapOutput) ToGroupMembershipMapOutput() GroupMembershipMapOutput
- func (o GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput
- type GroupMembershipOutput
- func (GroupMembershipOutput) ElementType() reflect.Type
- func (o GroupMembershipOutput) Group() pulumi.StringOutput
- func (o GroupMembershipOutput) Name() pulumi.StringOutput
- func (o GroupMembershipOutput) ToGroupMembershipOutput() GroupMembershipOutput
- func (o GroupMembershipOutput) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput
- func (o GroupMembershipOutput) Users() pulumi.StringArrayOutput
- type GroupMembershipState
- type GroupOutput
- func (o GroupOutput) Arn() pulumi.StringOutput
- func (GroupOutput) ElementType() reflect.Type
- func (o GroupOutput) Name() pulumi.StringOutput
- func (o GroupOutput) Path() pulumi.StringPtrOutput
- func (o GroupOutput) ToGroupOutput() GroupOutput
- func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput
- func (o GroupOutput) UniqueId() pulumi.StringOutput
- type GroupPolicy
- type GroupPolicyArgs
- type GroupPolicyArray
- type GroupPolicyArrayInput
- type GroupPolicyArrayOutput
- func (GroupPolicyArrayOutput) ElementType() reflect.Type
- func (o GroupPolicyArrayOutput) Index(i pulumi.IntInput) GroupPolicyOutput
- func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput
- func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput
- type GroupPolicyAttachment
- type GroupPolicyAttachmentArgs
- type GroupPolicyAttachmentArray
- func (GroupPolicyAttachmentArray) ElementType() reflect.Type
- func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput
- func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput
- type GroupPolicyAttachmentArrayInput
- type GroupPolicyAttachmentArrayOutput
- func (GroupPolicyAttachmentArrayOutput) ElementType() reflect.Type
- func (o GroupPolicyAttachmentArrayOutput) Index(i pulumi.IntInput) GroupPolicyAttachmentOutput
- func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput
- func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput
- type GroupPolicyAttachmentInput
- type GroupPolicyAttachmentMap
- type GroupPolicyAttachmentMapInput
- type GroupPolicyAttachmentMapOutput
- func (GroupPolicyAttachmentMapOutput) ElementType() reflect.Type
- func (o GroupPolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) GroupPolicyAttachmentOutput
- func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput
- func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput
- type GroupPolicyAttachmentOutput
- func (GroupPolicyAttachmentOutput) ElementType() reflect.Type
- func (o GroupPolicyAttachmentOutput) Group() pulumi.StringOutput
- func (o GroupPolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
- func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput
- func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput
- type GroupPolicyAttachmentState
- type GroupPolicyInput
- type GroupPolicyMap
- type GroupPolicyMapInput
- type GroupPolicyMapOutput
- func (GroupPolicyMapOutput) ElementType() reflect.Type
- func (o GroupPolicyMapOutput) MapIndex(k pulumi.StringInput) GroupPolicyOutput
- func (o GroupPolicyMapOutput) ToGroupPolicyMapOutput() GroupPolicyMapOutput
- func (o GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput
- type GroupPolicyOutput
- func (GroupPolicyOutput) ElementType() reflect.Type
- func (o GroupPolicyOutput) Group() pulumi.StringOutput
- func (o GroupPolicyOutput) Name() pulumi.StringOutput
- func (o GroupPolicyOutput) NamePrefix() pulumi.StringPtrOutput
- func (o GroupPolicyOutput) Policy() pulumi.StringOutput
- func (o GroupPolicyOutput) ToGroupPolicyOutput() GroupPolicyOutput
- func (o GroupPolicyOutput) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput
- type GroupPolicyState
- type GroupState
- type InstanceProfile
- type InstanceProfileArgs
- type InstanceProfileArray
- type InstanceProfileArrayInput
- type InstanceProfileArrayOutput
- func (InstanceProfileArrayOutput) ElementType() reflect.Type
- func (o InstanceProfileArrayOutput) Index(i pulumi.IntInput) InstanceProfileOutput
- func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput
- func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput
- type InstanceProfileInput
- type InstanceProfileMap
- type InstanceProfileMapInput
- type InstanceProfileMapOutput
- func (InstanceProfileMapOutput) ElementType() reflect.Type
- func (o InstanceProfileMapOutput) MapIndex(k pulumi.StringInput) InstanceProfileOutput
- func (o InstanceProfileMapOutput) ToInstanceProfileMapOutput() InstanceProfileMapOutput
- func (o InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput
- type InstanceProfileOutput
- func (o InstanceProfileOutput) Arn() pulumi.StringOutput
- func (o InstanceProfileOutput) CreateDate() pulumi.StringOutput
- func (InstanceProfileOutput) ElementType() reflect.Type
- func (o InstanceProfileOutput) Name() pulumi.StringOutput
- func (o InstanceProfileOutput) NamePrefix() pulumi.StringOutput
- func (o InstanceProfileOutput) Path() pulumi.StringPtrOutput
- func (o InstanceProfileOutput) Role() pulumi.StringPtrOutput
- func (o InstanceProfileOutput) Tags() pulumi.StringMapOutput
- func (o InstanceProfileOutput) TagsAll() pulumi.StringMapOutput
- func (o InstanceProfileOutput) ToInstanceProfileOutput() InstanceProfileOutput
- func (o InstanceProfileOutput) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput
- func (o InstanceProfileOutput) UniqueId() pulumi.StringOutput
- type InstanceProfileState
- type LookupAccountAliasResult
- type LookupGroupArgs
- type LookupGroupOutputArgs
- type LookupGroupResult
- type LookupGroupResultOutput
- func (o LookupGroupResultOutput) Arn() pulumi.StringOutput
- func (LookupGroupResultOutput) ElementType() reflect.Type
- func (o LookupGroupResultOutput) GroupId() pulumi.StringOutput
- func (o LookupGroupResultOutput) GroupName() pulumi.StringOutput
- func (o LookupGroupResultOutput) Id() pulumi.StringOutput
- func (o LookupGroupResultOutput) Path() pulumi.StringOutput
- func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput
- func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput
- func (o LookupGroupResultOutput) Users() GetGroupUserArrayOutput
- type LookupInstanceProfileArgs
- type LookupInstanceProfileOutputArgs
- type LookupInstanceProfileResult
- type LookupInstanceProfileResultOutput
- func (o LookupInstanceProfileResultOutput) Arn() pulumi.StringOutput
- func (o LookupInstanceProfileResultOutput) CreateDate() pulumi.StringOutput
- func (LookupInstanceProfileResultOutput) ElementType() reflect.Type
- func (o LookupInstanceProfileResultOutput) Id() pulumi.StringOutput
- func (o LookupInstanceProfileResultOutput) Name() pulumi.StringOutput
- func (o LookupInstanceProfileResultOutput) Path() pulumi.StringOutput
- func (o LookupInstanceProfileResultOutput) RoleArn() pulumi.StringOutput
- func (o LookupInstanceProfileResultOutput) RoleId() pulumi.StringOutput
- func (o LookupInstanceProfileResultOutput) RoleName() pulumi.StringOutput
- func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput() LookupInstanceProfileResultOutput
- func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext(ctx context.Context) LookupInstanceProfileResultOutput
- type LookupOpenIdConnectProviderArgs
- type LookupOpenIdConnectProviderOutputArgs
- type LookupOpenIdConnectProviderResult
- type LookupOpenIdConnectProviderResultOutput
- func (o LookupOpenIdConnectProviderResultOutput) Arn() pulumi.StringOutput
- func (o LookupOpenIdConnectProviderResultOutput) ClientIdLists() pulumi.StringArrayOutput
- func (LookupOpenIdConnectProviderResultOutput) ElementType() reflect.Type
- func (o LookupOpenIdConnectProviderResultOutput) Id() pulumi.StringOutput
- func (o LookupOpenIdConnectProviderResultOutput) Tags() pulumi.StringMapOutput
- func (o LookupOpenIdConnectProviderResultOutput) ThumbprintLists() pulumi.StringArrayOutput
- func (o LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutput() LookupOpenIdConnectProviderResultOutput
- func (o LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutputWithContext(ctx context.Context) LookupOpenIdConnectProviderResultOutput
- func (o LookupOpenIdConnectProviderResultOutput) Url() pulumi.StringOutput
- type LookupPolicyArgs
- type LookupPolicyOutputArgs
- type LookupPolicyResult
- type LookupPolicyResultOutput
- func (o LookupPolicyResultOutput) Arn() pulumi.StringOutput
- func (o LookupPolicyResultOutput) Description() pulumi.StringOutput
- func (LookupPolicyResultOutput) ElementType() reflect.Type
- func (o LookupPolicyResultOutput) Id() pulumi.StringOutput
- func (o LookupPolicyResultOutput) Name() pulumi.StringOutput
- func (o LookupPolicyResultOutput) Path() pulumi.StringOutput
- func (o LookupPolicyResultOutput) PathPrefix() pulumi.StringPtrOutput
- func (o LookupPolicyResultOutput) Policy() pulumi.StringOutput
- func (o LookupPolicyResultOutput) PolicyId() pulumi.StringOutput
- func (o LookupPolicyResultOutput) Tags() pulumi.StringMapOutput
- func (o LookupPolicyResultOutput) ToLookupPolicyResultOutput() LookupPolicyResultOutput
- func (o LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext(ctx context.Context) LookupPolicyResultOutput
- type LookupPrincipalPolicySimulationArgs
- type LookupPrincipalPolicySimulationOutputArgs
- type LookupPrincipalPolicySimulationResult
- type LookupPrincipalPolicySimulationResultOutput
- func (o LookupPrincipalPolicySimulationResultOutput) ActionNames() pulumi.StringArrayOutput
- func (o LookupPrincipalPolicySimulationResultOutput) AdditionalPoliciesJsons() pulumi.StringArrayOutput
- func (o LookupPrincipalPolicySimulationResultOutput) AllAllowed() pulumi.BoolOutput
- func (o LookupPrincipalPolicySimulationResultOutput) CallerArn() pulumi.StringPtrOutput
- func (o LookupPrincipalPolicySimulationResultOutput) Contexts() GetPrincipalPolicySimulationContextArrayOutput
- func (LookupPrincipalPolicySimulationResultOutput) ElementType() reflect.Type
- func (o LookupPrincipalPolicySimulationResultOutput) Id() pulumi.StringOutput
- func (o LookupPrincipalPolicySimulationResultOutput) PermissionsBoundaryPoliciesJsons() pulumi.StringArrayOutput
- func (o LookupPrincipalPolicySimulationResultOutput) PolicySourceArn() pulumi.StringOutput
- func (o LookupPrincipalPolicySimulationResultOutput) ResourceArns() pulumi.StringArrayOutput
- func (o LookupPrincipalPolicySimulationResultOutput) ResourceHandlingOption() pulumi.StringPtrOutput
- func (o LookupPrincipalPolicySimulationResultOutput) ResourceOwnerAccountId() pulumi.StringPtrOutput
- func (o LookupPrincipalPolicySimulationResultOutput) ResourcePolicyJson() pulumi.StringPtrOutput
- func (o LookupPrincipalPolicySimulationResultOutput) Results() GetPrincipalPolicySimulationResultArrayOutput
- func (o LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutput() LookupPrincipalPolicySimulationResultOutput
- func (o LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) LookupPrincipalPolicySimulationResultOutput
- type LookupRoleArgs
- type LookupRoleOutputArgs
- type LookupRoleResult
- type LookupRoleResultOutput
- func (o LookupRoleResultOutput) Arn() pulumi.StringOutput
- func (o LookupRoleResultOutput) AssumeRolePolicy() pulumi.StringOutput
- func (o LookupRoleResultOutput) CreateDate() pulumi.StringOutput
- func (o LookupRoleResultOutput) Description() pulumi.StringOutput
- func (LookupRoleResultOutput) ElementType() reflect.Type
- func (o LookupRoleResultOutput) Id() pulumi.StringOutput
- func (o LookupRoleResultOutput) MaxSessionDuration() pulumi.IntOutput
- func (o LookupRoleResultOutput) Name() pulumi.StringOutput
- func (o LookupRoleResultOutput) Path() pulumi.StringOutput
- func (o LookupRoleResultOutput) PermissionsBoundary() pulumi.StringOutput
- func (o LookupRoleResultOutput) RoleLastUseds() GetRoleRoleLastUsedArrayOutput
- func (o LookupRoleResultOutput) Tags() pulumi.StringMapOutput
- func (o LookupRoleResultOutput) ToLookupRoleResultOutput() LookupRoleResultOutput
- func (o LookupRoleResultOutput) ToLookupRoleResultOutputWithContext(ctx context.Context) LookupRoleResultOutput
- func (o LookupRoleResultOutput) UniqueId() pulumi.StringOutput
- type LookupSamlProviderArgs
- type LookupSamlProviderOutputArgs
- type LookupSamlProviderResult
- type LookupSamlProviderResultOutput
- func (o LookupSamlProviderResultOutput) Arn() pulumi.StringOutput
- func (o LookupSamlProviderResultOutput) CreateDate() pulumi.StringOutput
- func (LookupSamlProviderResultOutput) ElementType() reflect.Type
- func (o LookupSamlProviderResultOutput) Id() pulumi.StringOutput
- func (o LookupSamlProviderResultOutput) Name() pulumi.StringOutput
- func (o LookupSamlProviderResultOutput) SamlMetadataDocument() pulumi.StringOutput
- func (o LookupSamlProviderResultOutput) Tags() pulumi.StringMapOutput
- func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutput() LookupSamlProviderResultOutput
- func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutputWithContext(ctx context.Context) LookupSamlProviderResultOutput
- func (o LookupSamlProviderResultOutput) ValidUntil() pulumi.StringOutput
- type LookupServerCertificateArgs
- type LookupServerCertificateOutputArgs
- type LookupServerCertificateResult
- type LookupServerCertificateResultOutput
- func (o LookupServerCertificateResultOutput) Arn() pulumi.StringOutput
- func (o LookupServerCertificateResultOutput) CertificateBody() pulumi.StringOutput
- func (o LookupServerCertificateResultOutput) CertificateChain() pulumi.StringOutput
- func (LookupServerCertificateResultOutput) ElementType() reflect.Type
- func (o LookupServerCertificateResultOutput) ExpirationDate() pulumi.StringOutput
- func (o LookupServerCertificateResultOutput) Id() pulumi.StringOutput
- func (o LookupServerCertificateResultOutput) Latest() pulumi.BoolPtrOutput
- func (o LookupServerCertificateResultOutput) Name() pulumi.StringOutput
- func (o LookupServerCertificateResultOutput) NamePrefix() pulumi.StringPtrOutput
- func (o LookupServerCertificateResultOutput) Path() pulumi.StringOutput
- func (o LookupServerCertificateResultOutput) PathPrefix() pulumi.StringPtrOutput
- func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput() LookupServerCertificateResultOutput
- func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext(ctx context.Context) LookupServerCertificateResultOutput
- func (o LookupServerCertificateResultOutput) UploadDate() pulumi.StringOutput
- type LookupUserArgs
- type LookupUserOutputArgs
- type LookupUserResult
- type LookupUserResultOutput
- func (o LookupUserResultOutput) Arn() pulumi.StringOutput
- func (LookupUserResultOutput) ElementType() reflect.Type
- func (o LookupUserResultOutput) Id() pulumi.StringOutput
- func (o LookupUserResultOutput) Path() pulumi.StringOutput
- func (o LookupUserResultOutput) PermissionsBoundary() pulumi.StringOutput
- func (o LookupUserResultOutput) Tags() pulumi.StringMapOutput
- func (o LookupUserResultOutput) ToLookupUserResultOutput() LookupUserResultOutput
- func (o LookupUserResultOutput) ToLookupUserResultOutputWithContext(ctx context.Context) LookupUserResultOutput
- func (o LookupUserResultOutput) UserId() pulumi.StringOutput
- func (o LookupUserResultOutput) UserName() pulumi.StringOutput
- type ManagedPolicy
- func (ManagedPolicy) ElementType() reflect.Type
- func (e ManagedPolicy) ToManagedPolicyOutput() ManagedPolicyOutput
- func (e ManagedPolicy) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput
- func (e ManagedPolicy) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
- func (e ManagedPolicy) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput
- func (e ManagedPolicy) ToStringOutput() pulumi.StringOutput
- func (e ManagedPolicy) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput
- func (e ManagedPolicy) ToStringPtrOutput() pulumi.StringPtrOutput
- func (e ManagedPolicy) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput
- type ManagedPolicyInput
- type ManagedPolicyOutput
- func (ManagedPolicyOutput) ElementType() reflect.Type
- func (o ManagedPolicyOutput) ToManagedPolicyOutput() ManagedPolicyOutput
- func (o ManagedPolicyOutput) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput
- func (o ManagedPolicyOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
- func (o ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput
- func (o ManagedPolicyOutput) ToStringOutput() pulumi.StringOutput
- func (o ManagedPolicyOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput
- func (o ManagedPolicyOutput) ToStringPtrOutput() pulumi.StringPtrOutput
- func (o ManagedPolicyOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput
- type ManagedPolicyPtrInput
- type ManagedPolicyPtrOutput
- func (o ManagedPolicyPtrOutput) Elem() ManagedPolicyOutput
- func (ManagedPolicyPtrOutput) ElementType() reflect.Type
- func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
- func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput
- func (o ManagedPolicyPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput
- func (o ManagedPolicyPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput
- type OpenIdConnectProvider
- type OpenIdConnectProviderArgs
- type OpenIdConnectProviderArray
- func (OpenIdConnectProviderArray) ElementType() reflect.Type
- func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput
- func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput
- type OpenIdConnectProviderArrayInput
- type OpenIdConnectProviderArrayOutput
- func (OpenIdConnectProviderArrayOutput) ElementType() reflect.Type
- func (o OpenIdConnectProviderArrayOutput) Index(i pulumi.IntInput) OpenIdConnectProviderOutput
- func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput
- func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput
- type OpenIdConnectProviderInput
- type OpenIdConnectProviderMap
- type OpenIdConnectProviderMapInput
- type OpenIdConnectProviderMapOutput
- func (OpenIdConnectProviderMapOutput) ElementType() reflect.Type
- func (o OpenIdConnectProviderMapOutput) MapIndex(k pulumi.StringInput) OpenIdConnectProviderOutput
- func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput
- func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput
- type OpenIdConnectProviderOutput
- func (o OpenIdConnectProviderOutput) Arn() pulumi.StringOutput
- func (o OpenIdConnectProviderOutput) ClientIdLists() pulumi.StringArrayOutput
- func (OpenIdConnectProviderOutput) ElementType() reflect.Type
- func (o OpenIdConnectProviderOutput) Tags() pulumi.StringMapOutput
- func (o OpenIdConnectProviderOutput) TagsAll() pulumi.StringMapOutput
- func (o OpenIdConnectProviderOutput) ThumbprintLists() pulumi.StringArrayOutput
- func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput
- func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput
- func (o OpenIdConnectProviderOutput) Url() pulumi.StringOutput
- type OpenIdConnectProviderState
- type Policy
- type PolicyArgs
- type PolicyArray
- type PolicyArrayInput
- type PolicyArrayOutput
- type PolicyAttachment
- type PolicyAttachmentArgs
- type PolicyAttachmentArray
- type PolicyAttachmentArrayInput
- type PolicyAttachmentArrayOutput
- func (PolicyAttachmentArrayOutput) ElementType() reflect.Type
- func (o PolicyAttachmentArrayOutput) Index(i pulumi.IntInput) PolicyAttachmentOutput
- func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput
- func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput
- type PolicyAttachmentInput
- type PolicyAttachmentMap
- type PolicyAttachmentMapInput
- type PolicyAttachmentMapOutput
- func (PolicyAttachmentMapOutput) ElementType() reflect.Type
- func (o PolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) PolicyAttachmentOutput
- func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput
- func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput
- type PolicyAttachmentOutput
- func (PolicyAttachmentOutput) ElementType() reflect.Type
- func (o PolicyAttachmentOutput) Groups() pulumi.StringArrayOutput
- func (o PolicyAttachmentOutput) Name() pulumi.StringOutput
- func (o PolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
- func (o PolicyAttachmentOutput) Roles() pulumi.StringArrayOutput
- func (o PolicyAttachmentOutput) ToPolicyAttachmentOutput() PolicyAttachmentOutput
- func (o PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput
- func (o PolicyAttachmentOutput) Users() pulumi.StringArrayOutput
- type PolicyAttachmentState
- type PolicyInput
- type PolicyMap
- type PolicyMapInput
- type PolicyMapOutput
- type PolicyOutput
- func (o PolicyOutput) Arn() pulumi.StringOutput
- func (o PolicyOutput) Description() pulumi.StringPtrOutput
- func (PolicyOutput) ElementType() reflect.Type
- func (o PolicyOutput) Name() pulumi.StringOutput
- func (o PolicyOutput) NamePrefix() pulumi.StringOutput
- func (o PolicyOutput) Path() pulumi.StringPtrOutput
- func (o PolicyOutput) Policy() pulumi.StringOutput
- func (o PolicyOutput) PolicyId() pulumi.StringOutput
- func (o PolicyOutput) Tags() pulumi.StringMapOutput
- func (o PolicyOutput) TagsAll() pulumi.StringMapOutput
- func (o PolicyOutput) ToPolicyOutput() PolicyOutput
- func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
- type PolicyState
- type Role
- type RoleArgs
- type RoleArray
- type RoleArrayInput
- type RoleArrayOutput
- type RoleInlinePolicy
- type RoleInlinePolicyArgs
- type RoleInlinePolicyArray
- type RoleInlinePolicyArrayInput
- type RoleInlinePolicyArrayOutput
- func (RoleInlinePolicyArrayOutput) ElementType() reflect.Type
- func (o RoleInlinePolicyArrayOutput) Index(i pulumi.IntInput) RoleInlinePolicyOutput
- func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput
- func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput
- type RoleInlinePolicyInput
- type RoleInlinePolicyOutput
- func (RoleInlinePolicyOutput) ElementType() reflect.Type
- func (o RoleInlinePolicyOutput) Name() pulumi.StringPtrOutput
- func (o RoleInlinePolicyOutput) Policy() pulumi.StringPtrOutput
- func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput
- func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput
- type RoleInput
- type RoleMap
- type RoleMapInput
- type RoleMapOutput
- type RoleOutput
- func (o RoleOutput) Arn() pulumi.StringOutput
- func (o RoleOutput) AssumeRolePolicy() pulumi.StringOutput
- func (o RoleOutput) CreateDate() pulumi.StringOutput
- func (o RoleOutput) Description() pulumi.StringPtrOutput
- func (RoleOutput) ElementType() reflect.Type
- func (o RoleOutput) ForceDetachPolicies() pulumi.BoolPtrOutput
- func (o RoleOutput) InlinePolicies() RoleInlinePolicyArrayOutput
- func (o RoleOutput) ManagedPolicyArns() pulumi.StringArrayOutput
- func (o RoleOutput) MaxSessionDuration() pulumi.IntPtrOutput
- func (o RoleOutput) Name() pulumi.StringOutput
- func (o RoleOutput) NamePrefix() pulumi.StringOutput
- func (o RoleOutput) Path() pulumi.StringPtrOutput
- func (o RoleOutput) PermissionsBoundary() pulumi.StringPtrOutput
- func (o RoleOutput) Tags() pulumi.StringMapOutput
- func (o RoleOutput) TagsAll() pulumi.StringMapOutput
- func (o RoleOutput) ToRoleOutput() RoleOutput
- func (o RoleOutput) ToRoleOutputWithContext(ctx context.Context) RoleOutput
- func (o RoleOutput) UniqueId() pulumi.StringOutput
- type RolePolicy
- type RolePolicyArgs
- type RolePolicyArray
- type RolePolicyArrayInput
- type RolePolicyArrayOutput
- func (RolePolicyArrayOutput) ElementType() reflect.Type
- func (o RolePolicyArrayOutput) Index(i pulumi.IntInput) RolePolicyOutput
- func (o RolePolicyArrayOutput) ToRolePolicyArrayOutput() RolePolicyArrayOutput
- func (o RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput
- type RolePolicyAttachment
- type RolePolicyAttachmentArgs
- type RolePolicyAttachmentArray
- type RolePolicyAttachmentArrayInput
- type RolePolicyAttachmentArrayOutput
- func (RolePolicyAttachmentArrayOutput) ElementType() reflect.Type
- func (o RolePolicyAttachmentArrayOutput) Index(i pulumi.IntInput) RolePolicyAttachmentOutput
- func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput
- func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput
- type RolePolicyAttachmentInput
- type RolePolicyAttachmentMap
- type RolePolicyAttachmentMapInput
- type RolePolicyAttachmentMapOutput
- func (RolePolicyAttachmentMapOutput) ElementType() reflect.Type
- func (o RolePolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) RolePolicyAttachmentOutput
- func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput
- func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput
- type RolePolicyAttachmentOutput
- func (RolePolicyAttachmentOutput) ElementType() reflect.Type
- func (o RolePolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
- func (o RolePolicyAttachmentOutput) Role() pulumi.StringOutput
- func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput
- func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput
- type RolePolicyAttachmentState
- type RolePolicyInput
- type RolePolicyMap
- type RolePolicyMapInput
- type RolePolicyMapOutput
- func (RolePolicyMapOutput) ElementType() reflect.Type
- func (o RolePolicyMapOutput) MapIndex(k pulumi.StringInput) RolePolicyOutput
- func (o RolePolicyMapOutput) ToRolePolicyMapOutput() RolePolicyMapOutput
- func (o RolePolicyMapOutput) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput
- type RolePolicyOutput
- func (RolePolicyOutput) ElementType() reflect.Type
- func (o RolePolicyOutput) Name() pulumi.StringOutput
- func (o RolePolicyOutput) NamePrefix() pulumi.StringPtrOutput
- func (o RolePolicyOutput) Policy() pulumi.StringOutput
- func (o RolePolicyOutput) Role() pulumi.StringOutput
- func (o RolePolicyOutput) ToRolePolicyOutput() RolePolicyOutput
- func (o RolePolicyOutput) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput
- type RolePolicyState
- type RoleState
- type SamlProvider
- type SamlProviderArgs
- type SamlProviderArray
- type SamlProviderArrayInput
- type SamlProviderArrayOutput
- func (SamlProviderArrayOutput) ElementType() reflect.Type
- func (o SamlProviderArrayOutput) Index(i pulumi.IntInput) SamlProviderOutput
- func (o SamlProviderArrayOutput) ToSamlProviderArrayOutput() SamlProviderArrayOutput
- func (o SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput
- type SamlProviderInput
- type SamlProviderMap
- type SamlProviderMapInput
- type SamlProviderMapOutput
- func (SamlProviderMapOutput) ElementType() reflect.Type
- func (o SamlProviderMapOutput) MapIndex(k pulumi.StringInput) SamlProviderOutput
- func (o SamlProviderMapOutput) ToSamlProviderMapOutput() SamlProviderMapOutput
- func (o SamlProviderMapOutput) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput
- type SamlProviderOutput
- func (o SamlProviderOutput) Arn() pulumi.StringOutput
- func (SamlProviderOutput) ElementType() reflect.Type
- func (o SamlProviderOutput) Name() pulumi.StringOutput
- func (o SamlProviderOutput) SamlMetadataDocument() pulumi.StringOutput
- func (o SamlProviderOutput) Tags() pulumi.StringMapOutput
- func (o SamlProviderOutput) TagsAll() pulumi.StringMapOutput
- func (o SamlProviderOutput) ToSamlProviderOutput() SamlProviderOutput
- func (o SamlProviderOutput) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput
- func (o SamlProviderOutput) ValidUntil() pulumi.StringOutput
- type SamlProviderState
- type ServerCertificate
- type ServerCertificateArgs
- type ServerCertificateArray
- type ServerCertificateArrayInput
- type ServerCertificateArrayOutput
- func (ServerCertificateArrayOutput) ElementType() reflect.Type
- func (o ServerCertificateArrayOutput) Index(i pulumi.IntInput) ServerCertificateOutput
- func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutput() ServerCertificateArrayOutput
- func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput
- type ServerCertificateInput
- type ServerCertificateMap
- type ServerCertificateMapInput
- type ServerCertificateMapOutput
- func (ServerCertificateMapOutput) ElementType() reflect.Type
- func (o ServerCertificateMapOutput) MapIndex(k pulumi.StringInput) ServerCertificateOutput
- func (o ServerCertificateMapOutput) ToServerCertificateMapOutput() ServerCertificateMapOutput
- func (o ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput
- type ServerCertificateOutput
- func (o ServerCertificateOutput) Arn() pulumi.StringOutput
- func (o ServerCertificateOutput) CertificateBody() pulumi.StringOutput
- func (o ServerCertificateOutput) CertificateChain() pulumi.StringPtrOutput
- func (ServerCertificateOutput) ElementType() reflect.Type
- func (o ServerCertificateOutput) Expiration() pulumi.StringOutput
- func (o ServerCertificateOutput) Name() pulumi.StringOutput
- func (o ServerCertificateOutput) NamePrefix() pulumi.StringOutput
- func (o ServerCertificateOutput) Path() pulumi.StringPtrOutput
- func (o ServerCertificateOutput) PrivateKey() pulumi.StringOutput
- func (o ServerCertificateOutput) Tags() pulumi.StringMapOutput
- func (o ServerCertificateOutput) TagsAll() pulumi.StringMapOutput
- func (o ServerCertificateOutput) ToServerCertificateOutput() ServerCertificateOutput
- func (o ServerCertificateOutput) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput
- func (o ServerCertificateOutput) UploadDate() pulumi.StringOutput
- type ServerCertificateState
- type ServiceLinkedRole
- type ServiceLinkedRoleArgs
- type ServiceLinkedRoleArray
- type ServiceLinkedRoleArrayInput
- type ServiceLinkedRoleArrayOutput
- func (ServiceLinkedRoleArrayOutput) ElementType() reflect.Type
- func (o ServiceLinkedRoleArrayOutput) Index(i pulumi.IntInput) ServiceLinkedRoleOutput
- func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput
- func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput
- type ServiceLinkedRoleInput
- type ServiceLinkedRoleMap
- type ServiceLinkedRoleMapInput
- type ServiceLinkedRoleMapOutput
- func (ServiceLinkedRoleMapOutput) ElementType() reflect.Type
- func (o ServiceLinkedRoleMapOutput) MapIndex(k pulumi.StringInput) ServiceLinkedRoleOutput
- func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput
- func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput
- type ServiceLinkedRoleOutput
- func (o ServiceLinkedRoleOutput) Arn() pulumi.StringOutput
- func (o ServiceLinkedRoleOutput) AwsServiceName() pulumi.StringOutput
- func (o ServiceLinkedRoleOutput) CreateDate() pulumi.StringOutput
- func (o ServiceLinkedRoleOutput) CustomSuffix() pulumi.StringPtrOutput
- func (o ServiceLinkedRoleOutput) Description() pulumi.StringPtrOutput
- func (ServiceLinkedRoleOutput) ElementType() reflect.Type
- func (o ServiceLinkedRoleOutput) Name() pulumi.StringOutput
- func (o ServiceLinkedRoleOutput) Path() pulumi.StringOutput
- func (o ServiceLinkedRoleOutput) Tags() pulumi.StringMapOutput
- func (o ServiceLinkedRoleOutput) TagsAll() pulumi.StringMapOutput
- func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput
- func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput
- func (o ServiceLinkedRoleOutput) UniqueId() pulumi.StringOutput
- type ServiceLinkedRoleState
- type ServiceSpecificCredential
- type ServiceSpecificCredentialArgs
- type ServiceSpecificCredentialArray
- func (ServiceSpecificCredentialArray) ElementType() reflect.Type
- func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput
- func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput
- type ServiceSpecificCredentialArrayInput
- type ServiceSpecificCredentialArrayOutput
- func (ServiceSpecificCredentialArrayOutput) ElementType() reflect.Type
- func (o ServiceSpecificCredentialArrayOutput) Index(i pulumi.IntInput) ServiceSpecificCredentialOutput
- func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput
- func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput
- type ServiceSpecificCredentialInput
- type ServiceSpecificCredentialMap
- func (ServiceSpecificCredentialMap) ElementType() reflect.Type
- func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput
- func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput
- type ServiceSpecificCredentialMapInput
- type ServiceSpecificCredentialMapOutput
- func (ServiceSpecificCredentialMapOutput) ElementType() reflect.Type
- func (o ServiceSpecificCredentialMapOutput) MapIndex(k pulumi.StringInput) ServiceSpecificCredentialOutput
- func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput
- func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput
- type ServiceSpecificCredentialOutput
- func (ServiceSpecificCredentialOutput) ElementType() reflect.Type
- func (o ServiceSpecificCredentialOutput) ServiceName() pulumi.StringOutput
- func (o ServiceSpecificCredentialOutput) ServicePassword() pulumi.StringOutput
- func (o ServiceSpecificCredentialOutput) ServiceSpecificCredentialId() pulumi.StringOutput
- func (o ServiceSpecificCredentialOutput) ServiceUserName() pulumi.StringOutput
- func (o ServiceSpecificCredentialOutput) Status() pulumi.StringPtrOutput
- func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput
- func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput
- func (o ServiceSpecificCredentialOutput) UserName() pulumi.StringOutput
- type ServiceSpecificCredentialState
- type SigningCertificate
- type SigningCertificateArgs
- type SigningCertificateArray
- type SigningCertificateArrayInput
- type SigningCertificateArrayOutput
- func (SigningCertificateArrayOutput) ElementType() reflect.Type
- func (o SigningCertificateArrayOutput) Index(i pulumi.IntInput) SigningCertificateOutput
- func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutput() SigningCertificateArrayOutput
- func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutputWithContext(ctx context.Context) SigningCertificateArrayOutput
- type SigningCertificateInput
- type SigningCertificateMap
- type SigningCertificateMapInput
- type SigningCertificateMapOutput
- func (SigningCertificateMapOutput) ElementType() reflect.Type
- func (o SigningCertificateMapOutput) MapIndex(k pulumi.StringInput) SigningCertificateOutput
- func (o SigningCertificateMapOutput) ToSigningCertificateMapOutput() SigningCertificateMapOutput
- func (o SigningCertificateMapOutput) ToSigningCertificateMapOutputWithContext(ctx context.Context) SigningCertificateMapOutput
- type SigningCertificateOutput
- func (o SigningCertificateOutput) CertificateBody() pulumi.StringOutput
- func (o SigningCertificateOutput) CertificateId() pulumi.StringOutput
- func (SigningCertificateOutput) ElementType() reflect.Type
- func (o SigningCertificateOutput) Status() pulumi.StringPtrOutput
- func (o SigningCertificateOutput) ToSigningCertificateOutput() SigningCertificateOutput
- func (o SigningCertificateOutput) ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput
- func (o SigningCertificateOutput) UserName() pulumi.StringOutput
- type SigningCertificateState
- type SshKey
- type SshKeyArgs
- type SshKeyArray
- type SshKeyArrayInput
- type SshKeyArrayOutput
- type SshKeyInput
- type SshKeyMap
- type SshKeyMapInput
- type SshKeyMapOutput
- type SshKeyOutput
- func (SshKeyOutput) ElementType() reflect.Type
- func (o SshKeyOutput) Encoding() pulumi.StringOutput
- func (o SshKeyOutput) Fingerprint() pulumi.StringOutput
- func (o SshKeyOutput) PublicKey() pulumi.StringOutput
- func (o SshKeyOutput) SshPublicKeyId() pulumi.StringOutput
- func (o SshKeyOutput) Status() pulumi.StringOutput
- func (o SshKeyOutput) ToSshKeyOutput() SshKeyOutput
- func (o SshKeyOutput) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput
- func (o SshKeyOutput) Username() pulumi.StringOutput
- type SshKeyState
- type User
- type UserArgs
- type UserArray
- type UserArrayInput
- type UserArrayOutput
- type UserGroupMembership
- type UserGroupMembershipArgs
- type UserGroupMembershipArray
- type UserGroupMembershipArrayInput
- type UserGroupMembershipArrayOutput
- func (UserGroupMembershipArrayOutput) ElementType() reflect.Type
- func (o UserGroupMembershipArrayOutput) Index(i pulumi.IntInput) UserGroupMembershipOutput
- func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput
- func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput
- type UserGroupMembershipInput
- type UserGroupMembershipMap
- type UserGroupMembershipMapInput
- type UserGroupMembershipMapOutput
- func (UserGroupMembershipMapOutput) ElementType() reflect.Type
- func (o UserGroupMembershipMapOutput) MapIndex(k pulumi.StringInput) UserGroupMembershipOutput
- func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput
- func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput
- type UserGroupMembershipOutput
- func (UserGroupMembershipOutput) ElementType() reflect.Type
- func (o UserGroupMembershipOutput) Groups() pulumi.StringArrayOutput
- func (o UserGroupMembershipOutput) ToUserGroupMembershipOutput() UserGroupMembershipOutput
- func (o UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput
- func (o UserGroupMembershipOutput) User() pulumi.StringOutput
- type UserGroupMembershipState
- type UserInput
- type UserLoginProfile
- type UserLoginProfileArgs
- type UserLoginProfileArray
- type UserLoginProfileArrayInput
- type UserLoginProfileArrayOutput
- func (UserLoginProfileArrayOutput) ElementType() reflect.Type
- func (o UserLoginProfileArrayOutput) Index(i pulumi.IntInput) UserLoginProfileOutput
- func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput
- func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput
- type UserLoginProfileInput
- type UserLoginProfileMap
- type UserLoginProfileMapInput
- type UserLoginProfileMapOutput
- func (UserLoginProfileMapOutput) ElementType() reflect.Type
- func (o UserLoginProfileMapOutput) MapIndex(k pulumi.StringInput) UserLoginProfileOutput
- func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput
- func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput
- type UserLoginProfileOutput
- func (UserLoginProfileOutput) ElementType() reflect.Type
- func (o UserLoginProfileOutput) EncryptedPassword() pulumi.StringOutput
- func (o UserLoginProfileOutput) KeyFingerprint() pulumi.StringOutput
- func (o UserLoginProfileOutput) Password() pulumi.StringOutput
- func (o UserLoginProfileOutput) PasswordLength() pulumi.IntPtrOutput
- func (o UserLoginProfileOutput) PasswordResetRequired() pulumi.BoolOutput
- func (o UserLoginProfileOutput) PgpKey() pulumi.StringPtrOutput
- func (o UserLoginProfileOutput) ToUserLoginProfileOutput() UserLoginProfileOutput
- func (o UserLoginProfileOutput) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput
- func (o UserLoginProfileOutput) User() pulumi.StringOutput
- type UserLoginProfileState
- type UserMap
- type UserMapInput
- type UserMapOutput
- type UserOutput
- func (o UserOutput) Arn() pulumi.StringOutput
- func (UserOutput) ElementType() reflect.Type
- func (o UserOutput) ForceDestroy() pulumi.BoolPtrOutput
- func (o UserOutput) Name() pulumi.StringOutput
- func (o UserOutput) Path() pulumi.StringPtrOutput
- func (o UserOutput) PermissionsBoundary() pulumi.StringPtrOutput
- func (o UserOutput) Tags() pulumi.StringMapOutput
- func (o UserOutput) TagsAll() pulumi.StringMapOutput
- func (o UserOutput) ToUserOutput() UserOutput
- func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput
- func (o UserOutput) UniqueId() pulumi.StringOutput
- type UserPolicy
- type UserPolicyArgs
- type UserPolicyArray
- type UserPolicyArrayInput
- type UserPolicyArrayOutput
- func (UserPolicyArrayOutput) ElementType() reflect.Type
- func (o UserPolicyArrayOutput) Index(i pulumi.IntInput) UserPolicyOutput
- func (o UserPolicyArrayOutput) ToUserPolicyArrayOutput() UserPolicyArrayOutput
- func (o UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput
- type UserPolicyAttachment
- type UserPolicyAttachmentArgs
- type UserPolicyAttachmentArray
- type UserPolicyAttachmentArrayInput
- type UserPolicyAttachmentArrayOutput
- func (UserPolicyAttachmentArrayOutput) ElementType() reflect.Type
- func (o UserPolicyAttachmentArrayOutput) Index(i pulumi.IntInput) UserPolicyAttachmentOutput
- func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput
- func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput
- type UserPolicyAttachmentInput
- type UserPolicyAttachmentMap
- type UserPolicyAttachmentMapInput
- type UserPolicyAttachmentMapOutput
- func (UserPolicyAttachmentMapOutput) ElementType() reflect.Type
- func (o UserPolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) UserPolicyAttachmentOutput
- func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput
- func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput
- type UserPolicyAttachmentOutput
- func (UserPolicyAttachmentOutput) ElementType() reflect.Type
- func (o UserPolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
- func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput
- func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput
- func (o UserPolicyAttachmentOutput) User() pulumi.StringOutput
- type UserPolicyAttachmentState
- type UserPolicyInput
- type UserPolicyMap
- type UserPolicyMapInput
- type UserPolicyMapOutput
- func (UserPolicyMapOutput) ElementType() reflect.Type
- func (o UserPolicyMapOutput) MapIndex(k pulumi.StringInput) UserPolicyOutput
- func (o UserPolicyMapOutput) ToUserPolicyMapOutput() UserPolicyMapOutput
- func (o UserPolicyMapOutput) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput
- type UserPolicyOutput
- func (UserPolicyOutput) ElementType() reflect.Type
- func (o UserPolicyOutput) Name() pulumi.StringOutput
- func (o UserPolicyOutput) NamePrefix() pulumi.StringPtrOutput
- func (o UserPolicyOutput) Policy() pulumi.StringOutput
- func (o UserPolicyOutput) ToUserPolicyOutput() UserPolicyOutput
- func (o UserPolicyOutput) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput
- func (o UserPolicyOutput) User() pulumi.StringOutput
- type UserPolicyState
- type UserState
- type VirtualMfaDevice
- type VirtualMfaDeviceArgs
- type VirtualMfaDeviceArray
- type VirtualMfaDeviceArrayInput
- type VirtualMfaDeviceArrayOutput
- func (VirtualMfaDeviceArrayOutput) ElementType() reflect.Type
- func (o VirtualMfaDeviceArrayOutput) Index(i pulumi.IntInput) VirtualMfaDeviceOutput
- func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput
- func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutputWithContext(ctx context.Context) VirtualMfaDeviceArrayOutput
- type VirtualMfaDeviceInput
- type VirtualMfaDeviceMap
- type VirtualMfaDeviceMapInput
- type VirtualMfaDeviceMapOutput
- func (VirtualMfaDeviceMapOutput) ElementType() reflect.Type
- func (o VirtualMfaDeviceMapOutput) MapIndex(k pulumi.StringInput) VirtualMfaDeviceOutput
- func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput
- func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutputWithContext(ctx context.Context) VirtualMfaDeviceMapOutput
- type VirtualMfaDeviceOutput
- func (o VirtualMfaDeviceOutput) Arn() pulumi.StringOutput
- func (o VirtualMfaDeviceOutput) Base32StringSeed() pulumi.StringOutput
- func (VirtualMfaDeviceOutput) ElementType() reflect.Type
- func (o VirtualMfaDeviceOutput) EnableDate() pulumi.StringOutput
- func (o VirtualMfaDeviceOutput) Path() pulumi.StringPtrOutput
- func (o VirtualMfaDeviceOutput) QrCodePng() pulumi.StringOutput
- func (o VirtualMfaDeviceOutput) Tags() pulumi.StringMapOutput
- func (o VirtualMfaDeviceOutput) TagsAll() pulumi.StringMapOutput
- func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput
- func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput
- func (o VirtualMfaDeviceOutput) UserName() pulumi.StringOutput
- func (o VirtualMfaDeviceOutput) VirtualMfaDeviceName() pulumi.StringOutput
- type VirtualMfaDeviceState
Constants ¶
const ( ManagedPolicyAPIGatewayServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/APIGatewayServiceRolePolicy") ManagedPolicyAWSAccountActivityAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountActivityAccess") ManagedPolicyAWSAccountManagementFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountManagementFullAccess") ManagedPolicyAWSAccountManagementReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountManagementReadOnlyAccess") ManagedPolicyAWSAccountUsageReportAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountUsageReportAccess") ManagedPolicyAWSAgentlessDiscoveryService = ManagedPolicy("arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService") ManagedPolicyAWSAppMeshEnvoyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshEnvoyAccess") ManagedPolicyAWSAppMeshFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshFullAccess") ManagedPolicyAWSAppMeshPreviewEnvoyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshPreviewEnvoyAccess") ManagedPolicyAWSAppMeshPreviewServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshPreviewServiceRolePolicy") ManagedPolicyAWSAppMeshReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshReadOnly") ManagedPolicyAWSAppMeshServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshServiceRolePolicy") ManagedPolicyAWSAppRunnerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppRunnerFullAccess") ManagedPolicyAWSAppRunnerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppRunnerReadOnlyAccess") ManagedPolicyAWSAppRunnerServicePolicyForECRAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSAppRunnerServicePolicyForECRAccess") ManagedPolicyAWSAppSyncAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppSyncAdministrator") ManagedPolicyAWSAppSyncInvokeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppSyncInvokeFullAccess") ManagedPolicyAWSAppSyncPushToCloudWatchLogs = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs") ManagedPolicyAWSAppSyncSchemaAuthor = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppSyncSchemaAuthor") ManagedPolicyAWSAppSyncServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAppSyncServiceRolePolicy") ManagedPolicyAWSApplicationAutoScalingCustomResourcePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy") ManagedPolicyAWSApplicationAutoscalingAppStreamFleetPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy") ManagedPolicyAWSApplicationAutoscalingCassandraTablePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingCassandraTablePolicy") ManagedPolicyAWSApplicationAutoscalingComprehendEndpointPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingComprehendEndpointPolicy") ManagedPolicyAWSApplicationAutoscalingDynamoDBTablePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy") ManagedPolicyAWSApplicationAutoscalingEC2SpotFleetRequestPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy") ManagedPolicyAWSApplicationAutoscalingECSServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingECSServicePolicy") ManagedPolicyAWSApplicationAutoscalingEMRInstanceGroupPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy") ManagedPolicyAWSApplicationAutoscalingElastiCacheRGPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingElastiCacheRGPolicy") ManagedPolicyAWSApplicationAutoscalingKafkaClusterPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingKafkaClusterPolicy") ManagedPolicyAWSApplicationAutoscalingLambdaConcurrencyPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingLambdaConcurrencyPolicy") ManagedPolicyAWSApplicationAutoscalingNeptuneClusterPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingNeptuneClusterPolicy") ManagedPolicyAWSApplicationAutoscalingRDSClusterPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy") ManagedPolicyAWSApplicationAutoscalingSageMakerEndpointPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy") ManagedPolicyAWSApplicationDiscoveryAgentAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess") ManagedPolicyAWSApplicationDiscoveryAgentlessCollectorAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentlessCollectorAccess") ManagedPolicyAWSApplicationDiscoveryServiceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess") ManagedPolicyAWSApplicationMigrationAgentInstallationPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationAgentInstallationPolicy") ManagedPolicyAWSApplicationMigrationAgentPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationAgentPolicy") ManagedPolicy_AWSApplicationMigrationAgentPolicy_v2 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationAgentPolicy_v2") ManagedPolicyAWSApplicationMigrationConversionServerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationConversionServerPolicy") ManagedPolicyAWSApplicationMigrationEC2Access = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationEC2Access") ManagedPolicyAWSApplicationMigrationFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationFullAccess") ManagedPolicyAWSApplicationMigrationMGHAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationMGHAccess") ManagedPolicyAWSApplicationMigrationReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationReadOnlyAccess") ManagedPolicyAWSApplicationMigrationReplicationServerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationReplicationServerPolicy") ManagedPolicyAWSApplicationMigrationSSMAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationSSMAccess") ManagedPolicyAWSApplicationMigrationServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationMigrationServiceRolePolicy") ManagedPolicyAWSApplicationMigrationVCenterClientPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationVCenterClientPolicy") ManagedPolicyAWSArtifactAccountSync = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSArtifactAccountSync") ManagedPolicyAWSAuditManagerAdministratorAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSAuditManagerAdministratorAccess") ManagedPolicyAWSAuditManagerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAuditManagerServiceRolePolicy") ManagedPolicyAWSAutoScalingPlansEC2AutoScalingPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy") ManagedPolicyAWSBackupAuditAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupAuditAccess") ManagedPolicyAWSBackupDataTransferAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupDataTransferAccess") ManagedPolicyAWSBackupFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupFullAccess") ManagedPolicyAWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync") ManagedPolicyAWSBackupOperatorAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupOperatorAccess") ManagedPolicyAWSBackupOrganizationAdminAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupOrganizationAdminAccess") ManagedPolicyAWSBackupRestoreAccessForSAPHANA = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupRestoreAccessForSAPHANA") ManagedPolicyAWSBackupServiceLinkedRolePolicyForBackup = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackup") ManagedPolicyAWSBackupServiceLinkedRolePolicyForBackupTest = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackupTest") ManagedPolicyAWSBackupServiceRolePolicyForBackup = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup") ManagedPolicyAWSBackupServiceRolePolicyForRestores = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForRestores") ManagedPolicyAWSBackupServiceRolePolicyForS3Backup = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Backup") ManagedPolicyAWSBackupServiceRolePolicyForS3Restore = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Restore") ManagedPolicyAWSBatchFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBatchFullAccess") ManagedPolicyAWSBatchServiceEventTargetRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBatchServiceEventTargetRole") ManagedPolicyAWSBatchServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole") ManagedPolicyAWSBillingConductorFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBillingConductorFullAccess") ManagedPolicyAWSBillingConductorReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBillingConductorReadOnlyAccess") ManagedPolicyAWSBillingReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBillingReadOnlyAccess") ManagedPolicyAWSBudgetsActionsWithAWSResourceControlAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBudgetsActionsWithAWSResourceControlAccess") ManagedPolicy_AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM = ManagedPolicy("arn:aws:iam::aws:policy/AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM") ManagedPolicyAWSBudgetsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBudgetsReadOnlyAccess") ManagedPolicyAWSBugBustFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBugBustFullAccess") ManagedPolicyAWSBugBustPlayerAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSBugBustPlayerAccess") ManagedPolicyAWSBugBustServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSBugBustServiceRolePolicy") ManagedPolicyAWSCertificateManagerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess") ManagedPolicyAWSCertificateManagerPrivateCAAuditor = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAAuditor") ManagedPolicyAWSCertificateManagerPrivateCAFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAFullAccess") ManagedPolicyAWSCertificateManagerPrivateCAPrivilegedUser = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAPrivilegedUser") ManagedPolicyAWSCertificateManagerPrivateCAReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAReadOnly") ManagedPolicyAWSCertificateManagerPrivateCAUser = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAUser") ManagedPolicyAWSCertificateManagerReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly") ManagedPolicyAWSChatbotServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSChatbotServiceLinkedRolePolicy") ManagedPolicyAWSCleanRoomsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCleanRoomsFullAccess") ManagedPolicyAWSCleanRoomsFullAccessNoQuerying = ManagedPolicy("arn:aws:iam::aws:policy/AWSCleanRoomsFullAccessNoQuerying") ManagedPolicyAWSCleanRoomsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCleanRoomsReadOnlyAccess") ManagedPolicyAWSCloud9Administrator = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9Administrator") ManagedPolicyAWSCloud9EnvironmentMember = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9EnvironmentMember") ManagedPolicyAWSCloud9SSMInstanceProfile = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9SSMInstanceProfile") ManagedPolicyAWSCloud9ServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy") ManagedPolicyAWSCloud9User = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9User") ManagedPolicyAWSCloudFormationFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudFormationFullAccess") ManagedPolicyAWSCloudFormationReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess") ManagedPolicyAWSCloudFrontLogger = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCloudFrontLogger") ManagedPolicyAWSCloudHSMFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMFullAccess") ManagedPolicyAWSCloudHSMReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess") ManagedPolicyAWSCloudHSMRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole") // Deprecated: No longer supported. Use CloudTrail_FullAccess instead. ManagedPolicyAWSCloudTrailFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailFullAccess") // Deprecated: No longer supported. Use CloudTrail_ReadOnlyAccess instead. ManagedPolicyAWSCloudTrailReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess") // Deprecated: No longer supported. Use CloudWatchLambdaInsightsExecutionRolePolicy instead. ManagedPolicyAWSCloudWatchLambdaInsightsExecutionRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudWatchLambdaInsightsExecutionRolePolicy") ManagedPolicyAWSCloudMapDiscoverInstanceAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapDiscoverInstanceAccess") ManagedPolicyAWSCloudMapFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapFullAccess") ManagedPolicyAWSCloudMapReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapReadOnlyAccess") ManagedPolicyAWSCloudMapRegisterInstanceAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapRegisterInstanceAccess") ManagedPolicyAWSCloudShellFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudShellFullAccess") ManagedPolicy_CloudTrail_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrail_FullAccess") ManagedPolicy_CloudTrail_ReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrail_ReadOnlyAccess") ManagedPolicy_AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy") ManagedPolicyAWSCodeArtifactAdminAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeArtifactAdminAccess") ManagedPolicyAWSCodeArtifactReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeArtifactReadOnlyAccess") ManagedPolicyAWSCodeBuildAdminAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess") ManagedPolicyAWSCodeBuildDeveloperAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess") ManagedPolicyAWSCodeBuildReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess") ManagedPolicyAWSCodeCommitFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitFullAccess") ManagedPolicyAWSCodeCommitPowerUser = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitPowerUser") ManagedPolicyAWSCodeCommitReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitReadOnly") ManagedPolicyAWSCodeDeployDeployerAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess") ManagedPolicyAWSCodeDeployFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployFullAccess") ManagedPolicyAWSCodeDeployReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess") ManagedPolicyAWSCodeDeployRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole") ManagedPolicyAWSCodeDeployRoleForCloudFormation = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForCloudFormation") ManagedPolicyAWSCodeDeployRoleForECS = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS") ManagedPolicyAWSCodeDeployRoleForECSLimited = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployRoleForECSLimited") ManagedPolicyAWSCodeDeployRoleForLambda = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda") ManagedPolicyAWSCodeDeployRoleForLambdaLimited = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited") ManagedPolicyAWSCodePipelineApproverAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess") ManagedPolicyAWSCodePipelineCustomActionAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess") // Deprecated: No longer supported. Use CodePipeline_FullAccess instead. ManagedPolicyAWSCodePipelineFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineFullAccess") // Deprecated: No longer supported. Use CodePipeline_ReadOnlyAccess instead. ManagedPolicyAWSCodePipelineReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineReadOnlyAccess") ManagedPolicy_CodePipeline_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipeline_FullAccess") ManagedPolicy_CodePipeline_ReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipeline_ReadOnlyAccess") ManagedPolicyAWSCodeStarFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeStarFullAccess") ManagedPolicyAWSCodeStarNotificationsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCodeStarNotificationsServiceRolePolicy") ManagedPolicyAWSCodeStarServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole") ManagedPolicy_AWS_ConfigRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWS_ConfigRole") // Deprecated: This has been deprecated in favour of `AWS_ConfigRole` ManagedPolicyAWSConfigRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRole") ManagedPolicyAWSCompromisedKeyQuarantine = ManagedPolicy("arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantine") ManagedPolicyAWSCompromisedKeyQuarantineV2 = ManagedPolicy("arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantineV2") ManagedPolicyAWSConfigMultiAccountSetupPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSConfigMultiAccountSetupPolicy") ManagedPolicyAWSConfigRemediationServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSConfigRemediationServiceRolePolicy") ManagedPolicyAWSConfigRoleForOrganizations = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations") ManagedPolicyAWSConfigRulesExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRulesExecutionRole") ManagedPolicyAWSConfigServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSConfigServiceRolePolicy") ManagedPolicyAWSConfigUserAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSConfigUserAccess") ManagedPolicyAWSConnector = ManagedPolicy("arn:aws:iam::aws:policy/AWSConnector") ManagedPolicyAWSControlTowerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSControlTowerServiceRolePolicy") ManagedPolicyAWSCostAndUsageReportAutomationPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCostAndUsageReportAutomationPolicy") ManagedPolicyAWSDataExchangeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeFullAccess") ManagedPolicyAWSDataExchangeProviderFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeProviderFullAccess") ManagedPolicyAWSDataExchangeReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeReadOnly") ManagedPolicyAWSDataExchangeSubscriberFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeSubscriberFullAccess") ManagedPolicyAWSDataLifecycleManagerServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRole") ManagedPolicyAWSDataLifecycleManagerServiceRoleForAMIManagement = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRoleForAMIManagement") ManagedPolicyAWSDataPipelineRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole") ManagedPolicy_AWSDataPipeline_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_FullAccess") ManagedPolicy_AWSDataPipeline_PowerUser = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_PowerUser") ManagedPolicyAWSDataSyncFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataSyncFullAccess") ManagedPolicyAWSDataSyncReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataSyncReadOnlyAccess") ManagedPolicyAWSDeepLensLambdaFunctionAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepLensLambdaFunctionAccessPolicy") ManagedPolicyAWSDeepLensServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDeepLensServiceRolePolicy") ManagedPolicyAWSDeepRacerAccountAdminAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerAccountAdminAccess") ManagedPolicyAWSDeepRacerCloudFormationAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerCloudFormationAccessPolicy") ManagedPolicyAWSDeepRacerDefaultMultiUserAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerDefaultMultiUserAccess") ManagedPolicyAWSDeepRacerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerFullAccess") ManagedPolicyAWSDeepRacerRoboMakerAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy") ManagedPolicyAWSDeepRacerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy") ManagedPolicyAWSDenyAll = ManagedPolicy("arn:aws:iam::aws:policy/AWSDenyAll") ManagedPolicyAWSDeviceFarmFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess") ManagedPolicyAWSDeviceFarmServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmServiceRolePolicy") ManagedPolicyAWSDeviceFarmTestGridServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmTestGridServiceRolePolicy") ManagedPolicyAWSDirectConnectFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectFullAccess") ManagedPolicyAWSDirectConnectReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess") ManagedPolicyAWSDirectConnectServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSDirectConnectServiceRolePolicy") ManagedPolicyAWSDirectoryServiceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess") ManagedPolicyAWSDirectoryServiceReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess") ManagedPolicyAWSDiscoveryContinuousExportFirehosePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSDiscoveryContinuousExportFirehosePolicy") ManagedPolicyAWSEC2CapacityReservationFleetRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2CapacityReservationFleetRolePolicy") ManagedPolicyAWSEC2FleetServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2FleetServiceRolePolicy") ManagedPolicyAWSEC2SpotFleetServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotFleetServiceRolePolicy") ManagedPolicyAWSEC2SpotServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotServiceRolePolicy") ManagedPolicy_AWSECRPullThroughCache_ServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSECRPullThroughCache_ServiceRolePolicy") ManagedPolicyAWSElasticBeanstalkCustomPlatformforEC2Role = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role") ManagedPolicyAWSElasticBeanstalkEnhancedHealth = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth") // Deprecated: This policy is deprecated. Please use the AWS managed policy AdministratorAccess-AWSElasticBeanstalk instead. ManagedPolicyAWSElasticBeanstalkFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess") ManagedPolicyAWSElasticBeanstalkMaintenance = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkMaintenance") ManagedPolicyAWSElasticBeanstalkManagedUpdatesCustomerRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy") ManagedPolicyAWSElasticBeanstalkManagedUpdatesServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkManagedUpdatesServiceRolePolicy") ManagedPolicyAWSElasticBeanstalkMulticontainerDocker = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker") // Deprecated: This policy is deprecated. Please use the AWS managed policy AWSElasticBeanstalkReadOnly instead. ManagedPolicyAWSElasticBeanstalkReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess") ManagedPolicyAWSElasticBeanstalkReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnly") ManagedPolicyAWSElasticBeanstalkRoleCWL = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCWL") ManagedPolicyAWSElasticBeanstalkRoleCore = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCore") ManagedPolicyAWSElasticBeanstalkRoleECS = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleECS") ManagedPolicyAWSElasticBeanstalkRoleRDS = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleRDS") ManagedPolicyAWSElasticBeanstalkRoleSNS = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleSNS") ManagedPolicyAWSElasticBeanstalkRoleWorkerTier = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleWorkerTier") ManagedPolicyAWSElasticBeanstalkService = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService") ManagedPolicyAWSElasticBeanstalkServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkServiceRolePolicy") ManagedPolicyAWSElasticBeanstalkWebTier = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier") // Deprecated: This has been deprecated in favour of `AWSElasticBeanstalkWorkerTier` ManagedPolicyAWSElasticBeanstakWorkerTier = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier") ManagedPolicyAWSElasticBeanstalkWorkerTier = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier") ManagedPolicyAWSElasticDisasterRecoveryAgentInstallationPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryAgentInstallationPolicy") ManagedPolicyAWSElasticDisasterRecoveryAgentPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryAgentPolicy") ManagedPolicyAWSElasticDisasterRecoveryConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess") ManagedPolicyAWSElasticDisasterRecoveryConversionServerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryConversionServerPolicy") ManagedPolicyAWSElasticDisasterRecoveryEc2InstancePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryEc2InstancePolicy") ManagedPolicyAWSElasticDisasterRecoveryFailbackInstallationPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryFailbackInstallationPolicy") ManagedPolicyAWSElasticDisasterRecoveryFailbackPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryFailbackPolicy") ManagedPolicyAWSElasticDisasterRecoveryReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryReadOnlyAccess") ManagedPolicyAWSElasticDisasterRecoveryRecoveryInstancePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryRecoveryInstancePolicy") ManagedPolicyAWSElasticDisasterRecoveryReplicationServerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryReplicationServerPolicy") ManagedPolicyAWSElasticDisasterRecoveryServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticDisasterRecoveryServiceRolePolicy") ManagedPolicyAWSElasticDisasterRecoveryStagingAccountPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy") ManagedPolicy_AWSElasticDisasterRecoveryStagingAccountPolicy_v2 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy_v2") ManagedPolicyAWSElasticLoadBalancingClassicServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingClassicServiceRolePolicy") ManagedPolicyAWSElasticLoadBalancingServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingServiceRolePolicy") ManagedPolicyAWSElementalMediaConvertFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaConvertFullAccess") ManagedPolicyAWSElementalMediaConvertReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaConvertReadOnly") ManagedPolicyAWSElementalMediaLiveFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaLiveFullAccess") ManagedPolicyAWSElementalMediaLiveReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaLiveReadOnly") ManagedPolicyAWSElementalMediaPackageFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaPackageFullAccess") ManagedPolicyAWSElementalMediaPackageReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaPackageReadOnly") ManagedPolicyAWSElementalMediaStoreFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaStoreFullAccess") ManagedPolicyAWSElementalMediaStoreReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaStoreReadOnly") ManagedPolicyAWSElementalMediaTailorFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaTailorFullAccess") ManagedPolicyAWSElementalMediaTailorReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaTailorReadOnly") ManagedPolicyAWSEnhancedClassicNetworkingMangementPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEnhancedClassicNetworkingMangementPolicy") ManagedPolicyAWSFMAdminFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSFMAdminFullAccess") ManagedPolicyAWSFMAdminReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSFMAdminReadOnlyAccess") ManagedPolicyAWSFMMemberReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSFMMemberReadOnlyAccess") ManagedPolicyAWSFaultInjectionSimulatorEC2Access = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEC2Access") ManagedPolicyAWSFaultInjectionSimulatorECSAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorECSAccess") ManagedPolicyAWSFaultInjectionSimulatorEKSAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEKSAccess") ManagedPolicyAWSFaultInjectionSimulatorNetworkAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorNetworkAccess") ManagedPolicyAWSFaultInjectionSimulatorRDSAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorRDSAccess") ManagedPolicyAWSFaultInjectionSimulatorSSMAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorSSMAccess") ManagedPolicyAWSForWordPressPluginPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSForWordPressPluginPolicy") ManagedPolicyAWSGlobalAcceleratorSLRPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSGlobalAcceleratorSLRPolicy") ManagedPolicyAWSGlueConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueConsoleFullAccess") ManagedPolicyAWSGlueConsoleSageMakerNotebookFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueConsoleSageMakerNotebookFullAccess") ManagedPolicyAWSGlueDataBrewServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGlueDataBrewServiceRole") ManagedPolicyAWSGlueSchemaRegistryFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueSchemaRegistryFullAccess") ManagedPolicyAWSGlueSchemaRegistryReadonlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueSchemaRegistryReadonlyAccess") ManagedPolicyAWSGlueServiceNotebookRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGlueServiceNotebookRole") ManagedPolicyAWSGlueServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole") ManagedPolicyAWSGrafanaAccountAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/AWSGrafanaAccountAdministrator") ManagedPolicyAWSGrafanaConsoleReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGrafanaConsoleReadOnlyAccess") ManagedPolicyAWSGrafanaWorkspacePermissionManagement = ManagedPolicy("arn:aws:iam::aws:policy/AWSGrafanaWorkspacePermissionManagement") ManagedPolicyAWSGreengrassFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassFullAccess") // Deprecated: Please use AWSGreengrassFullAccess instead ManagedPolicyAWSGreengrassFullccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassFullAccess") ManagedPolicyAWSGreengrassReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassReadOnlyAccess") ManagedPolicyAWSGreengrassResourceAccessRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy") ManagedPolicyAWSHealthFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSHealthFullAccess") ManagedPolicy_AWSHealth_EventProcessorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSHealth_EventProcessorServiceRolePolicy") ManagedPolicyAWSIPAMServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIPAMServiceRolePolicy") ManagedPolicyAWSIQContractServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIQContractServiceRolePolicy") ManagedPolicyAWSIQFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIQFullAccess") ManagedPolicyAWSIQPermissionServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIQPermissionServiceRolePolicy") ManagedPolicyAWSIdentitySyncFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIdentitySyncFullAccess") ManagedPolicyAWSIdentitySyncReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIdentitySyncReadOnlyAccess") ManagedPolicyAWSImageBuilderFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSImageBuilderFullAccess") ManagedPolicyAWSImageBuilderReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSImageBuilderReadOnlyAccess") ManagedPolicyAWSImportExportFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportFullAccess") ManagedPolicyAWSImportExportReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess") ManagedPolicyAWSIncidentManagerResolverAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIncidentManagerResolverAccess") ManagedPolicyAWSIncidentManagerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIncidentManagerServiceRolePolicy") ManagedPolicyAWSIoT1ClickFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoT1ClickFullAccess") ManagedPolicyAWSIoT1ClickReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoT1ClickReadOnlyAccess") ManagedPolicyAWSIoTAnalyticsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTAnalyticsFullAccess") ManagedPolicyAWSIoTAnalyticsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTAnalyticsReadOnlyAccess") ManagedPolicyAWSIoTConfigAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigAccess") ManagedPolicyAWSIoTConfigReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigReadOnlyAccess") ManagedPolicyAWSIoTDataAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDataAccess") ManagedPolicyAWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction") ManagedPolicyAWSIoTDeviceDefenderAudit = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAudit") ManagedPolicyAWSIoTDeviceDefenderEnableIoTLoggingMitigationAction = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction") ManagedPolicyAWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction") ManagedPolicyAWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction") ManagedPolicyAWSIoTDeviceDefenderUpdateCACertMitigationAction = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateCACertMitigationAction") ManagedPolicyAWSIoTDeviceDefenderUpdateDeviceCertMitigationAction = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction") ManagedPolicyAWSIoTDeviceTesterForFreeRTOSFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDeviceTesterForFreeRTOSFullAccess") ManagedPolicyAWSIoTDeviceTesterForGreengrassFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDeviceTesterForGreengrassFullAccess") ManagedPolicyAWSIoTEventsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTEventsFullAccess") ManagedPolicyAWSIoTEventsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTEventsReadOnlyAccess") ManagedPolicyAWSIoTFleetHubFederationAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTFleetHubFederationAccess") ManagedPolicyAWSIoTFleetwiseServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIoTFleetwiseServiceRolePolicy") ManagedPolicyAWSIoTFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTFullAccess") ManagedPolicyAWSIoTLogging = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTLogging") ManagedPolicyAWSIoTOTAUpdate = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTOTAUpdate") ManagedPolicyAWSIoTRuleActions = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTRuleActions") ManagedPolicyAWSIoTSiteWiseConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTSiteWiseConsoleFullAccess") ManagedPolicyAWSIoTSiteWiseFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTSiteWiseFullAccess") ManagedPolicyAWSIoTSiteWiseMonitorPortalAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTSiteWiseMonitorPortalAccess") ManagedPolicyAWSIoTSiteWiseMonitorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIoTSiteWiseMonitorServiceRolePolicy") ManagedPolicyAWSIoTSiteWiseReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTSiteWiseReadOnlyAccess") ManagedPolicyAWSIoTThingsRegistration = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration") ManagedPolicyAWSIoTWirelessDataAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessDataAccess") ManagedPolicyAWSIoTWirelessFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessFullAccess") ManagedPolicyAWSIoTWirelessFullPublishAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessFullPublishAccess") ManagedPolicyAWSIoTWirelessGatewayCertManager = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessGatewayCertManager") ManagedPolicyAWSIoTWirelessLogging = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessLogging") ManagedPolicyAWSIoTWirelessReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessReadOnlyAccess") ManagedPolicyAWSIotRoboRunnerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSIotRoboRunnerFullAccess") ManagedPolicyAWSIotRoboRunnerReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSIotRoboRunnerReadOnly") ManagedPolicyAWSIotRoboRunnerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIotRoboRunnerServiceRolePolicy") ManagedPolicyAWSKeyManagementServiceCustomKeyStoresServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy") ManagedPolicyAWSKeyManagementServiceMultiRegionKeysServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy") ManagedPolicyAWSKeyManagementServicePowerUser = ManagedPolicy("arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser") ManagedPolicyAWSLakeFormationCrossAccountManager = ManagedPolicy("arn:aws:iam::aws:policy/AWSLakeFormationCrossAccountManager") ManagedPolicyAWSLakeFormationDataAdmin = ManagedPolicy("arn:aws:iam::aws:policy/AWSLakeFormationDataAdmin") ManagedPolicyAWSLambdaBasicExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole") ManagedPolicyAWSLambdaDynamoDBExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole") ManagedPolicyAWSLambdaENIManagementAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaENIManagementAccess") ManagedPolicyAWSLambdaExecute = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaExecute") // Deprecated: This has been deprecated in favour of `LambdaFullAccess` ManagedPolicyAWSLambdaFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaFullAccess") ManagedPolicyLambdaFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_FullAccess") ManagedPolicyAWSLambdaInvocationDynamoDB = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB") ManagedPolicyAWSLambdaKinesisExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole") // Deprecated: This has been deprecated in favour of `LambdaReadOnlyAccess` ManagedPolicyAWSLambdaReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess") ManagedPolicyLambdaReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_ReadOnlyAccess") ManagedPolicyAWSLambdaMSKExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaMSKExecutionRole") ManagedPolicyAWSLambdaReplicator = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLambdaReplicator") ManagedPolicyAWSLambdaRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaRole") ManagedPolicyAWSLambdaSQSQueueExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole") ManagedPolicyAWSLambdaVPCAccessExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole") ManagedPolicyAWSLicenseManagerConsumptionPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy") ManagedPolicyAWSLicenseManagerLinuxSubscriptionsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy") ManagedPolicyAWSLicenseManagerMasterAccountRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMasterAccountRolePolicy") ManagedPolicyAWSLicenseManagerMemberAccountRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMemberAccountRolePolicy") ManagedPolicyAWSLicenseManagerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerServiceRolePolicy") ManagedPolicyAWSLicenseManagerUserSubscriptionsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerUserSubscriptionsServiceRolePolicy") ManagedPolicyAWSM2ServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSM2ServicePolicy") ManagedPolicyAWSManagedServicesDeploymentToolkitPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSManagedServicesDeploymentToolkitPolicy") ManagedPolicy_AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy") ManagedPolicy_AWSManagedServices_EventsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_EventsServiceRolePolicy") ManagedPolicyAWSMarketplaceAmiIngestion = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceAmiIngestion") ManagedPolicyAWSMarketplaceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceFullAccess") ManagedPolicyAWSMarketplaceGetEntitlements = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceGetEntitlements") ManagedPolicyAWSMarketplaceImageBuildFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceImageBuildFullAccess") ManagedPolicyAWSMarketplaceLicenseManagementServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceLicenseManagementServiceRolePolicy") ManagedPolicyAWSMarketplaceManageSubscriptions = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions") ManagedPolicyAWSMarketplaceMeteringFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess") ManagedPolicyAWSMarketplaceMeteringRegisterUsage = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage") ManagedPolicyAWSMarketplaceProcurementSystemAdminFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceProcurementSystemAdminFullAccess") ManagedPolicyAWSMarketplacePurchaseOrdersServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMarketplacePurchaseOrdersServiceRolePolicy") ManagedPolicyAWSMarketplaceReadonly = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceRead-only") ManagedPolicyAWSMarketplaceSellerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceSellerFullAccess") ManagedPolicyAWSMarketplaceSellerProductsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsFullAccess") ManagedPolicyAWSMarketplaceSellerProductsReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsReadOnly") ManagedPolicyAWSMediaTailorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMediaTailorServiceRolePolicy") ManagedPolicyAWSMigrationHubDMSAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMigrationHubDMSAccess") ManagedPolicyAWSMigrationHubDiscoveryAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMigrationHubDiscoveryAccess") ManagedPolicyAWSMigrationHubFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubFullAccess") ManagedPolicyAWSMigrationHubOrchestratorConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorConsoleFullAccess") ManagedPolicyAWSMigrationHubOrchestratorInstanceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorInstanceRolePolicy") ManagedPolicyAWSMigrationHubOrchestratorPlugin = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorPlugin") ManagedPolicyAWSMigrationHubOrchestratorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubOrchestratorServiceRolePolicy") ManagedPolicyAWSMigrationHubRefactorSpacesFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubRefactorSpacesFullAccess") ManagedPolicyAWSMigrationHubRefactorSpacesServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubRefactorSpacesServiceRolePolicy") ManagedPolicyAWSMigrationHubSMSAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMigrationHubSMSAccess") ManagedPolicyAWSMigrationHubStrategyCollector = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubStrategyCollector") ManagedPolicyAWSMigrationHubStrategyConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubStrategyConsoleFullAccess") ManagedPolicyAWSMigrationHubStrategyServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubStrategyServiceRolePolicy") ManagedPolicy_AWSMobileHub_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_FullAccess") ManagedPolicy_AWSMobileHub_ReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_ReadOnly") // Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSMobileHub_FullAccess or AWSMobileHub_ReadOnly instead. ManagedPolicy_AWSMobileHub_ServiceUseOnly = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMobileHub_ServiceUseOnly") ManagedPolicyAWSNetworkFirewallServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSNetworkFirewallServiceRolePolicy") ManagedPolicyAWSNetworkManagerCloudWANServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerCloudWANServiceRolePolicy") ManagedPolicyAWSNetworkManagerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSNetworkManagerFullAccess") ManagedPolicyAWSNetworkManagerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSNetworkManagerReadOnlyAccess") ManagedPolicyAWSNetworkManagerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerServiceRolePolicy") ManagedPolicyAWSOpsWorksCMInstanceProfileRole = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole") ManagedPolicyAWSOpsWorksCMServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole") ManagedPolicyAWSOpsWorksCloudWatchLogs = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCloudWatchLogs") // Deprecated: This policy is deprecated and will be removed in a future release. Please use OpsWorks_FullAccess instead. ManagedPolicyAWSOpsWorksFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksFullAccess") ManagedPolicyAWSOpsWorksInstanceRegistration = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksInstanceRegistration") // Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSOpsWorksRegisterCLI_EC2 or AWSOpsWorksRegisterCLI_OnPremises instead. ManagedPolicyAWSOpsWorksRegisterCLI = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI") // Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSOpsWorksCMServiceRole instead. ManagedPolicyAWSOpsWorksRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole") // Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSQuickSightDescribeRDS instead. ManagedPolicyAWSQuickSightDescribeRD = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS") ManagedPolicy_AWSOpsWorksRegisterCLI_EC2 = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_EC2") ManagedPolicy_AWSOpsWorksRegisterCLI_OnPremises = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_OnPremises") ManagedPolicy_OpsWorks_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorks_FullAccess") ManagedPolicyAWSOrganizationsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSOrganizationsFullAccess") ManagedPolicyAWSOrganizationsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSOrganizationsReadOnlyAccess") ManagedPolicyAWSOrganizationsServiceTrustPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy") ManagedPolicyAWSOutpostsAuthorizeServerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSOutpostsAuthorizeServerPolicy") ManagedPolicyAWSOutpostsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSOutpostsServiceRolePolicy") ManagedPolicyAWSPanoramaApplianceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceRolePolicy") ManagedPolicyAWSPanoramaApplianceServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceServiceRolePolicy") ManagedPolicyAWSPanoramaFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSPanoramaFullAccess") ManagedPolicyAWSPanoramaGreengrassGroupRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaGreengrassGroupRolePolicy") ManagedPolicyAWSPanoramaSageMakerRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaSageMakerRolePolicy") ManagedPolicyAWSPanoramaServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSPanoramaServiceLinkedRolePolicy") ManagedPolicyAWSPanoramaServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaServiceRolePolicy") ManagedPolicyAWSPriceListServiceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSPriceListServiceFullAccess") ManagedPolicyAWSPrivateCAAuditor = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAAuditor") ManagedPolicyAWSPrivateCAFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAFullAccess") ManagedPolicyAWSPrivateCAPrivilegedUser = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAPrivilegedUser") ManagedPolicyAWSPrivateCAReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAReadOnly") ManagedPolicyAWSPrivateCAUser = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAUser") ManagedPolicyAWSPrivateMarketplaceAdminFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateMarketplaceAdminFullAccess") ManagedPolicyAWSPrivateMarketplaceRequests = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateMarketplaceRequests") ManagedPolicyAWSPrivateNetworksServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSPrivateNetworksServiceRolePolicy") ManagedPolicyAWSProtonCodeBuildProvisioningBasicAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonCodeBuildProvisioningBasicAccess") ManagedPolicyAWSProtonCodeBuildProvisioningServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSProtonCodeBuildProvisioningServiceRolePolicy") ManagedPolicyAWSProtonDeveloperAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonDeveloperAccess") ManagedPolicyAWSProtonFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonFullAccess") ManagedPolicyAWSProtonReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonReadOnlyAccess") ManagedPolicyAWSProtonSyncServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSProtonSyncServiceRolePolicy") ManagedPolicyAWSPurchaseOrdersServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSPurchaseOrdersServiceRolePolicy") ManagedPolicyAWSQuickSightDescribeRDS = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS") ManagedPolicyAWSQuickSightDescribeRedshift = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift") ManagedPolicyAWSQuickSightElasticsearchPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightElasticsearchPolicy") ManagedPolicyAWSQuickSightIoTAnalyticsAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSQuickSightIoTAnalyticsAccess") ManagedPolicyAWSQuickSightListIAM = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightListIAM") ManagedPolicyAWSQuickSightSageMakerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightSageMakerPolicy") ManagedPolicyAWSQuickSightTimestreamPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightTimestreamPolicy") ManagedPolicyAWSQuicksightAthenaAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuicksightAthenaAccess") ManagedPolicyAWSQuicksightOpenSearchPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuicksightOpenSearchPolicy") ManagedPolicyAWSReachabilityAnalyzerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSReachabilityAnalyzerServiceRolePolicy") ManagedPolicyAWSRefactoringToolkitFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSRefactoringToolkitFullAccess") ManagedPolicyAWSRefactoringToolkitSidecarPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSRefactoringToolkitSidecarPolicy") ManagedPolicyAWSResourceAccessManagerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceAccessManagerFullAccess") ManagedPolicyAWSResourceAccessManagerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceAccessManagerReadOnlyAccess") ManagedPolicyAWSResourceAccessManagerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSResourceAccessManagerServiceRolePolicy") ManagedPolicyAWSResourceExplorerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceExplorerFullAccess") ManagedPolicyAWSResourceExplorerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceExplorerReadOnlyAccess") ManagedPolicyAWSResourceExplorerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSResourceExplorerServiceRolePolicy") ManagedPolicyAWSResourceGroupsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceGroupsReadOnlyAccess") ManagedPolicyAWSRoboMakerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSRoboMakerReadOnlyAccess") ManagedPolicyAWSRoboMakerServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSRoboMakerServicePolicy") ManagedPolicyAWSRoboMakerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSRoboMakerServiceRolePolicy") ManagedPolicy_AWSRoboMaker_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSRoboMaker_FullAccess") ManagedPolicyAWSRolesAnywhereServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSRolesAnywhereServicePolicy") ManagedPolicyAWSSSMForSAPServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSSMForSAPServiceLinkedRolePolicy") ManagedPolicyAWSSSMOpsInsightsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSSMOpsInsightsServiceRolePolicy") ManagedPolicyAWSSSODirectoryAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSODirectoryAdministrator") ManagedPolicyAWSSSODirectoryReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSODirectoryReadOnly") ManagedPolicyAWSSSOMasterAccountAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSOMasterAccountAdministrator") ManagedPolicyAWSSSOMemberAccountAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSOMemberAccountAdministrator") ManagedPolicyAWSSSOReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSOReadOnly") ManagedPolicyAWSSSOServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy") ManagedPolicyAWSSavingsPlansFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSavingsPlansFullAccess") ManagedPolicyAWSSavingsPlansReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSavingsPlansReadOnlyAccess") ManagedPolicyAWSSecurityHubFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSecurityHubFullAccess") ManagedPolicyAWSSecurityHubOrganizationsAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSecurityHubOrganizationsAccess") ManagedPolicyAWSSecurityHubReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSecurityHubReadOnlyAccess") ManagedPolicyAWSSecurityHubServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSecurityHubServiceRolePolicy") ManagedPolicyAWSServiceCatalogAdminFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAdminFullAccess") ManagedPolicyAWSServiceCatalogAdminReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAdminReadOnlyAccess") ManagedPolicyAWSServiceCatalogAppRegistryFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryFullAccess") ManagedPolicyAWSServiceCatalogAppRegistryReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryReadOnlyAccess") ManagedPolicyAWSServiceCatalogAppRegistryServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogAppRegistryServiceRolePolicy") ManagedPolicyAWSServiceCatalogEndUserFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogEndUserFullAccess") ManagedPolicyAWSServiceCatalogEndUserReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogEndUserReadOnlyAccess") ManagedPolicyAWSServiceCatalogSyncServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogSyncServiceRolePolicy") ManagedPolicyAWSServiceRoleForAmazonEKSNodegroup = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForAmazonEKSNodegroup") ManagedPolicyAWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy") ManagedPolicyAWSServiceRoleForCodeGuruProfiler = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeGuru-Profiler") ManagedPolicyAWSServiceRoleForEC2ScheduledInstances = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForEC2ScheduledInstances") ManagedPolicyAWSServiceRoleForGroundStationDataflowEndpointGroupPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy") ManagedPolicyAWSServiceRoleForImageBuilder = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForImageBuilder") ManagedPolicyAWSServiceRoleForIoTSiteWise = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForIoTSiteWise") ManagedPolicyAWSServiceRoleForLogDeliveryPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForLogDeliveryPolicy") ManagedPolicyAWSServiceRoleForMonitronPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForMonitronPolicy") ManagedPolicyAWSServiceRoleForSMS = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForSMS") ManagedPolicyAWSServiceRolePolicyForBackupReports = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupReports") ManagedPolicyAWSShieldDRTAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy") ManagedPolicyAWSShieldServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSShieldServiceRolePolicy") ManagedPolicyAWSStepFunctionsConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsConsoleFullAccess") ManagedPolicyAWSStepFunctionsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsFullAccess") ManagedPolicyAWSStepFunctionsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess") ManagedPolicyAWSStorageGatewayFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess") ManagedPolicyAWSStorageGatewayReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess") ManagedPolicyAWSStorageGatewayServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSStorageGatewayServiceRolePolicy") ManagedPolicyAWSSupportAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAccess") ManagedPolicyAWSSupportAppFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAppFullAccess") ManagedPolicyAWSSupportAppReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAppReadOnlyAccess") ManagedPolicyAWSSupportPlansFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportPlansFullAccess") ManagedPolicyAWSSupportPlansReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportPlansReadOnlyAccess") ManagedPolicyAWSSupportServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy") ManagedPolicyAWSSystemsManagerAccountDiscoveryServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerAccountDiscoveryServicePolicy") ManagedPolicyAWSSystemsManagerChangeManagementServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerChangeManagementServicePolicy") ManagedPolicyAWSSystemsManagerForSAPFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSystemsManagerForSAPFullAccess") ManagedPolicyAWSSystemsManagerForSAPReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSSystemsManagerForSAPReadOnlyAccess") ManagedPolicyAWSSystemsManagerOpsDataSyncServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerOpsDataSyncServiceRolePolicy") ManagedPolicyAWSThinkboxAWSPortalAdminPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAWSPortalAdminPolicy") ManagedPolicyAWSThinkboxAWSPortalGatewayPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAWSPortalGatewayPolicy") ManagedPolicyAWSThinkboxAWSPortalWorkerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAWSPortalWorkerPolicy") ManagedPolicyAWSThinkboxAssetServerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAssetServerPolicy") ManagedPolicyAWSThinkboxDeadlineResourceTrackerAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAccessPolicy") ManagedPolicyAWSThinkboxDeadlineResourceTrackerAdminPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAdminPolicy") ManagedPolicyAWSThinkboxDeadlineSpotEventPluginAdminPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginAdminPolicy") ManagedPolicyAWSThinkboxDeadlineSpotEventPluginWorkerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginWorkerPolicy") ManagedPolicyAWSTransferConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSTransferConsoleFullAccess") ManagedPolicyAWSTransferFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSTransferFullAccess") ManagedPolicyAWSTransferLoggingAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess") ManagedPolicyAWSTransferReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSTransferReadOnlyAccess") ManagedPolicyAWSTrustedAdvisorPriorityFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityFullAccess") ManagedPolicyAWSTrustedAdvisorPriorityReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityReadOnlyAccess") ManagedPolicyAWSTrustedAdvisorReportingServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorReportingServiceRolePolicy") ManagedPolicyAWSTrustedAdvisorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy") ManagedPolicyAWSVPCS2SVpnServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVPCS2SVpnServiceRolePolicy") ManagedPolicyAWSVPCTransitGatewayServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVPCTransitGatewayServiceRolePolicy") ManagedPolicyAWSVPCVerifiedAccessServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVPCVerifiedAccessServiceRolePolicy") ManagedPolicyAWSVendorInsightsAssessorFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsAssessorFullAccess") ManagedPolicyAWSVendorInsightsAssessorReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsAssessorReadOnly") ManagedPolicyAWSVendorInsightsVendorFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsVendorFullAccess") ManagedPolicyAWSVendorInsightsVendorReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsVendorReadOnly") ManagedPolicyAWSVpcLatticeServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVpcLatticeServiceRolePolicy") ManagedPolicyAWSWAFConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFConsoleFullAccess") ManagedPolicyAWSWAFConsoleReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFConsoleReadOnlyAccess") ManagedPolicyAWSWAFFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFFullAccess") ManagedPolicyAWSWAFReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess") ManagedPolicyAWSWellArchitectedOrganizationsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSWellArchitectedOrganizationsServiceRolePolicy") ManagedPolicyAWSWickrFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSWickrFullAccess") ManagedPolicyAWSXrayCrossAccountSharingConfiguration = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayCrossAccountSharingConfiguration") ManagedPolicyAWSXrayFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayFullAccess") ManagedPolicyAWSXrayReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess") ManagedPolicyAWSXrayWriteOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess") ManagedPolicyAWSXRayDaemonWriteAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess") ManagedPolicyAccessAnalyzerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AccessAnalyzerServiceRolePolicy") ManagedPolicyAdministratorAccess = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess") ManagedPolicyAdministratorAccessAWSElasticBeanstalk = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess-AWSElasticBeanstalk") ManagedPolicyAdministratorAccessAmplify = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess-Amplify") ManagedPolicyAlexaForBusinessDeviceSetup = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup") ManagedPolicyAlexaForBusinessFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessFullAccess") ManagedPolicyAlexaForBusinessGatewayExecution = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessGatewayExecution") ManagedPolicyAlexaForBusinessLifesizeDelegatedAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessLifesizeDelegatedAccessPolicy") ManagedPolicyAlexaForBusinessNetworkProfileServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AlexaForBusinessNetworkProfileServicePolicy") ManagedPolicyAlexaForBusinessPolyDelegatedAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessPolyDelegatedAccessPolicy") ManagedPolicyAlexaForBusinessReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessReadOnlyAccess") ManagedPolicyAmazonAPIGatewayAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator") ManagedPolicyAmazonAPIGatewayInvokeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess") ManagedPolicyAmazonAPIGatewayPushToCloudWatchLogs = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs") ManagedPolicyAmazonAppFlowFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppFlowFullAccess") ManagedPolicyAmazonAppFlowReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppFlowReadOnlyAccess") ManagedPolicyAmazonAppStreamFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamFullAccess") ManagedPolicyAmazonAppStreamPCAAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAppStreamPCAAccess") ManagedPolicyAmazonAppStreamReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess") ManagedPolicyAmazonAppStreamServiceAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAppStreamServiceAccess") ManagedPolicyAmazonAthenaFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAthenaFullAccess") ManagedPolicyAmazonAugmentedAIFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAugmentedAIFullAccess") ManagedPolicyAmazonAugmentedAIHumanLoopFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAugmentedAIHumanLoopFullAccess") ManagedPolicyAmazonAugmentedAIIntegratedAPIAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAugmentedAIIntegratedAPIAccess") ManagedPolicyAmazonBraketFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonBraketFullAccess") ManagedPolicyAmazonBraketJobsExecutionPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonBraketJobsExecutionPolicy") ManagedPolicyAmazonBraketServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonBraketServiceRolePolicy") ManagedPolicyAmazonChimeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeFullAccess") ManagedPolicyAmazonChimeReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeReadOnly") ManagedPolicyAmazonChimeSDK = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeSDK") ManagedPolicyAmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy") ManagedPolicyAmazonChimeServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeServiceRolePolicy") ManagedPolicyAmazonChimeTranscriptionServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeTranscriptionServiceLinkedRolePolicy") ManagedPolicyAmazonChimeUserManagement = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeUserManagement") ManagedPolicyAmazonChimeVoiceConnectorServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeVoiceConnectorServiceLinkedRolePolicy") ManagedPolicyAmazonCloudDirectoryFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryFullAccess") ManagedPolicyAmazonCloudDirectoryReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess") ManagedPolicyAmazonCloudWatchEvidentlyFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyFullAccess") ManagedPolicyAmazonCloudWatchEvidentlyReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyReadOnlyAccess") ManagedPolicyAmazonCloudWatchEvidentlyServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchEvidentlyServiceRolePolicy") ManagedPolicyAmazonCloudWatchRUMFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchRUMFullAccess") ManagedPolicyAmazonCloudWatchRUMReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchRUMReadOnlyAccess") ManagedPolicyAmazonCloudWatchRUMServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchRUMServiceRolePolicy") ManagedPolicyAmazonCodeGuruProfilerAgentAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruProfilerAgentAccess") ManagedPolicyAmazonCodeGuruProfilerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruProfilerFullAccess") ManagedPolicyAmazonCodeGuruProfilerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruProfilerReadOnlyAccess") ManagedPolicyAmazonCodeGuruReviewerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruReviewerFullAccess") ManagedPolicyAmazonCodeGuruReviewerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruReviewerReadOnlyAccess") ManagedPolicyAmazonCodeGuruReviewerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCodeGuruReviewerServiceRolePolicy") ManagedPolicyAmazonCognitoDeveloperAuthenticatedIdentities = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities") ManagedPolicyAmazonCognitoIdpEmailServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpEmailServiceRolePolicy") ManagedPolicyAmazonCognitoIdpServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpServiceRolePolicy") ManagedPolicyAmazonCognitoPowerUser = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoPowerUser") ManagedPolicyAmazonCognitoReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoReadOnly") ManagedPolicyAmazonCognitoUnauthenticatedIdentities = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoUnauthenticatedIdentities") ManagedPolicyAmazonConnectCampaignsServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonConnectCampaignsServiceLinkedRolePolicy") ManagedPolicyAmazonConnectReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonConnectReadOnlyAccess") ManagedPolicyAmazonConnectServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonConnectServiceLinkedRolePolicy") ManagedPolicyAmazonConnectVoiceIDFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonConnectVoiceIDFullAccess") ManagedPolicy_AmazonConnect_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonConnect_FullAccess") ManagedPolicyAmazonDMSCloudWatchLogsRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole") ManagedPolicyAmazonDMSRedshiftS3Role = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role") ManagedPolicyAmazonDMSVPCManagementRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole") ManagedPolicyAmazonDRSVPCManagement = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDRSVPCManagement") ManagedPolicyAmazonDetectiveFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDetectiveFullAccess") ManagedPolicyAmazonDetectiveInvestigatorAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDetectiveInvestigatorAccess") ManagedPolicyAmazonDetectiveMemberAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDetectiveMemberAccess") ManagedPolicyAmazonDetectiveServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonDetectiveServiceLinkedRolePolicy") ManagedPolicyAmazonDevOpsGuruConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruConsoleFullAccess") ManagedPolicyAmazonDevOpsGuruFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruFullAccess") ManagedPolicyAmazonDevOpsGuruOrganizationsAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruOrganizationsAccess") ManagedPolicyAmazonDevOpsGuruReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruReadOnlyAccess") ManagedPolicyAmazonDevOpsGuruServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonDevOpsGuruServiceRolePolicy") ManagedPolicyAmazonDocDBElasticServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonDocDB-ElasticServiceRolePolicy") ManagedPolicyAmazonDocDBConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDocDBConsoleFullAccess") ManagedPolicyAmazonDocDBFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDocDBFullAccess") ManagedPolicyAmazonDocDBReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDocDBReadOnlyAccess") ManagedPolicyAmazonDynamoDBFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess") ManagedPolicyAmazonDynamoDBFullAccesswithDataPipeline = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline") ManagedPolicyAmazonDynamoDBReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess") ManagedPolicyAmazonEBSCSIDriverPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy") ManagedPolicyAmazonEC2ContainerRegistryFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess") ManagedPolicyAmazonEC2ContainerRegistryPowerUser = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser") ManagedPolicyAmazonEC2ContainerRegistryReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly") ManagedPolicyAmazonEC2ContainerServiceAutoscaleRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole") ManagedPolicyAmazonEC2ContainerServiceEventsRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceEventsRole") // Deprecated: This policy is deprecated and will be removed in a future release. Use AmazonECS_FullAccess instead. ManagedPolicyAmazonEC2ContainerServiceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess") ManagedPolicyAmazonEC2ContainerServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole") ManagedPolicyAmazonEC2ContainerServiceforEC2Role = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role") ManagedPolicyAmazonEC2FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2FullAccess") ManagedPolicyAmazonEC2ReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess") // Deprecated: This policy is deprecated and will be removed in a future release. ManagedPolicyAmazonEC2ReportsAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReportsAccess") ManagedPolicyAmazonEC2RolePolicyForLaunchWizard = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2RolePolicyForLaunchWizard") ManagedPolicyAmazonEC2RoleforAWSCodeDeploy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy") ManagedPolicyAmazonEC2RoleforAWSCodeDeployLimited = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeployLimited") ManagedPolicyAmazonEC2RoleforDataPipelineRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole") ManagedPolicyAmazonEC2RoleforSSM = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM") ManagedPolicyAmazonEC2SpotFleetAutoscaleRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole") // Deprecated: This policy is deprecated and will be removed in a future release. ManagedPolicyAmazonEC2SpotFleetRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole") ManagedPolicyAmazonEC2SpotFleetTaggingRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole") ManagedPolicyAmazonECSFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonECS_FullAccess") ManagedPolicyAmazonECSServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy") ManagedPolicyAmazonECSTaskExecutionRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy") ManagedPolicyAmazonEKSClusterPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy") ManagedPolicyAmazonEKSConnectorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSConnectorServiceRolePolicy") ManagedPolicyAmazonEKSFargatePodExecutionRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy") ManagedPolicyAmazonEKSForFargateServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSForFargateServiceRolePolicy") ManagedPolicyAmazonEKSLocalOutpostClusterPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy") ManagedPolicyAmazonEKSLocalOutpostServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSLocalOutpostServiceRolePolicy") ManagedPolicyAmazonEKSServicePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSServicePolicy") ManagedPolicyAmazonEKSServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSServiceRolePolicy") ManagedPolicyAmazonEKSVPCResourceController = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSVPCResourceController") ManagedPolicyAmazonEKSWorkerNodePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy") ManagedPolicy_AmazonEKS_CNI_Policy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy") ManagedPolicyAmazonEMRCleanupPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEMRCleanupPolicy") ManagedPolicyAmazonEMRContainersServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEMRContainersServiceRolePolicy") ManagedPolicy_AmazonEMRFullAccessPolicy_v2 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEMRFullAccessPolicy_v2") ManagedPolicy_AmazonEMRReadOnlyAccessPolicy_v2 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEMRReadOnlyAccessPolicy_v2") ManagedPolicyAmazonEMRServerlessServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEMRServerlessServiceRolePolicy") ManagedPolicy_AmazonEMRServicePolicy_v2 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEMRServicePolicy_v2") ManagedPolicyAmazonESCognitoAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESCognitoAccess") ManagedPolicyAmazonESFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESFullAccess") ManagedPolicyAmazonESReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESReadOnlyAccess") ManagedPolicyAmazonElastiCacheFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess") ManagedPolicyAmazonElastiCacheReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess") ManagedPolicyAmazonElasticContainerRegistryPublicFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicFullAccess") ManagedPolicyAmazonElasticContainerRegistryPublicPowerUser = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicPowerUser") ManagedPolicyAmazonElasticContainerRegistryPublicReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicReadOnly") ManagedPolicyAmazonElasticFileSystemClientFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess") ManagedPolicyAmazonElasticFileSystemClientReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadOnlyAccess") ManagedPolicyAmazonElasticFileSystemClientReadWriteAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadWriteAccess") ManagedPolicyAmazonElasticFileSystemFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess") ManagedPolicyAmazonElasticFileSystemReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess") ManagedPolicyAmazonElasticFileSystemServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonElasticFileSystemServiceRolePolicy") ManagedPolicyAmazonElasticFileSystemsUtils = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemsUtils") ManagedPolicyAmazonElasticMapReduceEditorsRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceEditorsRole") ManagedPolicyAmazonElasticMapReduceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess") ManagedPolicyAmazonElasticMapReducePlacementGroupPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReducePlacementGroupPolicy") ManagedPolicyAmazonElasticMapReduceReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess") ManagedPolicyAmazonElasticMapReduceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole") ManagedPolicyAmazonElasticMapReduceforAutoScalingRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole") ManagedPolicyAmazonElasticMapReduceforEC2Role = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role") // Deprecated: This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_FullAccess instead. ManagedPolicyAmazonElasticTranscoderFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderFullAccess") // Deprecated: This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_JobsSubmitter instead. ManagedPolicyAmazonElasticTranscoderJobsSubmitter = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderJobsSubmitter") // Deprecated: This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_ReadOnlyAccess instead. ManagedPolicyAmazonElasticTranscoderReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderReadOnlyAccess") ManagedPolicyAmazonElasticTranscoderRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole") ManagedPolicy_ElasticTranscoder_FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoder_FullAccess") ManagedPolicy_ElasticTranscoder_JobsSubmitter = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoder_JobsSubmitter") ManagedPolicy_ElasticTranscoder_ReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoder_ReadOnlyAccess") ManagedPolicyAmazonElasticsearchServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonElasticsearchServiceRolePolicy") ManagedPolicyAmazonEventBridgeApiDestinationsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeApiDestinationsServiceRolePolicy") ManagedPolicyAmazonEventBridgeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess") ManagedPolicyAmazonEventBridgePipesFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgePipesFullAccess") ManagedPolicyAmazonEventBridgePipesOperatorAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgePipesOperatorAccess") ManagedPolicyAmazonEventBridgePipesReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgePipesReadOnlyAccess") ManagedPolicyAmazonEventBridgeReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeReadOnlyAccess") ManagedPolicyAmazonEventBridgeSchedulerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerFullAccess") ManagedPolicyAmazonEventBridgeSchedulerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerReadOnlyAccess") ManagedPolicyAmazonEventBridgeSchemasFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchemasFullAccess") ManagedPolicyAmazonEventBridgeSchemasReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchemasReadOnlyAccess") ManagedPolicyAmazonEventBridgeSchemasServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeSchemasServiceRolePolicy") ManagedPolicyAmazonFISServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonFISServiceRolePolicy") ManagedPolicyAmazonFSxConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxConsoleFullAccess") ManagedPolicyAmazonFSxConsoleReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxConsoleReadOnlyAccess") ManagedPolicyAmazonFSxFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxFullAccess") ManagedPolicyAmazonFSxReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxReadOnlyAccess") ManagedPolicyAmazonFSxServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonFSxServiceRolePolicy") ManagedPolicyAmazonForecastFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonForecastFullAccess") ManagedPolicyAmazonFraudDetectorFullAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFraudDetectorFullAccessPolicy") ManagedPolicyAmazonFreeRTOSFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFreeRTOSFullAccess") ManagedPolicyAmazonFreeRTOSOTAUpdate = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonFreeRTOSOTAUpdate") ManagedPolicyAmazonGlacierFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierFullAccess") ManagedPolicyAmazonGlacierReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess") ManagedPolicyAmazonGrafanaAthenaAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess") ManagedPolicyAmazonGrafanaRedshiftAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonGrafanaRedshiftAccess") ManagedPolicyAmazonGrafanaServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonGrafanaServiceLinkedRolePolicy") ManagedPolicyAmazonGuardDutyFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGuardDutyFullAccess") ManagedPolicyAmazonGuardDutyMalwareProtectionServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyMalwareProtectionServiceRolePolicy") ManagedPolicyAmazonGuardDutyReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGuardDutyReadOnlyAccess") ManagedPolicyAmazonGuardDutyServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyServiceRolePolicy") ManagedPolicyAmazonHealthLakeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHealthLakeFullAccess") ManagedPolicyAmazonHealthLakeReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHealthLakeReadOnlyAccess") ManagedPolicyAmazonHoneycodeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeFullAccess") ManagedPolicyAmazonHoneycodeReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeReadOnlyAccess") ManagedPolicyAmazonHoneycodeServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonHoneycodeServiceRolePolicy") ManagedPolicyAmazonHoneycodeTeamAssociationFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationFullAccess") ManagedPolicyAmazonHoneycodeTeamAssociationReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationReadOnlyAccess") ManagedPolicyAmazonHoneycodeWorkbookFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookFullAccess") ManagedPolicyAmazonHoneycodeWorkbookReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookReadOnlyAccess") ManagedPolicyAmazonInspector2FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspector2FullAccess") ManagedPolicyAmazonInspector2ReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspector2ReadOnlyAccess") ManagedPolicyAmazonInspector2ServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonInspector2ServiceRolePolicy") ManagedPolicyAmazonInspectorFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorFullAccess") ManagedPolicyAmazonInspectorReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorReadOnlyAccess") ManagedPolicyAmazonInspectorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonInspectorServiceRolePolicy") ManagedPolicyAmazonKendraFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKendraFullAccess") ManagedPolicyAmazonKendraReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKendraReadOnlyAccess") ManagedPolicyAmazonKeyspacesFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKeyspacesFullAccess") ManagedPolicyAmazonKeyspacesReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKeyspacesReadOnlyAccess") ManagedPolicyAmazonKinesisAnalyticsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsFullAccess") ManagedPolicyAmazonKinesisAnalyticsReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsReadOnly") ManagedPolicyAmazonKinesisFirehoseFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseFullAccess") ManagedPolicyAmazonKinesisFirehoseReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess") ManagedPolicyAmazonKinesisFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFullAccess") ManagedPolicyAmazonKinesisReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess") ManagedPolicyAmazonKinesisVideoStreamsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsFullAccess") ManagedPolicyAmazonKinesisVideoStreamsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsReadOnlyAccess") ManagedPolicy_AmazonLaunchWizard_Fullaccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLaunchWizard_Fullaccess") ManagedPolicyAmazonLexChannelsAccess = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonLexChannelsAccess") ManagedPolicyAmazonLexFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexFullAccess") ManagedPolicyAmazonLexReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexReadOnly") ManagedPolicyAmazonLexRunBotsOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexRunBotsOnly") ManagedPolicyAmazonLexV2BotPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonLexV2BotPolicy") ManagedPolicyAmazonLookoutEquipmentFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutEquipmentFullAccess") ManagedPolicyAmazonLookoutEquipmentReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutEquipmentReadOnlyAccess") ManagedPolicyAmazonLookoutMetricsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutMetricsFullAccess") ManagedPolicyAmazonLookoutMetricsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutMetricsReadOnlyAccess") ManagedPolicyAmazonLookoutVisionConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleFullAccess") ManagedPolicyAmazonLookoutVisionConsoleReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleReadOnlyAccess") ManagedPolicyAmazonLookoutVisionFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionFullAccess") ManagedPolicyAmazonLookoutVisionReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionReadOnlyAccess") ManagedPolicyAmazonMCSFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMCSFullAccess") ManagedPolicyAmazonMCSReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMCSReadOnlyAccess") ManagedPolicyAmazonMQApiFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQApiFullAccess") ManagedPolicyAmazonMQApiReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQApiReadOnlyAccess") ManagedPolicyAmazonMQFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQFullAccess") ManagedPolicyAmazonMQReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQReadOnlyAccess") ManagedPolicyAmazonMQServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonMQServiceRolePolicy") ManagedPolicyAmazonMSKConnectReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMSKConnectReadOnlyAccess") ManagedPolicyAmazonMSKFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMSKFullAccess") ManagedPolicyAmazonMSKReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMSKReadOnlyAccess") ManagedPolicyAmazonMWAAServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonMWAAServiceRolePolicy") ManagedPolicyAmazonMachineLearningBatchPredictionsAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess") ManagedPolicyAmazonMachineLearningCreateOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess") ManagedPolicyAmazonMachineLearningFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess") ManagedPolicyAmazonMachineLearningManageRealTimeEndpointOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess") ManagedPolicyAmazonMachineLearningReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess") ManagedPolicyAmazonMachineLearningRealTimePredictionOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess") // Deprecated: This policy is deprecated. Use AmazonMachineLearningRoleforRedshiftDataSourceV3 instead. ManagedPolicyAmazonMachineLearningRoleforRedshiftDataSource = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource") ManagedPolicyAmazonMachineLearningRoleforRedshiftDataSourceV3 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSourceV3") ManagedPolicyAmazonMacieFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMacieFullAccess") ManagedPolicyAmazonMacieHandshakeRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMacieHandshakeRole") ManagedPolicyAmazonMacieServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMacieServiceRole") ManagedPolicyAmazonMacieServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonMacieServiceRolePolicy") ManagedPolicyAmazonManagedBlockchainConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonManagedBlockchainConsoleFullAccess") ManagedPolicyAmazonManagedBlockchainFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonManagedBlockchainFullAccess") ManagedPolicyAmazonManagedBlockchainReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonManagedBlockchainReadOnlyAccess") ManagedPolicyAmazonManagedBlockchainServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonManagedBlockchainServiceRolePolicy") ManagedPolicyAmazonMechanicalTurkFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkFullAccess") ManagedPolicyAmazonMechanicalTurkReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkReadOnly") ManagedPolicyAmazonMemoryDBFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMemoryDBFullAccess") ManagedPolicyAmazonMemoryDBReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMemoryDBReadOnlyAccess") ManagedPolicyAmazonMobileAnalyticsFinancialReportAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess") ManagedPolicyAmazonMobileAnalyticsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess") ManagedPolicyAmazonMobileAnalyticsNonfinancialReportAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess") ManagedPolicyAmazonMobileAnalyticsWriteOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess") ManagedPolicyAmazonMonitronFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMonitronFullAccess") ManagedPolicyAmazonNimbleStudioLaunchProfileWorker = ManagedPolicy("arn:aws:iam::aws:policy/AmazonNimbleStudio-LaunchProfileWorker") ManagedPolicyAmazonNimbleStudioStudioAdmin = ManagedPolicy("arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioAdmin") ManagedPolicyAmazonNimbleStudioStudioUser = ManagedPolicy("arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioUser") ManagedPolicyAmazonOmicsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOmicsFullAccess") ManagedPolicyAmazonOmicsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOmicsReadOnlyAccess") ManagedPolicyAmazonOpenSearchIngestionServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchIngestionServiceRolePolicy") ManagedPolicyAmazonOpenSearchServerlessServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServerlessServiceRolePolicy") ManagedPolicyAmazonOpenSearchServiceCognitoAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOpenSearchServiceCognitoAccess") ManagedPolicyAmazonOpenSearchServiceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOpenSearchServiceFullAccess") ManagedPolicyAmazonOpenSearchServiceReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOpenSearchServiceReadOnlyAccess") ManagedPolicyAmazonOpenSearchServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServiceRolePolicy") ManagedPolicyAmazonPersonalizeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonPersonalizeFullAccess") ManagedPolicyAmazonPollyFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyFullAccess") ManagedPolicyAmazonPollyReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyReadOnlyAccess") ManagedPolicyAmazonPrometheusConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusConsoleFullAccess") ManagedPolicyAmazonPrometheusFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusFullAccess") ManagedPolicyAmazonPrometheusQueryAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusQueryAccess") ManagedPolicyAmazonPrometheusRemoteWriteAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusRemoteWriteAccess") ManagedPolicyAmazonQLDBConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonQLDBConsoleFullAccess") ManagedPolicyAmazonQLDBFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonQLDBFullAccess") ManagedPolicyAmazonQLDBReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonQLDBReadOnly") ManagedPolicyAmazonRDSBetaServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSBetaServiceRolePolicy") ManagedPolicyAmazonRDSCustomPreviewServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomPreviewServiceRolePolicy") ManagedPolicyAmazonRDSCustomServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomServiceRolePolicy") ManagedPolicyAmazonRDSDataFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSDataFullAccess") ManagedPolicyAmazonRDSDirectoryServiceAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess") ManagedPolicyAmazonRDSEnhancedMonitoringRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole") ManagedPolicyAmazonRDSFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSFullAccess") ManagedPolicyAmazonRDSPerformanceInsightsReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSPerformanceInsightsReadOnly") ManagedPolicyAmazonRDSPreviewServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSPreviewServiceRolePolicy") ManagedPolicyAmazonRDSReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess") ManagedPolicyAmazonRDSServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSServiceRolePolicy") ManagedPolicyAmazonRedshiftAllCommandsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftAllCommandsFullAccess") ManagedPolicyAmazonRedshiftDataFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftDataFullAccess") ManagedPolicyAmazonRedshiftFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftFullAccess") ManagedPolicyAmazonRedshiftQueryEditor = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditor") ManagedPolicyAmazonRedshiftQueryEditorV2FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2FullAccess") ManagedPolicyAmazonRedshiftQueryEditorV2NoSharing = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2NoSharing") ManagedPolicyAmazonRedshiftQueryEditorV2ReadSharing = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadSharing") ManagedPolicyAmazonRedshiftQueryEditorV2ReadWriteSharing = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadWriteSharing") ManagedPolicyAmazonRedshiftReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess") ManagedPolicyAmazonRedshiftServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRedshiftServiceLinkedRolePolicy") ManagedPolicyAmazonRekognitionCustomLabelsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionCustomLabelsFullAccess") ManagedPolicyAmazonRekognitionFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionFullAccess") ManagedPolicyAmazonRekognitionReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionReadOnlyAccess") ManagedPolicyAmazonRekognitionServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRekognitionServiceRole") ManagedPolicyAmazonRoute53AutoNamingFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53AutoNamingFullAccess") ManagedPolicyAmazonRoute53AutoNamingReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53AutoNamingReadOnlyAccess") ManagedPolicyAmazonRoute53AutoNamingRegistrantAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53AutoNamingRegistrantAccess") ManagedPolicyAmazonRoute53DomainsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess") ManagedPolicyAmazonRoute53DomainsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess") ManagedPolicyAmazonRoute53FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53FullAccess") ManagedPolicyAmazonRoute53ReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess") ManagedPolicyAmazonRoute53RecoveryClusterFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterFullAccess") ManagedPolicyAmazonRoute53RecoveryClusterReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterReadOnlyAccess") ManagedPolicyAmazonRoute53RecoveryControlConfigFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigFullAccess") ManagedPolicyAmazonRoute53RecoveryControlConfigReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigReadOnlyAccess") ManagedPolicyAmazonRoute53RecoveryReadinessFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessFullAccess") ManagedPolicyAmazonRoute53RecoveryReadinessReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessReadOnlyAccess") ManagedPolicyAmazonRoute53ResolverFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ResolverFullAccess") ManagedPolicyAmazonRoute53ResolverReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ResolverReadOnlyAccess") ManagedPolicyAmazonS3FullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3FullAccess") ManagedPolicyAmazonS3ObjectLambdaExecutionRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonS3ObjectLambdaExecutionRolePolicy") ManagedPolicyAmazonS3OutpostsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3OutpostsFullAccess") ManagedPolicyAmazonS3OutpostsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3OutpostsReadOnlyAccess") ManagedPolicyAmazonS3ReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess") ManagedPolicyAmazonSESFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESFullAccess") ManagedPolicyAmazonSESReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess") ManagedPolicyAmazonSNSFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSFullAccess") ManagedPolicyAmazonSNSReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess") ManagedPolicyAmazonSNSRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSNSRole") ManagedPolicyAmazonSQSFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSFullAccess") ManagedPolicyAmazonSQSReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess") ManagedPolicyAmazonSSMAutomationApproverAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMAutomationApproverAccess") ManagedPolicyAmazonSSMAutomationRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole") ManagedPolicyAmazonSSMDirectoryServiceAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMDirectoryServiceAccess") ManagedPolicyAmazonSSMFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMFullAccess") ManagedPolicyAmazonSSMMaintenanceWindowRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole") ManagedPolicyAmazonSSMManagedEC2InstanceDefaultPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy") ManagedPolicyAmazonSSMPatchAssociation = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMPatchAssociation") ManagedPolicyAmazonSSMReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess") ManagedPolicyAmazonSSMManagedInstanceCore = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore") ManagedPolicyAmazonSSMServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonSSMServiceRolePolicy") ManagedPolicyAmazonSageMakerAdminServiceCatalogProductsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy") ManagedPolicyAmazonSageMakerCanvasForecastAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerCanvasForecastAccess") ManagedPolicyAmazonSageMakerCanvasFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerCanvasFullAccess") ManagedPolicyAmazonSageMakerCoreServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerCoreServiceRolePolicy") ManagedPolicyAmazonSageMakerEdgeDeviceFleetPolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerEdgeDeviceFleetPolicy") ManagedPolicyAmazonSageMakerFeatureStoreAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerFeatureStoreAccess") ManagedPolicyAmazonSageMakerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerFullAccess") ManagedPolicyAmazonSageMakerGeospatialExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialExecutionRole") ManagedPolicyAmazonSageMakerGeospatialFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialFullAccess") ManagedPolicyAmazonSageMakerGroundTruthExecution = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerGroundTruthExecution") ManagedPolicyAmazonSageMakerMechanicalTurkAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerMechanicalTurkAccess") ManagedPolicyAmazonSageMakerModelGovernanceUseAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerModelGovernanceUseAccess") ManagedPolicyAmazonSageMakerNotebooksServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerNotebooksServiceRolePolicy") ManagedPolicyAmazonSageMakerPipelinesIntegrations = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerPipelinesIntegrations") ManagedPolicyAmazonSageMakerReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerReadOnly") ManagedPolicyAmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy") ManagedPolicyAmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy") ManagedPolicyAmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy") ManagedPolicyAmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy") ManagedPolicyAmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy") ManagedPolicyAmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy") ManagedPolicyAmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy") ManagedPolicyAmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy") ManagedPolicyAmazonSecurityLakePermissionsBoundary = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSecurityLakePermissionsBoundary") ManagedPolicyAmazonSumerianFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSumerianFullAccess") ManagedPolicyAmazonTextractFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTextractFullAccess") ManagedPolicyAmazonTextractServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonTextractServiceRole") ManagedPolicyAmazonTimestreamConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTimestreamConsoleFullAccess") ManagedPolicyAmazonTimestreamFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTimestreamFullAccess") ManagedPolicyAmazonTimestreamReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTimestreamReadOnlyAccess") ManagedPolicyAmazonTranscribeFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTranscribeFullAccess") ManagedPolicyAmazonTranscribeReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTranscribeReadOnlyAccess") ManagedPolicyAmazonVPCCrossAccountNetworkInterfaceOperations = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCCrossAccountNetworkInterfaceOperations") ManagedPolicyAmazonVPCFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCFullAccess") ManagedPolicyAmazonVPCReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess") ManagedPolicyAmazonWorkDocsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkDocsFullAccess") ManagedPolicyAmazonWorkDocsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkDocsReadOnlyAccess") ManagedPolicyAmazonWorkMailEventsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonWorkMailEventsServiceRolePolicy") ManagedPolicyAmazonWorkMailFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailFullAccess") ManagedPolicyAmazonWorkMailMessageFlowFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowFullAccess") ManagedPolicyAmazonWorkMailMessageFlowReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowReadOnlyAccess") ManagedPolicyAmazonWorkMailReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess") ManagedPolicyAmazonWorkSpacesAdmin = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesAdmin") ManagedPolicyAmazonWorkSpacesApplicationManagerAdminAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess") ManagedPolicyAmazonWorkSpacesSelfServiceAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess") ManagedPolicyAmazonWorkSpacesServiceAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess") ManagedPolicyAmazonWorkSpacesWebReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesWebReadOnly") ManagedPolicyAmazonWorkSpacesWebServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonWorkSpacesWebServiceRolePolicy") ManagedPolicyAmazonWorkspacesPCAAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkspacesPCAAccess") ManagedPolicyAmazonZocaloFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloFullAccess") ManagedPolicyAmazonZocaloReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess") ManagedPolicyAppIntegrationsServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AppIntegrationsServiceLinkedRolePolicy") ManagedPolicyAppRunnerNetworkingServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AppRunnerNetworkingServiceRolePolicy") ManagedPolicyAppRunnerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AppRunnerServiceRolePolicy") ManagedPolicyApplicationAutoScalingForAmazonAppStreamAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess") ManagedPolicyApplicationDiscoveryServiceContinuousExportServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ApplicationDiscoveryServiceContinuousExportServiceRolePolicy") ManagedPolicyAutoScalingConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleFullAccess") ManagedPolicyAutoScalingConsoleReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleReadOnlyAccess") ManagedPolicyAutoScalingFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingFullAccess") ManagedPolicyAutoScalingNotificationAccessRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole") ManagedPolicyAutoScalingReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingReadOnlyAccess") ManagedPolicyAutoScalingServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy") ManagedPolicyAwsGlueDataBrewFullAccessPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AwsGlueDataBrewFullAccessPolicy") ManagedPolicyAwsGlueSessionUserRestrictedNotebookPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedNotebookPolicy") ManagedPolicyAwsGlueSessionUserRestrictedNotebookServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedNotebookServiceRole") ManagedPolicyAwsGlueSessionUserRestrictedPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedPolicy") ManagedPolicyAwsGlueSessionUserRestrictedServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedServiceRole") ManagedPolicyBatchServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/BatchServiceRolePolicy") ManagedPolicyBilling = ManagedPolicy("arn:aws:iam::aws:policy/job-function/Billing") ManagedPolicyCertificateManagerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CertificateManagerServiceRolePolicy") ManagedPolicyClientVPNServiceConnectionsRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceConnectionsRolePolicy") ManagedPolicyClientVPNServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceRolePolicy") ManagedPolicyCloudFormationStackSetsOrgAdminServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgAdminServiceRolePolicy") ManagedPolicyCloudFormationStackSetsOrgMemberServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgMemberServiceRolePolicy") ManagedPolicyCloudFrontFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontFullAccess") ManagedPolicyCloudFrontReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess") ManagedPolicyCloudHSMServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudHSMServiceRolePolicy") ManagedPolicyCloudSearchFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchFullAccess") ManagedPolicyCloudSearchReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess") ManagedPolicyCloudTrailServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudTrailServiceRolePolicy") ManagedPolicyCloudWatchCrossAccountAccess = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudWatch-CrossAccountAccess") ManagedPolicyCloudWatchActionsEC2Access = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchActionsEC2Access") ManagedPolicyCloudWatchAgentAdminPolicy = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchAgentAdminPolicy") ManagedPolicyCloudWatchAgentServerPolicy = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy") ManagedPolicyCloudWatchApplicationInsightsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchApplicationInsightsFullAccess") ManagedPolicyCloudWatchApplicationInsightsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchApplicationInsightsReadOnlyAccess") ManagedPolicyCloudWatchAutomaticDashboardsAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchAutomaticDashboardsAccess") ManagedPolicyCloudWatchCrossAccountSharingConfiguration = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchCrossAccountSharingConfiguration") ManagedPolicyCloudWatchEventsBuiltInTargetExecutionAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess") ManagedPolicyCloudWatchEventsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsFullAccess") ManagedPolicyCloudWatchEventsInvocationAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess") ManagedPolicyCloudWatchEventsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsReadOnlyAccess") ManagedPolicyCloudWatchEventsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudWatchEventsServiceRolePolicy") ManagedPolicyCloudWatchFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchFullAccess") ManagedPolicyCloudWatchInternetMonitorServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudWatchInternetMonitorServiceRolePolicy") ManagedPolicyCloudWatchLambdaInsightsExecutionRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy") ManagedPolicyCloudWatchLogsCrossAccountSharingConfiguration = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsCrossAccountSharingConfiguration") ManagedPolicyCloudWatchLogsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsFullAccess") ManagedPolicyCloudWatchLogsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess") ManagedPolicyCloudWatchReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess") ManagedPolicyCloudWatchSyntheticsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchSyntheticsFullAccess") ManagedPolicyCloudWatchSyntheticsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchSyntheticsReadOnlyAccess") ManagedPolicyCloudwatchApplicationInsightsServiceLinkedRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudwatchApplicationInsightsServiceLinkedRolePolicy") ManagedPolicyComprehendDataAccessRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ComprehendDataAccessRolePolicy") ManagedPolicyComprehendFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ComprehendFullAccess") ManagedPolicyComprehendMedicalFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ComprehendMedicalFullAccess") ManagedPolicyComprehendReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/ComprehendReadOnly") ManagedPolicyComputeOptimizerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ComputeOptimizerReadOnlyAccess") ManagedPolicyComputeOptimizerServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ComputeOptimizerServiceRolePolicy") ManagedPolicyConfigConformsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ConfigConformsServiceRolePolicy") ManagedPolicyDAXServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DAXServiceRolePolicy") ManagedPolicyDataScientist = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DataScientist") ManagedPolicyDatabaseAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DatabaseAdministrator") ManagedPolicyDynamoDBCloudWatchContributorInsightsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DynamoDBCloudWatchContributorInsightsServiceRolePolicy") ManagedPolicyDynamoDBKinesisReplicationServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DynamoDBKinesisReplicationServiceRolePolicy") ManagedPolicyDynamoDBReplicationServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DynamoDBReplicationServiceRolePolicy") ManagedPolicyEC2FastLaunchServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/EC2FastLaunchServiceRolePolicy") ManagedPolicyEC2FleetTimeShiftableServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/EC2FleetTimeShiftableServiceRolePolicy") ManagedPolicyEC2InstanceConnect = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceConnect") ManagedPolicyEC2InstanceProfileForImageBuilder = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilder") ManagedPolicyEC2InstanceProfileForImageBuilderECRContainerBuilds = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilderECRContainerBuilds") ManagedPolicyECRReplicationServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ECRReplicationServiceRolePolicy") ManagedPolicyEc2ImageBuilderCrossAccountDistributionAccess = ManagedPolicy("arn:aws:iam::aws:policy/Ec2ImageBuilderCrossAccountDistributionAccess") ManagedPolicyEc2InstanceConnectEndpoint = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Ec2InstanceConnectEndpoint") ManagedPolicyElastiCacheServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ElastiCacheServiceRolePolicy") ManagedPolicyElasticLoadBalancingFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess") ManagedPolicyElasticLoadBalancingReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/ElasticLoadBalancingReadOnly") ManagedPolicyElementalActivationsDownloadSoftwareAccess = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsDownloadSoftwareAccess") ManagedPolicyElementalActivationsFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsFullAccess") ManagedPolicyElementalActivationsGenerateLicenses = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsGenerateLicenses") ManagedPolicyElementalActivationsReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsReadOnlyAccess") ManagedPolicyElementalAppliancesSoftwareFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ElementalAppliancesSoftwareFullAccess") ManagedPolicyElementalAppliancesSoftwareReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ElementalAppliancesSoftwareReadOnlyAccess") ManagedPolicyElementalSupportCenterFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ElementalSupportCenterFullAccess") ManagedPolicyFMSServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/FMSServiceRolePolicy") ManagedPolicyFSxDeleteServiceLinkedRoleAccess = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/FSxDeleteServiceLinkedRoleAccess") ManagedPolicyFusionDevInternalServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/FusionDevInternalServiceRolePolicy") ManagedPolicyGameLiftGameServerGroupPolicy = ManagedPolicy("arn:aws:iam::aws:policy/GameLiftGameServerGroupPolicy") ManagedPolicyGlobalAcceleratorFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/GlobalAcceleratorFullAccess") ManagedPolicyGlobalAcceleratorReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/GlobalAcceleratorReadOnlyAccess") ManagedPolicyGreengrassOTAUpdateArtifactAccess = ManagedPolicy("arn:aws:iam::aws:policy/service-role/GreengrassOTAUpdateArtifactAccess") ManagedPolicyGroundTruthSyntheticConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleFullAccess") ManagedPolicyGroundTruthSyntheticConsoleReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleReadOnlyAccess") ManagedPolicy_Health_OrganizationsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Health_OrganizationsServiceRolePolicy") ManagedPolicyIAMAccessAdvisorReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/IAMAccessAdvisorReadOnly") ManagedPolicyIAMAccessAnalyzerFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/IAMAccessAnalyzerFullAccess") ManagedPolicyIAMAccessAnalyzerReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/IAMAccessAnalyzerReadOnlyAccess") ManagedPolicyIAMFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/IAMFullAccess") ManagedPolicyIAMReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/IAMReadOnlyAccess") ManagedPolicyIAMSelfManageServiceSpecificCredentials = ManagedPolicy("arn:aws:iam::aws:policy/IAMSelfManageServiceSpecificCredentials") ManagedPolicyIAMUserChangePassword = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserChangePassword") ManagedPolicyIAMUserSSHKeys = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserSSHKeys") ManagedPolicyIVSRecordToS3 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/IVSRecordToS3") ManagedPolicyKafkaConnectServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/KafkaConnectServiceRolePolicy") ManagedPolicyKafkaServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/KafkaServiceRolePolicy") ManagedPolicyLakeFormationDataAccessServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LakeFormationDataAccessServiceRolePolicy") ManagedPolicyLexBotPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LexBotPolicy") ManagedPolicyLexChannelPolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LexChannelPolicy") ManagedPolicyLightsailExportAccess = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LightsailExportAccess") ManagedPolicyMediaPackageServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MediaPackageServiceRolePolicy") ManagedPolicyMemoryDBServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MemoryDBServiceRolePolicy") ManagedPolicyMigrationHubDMSAccessServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MigrationHubDMSAccessServiceRolePolicy") ManagedPolicyMigrationHubSMSAccessServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MigrationHubSMSAccessServiceRolePolicy") ManagedPolicyMigrationHubServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MigrationHubServiceRolePolicy") ManagedPolicyMonitronServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MonitronServiceRolePolicy") ManagedPolicyNeptuneConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/NeptuneConsoleFullAccess") ManagedPolicyNeptuneFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/NeptuneFullAccess") ManagedPolicyNeptuneReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/NeptuneReadOnlyAccess") ManagedPolicyNetworkAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/job-function/NetworkAdministrator") ManagedPolicyOAMFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/OAMFullAccess") ManagedPolicyOAMReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/OAMReadOnlyAccess") ManagedPolicyPowerUserAccess = ManagedPolicy("arn:aws:iam::aws:policy/PowerUserAccess") ManagedPolicyQuickSightAccessForS3StorageManagementAnalyticsReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/service-role/QuickSightAccessForS3StorageManagementAnalyticsReadOnly") ManagedPolicyRDSCloudHsmAuthorizationRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole") ManagedPolicyROSAManageSubscription = ManagedPolicy("arn:aws:iam::aws:policy/ROSAManageSubscription") ManagedPolicyReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ReadOnlyAccess") ManagedPolicyResourceGroupsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ResourceGroupsServiceRolePolicy") ManagedPolicyResourceGroupsandTagEditorFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess") ManagedPolicyResourceGroupsandTagEditorReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess") ManagedPolicyRoute53RecoveryReadinessServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Route53RecoveryReadinessServiceRolePolicy") ManagedPolicyRoute53ResolverServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Route53ResolverServiceRolePolicy") ManagedPolicyS3StorageLensServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/S3StorageLensServiceRolePolicy") ManagedPolicySecretsManagerReadWrite = ManagedPolicy("arn:aws:iam::aws:policy/SecretsManagerReadWrite") ManagedPolicySecurityAudit = ManagedPolicy("arn:aws:iam::aws:policy/SecurityAudit") ManagedPolicySecurityLakeServiceLinkedRole = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/SecurityLakeServiceLinkedRole") ManagedPolicyServerMigrationConnector = ManagedPolicy("arn:aws:iam::aws:policy/ServerMigrationConnector") // Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServerMigration_ServiceRole instead. ManagedPolicyServerMigrationServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRole") // Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogAdminFullAccess instead. ManagedPolicyServiceCatalogAdminFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminFullAccess") // Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogAdminReadOnlyAccess instead. ManagedPolicyServiceCatalogAdminReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminReadOnlyAccess") // Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogEndUserReadOnlyAccess instead. ManagedPolicyServiceCatalogEndUserAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserAccess") // Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogEndUserFullAccess instead. ManagedPolicyServiceCatalogEndUserFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserFullAccess") ManagedPolicyServerMigrationServiceConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServerMigrationServiceConsoleFullAccess") ManagedPolicyServerMigrationServiceLaunchRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceLaunchRole") ManagedPolicyServerMigrationServiceRoleForInstanceValidation = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRoleForInstanceValidation") ManagedPolicy_AWSServerMigration_ServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigration_ServiceRole") ManagedPolicyServiceQuotasFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceQuotasFullAccess") ManagedPolicyServiceQuotasReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceQuotasReadOnlyAccess") ManagedPolicyServiceQuotasServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ServiceQuotasServiceRolePolicy") ManagedPolicySimpleWorkflowFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/SimpleWorkflowFullAccess") ManagedPolicySupportUser = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SupportUser") ManagedPolicySystemAdministrator = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SystemAdministrator") ManagedPolicyTranslateFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/TranslateFullAccess") ManagedPolicyTranslateReadOnly = ManagedPolicy("arn:aws:iam::aws:policy/TranslateReadOnly") ManagedPolicyVMImportExportRoleForAWSConnector = ManagedPolicy("arn:aws:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector") ManagedPolicyViewOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/job-function/ViewOnlyAccess") ManagedPolicyWAFLoggingServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/WAFLoggingServiceRolePolicy") ManagedPolicyWAFRegionalLoggingServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/WAFRegionalLoggingServiceRolePolicy") ManagedPolicyWAFV2LoggingServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/WAFV2LoggingServiceRolePolicy") ManagedPolicyWellArchitectedConsoleFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/WellArchitectedConsoleFullAccess") ManagedPolicyWellArchitectedConsoleReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/WellArchitectedConsoleReadOnlyAccess") ManagedPolicyWorkLinkServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/WorkLinkServiceRolePolicy") )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessKey ¶
type AccessKey struct { pulumi.CustomResourceState // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created. CreateDate pulumi.StringOutput `pulumi:"createDate"` // Encrypted secret, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line. EncryptedSecret pulumi.StringOutput `pulumi:"encryptedSecret"` // Encrypted SES SMTP password, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line. EncryptedSesSmtpPasswordV4 pulumi.StringOutput `pulumi:"encryptedSesSmtpPasswordV4"` // Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources. KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"` // Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`). PgpKey pulumi.StringPtrOutput `pulumi:"pgpKey"` // Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation. Secret pulumi.StringOutput `pulumi:"secret"` // Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region). SesSmtpPasswordV4 pulumi.StringOutput `pulumi:"sesSmtpPasswordV4"` // Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`. Status pulumi.StringPtrOutput `pulumi:"status"` // IAM user to associate with this access key. User pulumi.StringOutput `pulumi:"user"` }
Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{ Path: pulumi.String("/system/"), }) if err != nil { return err } lbAccessKey, err := iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{ User: lbUser.Name, PgpKey: pulumi.String("keybase:some_person_that_exists"), }) if err != nil { return err } lbRoPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Actions: []string{ "ec2:Describe*", }, Resources: []string{ "*", }, }, }, }, nil) if err != nil { return err } _, err = iam.NewUserPolicy(ctx, "lbRoUserPolicy", &iam.UserPolicyArgs{ User: lbUser.Name, Policy: *pulumi.String(lbRoPolicyDocument.Json), }) if err != nil { return err } ctx.Export("secret", lbAccessKey.EncryptedSecret) return nil }) }
```
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { testUser, err := iam.NewUser(ctx, "testUser", &iam.UserArgs{ Path: pulumi.String("/test/"), }) if err != nil { return err } testAccessKey, err := iam.NewAccessKey(ctx, "testAccessKey", &iam.AccessKeyArgs{ User: testUser.Name, }) if err != nil { return err } ctx.Export("awsIamSmtpPasswordV4", testAccessKey.SesSmtpPasswordV4) return nil }) }
```
## Import
IAM Access Keys can be imported using the identifier, e.g.,
```sh
$ pulumi import aws:iam/accessKey:AccessKey example AKIA1234567890
```
Resource attributes such as `encrypted_secret`, `key_fingerprint`, `pgp_key`, `secret`, `ses_smtp_password_v4`, and `encrypted_ses_smtp_password_v4` are not available for imported resources as this information cannot be read from the IAM API.
func GetAccessKey ¶
func GetAccessKey(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AccessKeyState, opts ...pulumi.ResourceOption) (*AccessKey, error)
GetAccessKey gets an existing AccessKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAccessKey ¶
func NewAccessKey(ctx *pulumi.Context, name string, args *AccessKeyArgs, opts ...pulumi.ResourceOption) (*AccessKey, error)
NewAccessKey registers a new resource with the given unique name, arguments, and options.
func (*AccessKey) ElementType ¶
func (*AccessKey) ToAccessKeyOutput ¶
func (i *AccessKey) ToAccessKeyOutput() AccessKeyOutput
func (*AccessKey) ToAccessKeyOutputWithContext ¶
func (i *AccessKey) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput
type AccessKeyArgs ¶
type AccessKeyArgs struct { // Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`). PgpKey pulumi.StringPtrInput // Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`. Status pulumi.StringPtrInput // IAM user to associate with this access key. User pulumi.StringInput }
The set of arguments for constructing a AccessKey resource.
func (AccessKeyArgs) ElementType ¶
func (AccessKeyArgs) ElementType() reflect.Type
type AccessKeyArray ¶
type AccessKeyArray []AccessKeyInput
func (AccessKeyArray) ElementType ¶
func (AccessKeyArray) ElementType() reflect.Type
func (AccessKeyArray) ToAccessKeyArrayOutput ¶
func (i AccessKeyArray) ToAccessKeyArrayOutput() AccessKeyArrayOutput
func (AccessKeyArray) ToAccessKeyArrayOutputWithContext ¶
func (i AccessKeyArray) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput
type AccessKeyArrayInput ¶
type AccessKeyArrayInput interface { pulumi.Input ToAccessKeyArrayOutput() AccessKeyArrayOutput ToAccessKeyArrayOutputWithContext(context.Context) AccessKeyArrayOutput }
AccessKeyArrayInput is an input type that accepts AccessKeyArray and AccessKeyArrayOutput values. You can construct a concrete instance of `AccessKeyArrayInput` via:
AccessKeyArray{ AccessKeyArgs{...} }
type AccessKeyArrayOutput ¶
type AccessKeyArrayOutput struct{ *pulumi.OutputState }
func (AccessKeyArrayOutput) ElementType ¶
func (AccessKeyArrayOutput) ElementType() reflect.Type
func (AccessKeyArrayOutput) Index ¶
func (o AccessKeyArrayOutput) Index(i pulumi.IntInput) AccessKeyOutput
func (AccessKeyArrayOutput) ToAccessKeyArrayOutput ¶
func (o AccessKeyArrayOutput) ToAccessKeyArrayOutput() AccessKeyArrayOutput
func (AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext ¶
func (o AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput
type AccessKeyInput ¶
type AccessKeyInput interface { pulumi.Input ToAccessKeyOutput() AccessKeyOutput ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput }
type AccessKeyMap ¶
type AccessKeyMap map[string]AccessKeyInput
func (AccessKeyMap) ElementType ¶
func (AccessKeyMap) ElementType() reflect.Type
func (AccessKeyMap) ToAccessKeyMapOutput ¶
func (i AccessKeyMap) ToAccessKeyMapOutput() AccessKeyMapOutput
func (AccessKeyMap) ToAccessKeyMapOutputWithContext ¶
func (i AccessKeyMap) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput
type AccessKeyMapInput ¶
type AccessKeyMapInput interface { pulumi.Input ToAccessKeyMapOutput() AccessKeyMapOutput ToAccessKeyMapOutputWithContext(context.Context) AccessKeyMapOutput }
AccessKeyMapInput is an input type that accepts AccessKeyMap and AccessKeyMapOutput values. You can construct a concrete instance of `AccessKeyMapInput` via:
AccessKeyMap{ "key": AccessKeyArgs{...} }
type AccessKeyMapOutput ¶
type AccessKeyMapOutput struct{ *pulumi.OutputState }
func (AccessKeyMapOutput) ElementType ¶
func (AccessKeyMapOutput) ElementType() reflect.Type
func (AccessKeyMapOutput) MapIndex ¶
func (o AccessKeyMapOutput) MapIndex(k pulumi.StringInput) AccessKeyOutput
func (AccessKeyMapOutput) ToAccessKeyMapOutput ¶
func (o AccessKeyMapOutput) ToAccessKeyMapOutput() AccessKeyMapOutput
func (AccessKeyMapOutput) ToAccessKeyMapOutputWithContext ¶
func (o AccessKeyMapOutput) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput
type AccessKeyOutput ¶
type AccessKeyOutput struct{ *pulumi.OutputState }
func (AccessKeyOutput) CreateDate ¶
func (o AccessKeyOutput) CreateDate() pulumi.StringOutput
Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
func (AccessKeyOutput) ElementType ¶
func (AccessKeyOutput) ElementType() reflect.Type
func (AccessKeyOutput) EncryptedSecret ¶
func (o AccessKeyOutput) EncryptedSecret() pulumi.StringOutput
Encrypted secret, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line.
func (AccessKeyOutput) EncryptedSesSmtpPasswordV4 ¶
func (o AccessKeyOutput) EncryptedSesSmtpPasswordV4() pulumi.StringOutput
Encrypted SES SMTP password, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line.
func (AccessKeyOutput) KeyFingerprint ¶
func (o AccessKeyOutput) KeyFingerprint() pulumi.StringOutput
Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.
func (AccessKeyOutput) PgpKey ¶
func (o AccessKeyOutput) PgpKey() pulumi.StringPtrOutput
Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`).
func (AccessKeyOutput) Secret ¶
func (o AccessKeyOutput) Secret() pulumi.StringOutput
Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
func (AccessKeyOutput) SesSmtpPasswordV4 ¶
func (o AccessKeyOutput) SesSmtpPasswordV4() pulumi.StringOutput
Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).
func (AccessKeyOutput) Status ¶
func (o AccessKeyOutput) Status() pulumi.StringPtrOutput
Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
func (AccessKeyOutput) ToAccessKeyOutput ¶
func (o AccessKeyOutput) ToAccessKeyOutput() AccessKeyOutput
func (AccessKeyOutput) ToAccessKeyOutputWithContext ¶
func (o AccessKeyOutput) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput
func (AccessKeyOutput) User ¶
func (o AccessKeyOutput) User() pulumi.StringOutput
IAM user to associate with this access key.
type AccessKeyState ¶
type AccessKeyState struct { // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created. CreateDate pulumi.StringPtrInput // Encrypted secret, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line. EncryptedSecret pulumi.StringPtrInput // Encrypted SES SMTP password, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line. EncryptedSesSmtpPasswordV4 pulumi.StringPtrInput // Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources. KeyFingerprint pulumi.StringPtrInput // Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`). PgpKey pulumi.StringPtrInput // Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation. Secret pulumi.StringPtrInput // Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region). SesSmtpPasswordV4 pulumi.StringPtrInput // Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`. Status pulumi.StringPtrInput // IAM user to associate with this access key. User pulumi.StringPtrInput }
func (AccessKeyState) ElementType ¶
func (AccessKeyState) ElementType() reflect.Type
type AccountAlias ¶
type AccountAlias struct { pulumi.CustomResourceState // The account alias AccountAlias pulumi.StringOutput `pulumi:"accountAlias"` }
> **Note:** There is only a single account alias per AWS account.
Manages the account alias for the AWS Account.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewAccountAlias(ctx, "alias", &iam.AccountAliasArgs{ AccountAlias: pulumi.String("my-account-alias"), }) if err != nil { return err } return nil }) }
```
## Import
The current Account Alias can be imported using the `account_alias`, e.g.,
```sh
$ pulumi import aws:iam/accountAlias:AccountAlias alias my-account-alias
```
func GetAccountAlias ¶
func GetAccountAlias(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AccountAliasState, opts ...pulumi.ResourceOption) (*AccountAlias, error)
GetAccountAlias gets an existing AccountAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAccountAlias ¶
func NewAccountAlias(ctx *pulumi.Context, name string, args *AccountAliasArgs, opts ...pulumi.ResourceOption) (*AccountAlias, error)
NewAccountAlias registers a new resource with the given unique name, arguments, and options.
func (*AccountAlias) ElementType ¶
func (*AccountAlias) ElementType() reflect.Type
func (*AccountAlias) ToAccountAliasOutput ¶
func (i *AccountAlias) ToAccountAliasOutput() AccountAliasOutput
func (*AccountAlias) ToAccountAliasOutputWithContext ¶
func (i *AccountAlias) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput
type AccountAliasArgs ¶
type AccountAliasArgs struct { // The account alias AccountAlias pulumi.StringInput }
The set of arguments for constructing a AccountAlias resource.
func (AccountAliasArgs) ElementType ¶
func (AccountAliasArgs) ElementType() reflect.Type
type AccountAliasArray ¶
type AccountAliasArray []AccountAliasInput
func (AccountAliasArray) ElementType ¶
func (AccountAliasArray) ElementType() reflect.Type
func (AccountAliasArray) ToAccountAliasArrayOutput ¶
func (i AccountAliasArray) ToAccountAliasArrayOutput() AccountAliasArrayOutput
func (AccountAliasArray) ToAccountAliasArrayOutputWithContext ¶
func (i AccountAliasArray) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput
type AccountAliasArrayInput ¶
type AccountAliasArrayInput interface { pulumi.Input ToAccountAliasArrayOutput() AccountAliasArrayOutput ToAccountAliasArrayOutputWithContext(context.Context) AccountAliasArrayOutput }
AccountAliasArrayInput is an input type that accepts AccountAliasArray and AccountAliasArrayOutput values. You can construct a concrete instance of `AccountAliasArrayInput` via:
AccountAliasArray{ AccountAliasArgs{...} }
type AccountAliasArrayOutput ¶
type AccountAliasArrayOutput struct{ *pulumi.OutputState }
func (AccountAliasArrayOutput) ElementType ¶
func (AccountAliasArrayOutput) ElementType() reflect.Type
func (AccountAliasArrayOutput) Index ¶
func (o AccountAliasArrayOutput) Index(i pulumi.IntInput) AccountAliasOutput
func (AccountAliasArrayOutput) ToAccountAliasArrayOutput ¶
func (o AccountAliasArrayOutput) ToAccountAliasArrayOutput() AccountAliasArrayOutput
func (AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext ¶
func (o AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput
type AccountAliasInput ¶
type AccountAliasInput interface { pulumi.Input ToAccountAliasOutput() AccountAliasOutput ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput }
type AccountAliasMap ¶
type AccountAliasMap map[string]AccountAliasInput
func (AccountAliasMap) ElementType ¶
func (AccountAliasMap) ElementType() reflect.Type
func (AccountAliasMap) ToAccountAliasMapOutput ¶
func (i AccountAliasMap) ToAccountAliasMapOutput() AccountAliasMapOutput
func (AccountAliasMap) ToAccountAliasMapOutputWithContext ¶
func (i AccountAliasMap) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput
type AccountAliasMapInput ¶
type AccountAliasMapInput interface { pulumi.Input ToAccountAliasMapOutput() AccountAliasMapOutput ToAccountAliasMapOutputWithContext(context.Context) AccountAliasMapOutput }
AccountAliasMapInput is an input type that accepts AccountAliasMap and AccountAliasMapOutput values. You can construct a concrete instance of `AccountAliasMapInput` via:
AccountAliasMap{ "key": AccountAliasArgs{...} }
type AccountAliasMapOutput ¶
type AccountAliasMapOutput struct{ *pulumi.OutputState }
func (AccountAliasMapOutput) ElementType ¶
func (AccountAliasMapOutput) ElementType() reflect.Type
func (AccountAliasMapOutput) MapIndex ¶
func (o AccountAliasMapOutput) MapIndex(k pulumi.StringInput) AccountAliasOutput
func (AccountAliasMapOutput) ToAccountAliasMapOutput ¶
func (o AccountAliasMapOutput) ToAccountAliasMapOutput() AccountAliasMapOutput
func (AccountAliasMapOutput) ToAccountAliasMapOutputWithContext ¶
func (o AccountAliasMapOutput) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput
type AccountAliasOutput ¶
type AccountAliasOutput struct{ *pulumi.OutputState }
func (AccountAliasOutput) AccountAlias ¶
func (o AccountAliasOutput) AccountAlias() pulumi.StringOutput
The account alias
func (AccountAliasOutput) ElementType ¶
func (AccountAliasOutput) ElementType() reflect.Type
func (AccountAliasOutput) ToAccountAliasOutput ¶
func (o AccountAliasOutput) ToAccountAliasOutput() AccountAliasOutput
func (AccountAliasOutput) ToAccountAliasOutputWithContext ¶
func (o AccountAliasOutput) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput
type AccountAliasState ¶
type AccountAliasState struct { // The account alias AccountAlias pulumi.StringPtrInput }
func (AccountAliasState) ElementType ¶
func (AccountAliasState) ElementType() reflect.Type
type AccountPasswordPolicy ¶
type AccountPasswordPolicy struct { pulumi.CustomResourceState // Whether to allow users to change their own password AllowUsersToChangePassword pulumi.BoolPtrOutput `pulumi:"allowUsersToChangePassword"` // Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_. ExpirePasswords pulumi.BoolOutput `pulumi:"expirePasswords"` // Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset) HardExpiry pulumi.BoolOutput `pulumi:"hardExpiry"` // The number of days that an user password is valid. MaxPasswordAge pulumi.IntOutput `pulumi:"maxPasswordAge"` // Minimum length to require for user passwords. MinimumPasswordLength pulumi.IntPtrOutput `pulumi:"minimumPasswordLength"` // The number of previous passwords that users are prevented from reusing. PasswordReusePrevention pulumi.IntOutput `pulumi:"passwordReusePrevention"` // Whether to require lowercase characters for user passwords. RequireLowercaseCharacters pulumi.BoolOutput `pulumi:"requireLowercaseCharacters"` // Whether to require numbers for user passwords. RequireNumbers pulumi.BoolOutput `pulumi:"requireNumbers"` // Whether to require symbols for user passwords. RequireSymbols pulumi.BoolOutput `pulumi:"requireSymbols"` // Whether to require uppercase characters for user passwords. RequireUppercaseCharacters pulumi.BoolOutput `pulumi:"requireUppercaseCharacters"` }
> **Note:** There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.
Manages Password Policy for the AWS Account. See more about [Account Password Policy](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html) in the official AWS docs.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewAccountPasswordPolicy(ctx, "strict", &iam.AccountPasswordPolicyArgs{ AllowUsersToChangePassword: pulumi.Bool(true), MinimumPasswordLength: pulumi.Int(8), RequireLowercaseCharacters: pulumi.Bool(true), RequireNumbers: pulumi.Bool(true), RequireSymbols: pulumi.Bool(true), RequireUppercaseCharacters: pulumi.Bool(true), }) if err != nil { return err } return nil }) }
```
## Import
IAM Account Password Policy can be imported using the word `iam-account-password-policy`, e.g.,
```sh
$ pulumi import aws:iam/accountPasswordPolicy:AccountPasswordPolicy strict iam-account-password-policy
```
func GetAccountPasswordPolicy ¶
func GetAccountPasswordPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *AccountPasswordPolicyState, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)
GetAccountPasswordPolicy gets an existing AccountPasswordPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewAccountPasswordPolicy ¶
func NewAccountPasswordPolicy(ctx *pulumi.Context, name string, args *AccountPasswordPolicyArgs, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)
NewAccountPasswordPolicy registers a new resource with the given unique name, arguments, and options.
func (*AccountPasswordPolicy) ElementType ¶
func (*AccountPasswordPolicy) ElementType() reflect.Type
func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutput ¶
func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput
func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext ¶
func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput
type AccountPasswordPolicyArgs ¶
type AccountPasswordPolicyArgs struct { // Whether to allow users to change their own password AllowUsersToChangePassword pulumi.BoolPtrInput // Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset) HardExpiry pulumi.BoolPtrInput // The number of days that an user password is valid. MaxPasswordAge pulumi.IntPtrInput // Minimum length to require for user passwords. MinimumPasswordLength pulumi.IntPtrInput // The number of previous passwords that users are prevented from reusing. PasswordReusePrevention pulumi.IntPtrInput // Whether to require lowercase characters for user passwords. RequireLowercaseCharacters pulumi.BoolPtrInput // Whether to require numbers for user passwords. RequireNumbers pulumi.BoolPtrInput // Whether to require symbols for user passwords. RequireSymbols pulumi.BoolPtrInput // Whether to require uppercase characters for user passwords. RequireUppercaseCharacters pulumi.BoolPtrInput }
The set of arguments for constructing a AccountPasswordPolicy resource.
func (AccountPasswordPolicyArgs) ElementType ¶
func (AccountPasswordPolicyArgs) ElementType() reflect.Type
type AccountPasswordPolicyArray ¶
type AccountPasswordPolicyArray []AccountPasswordPolicyInput
func (AccountPasswordPolicyArray) ElementType ¶
func (AccountPasswordPolicyArray) ElementType() reflect.Type
func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput ¶
func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput
func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext ¶
func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput
type AccountPasswordPolicyArrayInput ¶
type AccountPasswordPolicyArrayInput interface { pulumi.Input ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput ToAccountPasswordPolicyArrayOutputWithContext(context.Context) AccountPasswordPolicyArrayOutput }
AccountPasswordPolicyArrayInput is an input type that accepts AccountPasswordPolicyArray and AccountPasswordPolicyArrayOutput values. You can construct a concrete instance of `AccountPasswordPolicyArrayInput` via:
AccountPasswordPolicyArray{ AccountPasswordPolicyArgs{...} }
type AccountPasswordPolicyArrayOutput ¶
type AccountPasswordPolicyArrayOutput struct{ *pulumi.OutputState }
func (AccountPasswordPolicyArrayOutput) ElementType ¶
func (AccountPasswordPolicyArrayOutput) ElementType() reflect.Type
func (AccountPasswordPolicyArrayOutput) Index ¶
func (o AccountPasswordPolicyArrayOutput) Index(i pulumi.IntInput) AccountPasswordPolicyOutput
func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput ¶
func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput
func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext ¶
func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput
type AccountPasswordPolicyInput ¶
type AccountPasswordPolicyInput interface { pulumi.Input ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput }
type AccountPasswordPolicyMap ¶
type AccountPasswordPolicyMap map[string]AccountPasswordPolicyInput
func (AccountPasswordPolicyMap) ElementType ¶
func (AccountPasswordPolicyMap) ElementType() reflect.Type
func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput ¶
func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput
func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext ¶
func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput
type AccountPasswordPolicyMapInput ¶
type AccountPasswordPolicyMapInput interface { pulumi.Input ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput ToAccountPasswordPolicyMapOutputWithContext(context.Context) AccountPasswordPolicyMapOutput }
AccountPasswordPolicyMapInput is an input type that accepts AccountPasswordPolicyMap and AccountPasswordPolicyMapOutput values. You can construct a concrete instance of `AccountPasswordPolicyMapInput` via:
AccountPasswordPolicyMap{ "key": AccountPasswordPolicyArgs{...} }
type AccountPasswordPolicyMapOutput ¶
type AccountPasswordPolicyMapOutput struct{ *pulumi.OutputState }
func (AccountPasswordPolicyMapOutput) ElementType ¶
func (AccountPasswordPolicyMapOutput) ElementType() reflect.Type
func (AccountPasswordPolicyMapOutput) MapIndex ¶
func (o AccountPasswordPolicyMapOutput) MapIndex(k pulumi.StringInput) AccountPasswordPolicyOutput
func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput ¶
func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput
func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext ¶
func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput
type AccountPasswordPolicyOutput ¶
type AccountPasswordPolicyOutput struct{ *pulumi.OutputState }
func (AccountPasswordPolicyOutput) AllowUsersToChangePassword ¶
func (o AccountPasswordPolicyOutput) AllowUsersToChangePassword() pulumi.BoolPtrOutput
Whether to allow users to change their own password
func (AccountPasswordPolicyOutput) ElementType ¶
func (AccountPasswordPolicyOutput) ElementType() reflect.Type
func (AccountPasswordPolicyOutput) ExpirePasswords ¶
func (o AccountPasswordPolicyOutput) ExpirePasswords() pulumi.BoolOutput
Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.
func (AccountPasswordPolicyOutput) HardExpiry ¶
func (o AccountPasswordPolicyOutput) HardExpiry() pulumi.BoolOutput
Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
func (AccountPasswordPolicyOutput) MaxPasswordAge ¶
func (o AccountPasswordPolicyOutput) MaxPasswordAge() pulumi.IntOutput
The number of days that an user password is valid.
func (AccountPasswordPolicyOutput) MinimumPasswordLength ¶
func (o AccountPasswordPolicyOutput) MinimumPasswordLength() pulumi.IntPtrOutput
Minimum length to require for user passwords.
func (AccountPasswordPolicyOutput) PasswordReusePrevention ¶
func (o AccountPasswordPolicyOutput) PasswordReusePrevention() pulumi.IntOutput
The number of previous passwords that users are prevented from reusing.
func (AccountPasswordPolicyOutput) RequireLowercaseCharacters ¶
func (o AccountPasswordPolicyOutput) RequireLowercaseCharacters() pulumi.BoolOutput
Whether to require lowercase characters for user passwords.
func (AccountPasswordPolicyOutput) RequireNumbers ¶
func (o AccountPasswordPolicyOutput) RequireNumbers() pulumi.BoolOutput
Whether to require numbers for user passwords.
func (AccountPasswordPolicyOutput) RequireSymbols ¶
func (o AccountPasswordPolicyOutput) RequireSymbols() pulumi.BoolOutput
Whether to require symbols for user passwords.
func (AccountPasswordPolicyOutput) RequireUppercaseCharacters ¶
func (o AccountPasswordPolicyOutput) RequireUppercaseCharacters() pulumi.BoolOutput
Whether to require uppercase characters for user passwords.
func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput ¶
func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput
func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext ¶
func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput
type AccountPasswordPolicyState ¶
type AccountPasswordPolicyState struct { // Whether to allow users to change their own password AllowUsersToChangePassword pulumi.BoolPtrInput // Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_. ExpirePasswords pulumi.BoolPtrInput // Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset) HardExpiry pulumi.BoolPtrInput // The number of days that an user password is valid. MaxPasswordAge pulumi.IntPtrInput // Minimum length to require for user passwords. MinimumPasswordLength pulumi.IntPtrInput // The number of previous passwords that users are prevented from reusing. PasswordReusePrevention pulumi.IntPtrInput // Whether to require lowercase characters for user passwords. RequireLowercaseCharacters pulumi.BoolPtrInput // Whether to require numbers for user passwords. RequireNumbers pulumi.BoolPtrInput // Whether to require symbols for user passwords. RequireSymbols pulumi.BoolPtrInput // Whether to require uppercase characters for user passwords. RequireUppercaseCharacters pulumi.BoolPtrInput }
func (AccountPasswordPolicyState) ElementType ¶
func (AccountPasswordPolicyState) ElementType() reflect.Type
type GetAccessKeysAccessKey ¶
type GetAccessKeysAccessKey struct { // Access key ID. AccessKeyId string `pulumi:"accessKeyId"` // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created. CreateDate string `pulumi:"createDate"` // Access key status. Possible values are `Active` and `Inactive`. Status string `pulumi:"status"` }
type GetAccessKeysAccessKeyArgs ¶
type GetAccessKeysAccessKeyArgs struct { // Access key ID. AccessKeyId pulumi.StringInput `pulumi:"accessKeyId"` // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created. CreateDate pulumi.StringInput `pulumi:"createDate"` // Access key status. Possible values are `Active` and `Inactive`. Status pulumi.StringInput `pulumi:"status"` }
func (GetAccessKeysAccessKeyArgs) ElementType ¶
func (GetAccessKeysAccessKeyArgs) ElementType() reflect.Type
func (GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutput ¶
func (i GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutput() GetAccessKeysAccessKeyOutput
func (GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutputWithContext ¶
func (i GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyOutput
type GetAccessKeysAccessKeyArray ¶
type GetAccessKeysAccessKeyArray []GetAccessKeysAccessKeyInput
func (GetAccessKeysAccessKeyArray) ElementType ¶
func (GetAccessKeysAccessKeyArray) ElementType() reflect.Type
func (GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutput ¶
func (i GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput
func (GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutputWithContext ¶
func (i GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyArrayOutput
type GetAccessKeysAccessKeyArrayInput ¶
type GetAccessKeysAccessKeyArrayInput interface { pulumi.Input ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput ToGetAccessKeysAccessKeyArrayOutputWithContext(context.Context) GetAccessKeysAccessKeyArrayOutput }
GetAccessKeysAccessKeyArrayInput is an input type that accepts GetAccessKeysAccessKeyArray and GetAccessKeysAccessKeyArrayOutput values. You can construct a concrete instance of `GetAccessKeysAccessKeyArrayInput` via:
GetAccessKeysAccessKeyArray{ GetAccessKeysAccessKeyArgs{...} }
type GetAccessKeysAccessKeyArrayOutput ¶
type GetAccessKeysAccessKeyArrayOutput struct{ *pulumi.OutputState }
func (GetAccessKeysAccessKeyArrayOutput) ElementType ¶
func (GetAccessKeysAccessKeyArrayOutput) ElementType() reflect.Type
func (GetAccessKeysAccessKeyArrayOutput) Index ¶
func (o GetAccessKeysAccessKeyArrayOutput) Index(i pulumi.IntInput) GetAccessKeysAccessKeyOutput
func (GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutput ¶
func (o GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput
func (GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutputWithContext ¶
func (o GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyArrayOutput
type GetAccessKeysAccessKeyInput ¶
type GetAccessKeysAccessKeyInput interface { pulumi.Input ToGetAccessKeysAccessKeyOutput() GetAccessKeysAccessKeyOutput ToGetAccessKeysAccessKeyOutputWithContext(context.Context) GetAccessKeysAccessKeyOutput }
GetAccessKeysAccessKeyInput is an input type that accepts GetAccessKeysAccessKeyArgs and GetAccessKeysAccessKeyOutput values. You can construct a concrete instance of `GetAccessKeysAccessKeyInput` via:
GetAccessKeysAccessKeyArgs{...}
type GetAccessKeysAccessKeyOutput ¶
type GetAccessKeysAccessKeyOutput struct{ *pulumi.OutputState }
func (GetAccessKeysAccessKeyOutput) AccessKeyId ¶
func (o GetAccessKeysAccessKeyOutput) AccessKeyId() pulumi.StringOutput
Access key ID.
func (GetAccessKeysAccessKeyOutput) CreateDate ¶
func (o GetAccessKeysAccessKeyOutput) CreateDate() pulumi.StringOutput
Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
func (GetAccessKeysAccessKeyOutput) ElementType ¶
func (GetAccessKeysAccessKeyOutput) ElementType() reflect.Type
func (GetAccessKeysAccessKeyOutput) Status ¶
func (o GetAccessKeysAccessKeyOutput) Status() pulumi.StringOutput
Access key status. Possible values are `Active` and `Inactive`.
func (GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutput ¶
func (o GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutput() GetAccessKeysAccessKeyOutput
func (GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutputWithContext ¶
func (o GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyOutput
type GetAccessKeysArgs ¶
type GetAccessKeysArgs struct { // Name of the IAM user associated with the access keys. User string `pulumi:"user"` }
A collection of arguments for invoking getAccessKeys.
type GetAccessKeysOutputArgs ¶
type GetAccessKeysOutputArgs struct { // Name of the IAM user associated with the access keys. User pulumi.StringInput `pulumi:"user"` }
A collection of arguments for invoking getAccessKeys.
func (GetAccessKeysOutputArgs) ElementType ¶
func (GetAccessKeysOutputArgs) ElementType() reflect.Type
type GetAccessKeysResult ¶
type GetAccessKeysResult struct { // List of the IAM access keys associated with the specified user. See below. AccessKeys []GetAccessKeysAccessKey `pulumi:"accessKeys"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` User string `pulumi:"user"` }
A collection of values returned by getAccessKeys.
func GetAccessKeys ¶
func GetAccessKeys(ctx *pulumi.Context, args *GetAccessKeysArgs, opts ...pulumi.InvokeOption) (*GetAccessKeysResult, error)
This data source can be used to fetch information about IAM access keys of a specific IAM user.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetAccessKeys(ctx, &iam.GetAccessKeysArgs{ User: "an_example_user_name", }, nil) if err != nil { return err } return nil }) }
```
type GetAccessKeysResultOutput ¶
type GetAccessKeysResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getAccessKeys.
func GetAccessKeysOutput ¶
func GetAccessKeysOutput(ctx *pulumi.Context, args GetAccessKeysOutputArgs, opts ...pulumi.InvokeOption) GetAccessKeysResultOutput
func (GetAccessKeysResultOutput) AccessKeys ¶
func (o GetAccessKeysResultOutput) AccessKeys() GetAccessKeysAccessKeyArrayOutput
List of the IAM access keys associated with the specified user. See below.
func (GetAccessKeysResultOutput) ElementType ¶
func (GetAccessKeysResultOutput) ElementType() reflect.Type
func (GetAccessKeysResultOutput) Id ¶
func (o GetAccessKeysResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetAccessKeysResultOutput) ToGetAccessKeysResultOutput ¶
func (o GetAccessKeysResultOutput) ToGetAccessKeysResultOutput() GetAccessKeysResultOutput
func (GetAccessKeysResultOutput) ToGetAccessKeysResultOutputWithContext ¶
func (o GetAccessKeysResultOutput) ToGetAccessKeysResultOutputWithContext(ctx context.Context) GetAccessKeysResultOutput
func (GetAccessKeysResultOutput) User ¶
func (o GetAccessKeysResultOutput) User() pulumi.StringOutput
type GetGroupUser ¶
type GetGroupUserArgs ¶
type GetGroupUserArgs struct { // User ARN. Arn pulumi.StringInput `pulumi:"arn"` // Path to the IAM user. Path pulumi.StringInput `pulumi:"path"` // Stable and unique string identifying the IAM user. UserId pulumi.StringInput `pulumi:"userId"` // Name of the IAM user. UserName pulumi.StringInput `pulumi:"userName"` }
func (GetGroupUserArgs) ElementType ¶
func (GetGroupUserArgs) ElementType() reflect.Type
func (GetGroupUserArgs) ToGetGroupUserOutput ¶
func (i GetGroupUserArgs) ToGetGroupUserOutput() GetGroupUserOutput
func (GetGroupUserArgs) ToGetGroupUserOutputWithContext ¶
func (i GetGroupUserArgs) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput
type GetGroupUserArray ¶
type GetGroupUserArray []GetGroupUserInput
func (GetGroupUserArray) ElementType ¶
func (GetGroupUserArray) ElementType() reflect.Type
func (GetGroupUserArray) ToGetGroupUserArrayOutput ¶
func (i GetGroupUserArray) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput
func (GetGroupUserArray) ToGetGroupUserArrayOutputWithContext ¶
func (i GetGroupUserArray) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput
type GetGroupUserArrayInput ¶
type GetGroupUserArrayInput interface { pulumi.Input ToGetGroupUserArrayOutput() GetGroupUserArrayOutput ToGetGroupUserArrayOutputWithContext(context.Context) GetGroupUserArrayOutput }
GetGroupUserArrayInput is an input type that accepts GetGroupUserArray and GetGroupUserArrayOutput values. You can construct a concrete instance of `GetGroupUserArrayInput` via:
GetGroupUserArray{ GetGroupUserArgs{...} }
type GetGroupUserArrayOutput ¶
type GetGroupUserArrayOutput struct{ *pulumi.OutputState }
func (GetGroupUserArrayOutput) ElementType ¶
func (GetGroupUserArrayOutput) ElementType() reflect.Type
func (GetGroupUserArrayOutput) Index ¶
func (o GetGroupUserArrayOutput) Index(i pulumi.IntInput) GetGroupUserOutput
func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutput ¶
func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput
func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext ¶
func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput
type GetGroupUserInput ¶
type GetGroupUserInput interface { pulumi.Input ToGetGroupUserOutput() GetGroupUserOutput ToGetGroupUserOutputWithContext(context.Context) GetGroupUserOutput }
GetGroupUserInput is an input type that accepts GetGroupUserArgs and GetGroupUserOutput values. You can construct a concrete instance of `GetGroupUserInput` via:
GetGroupUserArgs{...}
type GetGroupUserOutput ¶
type GetGroupUserOutput struct{ *pulumi.OutputState }
func (GetGroupUserOutput) ElementType ¶
func (GetGroupUserOutput) ElementType() reflect.Type
func (GetGroupUserOutput) Path ¶
func (o GetGroupUserOutput) Path() pulumi.StringOutput
Path to the IAM user.
func (GetGroupUserOutput) ToGetGroupUserOutput ¶
func (o GetGroupUserOutput) ToGetGroupUserOutput() GetGroupUserOutput
func (GetGroupUserOutput) ToGetGroupUserOutputWithContext ¶
func (o GetGroupUserOutput) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput
func (GetGroupUserOutput) UserId ¶
func (o GetGroupUserOutput) UserId() pulumi.StringOutput
Stable and unique string identifying the IAM user.
func (GetGroupUserOutput) UserName ¶
func (o GetGroupUserOutput) UserName() pulumi.StringOutput
Name of the IAM user.
type GetInstanceProfilesArgs ¶
type GetInstanceProfilesArgs struct { // IAM role name. RoleName string `pulumi:"roleName"` }
A collection of arguments for invoking getInstanceProfiles.
type GetInstanceProfilesOutputArgs ¶
type GetInstanceProfilesOutputArgs struct { // IAM role name. RoleName pulumi.StringInput `pulumi:"roleName"` }
A collection of arguments for invoking getInstanceProfiles.
func (GetInstanceProfilesOutputArgs) ElementType ¶
func (GetInstanceProfilesOutputArgs) ElementType() reflect.Type
type GetInstanceProfilesResult ¶
type GetInstanceProfilesResult struct { // Set of ARNs of instance profiles. Arns []string `pulumi:"arns"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Set of IAM instance profile names. Names []string `pulumi:"names"` // Set of IAM instance profile paths. Paths []string `pulumi:"paths"` RoleName string `pulumi:"roleName"` }
A collection of values returned by getInstanceProfiles.
func GetInstanceProfiles ¶
func GetInstanceProfiles(ctx *pulumi.Context, args *GetInstanceProfilesArgs, opts ...pulumi.InvokeOption) (*GetInstanceProfilesResult, error)
This data source can be used to fetch information about all IAM instance profiles under a role. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetInstanceProfiles(ctx, &iam.GetInstanceProfilesArgs{ RoleName: "an_example_iam_role_name", }, nil) if err != nil { return err } return nil }) }
```
type GetInstanceProfilesResultOutput ¶
type GetInstanceProfilesResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getInstanceProfiles.
func GetInstanceProfilesOutput ¶
func GetInstanceProfilesOutput(ctx *pulumi.Context, args GetInstanceProfilesOutputArgs, opts ...pulumi.InvokeOption) GetInstanceProfilesResultOutput
func (GetInstanceProfilesResultOutput) Arns ¶
func (o GetInstanceProfilesResultOutput) Arns() pulumi.StringArrayOutput
Set of ARNs of instance profiles.
func (GetInstanceProfilesResultOutput) ElementType ¶
func (GetInstanceProfilesResultOutput) ElementType() reflect.Type
func (GetInstanceProfilesResultOutput) Id ¶
func (o GetInstanceProfilesResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetInstanceProfilesResultOutput) Names ¶
func (o GetInstanceProfilesResultOutput) Names() pulumi.StringArrayOutput
Set of IAM instance profile names.
func (GetInstanceProfilesResultOutput) Paths ¶
func (o GetInstanceProfilesResultOutput) Paths() pulumi.StringArrayOutput
Set of IAM instance profile paths.
func (GetInstanceProfilesResultOutput) RoleName ¶
func (o GetInstanceProfilesResultOutput) RoleName() pulumi.StringOutput
func (GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutput ¶
func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutput() GetInstanceProfilesResultOutput
func (GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutputWithContext ¶
func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutputWithContext(ctx context.Context) GetInstanceProfilesResultOutput
type GetPolicyDocumentArgs ¶
type GetPolicyDocumentArgs struct { // List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from `sourcePolicyDocuments`. Non-overriding statements will be added to the exported document. OverridePolicyDocuments []string `pulumi:"overridePolicyDocuments"` // ID for the policy document. PolicyId *string `pulumi:"policyId"` // List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` must have unique `sid`s. Statements with the same `sid` from `overridePolicyDocuments` will override source statements. SourcePolicyDocuments []string `pulumi:"sourcePolicyDocuments"` // Configuration block for a policy statement. Detailed below. Statements []GetPolicyDocumentStatement `pulumi:"statements"` // IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html). Version *string `pulumi:"version"` }
A collection of arguments for invoking getPolicyDocument.
type GetPolicyDocumentOutputArgs ¶
type GetPolicyDocumentOutputArgs struct { // List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from `sourcePolicyDocuments`. Non-overriding statements will be added to the exported document. OverridePolicyDocuments pulumi.StringArrayInput `pulumi:"overridePolicyDocuments"` // ID for the policy document. PolicyId pulumi.StringPtrInput `pulumi:"policyId"` // List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` must have unique `sid`s. Statements with the same `sid` from `overridePolicyDocuments` will override source statements. SourcePolicyDocuments pulumi.StringArrayInput `pulumi:"sourcePolicyDocuments"` // Configuration block for a policy statement. Detailed below. Statements GetPolicyDocumentStatementArrayInput `pulumi:"statements"` // IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html). Version pulumi.StringPtrInput `pulumi:"version"` }
A collection of arguments for invoking getPolicyDocument.
func (GetPolicyDocumentOutputArgs) ElementType ¶
func (GetPolicyDocumentOutputArgs) ElementType() reflect.Type
type GetPolicyDocumentResult ¶
type GetPolicyDocumentResult struct { // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Standard JSON policy document rendered based on the arguments above. Json string `pulumi:"json"` OverridePolicyDocuments []string `pulumi:"overridePolicyDocuments"` PolicyId *string `pulumi:"policyId"` SourcePolicyDocuments []string `pulumi:"sourcePolicyDocuments"` Statements []GetPolicyDocumentStatement `pulumi:"statements"` Version *string `pulumi:"version"` }
A collection of values returned by getPolicyDocument.
func GetPolicyDocument ¶
func GetPolicyDocument(ctx *pulumi.Context, args *GetPolicyDocumentArgs, opts ...pulumi.InvokeOption) (*GetPolicyDocumentResult, error)
Generates an IAM policy document in JSON format for use with resources that expect policy documents such as `iam.Policy`.
Using this data source to generate policy documents is *optional*. It is also valid to use literal JSON strings in your configuration or to use the `file` interpolation function to read a raw JSON policy document from a file.
## Example Usage ### Basic Example
```go package main
import (
"fmt" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { examplePolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: pulumi.Array{ iam.GetPolicyDocumentStatement{ Sid: pulumi.StringRef("1"), Actions: []string{ "s3:ListAllMyBuckets", "s3:GetBucketLocation", }, Resources: []string{ "arn:aws:s3:::*", }, }, iam.GetPolicyDocumentStatement{ Actions: []string{ "s3:ListBucket", }, Resources: []string{ fmt.Sprintf("arn:aws:s3:::%v", _var.S3_bucket_name), }, Conditions: []iam.GetPolicyDocumentStatementCondition{ { Test: "StringLike", Variable: "s3:prefix", Values: []string{ "", "home/", "home/&{aws:username}/", }, }, }, }, iam.GetPolicyDocumentStatement{ Actions: []string{ "s3:*", }, Resources: []string{ fmt.Sprintf("arn:aws:s3:::%v/home/&{aws:username}", _var.S3_bucket_name), fmt.Sprintf("arn:aws:s3:::%v/home/&{aws:username}/*", _var.S3_bucket_name), }, }, }, }, nil) if err != nil { return err } _, err = iam.NewPolicy(ctx, "examplePolicy", &iam.PolicyArgs{ Path: pulumi.String("/"), Policy: *pulumi.String(examplePolicyDocument.Json), }) if err != nil { return err } return nil }) }
``` ### Example Multiple Condition Keys and Values
You can specify a [condition with multiple keys and values](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_multi-value-conditions.html) by supplying multiple `condition` blocks with the same `test` value, but differing `variable` and `values` values.
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "kms:Decrypt", "kms:GenerateDataKey", }, Conditions: []iam.GetPolicyDocumentStatementCondition{ { Test: "ForAnyValue:StringEquals", Values: []string{ "pi", }, Variable: "kms:EncryptionContext:service", }, { Test: "ForAnyValue:StringEquals", Values: []string{ "rds", }, Variable: "kms:EncryptionContext:aws:pi:service", }, { Test: "ForAnyValue:StringEquals", Values: []string{ "db-AAAAABBBBBCCCCCDDDDDEEEEE", "db-EEEEEDDDDDCCCCCBBBBBAAAAA", }, Variable: "kms:EncryptionContext:aws:rds:db-id", }, }, Resources: []string{ "*", }, }, }, }, nil) if err != nil { return err } return nil }) }
```
`data.aws_iam_policy_document.example_multiple_condition_keys_and_values.json` will evaluate to:
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
``` ### Example Assume-Role Policy with Multiple Principals
You can specify multiple principal blocks with different types. You can also use this data source to generate an assume-role policy.
```go package main
import ( "fmt"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "sts:AssumeRole", }, Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "Service", Identifiers: []string{ "firehose.amazonaws.com", }, }, { Type: "AWS", Identifiers: interface{}{ _var.Trusted_role_arn, }, }, { Type: "Federated", Identifiers: []string{ fmt.Sprintf("arn:aws:iam::%v:saml-provider/%v", _var.Account_id, _var.Provider_name), "cognito-identity.amazonaws.com", }, }, }, }, }, }, nil); if err != nil { return err } return nil }) } ``` ### Example Using A Source Document
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { source, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ SourcePolicyDocuments: interface{}{ source.Json, }, Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "arn:aws:s3:::somebucket", "arn:aws:s3:::somebucket/*", }, }, }, }, nil); if err != nil { return err } return nil }) } ```
`data.aws_iam_policy_document.source_document_example.json` will evaluate to:
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
``` ### Example Using An Override Document
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { override, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ OverridePolicyDocuments: interface{}{ override.Json, }, Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "arn:aws:s3:::somebucket", "arn:aws:s3:::somebucket/*", }, }, }, }, nil); if err != nil { return err } return nil }) } ```
`data.aws_iam_policy_document.override_policy_document_example.json` will evaluate to:
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
``` ### Example with Both Source and Override Documents
You can also combine `sourcePolicyDocuments` and `overridePolicyDocuments` in the same document.
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { source, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceholder"), Actions: []string{ "ec2:DescribeAccountAttributes", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } override, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceholder"), Actions: []string{ "s3:GetObject", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ SourcePolicyDocuments: interface{}{ source.Json, }, OverridePolicyDocuments: interface{}{ override.Json, }, }, nil); if err != nil { return err } return nil }) } ```
`data.aws_iam_policy_document.politik.json` will evaluate to:
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
``` ### Example of Merging Source Documents
Multiple documents can be combined using the `sourcePolicyDocuments` or `overridePolicyDocuments` attributes. `sourcePolicyDocuments` requires that all documents have unique Sids, while `overridePolicyDocuments` will iteratively override matching Sids.
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { sourceOne, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("UniqueSidOne"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } sourceTwo, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: pulumi.Array{ iam.GetPolicyDocumentStatement{ Sid: pulumi.StringRef("UniqueSidTwo"), Actions: []string{ "iam:*", }, Resources: []string{ "*", }, }, iam.GetPolicyDocumentStatement{ Actions: []string{ "lambda:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ SourcePolicyDocuments: interface{}{ sourceOne.Json, sourceTwo.Json, }, }, nil); if err != nil { return err } return nil }) } ```
`data.aws_iam_policy_document.combined.json` will evaluate to:
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
``` ### Example of Merging Override Documents
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { policyOne, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceHolderOne"), Effect: pulumi.StringRef("Allow"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } policyTwo, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("OverridePlaceHolderTwo"), Effect: pulumi.StringRef("Allow"), Actions: []string{ "iam:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } policyThree, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceHolderOne"), Effect: pulumi.StringRef("Deny"), Actions: []string{ "logs:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ OverridePolicyDocuments: interface{}{ policyOne.Json, policyTwo.Json, policyThree.Json, }, Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceHolderTwo"), Effect: pulumi.StringRef("Deny"), Actions: []string{ "*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } return nil }) } ```
`data.aws_iam_policy_document.combined.json` will evaluate to:
```go package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { return nil }) }
```
type GetPolicyDocumentResultOutput ¶
type GetPolicyDocumentResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getPolicyDocument.
func GetPolicyDocumentOutput ¶
func GetPolicyDocumentOutput(ctx *pulumi.Context, args GetPolicyDocumentOutputArgs, opts ...pulumi.InvokeOption) GetPolicyDocumentResultOutput
func (GetPolicyDocumentResultOutput) ElementType ¶
func (GetPolicyDocumentResultOutput) ElementType() reflect.Type
func (GetPolicyDocumentResultOutput) Id ¶
func (o GetPolicyDocumentResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetPolicyDocumentResultOutput) Json ¶
func (o GetPolicyDocumentResultOutput) Json() pulumi.StringOutput
Standard JSON policy document rendered based on the arguments above.
func (GetPolicyDocumentResultOutput) OverridePolicyDocuments ¶
func (o GetPolicyDocumentResultOutput) OverridePolicyDocuments() pulumi.StringArrayOutput
func (GetPolicyDocumentResultOutput) PolicyId ¶
func (o GetPolicyDocumentResultOutput) PolicyId() pulumi.StringPtrOutput
func (GetPolicyDocumentResultOutput) SourcePolicyDocuments ¶
func (o GetPolicyDocumentResultOutput) SourcePolicyDocuments() pulumi.StringArrayOutput
func (GetPolicyDocumentResultOutput) Statements ¶
func (o GetPolicyDocumentResultOutput) Statements() GetPolicyDocumentStatementArrayOutput
func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput ¶
func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput() GetPolicyDocumentResultOutput
func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext ¶
func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext(ctx context.Context) GetPolicyDocumentResultOutput
func (GetPolicyDocumentResultOutput) Version ¶
func (o GetPolicyDocumentResultOutput) Version() pulumi.StringPtrOutput
type GetPolicyDocumentStatement ¶
type GetPolicyDocumentStatement struct { // List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`. Actions []string `pulumi:"actions"` // Configuration block for a condition. Detailed below. Conditions []GetPolicyDocumentStatementCondition `pulumi:"conditions"` // Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`. Effect *string `pulumi:"effect"` // List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed. NotActions []string `pulumi:"notActions"` // Like `principals` except these are principals that the statement does *not* apply to. NotPrincipals []GetPolicyDocumentStatementNotPrincipal `pulumi:"notPrincipals"` // List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`. NotResources []string `pulumi:"notResources"` // Configuration block for principals. Detailed below. Principals []GetPolicyDocumentStatementPrincipal `pulumi:"principals"` // List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`. Resources []string `pulumi:"resources"` // Sid (statement ID) is an identifier for a policy statement. Sid *string `pulumi:"sid"` }
type GetPolicyDocumentStatementArgs ¶
type GetPolicyDocumentStatementArgs struct { // List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`. Actions pulumi.StringArrayInput `pulumi:"actions"` // Configuration block for a condition. Detailed below. Conditions GetPolicyDocumentStatementConditionArrayInput `pulumi:"conditions"` // Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`. Effect pulumi.StringPtrInput `pulumi:"effect"` // List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed. NotActions pulumi.StringArrayInput `pulumi:"notActions"` // Like `principals` except these are principals that the statement does *not* apply to. NotPrincipals GetPolicyDocumentStatementNotPrincipalArrayInput `pulumi:"notPrincipals"` // List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`. NotResources pulumi.StringArrayInput `pulumi:"notResources"` // Configuration block for principals. Detailed below. Principals GetPolicyDocumentStatementPrincipalArrayInput `pulumi:"principals"` // List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`. Resources pulumi.StringArrayInput `pulumi:"resources"` // Sid (statement ID) is an identifier for a policy statement. Sid pulumi.StringPtrInput `pulumi:"sid"` }
func (GetPolicyDocumentStatementArgs) ElementType ¶
func (GetPolicyDocumentStatementArgs) ElementType() reflect.Type
func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput ¶
func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput
func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext ¶
func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput
type GetPolicyDocumentStatementArray ¶
type GetPolicyDocumentStatementArray []GetPolicyDocumentStatementInput
func (GetPolicyDocumentStatementArray) ElementType ¶
func (GetPolicyDocumentStatementArray) ElementType() reflect.Type
func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput ¶
func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput
func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext ¶
func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput
type GetPolicyDocumentStatementArrayInput ¶
type GetPolicyDocumentStatementArrayInput interface { pulumi.Input ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput ToGetPolicyDocumentStatementArrayOutputWithContext(context.Context) GetPolicyDocumentStatementArrayOutput }
GetPolicyDocumentStatementArrayInput is an input type that accepts GetPolicyDocumentStatementArray and GetPolicyDocumentStatementArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementArrayInput` via:
GetPolicyDocumentStatementArray{ GetPolicyDocumentStatementArgs{...} }
type GetPolicyDocumentStatementArrayOutput ¶
type GetPolicyDocumentStatementArrayOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementArrayOutput) ElementType ¶
func (GetPolicyDocumentStatementArrayOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementArrayOutput) Index ¶
func (o GetPolicyDocumentStatementArrayOutput) Index(i pulumi.IntInput) GetPolicyDocumentStatementOutput
func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput ¶
func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput
func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext ¶
func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput
type GetPolicyDocumentStatementCondition ¶
type GetPolicyDocumentStatementCondition struct { // Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate. Test string `pulumi:"test"` // Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation. Values []string `pulumi:"values"` // Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name. Variable string `pulumi:"variable"` }
type GetPolicyDocumentStatementConditionArgs ¶
type GetPolicyDocumentStatementConditionArgs struct { // Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate. Test pulumi.StringInput `pulumi:"test"` // Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation. Values pulumi.StringArrayInput `pulumi:"values"` // Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name. Variable pulumi.StringInput `pulumi:"variable"` }
func (GetPolicyDocumentStatementConditionArgs) ElementType ¶
func (GetPolicyDocumentStatementConditionArgs) ElementType() reflect.Type
func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput ¶
func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput
func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext ¶
func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput
type GetPolicyDocumentStatementConditionArray ¶
type GetPolicyDocumentStatementConditionArray []GetPolicyDocumentStatementConditionInput
func (GetPolicyDocumentStatementConditionArray) ElementType ¶
func (GetPolicyDocumentStatementConditionArray) ElementType() reflect.Type
func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput ¶
func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput
func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext ¶
func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput
type GetPolicyDocumentStatementConditionArrayInput ¶
type GetPolicyDocumentStatementConditionArrayInput interface { pulumi.Input ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput ToGetPolicyDocumentStatementConditionArrayOutputWithContext(context.Context) GetPolicyDocumentStatementConditionArrayOutput }
GetPolicyDocumentStatementConditionArrayInput is an input type that accepts GetPolicyDocumentStatementConditionArray and GetPolicyDocumentStatementConditionArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionArrayInput` via:
GetPolicyDocumentStatementConditionArray{ GetPolicyDocumentStatementConditionArgs{...} }
type GetPolicyDocumentStatementConditionArrayOutput ¶
type GetPolicyDocumentStatementConditionArrayOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementConditionArrayOutput) ElementType ¶
func (GetPolicyDocumentStatementConditionArrayOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput ¶
func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput
func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext ¶
func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput
type GetPolicyDocumentStatementConditionInput ¶
type GetPolicyDocumentStatementConditionInput interface { pulumi.Input ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput ToGetPolicyDocumentStatementConditionOutputWithContext(context.Context) GetPolicyDocumentStatementConditionOutput }
GetPolicyDocumentStatementConditionInput is an input type that accepts GetPolicyDocumentStatementConditionArgs and GetPolicyDocumentStatementConditionOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionInput` via:
GetPolicyDocumentStatementConditionArgs{...}
type GetPolicyDocumentStatementConditionOutput ¶
type GetPolicyDocumentStatementConditionOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementConditionOutput) ElementType ¶
func (GetPolicyDocumentStatementConditionOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementConditionOutput) Test ¶
func (o GetPolicyDocumentStatementConditionOutput) Test() pulumi.StringOutput
Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.
func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput ¶
func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput
func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext ¶
func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput
func (GetPolicyDocumentStatementConditionOutput) Values ¶
func (o GetPolicyDocumentStatementConditionOutput) Values() pulumi.StringArrayOutput
Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.
func (GetPolicyDocumentStatementConditionOutput) Variable ¶
func (o GetPolicyDocumentStatementConditionOutput) Variable() pulumi.StringOutput
Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.
type GetPolicyDocumentStatementInput ¶
type GetPolicyDocumentStatementInput interface { pulumi.Input ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput ToGetPolicyDocumentStatementOutputWithContext(context.Context) GetPolicyDocumentStatementOutput }
GetPolicyDocumentStatementInput is an input type that accepts GetPolicyDocumentStatementArgs and GetPolicyDocumentStatementOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementInput` via:
GetPolicyDocumentStatementArgs{...}
type GetPolicyDocumentStatementNotPrincipal ¶
type GetPolicyDocumentStatementNotPrincipal struct { // List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`. Identifiers []string `pulumi:"identifiers"` // Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`. Type string `pulumi:"type"` }
type GetPolicyDocumentStatementNotPrincipalArgs ¶
type GetPolicyDocumentStatementNotPrincipalArgs struct { // List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`. Identifiers pulumi.StringArrayInput `pulumi:"identifiers"` // Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`. Type pulumi.StringInput `pulumi:"type"` }
func (GetPolicyDocumentStatementNotPrincipalArgs) ElementType ¶
func (GetPolicyDocumentStatementNotPrincipalArgs) ElementType() reflect.Type
func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput ¶
func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput
func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext ¶
func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput
type GetPolicyDocumentStatementNotPrincipalArray ¶
type GetPolicyDocumentStatementNotPrincipalArray []GetPolicyDocumentStatementNotPrincipalInput
func (GetPolicyDocumentStatementNotPrincipalArray) ElementType ¶
func (GetPolicyDocumentStatementNotPrincipalArray) ElementType() reflect.Type
func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput ¶
func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput
func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext ¶
func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput
type GetPolicyDocumentStatementNotPrincipalArrayInput ¶
type GetPolicyDocumentStatementNotPrincipalArrayInput interface { pulumi.Input ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput }
GetPolicyDocumentStatementNotPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArray and GetPolicyDocumentStatementNotPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalArrayInput` via:
GetPolicyDocumentStatementNotPrincipalArray{ GetPolicyDocumentStatementNotPrincipalArgs{...} }
type GetPolicyDocumentStatementNotPrincipalArrayOutput ¶
type GetPolicyDocumentStatementNotPrincipalArrayOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ElementType ¶
func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput ¶
func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput
func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext ¶
func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput
type GetPolicyDocumentStatementNotPrincipalInput ¶
type GetPolicyDocumentStatementNotPrincipalInput interface { pulumi.Input ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalOutput }
GetPolicyDocumentStatementNotPrincipalInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArgs and GetPolicyDocumentStatementNotPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalInput` via:
GetPolicyDocumentStatementNotPrincipalArgs{...}
type GetPolicyDocumentStatementNotPrincipalOutput ¶
type GetPolicyDocumentStatementNotPrincipalOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementNotPrincipalOutput) ElementType ¶
func (GetPolicyDocumentStatementNotPrincipalOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementNotPrincipalOutput) Identifiers ¶
func (o GetPolicyDocumentStatementNotPrincipalOutput) Identifiers() pulumi.StringArrayOutput
List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput ¶
func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput
func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext ¶
func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput
func (GetPolicyDocumentStatementNotPrincipalOutput) Type ¶
func (o GetPolicyDocumentStatementNotPrincipalOutput) Type() pulumi.StringOutput
Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
type GetPolicyDocumentStatementOutput ¶
type GetPolicyDocumentStatementOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementOutput) Actions ¶
func (o GetPolicyDocumentStatementOutput) Actions() pulumi.StringArrayOutput
List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.
func (GetPolicyDocumentStatementOutput) Conditions ¶
func (o GetPolicyDocumentStatementOutput) Conditions() GetPolicyDocumentStatementConditionArrayOutput
Configuration block for a condition. Detailed below.
func (GetPolicyDocumentStatementOutput) Effect ¶
func (o GetPolicyDocumentStatementOutput) Effect() pulumi.StringPtrOutput
Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.
func (GetPolicyDocumentStatementOutput) ElementType ¶
func (GetPolicyDocumentStatementOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementOutput) NotActions ¶
func (o GetPolicyDocumentStatementOutput) NotActions() pulumi.StringArrayOutput
List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.
func (GetPolicyDocumentStatementOutput) NotPrincipals ¶
func (o GetPolicyDocumentStatementOutput) NotPrincipals() GetPolicyDocumentStatementNotPrincipalArrayOutput
Like `principals` except these are principals that the statement does *not* apply to.
func (GetPolicyDocumentStatementOutput) NotResources ¶
func (o GetPolicyDocumentStatementOutput) NotResources() pulumi.StringArrayOutput
List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.
func (GetPolicyDocumentStatementOutput) Principals ¶
func (o GetPolicyDocumentStatementOutput) Principals() GetPolicyDocumentStatementPrincipalArrayOutput
Configuration block for principals. Detailed below.
func (GetPolicyDocumentStatementOutput) Resources ¶
func (o GetPolicyDocumentStatementOutput) Resources() pulumi.StringArrayOutput
List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.
func (GetPolicyDocumentStatementOutput) Sid ¶
func (o GetPolicyDocumentStatementOutput) Sid() pulumi.StringPtrOutput
Sid (statement ID) is an identifier for a policy statement.
func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput ¶
func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput
func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext ¶
func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput
type GetPolicyDocumentStatementPrincipal ¶
type GetPolicyDocumentStatementPrincipal struct { // List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`. Identifiers []string `pulumi:"identifiers"` // Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`. Type string `pulumi:"type"` }
type GetPolicyDocumentStatementPrincipalArgs ¶
type GetPolicyDocumentStatementPrincipalArgs struct { // List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`. Identifiers pulumi.StringArrayInput `pulumi:"identifiers"` // Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`. Type pulumi.StringInput `pulumi:"type"` }
func (GetPolicyDocumentStatementPrincipalArgs) ElementType ¶
func (GetPolicyDocumentStatementPrincipalArgs) ElementType() reflect.Type
func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput ¶
func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput
func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext ¶
func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput
type GetPolicyDocumentStatementPrincipalArray ¶
type GetPolicyDocumentStatementPrincipalArray []GetPolicyDocumentStatementPrincipalInput
func (GetPolicyDocumentStatementPrincipalArray) ElementType ¶
func (GetPolicyDocumentStatementPrincipalArray) ElementType() reflect.Type
func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput ¶
func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput
func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext ¶
func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput
type GetPolicyDocumentStatementPrincipalArrayInput ¶
type GetPolicyDocumentStatementPrincipalArrayInput interface { pulumi.Input ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalArrayOutput }
GetPolicyDocumentStatementPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementPrincipalArray and GetPolicyDocumentStatementPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalArrayInput` via:
GetPolicyDocumentStatementPrincipalArray{ GetPolicyDocumentStatementPrincipalArgs{...} }
type GetPolicyDocumentStatementPrincipalArrayOutput ¶
type GetPolicyDocumentStatementPrincipalArrayOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementPrincipalArrayOutput) ElementType ¶
func (GetPolicyDocumentStatementPrincipalArrayOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput ¶
func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput
func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext ¶
func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput
type GetPolicyDocumentStatementPrincipalInput ¶
type GetPolicyDocumentStatementPrincipalInput interface { pulumi.Input ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput ToGetPolicyDocumentStatementPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalOutput }
GetPolicyDocumentStatementPrincipalInput is an input type that accepts GetPolicyDocumentStatementPrincipalArgs and GetPolicyDocumentStatementPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalInput` via:
GetPolicyDocumentStatementPrincipalArgs{...}
type GetPolicyDocumentStatementPrincipalOutput ¶
type GetPolicyDocumentStatementPrincipalOutput struct{ *pulumi.OutputState }
func (GetPolicyDocumentStatementPrincipalOutput) ElementType ¶
func (GetPolicyDocumentStatementPrincipalOutput) ElementType() reflect.Type
func (GetPolicyDocumentStatementPrincipalOutput) Identifiers ¶
func (o GetPolicyDocumentStatementPrincipalOutput) Identifiers() pulumi.StringArrayOutput
List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput ¶
func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput
func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext ¶
func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput
func (GetPolicyDocumentStatementPrincipalOutput) Type ¶
func (o GetPolicyDocumentStatementPrincipalOutput) Type() pulumi.StringOutput
Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
type GetPrincipalPolicySimulationContext ¶
type GetPrincipalPolicySimulationContext struct { // The context _condition key_ to set. // // If you have policies containing `Condition` elements or using dynamic interpolations then you will need to provide suitable values for each condition key your policies use. See [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to find the various condition keys that are normally provided for real requests to each action of each AWS service. Key string `pulumi:"key"` // An IAM value type that determines how the policy simulator will interpret the strings given in `values`. // // For more information, see the `ContextKeyType` field of [`iam.ContextEntry`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ContextEntry.html) in the underlying API. Type string `pulumi:"type"` // A set of one or more values for this context entry. Values []string `pulumi:"values"` }
type GetPrincipalPolicySimulationContextArgs ¶
type GetPrincipalPolicySimulationContextArgs struct { // The context _condition key_ to set. // // If you have policies containing `Condition` elements or using dynamic interpolations then you will need to provide suitable values for each condition key your policies use. See [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to find the various condition keys that are normally provided for real requests to each action of each AWS service. Key pulumi.StringInput `pulumi:"key"` // An IAM value type that determines how the policy simulator will interpret the strings given in `values`. // // For more information, see the `ContextKeyType` field of [`iam.ContextEntry`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ContextEntry.html) in the underlying API. Type pulumi.StringInput `pulumi:"type"` // A set of one or more values for this context entry. Values pulumi.StringArrayInput `pulumi:"values"` }
func (GetPrincipalPolicySimulationContextArgs) ElementType ¶
func (GetPrincipalPolicySimulationContextArgs) ElementType() reflect.Type
func (GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutput ¶
func (i GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput
func (GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutputWithContext ¶
func (i GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextOutput
type GetPrincipalPolicySimulationContextArray ¶
type GetPrincipalPolicySimulationContextArray []GetPrincipalPolicySimulationContextInput
func (GetPrincipalPolicySimulationContextArray) ElementType ¶
func (GetPrincipalPolicySimulationContextArray) ElementType() reflect.Type
func (GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutput ¶
func (i GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput
func (GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutputWithContext ¶
func (i GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextArrayOutput
type GetPrincipalPolicySimulationContextArrayInput ¶
type GetPrincipalPolicySimulationContextArrayInput interface { pulumi.Input ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput ToGetPrincipalPolicySimulationContextArrayOutputWithContext(context.Context) GetPrincipalPolicySimulationContextArrayOutput }
GetPrincipalPolicySimulationContextArrayInput is an input type that accepts GetPrincipalPolicySimulationContextArray and GetPrincipalPolicySimulationContextArrayOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationContextArrayInput` via:
GetPrincipalPolicySimulationContextArray{ GetPrincipalPolicySimulationContextArgs{...} }
type GetPrincipalPolicySimulationContextArrayOutput ¶
type GetPrincipalPolicySimulationContextArrayOutput struct{ *pulumi.OutputState }
func (GetPrincipalPolicySimulationContextArrayOutput) ElementType ¶
func (GetPrincipalPolicySimulationContextArrayOutput) ElementType() reflect.Type
func (GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutput ¶
func (o GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput
func (GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutputWithContext ¶
func (o GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextArrayOutput
type GetPrincipalPolicySimulationContextInput ¶
type GetPrincipalPolicySimulationContextInput interface { pulumi.Input ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput ToGetPrincipalPolicySimulationContextOutputWithContext(context.Context) GetPrincipalPolicySimulationContextOutput }
GetPrincipalPolicySimulationContextInput is an input type that accepts GetPrincipalPolicySimulationContextArgs and GetPrincipalPolicySimulationContextOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationContextInput` via:
GetPrincipalPolicySimulationContextArgs{...}
type GetPrincipalPolicySimulationContextOutput ¶
type GetPrincipalPolicySimulationContextOutput struct{ *pulumi.OutputState }
func (GetPrincipalPolicySimulationContextOutput) ElementType ¶
func (GetPrincipalPolicySimulationContextOutput) ElementType() reflect.Type
func (GetPrincipalPolicySimulationContextOutput) Key ¶
func (o GetPrincipalPolicySimulationContextOutput) Key() pulumi.StringOutput
The context _condition key_ to set.
If you have policies containing `Condition` elements or using dynamic interpolations then you will need to provide suitable values for each condition key your policies use. See [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to find the various condition keys that are normally provided for real requests to each action of each AWS service.
func (GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutput ¶
func (o GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput
func (GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutputWithContext ¶
func (o GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextOutput
func (GetPrincipalPolicySimulationContextOutput) Type ¶
func (o GetPrincipalPolicySimulationContextOutput) Type() pulumi.StringOutput
An IAM value type that determines how the policy simulator will interpret the strings given in `values`.
For more information, see the `ContextKeyType` field of [`iam.ContextEntry`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ContextEntry.html) in the underlying API.
func (GetPrincipalPolicySimulationContextOutput) Values ¶
func (o GetPrincipalPolicySimulationContextOutput) Values() pulumi.StringArrayOutput
A set of one or more values for this context entry.
type GetPrincipalPolicySimulationResult ¶
type GetPrincipalPolicySimulationResult struct { // The name of the single IAM action used for this particular request. ActionName string `pulumi:"actionName"` // `true` if `decision` is "allowed", and `false` otherwise. Allowed bool `pulumi:"allowed"` // The raw decision determined from all of the policies in scope; either "allowed", "explicitDeny", or "implicitDeny". Decision string `pulumi:"decision"` // A map of arbitrary metadata entries returned by the policy simulator for this request. DecisionDetails map[string]string `pulumi:"decisionDetails"` // A nested set of objects describing which policies contained statements that were relevant to this simulation request. Each object has attributes `sourcePolicyId` and `sourcePolicyType` to identify one of the policies. MatchedStatements []GetPrincipalPolicySimulationResultMatchedStatement `pulumi:"matchedStatements"` // A set of context keys (or condition keys) that were needed by some of the policies contributing to this result but not specified using a `context` block in the configuration. Missing or incorrect context keys will typically cause a simulated request to be disallowed. MissingContextKeys []string `pulumi:"missingContextKeys"` // ARN of the resource that was used for this particular request. When you specify multiple actions and multiple resource ARNs, that causes a separate policy request for each combination of unique action and resource. ResourceArn string `pulumi:"resourceArn"` }
type GetPrincipalPolicySimulationResultArgs ¶
type GetPrincipalPolicySimulationResultArgs struct { // The name of the single IAM action used for this particular request. ActionName pulumi.StringInput `pulumi:"actionName"` // `true` if `decision` is "allowed", and `false` otherwise. Allowed pulumi.BoolInput `pulumi:"allowed"` // The raw decision determined from all of the policies in scope; either "allowed", "explicitDeny", or "implicitDeny". Decision pulumi.StringInput `pulumi:"decision"` // A map of arbitrary metadata entries returned by the policy simulator for this request. DecisionDetails pulumi.StringMapInput `pulumi:"decisionDetails"` // A nested set of objects describing which policies contained statements that were relevant to this simulation request. Each object has attributes `sourcePolicyId` and `sourcePolicyType` to identify one of the policies. MatchedStatements GetPrincipalPolicySimulationResultMatchedStatementArrayInput `pulumi:"matchedStatements"` // A set of context keys (or condition keys) that were needed by some of the policies contributing to this result but not specified using a `context` block in the configuration. Missing or incorrect context keys will typically cause a simulated request to be disallowed. MissingContextKeys pulumi.StringArrayInput `pulumi:"missingContextKeys"` // ARN of the resource that was used for this particular request. When you specify multiple actions and multiple resource ARNs, that causes a separate policy request for each combination of unique action and resource. ResourceArn pulumi.StringInput `pulumi:"resourceArn"` }
func (GetPrincipalPolicySimulationResultArgs) ElementType ¶
func (GetPrincipalPolicySimulationResultArgs) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutput ¶
func (i GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput
func (GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutputWithContext ¶
func (i GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultOutput
type GetPrincipalPolicySimulationResultArray ¶
type GetPrincipalPolicySimulationResultArray []GetPrincipalPolicySimulationResultInput
func (GetPrincipalPolicySimulationResultArray) ElementType ¶
func (GetPrincipalPolicySimulationResultArray) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutput ¶
func (i GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput
func (GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutputWithContext ¶
func (i GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultArrayOutput
type GetPrincipalPolicySimulationResultArrayInput ¶
type GetPrincipalPolicySimulationResultArrayInput interface { pulumi.Input ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput ToGetPrincipalPolicySimulationResultArrayOutputWithContext(context.Context) GetPrincipalPolicySimulationResultArrayOutput }
GetPrincipalPolicySimulationResultArrayInput is an input type that accepts GetPrincipalPolicySimulationResultArray and GetPrincipalPolicySimulationResultArrayOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultArrayInput` via:
GetPrincipalPolicySimulationResultArray{ GetPrincipalPolicySimulationResultArgs{...} }
type GetPrincipalPolicySimulationResultArrayOutput ¶
type GetPrincipalPolicySimulationResultArrayOutput struct{ *pulumi.OutputState }
func (GetPrincipalPolicySimulationResultArrayOutput) ElementType ¶
func (GetPrincipalPolicySimulationResultArrayOutput) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutput ¶
func (o GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput
func (GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutputWithContext ¶
func (o GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultArrayOutput
type GetPrincipalPolicySimulationResultInput ¶
type GetPrincipalPolicySimulationResultInput interface { pulumi.Input ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput ToGetPrincipalPolicySimulationResultOutputWithContext(context.Context) GetPrincipalPolicySimulationResultOutput }
GetPrincipalPolicySimulationResultInput is an input type that accepts GetPrincipalPolicySimulationResultArgs and GetPrincipalPolicySimulationResultOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultInput` via:
GetPrincipalPolicySimulationResultArgs{...}
type GetPrincipalPolicySimulationResultMatchedStatementArgs ¶
type GetPrincipalPolicySimulationResultMatchedStatementArgs struct { SourcePolicyId pulumi.StringInput `pulumi:"sourcePolicyId"` SourcePolicyType pulumi.StringInput `pulumi:"sourcePolicyType"` }
func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ElementType ¶
func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutput ¶
func (i GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutput() GetPrincipalPolicySimulationResultMatchedStatementOutput
func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext ¶
func (i GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput
type GetPrincipalPolicySimulationResultMatchedStatementArray ¶
type GetPrincipalPolicySimulationResultMatchedStatementArray []GetPrincipalPolicySimulationResultMatchedStatementInput
func (GetPrincipalPolicySimulationResultMatchedStatementArray) ElementType ¶
func (GetPrincipalPolicySimulationResultMatchedStatementArray) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput ¶
func (i GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
func (GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext ¶
func (i GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
type GetPrincipalPolicySimulationResultMatchedStatementArrayInput ¶
type GetPrincipalPolicySimulationResultMatchedStatementArrayInput interface { pulumi.Input ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput }
GetPrincipalPolicySimulationResultMatchedStatementArrayInput is an input type that accepts GetPrincipalPolicySimulationResultMatchedStatementArray and GetPrincipalPolicySimulationResultMatchedStatementArrayOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultMatchedStatementArrayInput` via:
GetPrincipalPolicySimulationResultMatchedStatementArray{ GetPrincipalPolicySimulationResultMatchedStatementArgs{...} }
type GetPrincipalPolicySimulationResultMatchedStatementArrayOutput ¶
type GetPrincipalPolicySimulationResultMatchedStatementArrayOutput struct{ *pulumi.OutputState }
func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ElementType ¶
func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput ¶
func (o GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext ¶
func (o GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
type GetPrincipalPolicySimulationResultMatchedStatementInput ¶
type GetPrincipalPolicySimulationResultMatchedStatementInput interface { pulumi.Input ToGetPrincipalPolicySimulationResultMatchedStatementOutput() GetPrincipalPolicySimulationResultMatchedStatementOutput ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput }
GetPrincipalPolicySimulationResultMatchedStatementInput is an input type that accepts GetPrincipalPolicySimulationResultMatchedStatementArgs and GetPrincipalPolicySimulationResultMatchedStatementOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultMatchedStatementInput` via:
GetPrincipalPolicySimulationResultMatchedStatementArgs{...}
type GetPrincipalPolicySimulationResultMatchedStatementOutput ¶
type GetPrincipalPolicySimulationResultMatchedStatementOutput struct{ *pulumi.OutputState }
func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ElementType ¶
func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyId ¶
func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyId() pulumi.StringOutput
func (GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyType ¶
func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyType() pulumi.StringOutput
func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutput ¶
func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutput() GetPrincipalPolicySimulationResultMatchedStatementOutput
func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext ¶
func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput
type GetPrincipalPolicySimulationResultOutput ¶
type GetPrincipalPolicySimulationResultOutput struct{ *pulumi.OutputState }
func (GetPrincipalPolicySimulationResultOutput) ActionName ¶
func (o GetPrincipalPolicySimulationResultOutput) ActionName() pulumi.StringOutput
The name of the single IAM action used for this particular request.
func (GetPrincipalPolicySimulationResultOutput) Allowed ¶
func (o GetPrincipalPolicySimulationResultOutput) Allowed() pulumi.BoolOutput
`true` if `decision` is "allowed", and `false` otherwise.
func (GetPrincipalPolicySimulationResultOutput) Decision ¶
func (o GetPrincipalPolicySimulationResultOutput) Decision() pulumi.StringOutput
The raw decision determined from all of the policies in scope; either "allowed", "explicitDeny", or "implicitDeny".
func (GetPrincipalPolicySimulationResultOutput) DecisionDetails ¶
func (o GetPrincipalPolicySimulationResultOutput) DecisionDetails() pulumi.StringMapOutput
A map of arbitrary metadata entries returned by the policy simulator for this request.
func (GetPrincipalPolicySimulationResultOutput) ElementType ¶
func (GetPrincipalPolicySimulationResultOutput) ElementType() reflect.Type
func (GetPrincipalPolicySimulationResultOutput) MatchedStatements ¶
func (o GetPrincipalPolicySimulationResultOutput) MatchedStatements() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
A nested set of objects describing which policies contained statements that were relevant to this simulation request. Each object has attributes `sourcePolicyId` and `sourcePolicyType` to identify one of the policies.
func (GetPrincipalPolicySimulationResultOutput) MissingContextKeys ¶
func (o GetPrincipalPolicySimulationResultOutput) MissingContextKeys() pulumi.StringArrayOutput
A set of context keys (or condition keys) that were needed by some of the policies contributing to this result but not specified using a `context` block in the configuration. Missing or incorrect context keys will typically cause a simulated request to be disallowed.
func (GetPrincipalPolicySimulationResultOutput) ResourceArn ¶
func (o GetPrincipalPolicySimulationResultOutput) ResourceArn() pulumi.StringOutput
ARN of the resource that was used for this particular request. When you specify multiple actions and multiple resource ARNs, that causes a separate policy request for each combination of unique action and resource.
func (GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutput ¶
func (o GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput
func (GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutputWithContext ¶
func (o GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultOutput
type GetRoleRoleLastUsed ¶
type GetRoleRoleLastUsedArgs ¶
type GetRoleRoleLastUsedArgs struct { // The date and time, in RFC 3339 format, that the role was last used. LastUsedDate pulumi.StringInput `pulumi:"lastUsedDate"` // The name of the AWS Region in which the role was last used. Region pulumi.StringInput `pulumi:"region"` }
func (GetRoleRoleLastUsedArgs) ElementType ¶
func (GetRoleRoleLastUsedArgs) ElementType() reflect.Type
func (GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutput ¶
func (i GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutput() GetRoleRoleLastUsedOutput
func (GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutputWithContext ¶
func (i GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutputWithContext(ctx context.Context) GetRoleRoleLastUsedOutput
type GetRoleRoleLastUsedArray ¶
type GetRoleRoleLastUsedArray []GetRoleRoleLastUsedInput
func (GetRoleRoleLastUsedArray) ElementType ¶
func (GetRoleRoleLastUsedArray) ElementType() reflect.Type
func (GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutput ¶
func (i GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutput() GetRoleRoleLastUsedArrayOutput
func (GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutputWithContext ¶
func (i GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutputWithContext(ctx context.Context) GetRoleRoleLastUsedArrayOutput
type GetRoleRoleLastUsedArrayInput ¶
type GetRoleRoleLastUsedArrayInput interface { pulumi.Input ToGetRoleRoleLastUsedArrayOutput() GetRoleRoleLastUsedArrayOutput ToGetRoleRoleLastUsedArrayOutputWithContext(context.Context) GetRoleRoleLastUsedArrayOutput }
GetRoleRoleLastUsedArrayInput is an input type that accepts GetRoleRoleLastUsedArray and GetRoleRoleLastUsedArrayOutput values. You can construct a concrete instance of `GetRoleRoleLastUsedArrayInput` via:
GetRoleRoleLastUsedArray{ GetRoleRoleLastUsedArgs{...} }
type GetRoleRoleLastUsedArrayOutput ¶
type GetRoleRoleLastUsedArrayOutput struct{ *pulumi.OutputState }
func (GetRoleRoleLastUsedArrayOutput) ElementType ¶
func (GetRoleRoleLastUsedArrayOutput) ElementType() reflect.Type
func (GetRoleRoleLastUsedArrayOutput) Index ¶
func (o GetRoleRoleLastUsedArrayOutput) Index(i pulumi.IntInput) GetRoleRoleLastUsedOutput
func (GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutput ¶
func (o GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutput() GetRoleRoleLastUsedArrayOutput
func (GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutputWithContext ¶
func (o GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutputWithContext(ctx context.Context) GetRoleRoleLastUsedArrayOutput
type GetRoleRoleLastUsedInput ¶
type GetRoleRoleLastUsedInput interface { pulumi.Input ToGetRoleRoleLastUsedOutput() GetRoleRoleLastUsedOutput ToGetRoleRoleLastUsedOutputWithContext(context.Context) GetRoleRoleLastUsedOutput }
GetRoleRoleLastUsedInput is an input type that accepts GetRoleRoleLastUsedArgs and GetRoleRoleLastUsedOutput values. You can construct a concrete instance of `GetRoleRoleLastUsedInput` via:
GetRoleRoleLastUsedArgs{...}
type GetRoleRoleLastUsedOutput ¶
type GetRoleRoleLastUsedOutput struct{ *pulumi.OutputState }
func (GetRoleRoleLastUsedOutput) ElementType ¶
func (GetRoleRoleLastUsedOutput) ElementType() reflect.Type
func (GetRoleRoleLastUsedOutput) LastUsedDate ¶
func (o GetRoleRoleLastUsedOutput) LastUsedDate() pulumi.StringOutput
The date and time, in RFC 3339 format, that the role was last used.
func (GetRoleRoleLastUsedOutput) Region ¶
func (o GetRoleRoleLastUsedOutput) Region() pulumi.StringOutput
The name of the AWS Region in which the role was last used.
func (GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutput ¶
func (o GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutput() GetRoleRoleLastUsedOutput
func (GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutputWithContext ¶
func (o GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutputWithContext(ctx context.Context) GetRoleRoleLastUsedOutput
type GetRolesArgs ¶
type GetRolesArgs struct { // Regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns. NameRegex *string `pulumi:"nameRegex"` // Path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1]. PathPrefix *string `pulumi:"pathPrefix"` }
A collection of arguments for invoking getRoles.
type GetRolesOutputArgs ¶
type GetRolesOutputArgs struct { // Regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns. NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"` // Path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1]. PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"` }
A collection of arguments for invoking getRoles.
func (GetRolesOutputArgs) ElementType ¶
func (GetRolesOutputArgs) ElementType() reflect.Type
type GetRolesResult ¶
type GetRolesResult struct { // Set of ARNs of the matched IAM roles. Arns []string `pulumi:"arns"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` NameRegex *string `pulumi:"nameRegex"` // Set of Names of the matched IAM roles. Names []string `pulumi:"names"` PathPrefix *string `pulumi:"pathPrefix"` }
A collection of values returned by getRoles.
func GetRoles ¶
func GetRoles(ctx *pulumi.Context, args *GetRolesArgs, opts ...pulumi.InvokeOption) (*GetRolesResult, error)
Use this data source to get the ARNs and Names of IAM Roles.
## Example Usage ### All roles in an account
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetRoles(ctx, nil, nil) if err != nil { return err } return nil }) }
``` ### Roles filtered by name regex
Roles whose role-name contains `project`
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetRoles(ctx, &iam.GetRolesArgs{ NameRegex: pulumi.StringRef(".*project.*"), }, nil) if err != nil { return err } return nil }) }
``` ### Roles filtered by path prefix
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetRoles(ctx, &iam.GetRolesArgs{ PathPrefix: pulumi.StringRef("/custom-path"), }, nil) if err != nil { return err } return nil }) }
``` ### Roles provisioned by AWS SSO
Roles in the account filtered by path prefix ¶
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetRoles(ctx, &iam.GetRolesArgs{ PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"), }, nil) if err != nil { return err } return nil }) }
```
Specific role in the account filtered by name regex and path prefix ¶
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetRoles(ctx, &iam.GetRolesArgs{ NameRegex: pulumi.StringRef("AWSReservedSSO_permission_set_name_.*"), PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"), }, nil) if err != nil { return err } return nil }) }
```
type GetRolesResultOutput ¶
type GetRolesResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getRoles.
func GetRolesOutput ¶
func GetRolesOutput(ctx *pulumi.Context, args GetRolesOutputArgs, opts ...pulumi.InvokeOption) GetRolesResultOutput
func (GetRolesResultOutput) Arns ¶
func (o GetRolesResultOutput) Arns() pulumi.StringArrayOutput
Set of ARNs of the matched IAM roles.
func (GetRolesResultOutput) ElementType ¶
func (GetRolesResultOutput) ElementType() reflect.Type
func (GetRolesResultOutput) Id ¶
func (o GetRolesResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetRolesResultOutput) NameRegex ¶
func (o GetRolesResultOutput) NameRegex() pulumi.StringPtrOutput
func (GetRolesResultOutput) Names ¶
func (o GetRolesResultOutput) Names() pulumi.StringArrayOutput
Set of Names of the matched IAM roles.
func (GetRolesResultOutput) PathPrefix ¶
func (o GetRolesResultOutput) PathPrefix() pulumi.StringPtrOutput
func (GetRolesResultOutput) ToGetRolesResultOutput ¶
func (o GetRolesResultOutput) ToGetRolesResultOutput() GetRolesResultOutput
func (GetRolesResultOutput) ToGetRolesResultOutputWithContext ¶
func (o GetRolesResultOutput) ToGetRolesResultOutputWithContext(ctx context.Context) GetRolesResultOutput
type GetSessionContextArgs ¶
type GetSessionContextArgs struct { // ARN for an assumed role. // // > If `arn` is a non-role ARN, the provider gives no error and `issuerArn` will be equal to the `arn` value. For STS assumed-role ARNs, the provider gives an error if the identified IAM role does not exist. Arn string `pulumi:"arn"` }
A collection of arguments for invoking getSessionContext.
type GetSessionContextOutputArgs ¶
type GetSessionContextOutputArgs struct { // ARN for an assumed role. // // > If `arn` is a non-role ARN, the provider gives no error and `issuerArn` will be equal to the `arn` value. For STS assumed-role ARNs, the provider gives an error if the identified IAM role does not exist. Arn pulumi.StringInput `pulumi:"arn"` }
A collection of arguments for invoking getSessionContext.
func (GetSessionContextOutputArgs) ElementType ¶
func (GetSessionContextOutputArgs) ElementType() reflect.Type
type GetSessionContextResult ¶
type GetSessionContextResult struct { Arn string `pulumi:"arn"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`. IssuerArn string `pulumi:"issuerArn"` // Unique identifier of the IAM role that issues the STS assumed role. IssuerId string `pulumi:"issuerId"` // Name of the source role. Only available if `arn` corresponds to an STS assumed role. IssuerName string `pulumi:"issuerName"` // Name of the STS session. Only available if `arn` corresponds to an STS assumed role. SessionName string `pulumi:"sessionName"` }
A collection of values returned by getSessionContext.
func GetSessionContext ¶
func GetSessionContext(ctx *pulumi.Context, args *GetSessionContextArgs, opts ...pulumi.InvokeOption) (*GetSessionContextResult, error)
This data source provides information on the IAM source role of an STS assumed role. For non-role ARNs, this data source simply passes the ARN through in `issuerArn`.
For some AWS resources, multiple types of principals are allowed in the same argument (e.g., IAM users and IAM roles). However, these arguments often do not allow assumed-role (i.e., STS, temporary credential) principals. Given an STS ARN, this data source provides the ARN for the source IAM role.
## Example Usage ### Basic Example
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetSessionContext(ctx, &iam.GetSessionContextArgs{ Arn: "arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes", }, nil) if err != nil { return err } return nil }) }
``` ### Find the Provider's Source Role
Combined with `getCallerIdentity`, you can get the current user's source IAM role ARN (`issuerArn`) if you're using an assumed role. If you're not using an assumed role, the caller's (e.g., an IAM user's) ARN will simply be passed through. In environments where both IAM users and individuals using assumed roles need to apply the same configurations, this data source enables seamless use.
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { current, err := aws.GetCallerIdentity(ctx, nil, nil) if err != nil { return err } _, err = iam.GetSessionContext(ctx, &iam.GetSessionContextArgs{ Arn: current.Arn, }, nil) if err != nil { return err } return nil }) }
```
type GetSessionContextResultOutput ¶
type GetSessionContextResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getSessionContext.
func GetSessionContextOutput ¶
func GetSessionContextOutput(ctx *pulumi.Context, args GetSessionContextOutputArgs, opts ...pulumi.InvokeOption) GetSessionContextResultOutput
func (GetSessionContextResultOutput) Arn ¶
func (o GetSessionContextResultOutput) Arn() pulumi.StringOutput
func (GetSessionContextResultOutput) ElementType ¶
func (GetSessionContextResultOutput) ElementType() reflect.Type
func (GetSessionContextResultOutput) Id ¶
func (o GetSessionContextResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetSessionContextResultOutput) IssuerArn ¶
func (o GetSessionContextResultOutput) IssuerArn() pulumi.StringOutput
IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`.
func (GetSessionContextResultOutput) IssuerId ¶
func (o GetSessionContextResultOutput) IssuerId() pulumi.StringOutput
Unique identifier of the IAM role that issues the STS assumed role.
func (GetSessionContextResultOutput) IssuerName ¶
func (o GetSessionContextResultOutput) IssuerName() pulumi.StringOutput
Name of the source role. Only available if `arn` corresponds to an STS assumed role.
func (GetSessionContextResultOutput) SessionName ¶
func (o GetSessionContextResultOutput) SessionName() pulumi.StringOutput
Name of the STS session. Only available if `arn` corresponds to an STS assumed role.
func (GetSessionContextResultOutput) ToGetSessionContextResultOutput ¶
func (o GetSessionContextResultOutput) ToGetSessionContextResultOutput() GetSessionContextResultOutput
func (GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext ¶
func (o GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext(ctx context.Context) GetSessionContextResultOutput
type GetUserSshKeyArgs ¶
type GetUserSshKeyArgs struct { // Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`. Encoding string `pulumi:"encoding"` // Unique identifier for the SSH public key. SshPublicKeyId string `pulumi:"sshPublicKeyId"` // Name of the IAM user associated with the SSH public key. Username string `pulumi:"username"` }
A collection of arguments for invoking getUserSshKey.
type GetUserSshKeyOutputArgs ¶
type GetUserSshKeyOutputArgs struct { // Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`. Encoding pulumi.StringInput `pulumi:"encoding"` // Unique identifier for the SSH public key. SshPublicKeyId pulumi.StringInput `pulumi:"sshPublicKeyId"` // Name of the IAM user associated with the SSH public key. Username pulumi.StringInput `pulumi:"username"` }
A collection of arguments for invoking getUserSshKey.
func (GetUserSshKeyOutputArgs) ElementType ¶
func (GetUserSshKeyOutputArgs) ElementType() reflect.Type
type GetUserSshKeyResult ¶
type GetUserSshKeyResult struct { Encoding string `pulumi:"encoding"` // MD5 message digest of the SSH public key. Fingerprint string `pulumi:"fingerprint"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // SSH public key. PublicKey string `pulumi:"publicKey"` SshPublicKeyId string `pulumi:"sshPublicKeyId"` // Status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used. Status string `pulumi:"status"` Username string `pulumi:"username"` }
A collection of values returned by getUserSshKey.
func GetUserSshKey ¶
func GetUserSshKey(ctx *pulumi.Context, args *GetUserSshKeyArgs, opts ...pulumi.InvokeOption) (*GetUserSshKeyResult, error)
Use this data source to get information about a SSH public key associated with the specified IAM user.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetUserSshKey(ctx, &iam.GetUserSshKeyArgs{ Encoding: "SSH", SshPublicKeyId: "APKARUZ32GUTKIGARLXE", Username: "test-user", }, nil) if err != nil { return err } return nil }) }
```
type GetUserSshKeyResultOutput ¶
type GetUserSshKeyResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getUserSshKey.
func GetUserSshKeyOutput ¶
func GetUserSshKeyOutput(ctx *pulumi.Context, args GetUserSshKeyOutputArgs, opts ...pulumi.InvokeOption) GetUserSshKeyResultOutput
func (GetUserSshKeyResultOutput) ElementType ¶
func (GetUserSshKeyResultOutput) ElementType() reflect.Type
func (GetUserSshKeyResultOutput) Encoding ¶
func (o GetUserSshKeyResultOutput) Encoding() pulumi.StringOutput
func (GetUserSshKeyResultOutput) Fingerprint ¶
func (o GetUserSshKeyResultOutput) Fingerprint() pulumi.StringOutput
MD5 message digest of the SSH public key.
func (GetUserSshKeyResultOutput) Id ¶
func (o GetUserSshKeyResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetUserSshKeyResultOutput) PublicKey ¶
func (o GetUserSshKeyResultOutput) PublicKey() pulumi.StringOutput
SSH public key.
func (GetUserSshKeyResultOutput) SshPublicKeyId ¶
func (o GetUserSshKeyResultOutput) SshPublicKeyId() pulumi.StringOutput
func (GetUserSshKeyResultOutput) Status ¶
func (o GetUserSshKeyResultOutput) Status() pulumi.StringOutput
Status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.
func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput ¶
func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput() GetUserSshKeyResultOutput
func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext ¶
func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext(ctx context.Context) GetUserSshKeyResultOutput
func (GetUserSshKeyResultOutput) Username ¶
func (o GetUserSshKeyResultOutput) Username() pulumi.StringOutput
type GetUsersArgs ¶
type GetUsersArgs struct { // Regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns. NameRegex *string `pulumi:"nameRegex"` // Path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1]. PathPrefix *string `pulumi:"pathPrefix"` }
A collection of arguments for invoking getUsers.
type GetUsersOutputArgs ¶
type GetUsersOutputArgs struct { // Regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns. NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"` // Path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1]. PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"` }
A collection of arguments for invoking getUsers.
func (GetUsersOutputArgs) ElementType ¶
func (GetUsersOutputArgs) ElementType() reflect.Type
type GetUsersResult ¶
type GetUsersResult struct { // Set of ARNs of the matched IAM users. Arns []string `pulumi:"arns"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` NameRegex *string `pulumi:"nameRegex"` // Set of Names of the matched IAM users. Names []string `pulumi:"names"` PathPrefix *string `pulumi:"pathPrefix"` }
A collection of values returned by getUsers.
func GetUsers ¶
func GetUsers(ctx *pulumi.Context, args *GetUsersArgs, opts ...pulumi.InvokeOption) (*GetUsersResult, error)
Use this data source to get the ARNs and Names of IAM Users.
## Example Usage ### All users in an account
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetUsers(ctx, nil, nil) if err != nil { return err } return nil }) }
``` ### Users filtered by name regex
Users whose username contains `abc`
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetUsers(ctx, &iam.GetUsersArgs{ NameRegex: pulumi.StringRef(".*abc.*"), }, nil) if err != nil { return err } return nil }) }
``` ### Users filtered by path prefix
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetUsers(ctx, &iam.GetUsersArgs{ PathPrefix: pulumi.StringRef("/custom-path"), }, nil) if err != nil { return err } return nil }) }
```
type GetUsersResultOutput ¶
type GetUsersResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getUsers.
func GetUsersOutput ¶
func GetUsersOutput(ctx *pulumi.Context, args GetUsersOutputArgs, opts ...pulumi.InvokeOption) GetUsersResultOutput
func (GetUsersResultOutput) Arns ¶
func (o GetUsersResultOutput) Arns() pulumi.StringArrayOutput
Set of ARNs of the matched IAM users.
func (GetUsersResultOutput) ElementType ¶
func (GetUsersResultOutput) ElementType() reflect.Type
func (GetUsersResultOutput) Id ¶
func (o GetUsersResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetUsersResultOutput) NameRegex ¶
func (o GetUsersResultOutput) NameRegex() pulumi.StringPtrOutput
func (GetUsersResultOutput) Names ¶
func (o GetUsersResultOutput) Names() pulumi.StringArrayOutput
Set of Names of the matched IAM users.
func (GetUsersResultOutput) PathPrefix ¶
func (o GetUsersResultOutput) PathPrefix() pulumi.StringPtrOutput
func (GetUsersResultOutput) ToGetUsersResultOutput ¶
func (o GetUsersResultOutput) ToGetUsersResultOutput() GetUsersResultOutput
func (GetUsersResultOutput) ToGetUsersResultOutputWithContext ¶
func (o GetUsersResultOutput) ToGetUsersResultOutputWithContext(ctx context.Context) GetUsersResultOutput
type Group ¶
type Group struct { pulumi.CustomResourceState // The ARN assigned by AWS for this group. Arn pulumi.StringOutput `pulumi:"arn"` // The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins". Name pulumi.StringOutput `pulumi:"name"` // Path in which to create the group. Path pulumi.StringPtrOutput `pulumi:"path"` // The [unique ID][1] assigned by AWS. UniqueId pulumi.StringOutput `pulumi:"uniqueId"` }
Provides an IAM group.
> **NOTE on user management:** Using `iam.GroupMembership` or `iam.UserGroupMembership` resources in addition to manually managing user/group membership using the console may lead to configuration drift or conflicts. For this reason, it's recommended to either manage membership entirely with the provider or entirely within the AWS console.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewGroup(ctx, "developers", &iam.GroupArgs{ Path: pulumi.String("/users/"), }) if err != nil { return err } return nil }) }
```
## Import
IAM Groups can be imported using the `name`, e.g.,
```sh
$ pulumi import aws:iam/group:Group developers developers
```
func GetGroup ¶
func GetGroup(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupState, opts ...pulumi.ResourceOption) (*Group, error)
GetGroup gets an existing Group resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroup ¶
func NewGroup(ctx *pulumi.Context, name string, args *GroupArgs, opts ...pulumi.ResourceOption) (*Group, error)
NewGroup registers a new resource with the given unique name, arguments, and options.
func (*Group) ElementType ¶
func (*Group) ToGroupOutput ¶
func (i *Group) ToGroupOutput() GroupOutput
func (*Group) ToGroupOutputWithContext ¶
func (i *Group) ToGroupOutputWithContext(ctx context.Context) GroupOutput
type GroupArgs ¶
type GroupArgs struct { // The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins". Name pulumi.StringPtrInput // Path in which to create the group. Path pulumi.StringPtrInput }
The set of arguments for constructing a Group resource.
func (GroupArgs) ElementType ¶
type GroupArray ¶
type GroupArray []GroupInput
func (GroupArray) ElementType ¶
func (GroupArray) ElementType() reflect.Type
func (GroupArray) ToGroupArrayOutput ¶
func (i GroupArray) ToGroupArrayOutput() GroupArrayOutput
func (GroupArray) ToGroupArrayOutputWithContext ¶
func (i GroupArray) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput
type GroupArrayInput ¶
type GroupArrayInput interface { pulumi.Input ToGroupArrayOutput() GroupArrayOutput ToGroupArrayOutputWithContext(context.Context) GroupArrayOutput }
GroupArrayInput is an input type that accepts GroupArray and GroupArrayOutput values. You can construct a concrete instance of `GroupArrayInput` via:
GroupArray{ GroupArgs{...} }
type GroupArrayOutput ¶
type GroupArrayOutput struct{ *pulumi.OutputState }
func (GroupArrayOutput) ElementType ¶
func (GroupArrayOutput) ElementType() reflect.Type
func (GroupArrayOutput) Index ¶
func (o GroupArrayOutput) Index(i pulumi.IntInput) GroupOutput
func (GroupArrayOutput) ToGroupArrayOutput ¶
func (o GroupArrayOutput) ToGroupArrayOutput() GroupArrayOutput
func (GroupArrayOutput) ToGroupArrayOutputWithContext ¶
func (o GroupArrayOutput) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput
type GroupInput ¶
type GroupInput interface { pulumi.Input ToGroupOutput() GroupOutput ToGroupOutputWithContext(ctx context.Context) GroupOutput }
type GroupMap ¶
type GroupMap map[string]GroupInput
func (GroupMap) ElementType ¶
func (GroupMap) ToGroupMapOutput ¶
func (i GroupMap) ToGroupMapOutput() GroupMapOutput
func (GroupMap) ToGroupMapOutputWithContext ¶
func (i GroupMap) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput
type GroupMapInput ¶
type GroupMapInput interface { pulumi.Input ToGroupMapOutput() GroupMapOutput ToGroupMapOutputWithContext(context.Context) GroupMapOutput }
GroupMapInput is an input type that accepts GroupMap and GroupMapOutput values. You can construct a concrete instance of `GroupMapInput` via:
GroupMap{ "key": GroupArgs{...} }
type GroupMapOutput ¶
type GroupMapOutput struct{ *pulumi.OutputState }
func (GroupMapOutput) ElementType ¶
func (GroupMapOutput) ElementType() reflect.Type
func (GroupMapOutput) MapIndex ¶
func (o GroupMapOutput) MapIndex(k pulumi.StringInput) GroupOutput
func (GroupMapOutput) ToGroupMapOutput ¶
func (o GroupMapOutput) ToGroupMapOutput() GroupMapOutput
func (GroupMapOutput) ToGroupMapOutputWithContext ¶
func (o GroupMapOutput) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput
type GroupMembership ¶
type GroupMembership struct { pulumi.CustomResourceState // The IAM Group name to attach the list of `users` to Group pulumi.StringOutput `pulumi:"group"` // The name to identify the Group Membership Name pulumi.StringOutput `pulumi:"name"` // A list of IAM User names to associate with the Group Users pulumi.StringArrayOutput `pulumi:"users"` }
> **WARNING:** Multiple iam.GroupMembership resources with the same group name will produce inconsistent behavior!
Provides a top level resource to manage IAM Group membership for IAM Users. For more information on managing IAM Groups or IAM Users, see IAM Groups or IAM Users
> **Note:** `iam.GroupMembership` will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the `iam.UserGroupMembership` resource.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { group, err := iam.NewGroup(ctx, "group", nil) if err != nil { return err } userOne, err := iam.NewUser(ctx, "userOne", nil) if err != nil { return err } userTwo, err := iam.NewUser(ctx, "userTwo", nil) if err != nil { return err } _, err = iam.NewGroupMembership(ctx, "team", &iam.GroupMembershipArgs{ Users: pulumi.StringArray{ userOne.Name, userTwo.Name, }, Group: group.Name, }) if err != nil { return err } return nil }) }
```
func GetGroupMembership ¶
func GetGroupMembership(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupMembershipState, opts ...pulumi.ResourceOption) (*GroupMembership, error)
GetGroupMembership gets an existing GroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupMembership ¶
func NewGroupMembership(ctx *pulumi.Context, name string, args *GroupMembershipArgs, opts ...pulumi.ResourceOption) (*GroupMembership, error)
NewGroupMembership registers a new resource with the given unique name, arguments, and options.
func (*GroupMembership) ElementType ¶
func (*GroupMembership) ElementType() reflect.Type
func (*GroupMembership) ToGroupMembershipOutput ¶
func (i *GroupMembership) ToGroupMembershipOutput() GroupMembershipOutput
func (*GroupMembership) ToGroupMembershipOutputWithContext ¶
func (i *GroupMembership) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput
type GroupMembershipArgs ¶
type GroupMembershipArgs struct { // The IAM Group name to attach the list of `users` to Group pulumi.StringInput // The name to identify the Group Membership Name pulumi.StringPtrInput // A list of IAM User names to associate with the Group Users pulumi.StringArrayInput }
The set of arguments for constructing a GroupMembership resource.
func (GroupMembershipArgs) ElementType ¶
func (GroupMembershipArgs) ElementType() reflect.Type
type GroupMembershipArray ¶
type GroupMembershipArray []GroupMembershipInput
func (GroupMembershipArray) ElementType ¶
func (GroupMembershipArray) ElementType() reflect.Type
func (GroupMembershipArray) ToGroupMembershipArrayOutput ¶
func (i GroupMembershipArray) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput
func (GroupMembershipArray) ToGroupMembershipArrayOutputWithContext ¶
func (i GroupMembershipArray) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput
type GroupMembershipArrayInput ¶
type GroupMembershipArrayInput interface { pulumi.Input ToGroupMembershipArrayOutput() GroupMembershipArrayOutput ToGroupMembershipArrayOutputWithContext(context.Context) GroupMembershipArrayOutput }
GroupMembershipArrayInput is an input type that accepts GroupMembershipArray and GroupMembershipArrayOutput values. You can construct a concrete instance of `GroupMembershipArrayInput` via:
GroupMembershipArray{ GroupMembershipArgs{...} }
type GroupMembershipArrayOutput ¶
type GroupMembershipArrayOutput struct{ *pulumi.OutputState }
func (GroupMembershipArrayOutput) ElementType ¶
func (GroupMembershipArrayOutput) ElementType() reflect.Type
func (GroupMembershipArrayOutput) Index ¶
func (o GroupMembershipArrayOutput) Index(i pulumi.IntInput) GroupMembershipOutput
func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutput ¶
func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput
func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext ¶
func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput
type GroupMembershipInput ¶
type GroupMembershipInput interface { pulumi.Input ToGroupMembershipOutput() GroupMembershipOutput ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput }
type GroupMembershipMap ¶
type GroupMembershipMap map[string]GroupMembershipInput
func (GroupMembershipMap) ElementType ¶
func (GroupMembershipMap) ElementType() reflect.Type
func (GroupMembershipMap) ToGroupMembershipMapOutput ¶
func (i GroupMembershipMap) ToGroupMembershipMapOutput() GroupMembershipMapOutput
func (GroupMembershipMap) ToGroupMembershipMapOutputWithContext ¶
func (i GroupMembershipMap) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput
type GroupMembershipMapInput ¶
type GroupMembershipMapInput interface { pulumi.Input ToGroupMembershipMapOutput() GroupMembershipMapOutput ToGroupMembershipMapOutputWithContext(context.Context) GroupMembershipMapOutput }
GroupMembershipMapInput is an input type that accepts GroupMembershipMap and GroupMembershipMapOutput values. You can construct a concrete instance of `GroupMembershipMapInput` via:
GroupMembershipMap{ "key": GroupMembershipArgs{...} }
type GroupMembershipMapOutput ¶
type GroupMembershipMapOutput struct{ *pulumi.OutputState }
func (GroupMembershipMapOutput) ElementType ¶
func (GroupMembershipMapOutput) ElementType() reflect.Type
func (GroupMembershipMapOutput) MapIndex ¶
func (o GroupMembershipMapOutput) MapIndex(k pulumi.StringInput) GroupMembershipOutput
func (GroupMembershipMapOutput) ToGroupMembershipMapOutput ¶
func (o GroupMembershipMapOutput) ToGroupMembershipMapOutput() GroupMembershipMapOutput
func (GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext ¶
func (o GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput
type GroupMembershipOutput ¶
type GroupMembershipOutput struct{ *pulumi.OutputState }
func (GroupMembershipOutput) ElementType ¶
func (GroupMembershipOutput) ElementType() reflect.Type
func (GroupMembershipOutput) Group ¶
func (o GroupMembershipOutput) Group() pulumi.StringOutput
The IAM Group name to attach the list of `users` to
func (GroupMembershipOutput) Name ¶
func (o GroupMembershipOutput) Name() pulumi.StringOutput
The name to identify the Group Membership
func (GroupMembershipOutput) ToGroupMembershipOutput ¶
func (o GroupMembershipOutput) ToGroupMembershipOutput() GroupMembershipOutput
func (GroupMembershipOutput) ToGroupMembershipOutputWithContext ¶
func (o GroupMembershipOutput) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput
func (GroupMembershipOutput) Users ¶
func (o GroupMembershipOutput) Users() pulumi.StringArrayOutput
A list of IAM User names to associate with the Group
type GroupMembershipState ¶
type GroupMembershipState struct { // The IAM Group name to attach the list of `users` to Group pulumi.StringPtrInput // The name to identify the Group Membership Name pulumi.StringPtrInput // A list of IAM User names to associate with the Group Users pulumi.StringArrayInput }
func (GroupMembershipState) ElementType ¶
func (GroupMembershipState) ElementType() reflect.Type
type GroupOutput ¶
type GroupOutput struct{ *pulumi.OutputState }
func (GroupOutput) Arn ¶
func (o GroupOutput) Arn() pulumi.StringOutput
The ARN assigned by AWS for this group.
func (GroupOutput) ElementType ¶
func (GroupOutput) ElementType() reflect.Type
func (GroupOutput) Name ¶
func (o GroupOutput) Name() pulumi.StringOutput
The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
func (GroupOutput) Path ¶
func (o GroupOutput) Path() pulumi.StringPtrOutput
Path in which to create the group.
func (GroupOutput) ToGroupOutput ¶
func (o GroupOutput) ToGroupOutput() GroupOutput
func (GroupOutput) ToGroupOutputWithContext ¶
func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput
func (GroupOutput) UniqueId ¶
func (o GroupOutput) UniqueId() pulumi.StringOutput
The [unique ID][1] assigned by AWS.
type GroupPolicy ¶
type GroupPolicy struct { pulumi.CustomResourceState // The IAM group to attach to the policy. Group pulumi.StringOutput `pulumi:"group"` // The name of the policy. If omitted, the provider will // assign a random, unique name. Name pulumi.StringOutput `pulumi:"name"` // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"` // The policy document. This is a JSON formatted string. Policy pulumi.StringOutput `pulumi:"policy"` }
Provides an IAM policy attached to a group.
## Example Usage
```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { myDevelopers, err := iam.NewGroup(ctx, "myDevelopers", &iam.GroupArgs{ Path: pulumi.String("/users/"), }) if err != nil { return err } tmpJSON0, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": []string{ "ec2:Describe*", }, "Effect": "Allow", "Resource": "*", }, }, }) if err != nil { return err } json0 := string(tmpJSON0) _, err = iam.NewGroupPolicy(ctx, "myDeveloperPolicy", &iam.GroupPolicyArgs{ Group: myDevelopers.Name, Policy: pulumi.String(json0), }) if err != nil { return err } return nil }) }
```
## Import
IAM Group Policies can be imported using the `group_name:group_policy_name`, e.g.,
```sh
$ pulumi import aws:iam/groupPolicy:GroupPolicy mypolicy group_of_mypolicy_name:mypolicy_name
```
func GetGroupPolicy ¶
func GetGroupPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupPolicyState, opts ...pulumi.ResourceOption) (*GroupPolicy, error)
GetGroupPolicy gets an existing GroupPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupPolicy ¶
func NewGroupPolicy(ctx *pulumi.Context, name string, args *GroupPolicyArgs, opts ...pulumi.ResourceOption) (*GroupPolicy, error)
NewGroupPolicy registers a new resource with the given unique name, arguments, and options.
func (*GroupPolicy) ElementType ¶
func (*GroupPolicy) ElementType() reflect.Type
func (*GroupPolicy) ToGroupPolicyOutput ¶
func (i *GroupPolicy) ToGroupPolicyOutput() GroupPolicyOutput
func (*GroupPolicy) ToGroupPolicyOutputWithContext ¶
func (i *GroupPolicy) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput
type GroupPolicyArgs ¶
type GroupPolicyArgs struct { // The IAM group to attach to the policy. Group pulumi.StringInput // The name of the policy. If omitted, the provider will // assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The policy document. This is a JSON formatted string. Policy pulumi.Input }
The set of arguments for constructing a GroupPolicy resource.
func (GroupPolicyArgs) ElementType ¶
func (GroupPolicyArgs) ElementType() reflect.Type
type GroupPolicyArray ¶
type GroupPolicyArray []GroupPolicyInput
func (GroupPolicyArray) ElementType ¶
func (GroupPolicyArray) ElementType() reflect.Type
func (GroupPolicyArray) ToGroupPolicyArrayOutput ¶
func (i GroupPolicyArray) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput
func (GroupPolicyArray) ToGroupPolicyArrayOutputWithContext ¶
func (i GroupPolicyArray) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput
type GroupPolicyArrayInput ¶
type GroupPolicyArrayInput interface { pulumi.Input ToGroupPolicyArrayOutput() GroupPolicyArrayOutput ToGroupPolicyArrayOutputWithContext(context.Context) GroupPolicyArrayOutput }
GroupPolicyArrayInput is an input type that accepts GroupPolicyArray and GroupPolicyArrayOutput values. You can construct a concrete instance of `GroupPolicyArrayInput` via:
GroupPolicyArray{ GroupPolicyArgs{...} }
type GroupPolicyArrayOutput ¶
type GroupPolicyArrayOutput struct{ *pulumi.OutputState }
func (GroupPolicyArrayOutput) ElementType ¶
func (GroupPolicyArrayOutput) ElementType() reflect.Type
func (GroupPolicyArrayOutput) Index ¶
func (o GroupPolicyArrayOutput) Index(i pulumi.IntInput) GroupPolicyOutput
func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutput ¶
func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput
func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext ¶
func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput
type GroupPolicyAttachment ¶
type GroupPolicyAttachment struct { pulumi.CustomResourceState // The group the policy should be applied to Group pulumi.StringOutput `pulumi:"group"` // The ARN of the policy you want to apply PolicyArn pulumi.StringOutput `pulumi:"policyArn"` }
Attaches a Managed IAM Policy to an IAM group
> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { group, err := iam.NewGroup(ctx, "group", nil) if err != nil { return err } policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{ Description: pulumi.String("A test policy"), Policy: pulumi.Any("{ ... policy JSON ... }"), }) if err != nil { return err } _, err = iam.NewGroupPolicyAttachment(ctx, "test-attach", &iam.GroupPolicyAttachmentArgs{ Group: group.Name, PolicyArn: policy.Arn, }) if err != nil { return err } return nil }) }
```
## Import
IAM group policy attachments can be imported using the group name and policy arn separated by `/`.
```sh
$ pulumi import aws:iam/groupPolicyAttachment:GroupPolicyAttachment test-attach test-group/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy
```
func GetGroupPolicyAttachment ¶
func GetGroupPolicyAttachment(ctx *pulumi.Context, name string, id pulumi.IDInput, state *GroupPolicyAttachmentState, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)
GetGroupPolicyAttachment gets an existing GroupPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewGroupPolicyAttachment ¶
func NewGroupPolicyAttachment(ctx *pulumi.Context, name string, args *GroupPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)
NewGroupPolicyAttachment registers a new resource with the given unique name, arguments, and options.
func (*GroupPolicyAttachment) ElementType ¶
func (*GroupPolicyAttachment) ElementType() reflect.Type
func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutput ¶
func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput
func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext ¶
func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput
type GroupPolicyAttachmentArgs ¶
type GroupPolicyAttachmentArgs struct { // The group the policy should be applied to Group pulumi.Input // The ARN of the policy you want to apply PolicyArn pulumi.StringInput }
The set of arguments for constructing a GroupPolicyAttachment resource.
func (GroupPolicyAttachmentArgs) ElementType ¶
func (GroupPolicyAttachmentArgs) ElementType() reflect.Type
type GroupPolicyAttachmentArray ¶
type GroupPolicyAttachmentArray []GroupPolicyAttachmentInput
func (GroupPolicyAttachmentArray) ElementType ¶
func (GroupPolicyAttachmentArray) ElementType() reflect.Type
func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput ¶
func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput
func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext ¶
func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput
type GroupPolicyAttachmentArrayInput ¶
type GroupPolicyAttachmentArrayInput interface { pulumi.Input ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput ToGroupPolicyAttachmentArrayOutputWithContext(context.Context) GroupPolicyAttachmentArrayOutput }
GroupPolicyAttachmentArrayInput is an input type that accepts GroupPolicyAttachmentArray and GroupPolicyAttachmentArrayOutput values. You can construct a concrete instance of `GroupPolicyAttachmentArrayInput` via:
GroupPolicyAttachmentArray{ GroupPolicyAttachmentArgs{...} }
type GroupPolicyAttachmentArrayOutput ¶
type GroupPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }
func (GroupPolicyAttachmentArrayOutput) ElementType ¶
func (GroupPolicyAttachmentArrayOutput) ElementType() reflect.Type
func (GroupPolicyAttachmentArrayOutput) Index ¶
func (o GroupPolicyAttachmentArrayOutput) Index(i pulumi.IntInput) GroupPolicyAttachmentOutput
func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput ¶
func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput
func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext ¶
func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput
type GroupPolicyAttachmentInput ¶
type GroupPolicyAttachmentInput interface { pulumi.Input ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput }
type GroupPolicyAttachmentMap ¶
type GroupPolicyAttachmentMap map[string]GroupPolicyAttachmentInput
func (GroupPolicyAttachmentMap) ElementType ¶
func (GroupPolicyAttachmentMap) ElementType() reflect.Type
func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput ¶
func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput
func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext ¶
func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput
type GroupPolicyAttachmentMapInput ¶
type GroupPolicyAttachmentMapInput interface { pulumi.Input ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput ToGroupPolicyAttachmentMapOutputWithContext(context.Context) GroupPolicyAttachmentMapOutput }
GroupPolicyAttachmentMapInput is an input type that accepts GroupPolicyAttachmentMap and GroupPolicyAttachmentMapOutput values. You can construct a concrete instance of `GroupPolicyAttachmentMapInput` via:
GroupPolicyAttachmentMap{ "key": GroupPolicyAttachmentArgs{...} }
type GroupPolicyAttachmentMapOutput ¶
type GroupPolicyAttachmentMapOutput struct{ *pulumi.OutputState }
func (GroupPolicyAttachmentMapOutput) ElementType ¶
func (GroupPolicyAttachmentMapOutput) ElementType() reflect.Type
func (GroupPolicyAttachmentMapOutput) MapIndex ¶
func (o GroupPolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) GroupPolicyAttachmentOutput
func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput ¶
func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput
func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext ¶
func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput
type GroupPolicyAttachmentOutput ¶
type GroupPolicyAttachmentOutput struct{ *pulumi.OutputState }
func (GroupPolicyAttachmentOutput) ElementType ¶
func (GroupPolicyAttachmentOutput) ElementType() reflect.Type
func (GroupPolicyAttachmentOutput) Group ¶
func (o GroupPolicyAttachmentOutput) Group() pulumi.StringOutput
The group the policy should be applied to
func (GroupPolicyAttachmentOutput) PolicyArn ¶
func (o GroupPolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
The ARN of the policy you want to apply
func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput ¶
func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput
func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext ¶
func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput
type GroupPolicyAttachmentState ¶
type GroupPolicyAttachmentState struct { // The group the policy should be applied to Group pulumi.Input // The ARN of the policy you want to apply PolicyArn pulumi.StringPtrInput }
func (GroupPolicyAttachmentState) ElementType ¶
func (GroupPolicyAttachmentState) ElementType() reflect.Type
type GroupPolicyInput ¶
type GroupPolicyInput interface { pulumi.Input ToGroupPolicyOutput() GroupPolicyOutput ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput }
type GroupPolicyMap ¶
type GroupPolicyMap map[string]GroupPolicyInput
func (GroupPolicyMap) ElementType ¶
func (GroupPolicyMap) ElementType() reflect.Type
func (GroupPolicyMap) ToGroupPolicyMapOutput ¶
func (i GroupPolicyMap) ToGroupPolicyMapOutput() GroupPolicyMapOutput
func (GroupPolicyMap) ToGroupPolicyMapOutputWithContext ¶
func (i GroupPolicyMap) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput
type GroupPolicyMapInput ¶
type GroupPolicyMapInput interface { pulumi.Input ToGroupPolicyMapOutput() GroupPolicyMapOutput ToGroupPolicyMapOutputWithContext(context.Context) GroupPolicyMapOutput }
GroupPolicyMapInput is an input type that accepts GroupPolicyMap and GroupPolicyMapOutput values. You can construct a concrete instance of `GroupPolicyMapInput` via:
GroupPolicyMap{ "key": GroupPolicyArgs{...} }
type GroupPolicyMapOutput ¶
type GroupPolicyMapOutput struct{ *pulumi.OutputState }
func (GroupPolicyMapOutput) ElementType ¶
func (GroupPolicyMapOutput) ElementType() reflect.Type
func (GroupPolicyMapOutput) MapIndex ¶
func (o GroupPolicyMapOutput) MapIndex(k pulumi.StringInput) GroupPolicyOutput
func (GroupPolicyMapOutput) ToGroupPolicyMapOutput ¶
func (o GroupPolicyMapOutput) ToGroupPolicyMapOutput() GroupPolicyMapOutput
func (GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext ¶
func (o GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput
type GroupPolicyOutput ¶
type GroupPolicyOutput struct{ *pulumi.OutputState }
func (GroupPolicyOutput) ElementType ¶
func (GroupPolicyOutput) ElementType() reflect.Type
func (GroupPolicyOutput) Group ¶
func (o GroupPolicyOutput) Group() pulumi.StringOutput
The IAM group to attach to the policy.
func (GroupPolicyOutput) Name ¶
func (o GroupPolicyOutput) Name() pulumi.StringOutput
The name of the policy. If omitted, the provider will assign a random, unique name.
func (GroupPolicyOutput) NamePrefix ¶
func (o GroupPolicyOutput) NamePrefix() pulumi.StringPtrOutput
Creates a unique name beginning with the specified prefix. Conflicts with `name`.
func (GroupPolicyOutput) Policy ¶
func (o GroupPolicyOutput) Policy() pulumi.StringOutput
The policy document. This is a JSON formatted string.
func (GroupPolicyOutput) ToGroupPolicyOutput ¶
func (o GroupPolicyOutput) ToGroupPolicyOutput() GroupPolicyOutput
func (GroupPolicyOutput) ToGroupPolicyOutputWithContext ¶
func (o GroupPolicyOutput) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput
type GroupPolicyState ¶
type GroupPolicyState struct { // The IAM group to attach to the policy. Group pulumi.StringPtrInput // The name of the policy. If omitted, the provider will // assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The policy document. This is a JSON formatted string. Policy pulumi.Input }
func (GroupPolicyState) ElementType ¶
func (GroupPolicyState) ElementType() reflect.Type
type GroupState ¶
type GroupState struct { // The ARN assigned by AWS for this group. Arn pulumi.StringPtrInput // The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins". Name pulumi.StringPtrInput // Path in which to create the group. Path pulumi.StringPtrInput // The [unique ID][1] assigned by AWS. UniqueId pulumi.StringPtrInput }
func (GroupState) ElementType ¶
func (GroupState) ElementType() reflect.Type
type InstanceProfile ¶
type InstanceProfile struct { pulumi.CustomResourceState // ARN assigned by AWS to the instance profile. Arn pulumi.StringOutput `pulumi:"arn"` // Creation timestamp of the instance profile. CreateDate pulumi.StringOutput `pulumi:"createDate"` // Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. Name pulumi.StringOutput `pulumi:"name"` // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringOutput `pulumi:"namePrefix"` // Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters. Path pulumi.StringPtrOutput `pulumi:"path"` // Name of the role to add to the profile. Role pulumi.StringPtrOutput `pulumi:"role"` // Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // [Unique ID][1] assigned by AWS. UniqueId pulumi.StringOutput `pulumi:"uniqueId"` }
Provides an IAM instance profile.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "Service", Identifiers: []string{ "ec2.amazonaws.com", }, }, }, Actions: []string{ "sts:AssumeRole", }, }, }, }, nil) if err != nil { return err } role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{ Path: pulumi.String("/"), AssumeRolePolicy: *pulumi.String(assumeRole.Json), }) if err != nil { return err } _, err = iam.NewInstanceProfile(ctx, "testProfile", &iam.InstanceProfileArgs{ Role: role.Name, }) if err != nil { return err } return nil }) }
```
## Import
Instance Profiles can be imported using the `name`, e.g.,
```sh
$ pulumi import aws:iam/instanceProfile:InstanceProfile test_profile app-instance-profile-1
```
func GetInstanceProfile ¶
func GetInstanceProfile(ctx *pulumi.Context, name string, id pulumi.IDInput, state *InstanceProfileState, opts ...pulumi.ResourceOption) (*InstanceProfile, error)
GetInstanceProfile gets an existing InstanceProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewInstanceProfile ¶
func NewInstanceProfile(ctx *pulumi.Context, name string, args *InstanceProfileArgs, opts ...pulumi.ResourceOption) (*InstanceProfile, error)
NewInstanceProfile registers a new resource with the given unique name, arguments, and options.
func (*InstanceProfile) ElementType ¶
func (*InstanceProfile) ElementType() reflect.Type
func (*InstanceProfile) ToInstanceProfileOutput ¶
func (i *InstanceProfile) ToInstanceProfileOutput() InstanceProfileOutput
func (*InstanceProfile) ToInstanceProfileOutputWithContext ¶
func (i *InstanceProfile) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput
type InstanceProfileArgs ¶
type InstanceProfileArgs struct { // Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters. Path pulumi.StringPtrInput // Name of the role to add to the profile. Role pulumi.Input // Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput }
The set of arguments for constructing a InstanceProfile resource.
func (InstanceProfileArgs) ElementType ¶
func (InstanceProfileArgs) ElementType() reflect.Type
type InstanceProfileArray ¶
type InstanceProfileArray []InstanceProfileInput
func (InstanceProfileArray) ElementType ¶
func (InstanceProfileArray) ElementType() reflect.Type
func (InstanceProfileArray) ToInstanceProfileArrayOutput ¶
func (i InstanceProfileArray) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput
func (InstanceProfileArray) ToInstanceProfileArrayOutputWithContext ¶
func (i InstanceProfileArray) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput
type InstanceProfileArrayInput ¶
type InstanceProfileArrayInput interface { pulumi.Input ToInstanceProfileArrayOutput() InstanceProfileArrayOutput ToInstanceProfileArrayOutputWithContext(context.Context) InstanceProfileArrayOutput }
InstanceProfileArrayInput is an input type that accepts InstanceProfileArray and InstanceProfileArrayOutput values. You can construct a concrete instance of `InstanceProfileArrayInput` via:
InstanceProfileArray{ InstanceProfileArgs{...} }
type InstanceProfileArrayOutput ¶
type InstanceProfileArrayOutput struct{ *pulumi.OutputState }
func (InstanceProfileArrayOutput) ElementType ¶
func (InstanceProfileArrayOutput) ElementType() reflect.Type
func (InstanceProfileArrayOutput) Index ¶
func (o InstanceProfileArrayOutput) Index(i pulumi.IntInput) InstanceProfileOutput
func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutput ¶
func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput
func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext ¶
func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput
type InstanceProfileInput ¶
type InstanceProfileInput interface { pulumi.Input ToInstanceProfileOutput() InstanceProfileOutput ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput }
type InstanceProfileMap ¶
type InstanceProfileMap map[string]InstanceProfileInput
func (InstanceProfileMap) ElementType ¶
func (InstanceProfileMap) ElementType() reflect.Type
func (InstanceProfileMap) ToInstanceProfileMapOutput ¶
func (i InstanceProfileMap) ToInstanceProfileMapOutput() InstanceProfileMapOutput
func (InstanceProfileMap) ToInstanceProfileMapOutputWithContext ¶
func (i InstanceProfileMap) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput
type InstanceProfileMapInput ¶
type InstanceProfileMapInput interface { pulumi.Input ToInstanceProfileMapOutput() InstanceProfileMapOutput ToInstanceProfileMapOutputWithContext(context.Context) InstanceProfileMapOutput }
InstanceProfileMapInput is an input type that accepts InstanceProfileMap and InstanceProfileMapOutput values. You can construct a concrete instance of `InstanceProfileMapInput` via:
InstanceProfileMap{ "key": InstanceProfileArgs{...} }
type InstanceProfileMapOutput ¶
type InstanceProfileMapOutput struct{ *pulumi.OutputState }
func (InstanceProfileMapOutput) ElementType ¶
func (InstanceProfileMapOutput) ElementType() reflect.Type
func (InstanceProfileMapOutput) MapIndex ¶
func (o InstanceProfileMapOutput) MapIndex(k pulumi.StringInput) InstanceProfileOutput
func (InstanceProfileMapOutput) ToInstanceProfileMapOutput ¶
func (o InstanceProfileMapOutput) ToInstanceProfileMapOutput() InstanceProfileMapOutput
func (InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext ¶
func (o InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput
type InstanceProfileOutput ¶
type InstanceProfileOutput struct{ *pulumi.OutputState }
func (InstanceProfileOutput) Arn ¶
func (o InstanceProfileOutput) Arn() pulumi.StringOutput
ARN assigned by AWS to the instance profile.
func (InstanceProfileOutput) CreateDate ¶
func (o InstanceProfileOutput) CreateDate() pulumi.StringOutput
Creation timestamp of the instance profile.
func (InstanceProfileOutput) ElementType ¶
func (InstanceProfileOutput) ElementType() reflect.Type
func (InstanceProfileOutput) Name ¶
func (o InstanceProfileOutput) Name() pulumi.StringOutput
Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
func (InstanceProfileOutput) NamePrefix ¶
func (o InstanceProfileOutput) NamePrefix() pulumi.StringOutput
Creates a unique name beginning with the specified prefix. Conflicts with `name`.
func (InstanceProfileOutput) Path ¶
func (o InstanceProfileOutput) Path() pulumi.StringPtrOutput
Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
func (InstanceProfileOutput) Role ¶
func (o InstanceProfileOutput) Role() pulumi.StringPtrOutput
Name of the role to add to the profile.
func (InstanceProfileOutput) Tags ¶
func (o InstanceProfileOutput) Tags() pulumi.StringMapOutput
Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (InstanceProfileOutput) TagsAll ¶
func (o InstanceProfileOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (InstanceProfileOutput) ToInstanceProfileOutput ¶
func (o InstanceProfileOutput) ToInstanceProfileOutput() InstanceProfileOutput
func (InstanceProfileOutput) ToInstanceProfileOutputWithContext ¶
func (o InstanceProfileOutput) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput
func (InstanceProfileOutput) UniqueId ¶
func (o InstanceProfileOutput) UniqueId() pulumi.StringOutput
[Unique ID][1] assigned by AWS.
type InstanceProfileState ¶
type InstanceProfileState struct { // ARN assigned by AWS to the instance profile. Arn pulumi.StringPtrInput // Creation timestamp of the instance profile. CreateDate pulumi.StringPtrInput // Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters. Path pulumi.StringPtrInput // Name of the role to add to the profile. Role pulumi.Input // Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // [Unique ID][1] assigned by AWS. UniqueId pulumi.StringPtrInput }
func (InstanceProfileState) ElementType ¶
func (InstanceProfileState) ElementType() reflect.Type
type LookupAccountAliasResult ¶
type LookupAccountAliasResult struct { // Alias associated with the AWS account. AccountAlias string `pulumi:"accountAlias"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` }
A collection of values returned by getAccountAlias.
func LookupAccountAlias ¶
func LookupAccountAlias(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*LookupAccountAliasResult, error)
The IAM Account Alias data source allows access to the account alias for the effective account in which this provider is working.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { current, err := iam.LookupAccountAlias(ctx, nil, nil) if err != nil { return err } ctx.Export("accountId", current.AccountAlias) return nil }) }
```
type LookupGroupArgs ¶
type LookupGroupArgs struct { // Friendly IAM group name to match. GroupName string `pulumi:"groupName"` }
A collection of arguments for invoking getGroup.
type LookupGroupOutputArgs ¶
type LookupGroupOutputArgs struct { // Friendly IAM group name to match. GroupName pulumi.StringInput `pulumi:"groupName"` }
A collection of arguments for invoking getGroup.
func (LookupGroupOutputArgs) ElementType ¶
func (LookupGroupOutputArgs) ElementType() reflect.Type
type LookupGroupResult ¶
type LookupGroupResult struct { // User ARN. Arn string `pulumi:"arn"` // Stable and unique string identifying the group. GroupId string `pulumi:"groupId"` GroupName string `pulumi:"groupName"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Path to the IAM user. Path string `pulumi:"path"` // List of objects containing group member information. See below. Users []GetGroupUser `pulumi:"users"` }
A collection of values returned by getGroup.
func LookupGroup ¶
func LookupGroup(ctx *pulumi.Context, args *LookupGroupArgs, opts ...pulumi.InvokeOption) (*LookupGroupResult, error)
This data source can be used to fetch information about a specific IAM group. By using this data source, you can reference IAM group properties without having to hard code ARNs as input.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupGroup(ctx, &iam.LookupGroupArgs{ GroupName: "an_example_group_name", }, nil) if err != nil { return err } return nil }) }
```
type LookupGroupResultOutput ¶
type LookupGroupResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getGroup.
func LookupGroupOutput ¶
func LookupGroupOutput(ctx *pulumi.Context, args LookupGroupOutputArgs, opts ...pulumi.InvokeOption) LookupGroupResultOutput
func (LookupGroupResultOutput) Arn ¶
func (o LookupGroupResultOutput) Arn() pulumi.StringOutput
User ARN.
func (LookupGroupResultOutput) ElementType ¶
func (LookupGroupResultOutput) ElementType() reflect.Type
func (LookupGroupResultOutput) GroupId ¶
func (o LookupGroupResultOutput) GroupId() pulumi.StringOutput
Stable and unique string identifying the group.
func (LookupGroupResultOutput) GroupName ¶
func (o LookupGroupResultOutput) GroupName() pulumi.StringOutput
func (LookupGroupResultOutput) Id ¶
func (o LookupGroupResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupGroupResultOutput) Path ¶
func (o LookupGroupResultOutput) Path() pulumi.StringOutput
Path to the IAM user.
func (LookupGroupResultOutput) ToLookupGroupResultOutput ¶
func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput
func (LookupGroupResultOutput) ToLookupGroupResultOutputWithContext ¶
func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput
func (LookupGroupResultOutput) Users ¶
func (o LookupGroupResultOutput) Users() GetGroupUserArrayOutput
List of objects containing group member information. See below.
type LookupInstanceProfileArgs ¶
type LookupInstanceProfileArgs struct { // Friendly IAM instance profile name to match. Name string `pulumi:"name"` }
A collection of arguments for invoking getInstanceProfile.
type LookupInstanceProfileOutputArgs ¶
type LookupInstanceProfileOutputArgs struct { // Friendly IAM instance profile name to match. Name pulumi.StringInput `pulumi:"name"` }
A collection of arguments for invoking getInstanceProfile.
func (LookupInstanceProfileOutputArgs) ElementType ¶
func (LookupInstanceProfileOutputArgs) ElementType() reflect.Type
type LookupInstanceProfileResult ¶
type LookupInstanceProfileResult struct { // ARN. Arn string `pulumi:"arn"` // String representation of the date the instance profile was created. CreateDate string `pulumi:"createDate"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Name string `pulumi:"name"` // Path to the instance profile. Path string `pulumi:"path"` // Role ARN associated with this instance profile. RoleArn string `pulumi:"roleArn"` // Role ID associated with this instance profile. RoleId string `pulumi:"roleId"` // Role name associated with this instance profile. RoleName string `pulumi:"roleName"` }
A collection of values returned by getInstanceProfile.
func LookupInstanceProfile ¶
func LookupInstanceProfile(ctx *pulumi.Context, args *LookupInstanceProfileArgs, opts ...pulumi.InvokeOption) (*LookupInstanceProfileResult, error)
This data source can be used to fetch information about a specific IAM instance profile. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupInstanceProfile(ctx, &iam.LookupInstanceProfileArgs{ Name: "an_example_instance_profile_name", }, nil) if err != nil { return err } return nil }) }
```
type LookupInstanceProfileResultOutput ¶
type LookupInstanceProfileResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getInstanceProfile.
func LookupInstanceProfileOutput ¶
func LookupInstanceProfileOutput(ctx *pulumi.Context, args LookupInstanceProfileOutputArgs, opts ...pulumi.InvokeOption) LookupInstanceProfileResultOutput
func (LookupInstanceProfileResultOutput) Arn ¶
func (o LookupInstanceProfileResultOutput) Arn() pulumi.StringOutput
ARN.
func (LookupInstanceProfileResultOutput) CreateDate ¶
func (o LookupInstanceProfileResultOutput) CreateDate() pulumi.StringOutput
String representation of the date the instance profile was created.
func (LookupInstanceProfileResultOutput) ElementType ¶
func (LookupInstanceProfileResultOutput) ElementType() reflect.Type
func (LookupInstanceProfileResultOutput) Id ¶
func (o LookupInstanceProfileResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupInstanceProfileResultOutput) Name ¶
func (o LookupInstanceProfileResultOutput) Name() pulumi.StringOutput
func (LookupInstanceProfileResultOutput) Path ¶
func (o LookupInstanceProfileResultOutput) Path() pulumi.StringOutput
Path to the instance profile.
func (LookupInstanceProfileResultOutput) RoleArn ¶
func (o LookupInstanceProfileResultOutput) RoleArn() pulumi.StringOutput
Role ARN associated with this instance profile.
func (LookupInstanceProfileResultOutput) RoleId ¶
func (o LookupInstanceProfileResultOutput) RoleId() pulumi.StringOutput
Role ID associated with this instance profile.
func (LookupInstanceProfileResultOutput) RoleName ¶
func (o LookupInstanceProfileResultOutput) RoleName() pulumi.StringOutput
Role name associated with this instance profile.
func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput ¶
func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput() LookupInstanceProfileResultOutput
func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext ¶
func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext(ctx context.Context) LookupInstanceProfileResultOutput
type LookupOpenIdConnectProviderArgs ¶
type LookupOpenIdConnectProviderArgs struct { // ARN of the OpenID Connect provider. Arn *string `pulumi:"arn"` // Map of resource tags for the IAM OIDC provider. Tags map[string]string `pulumi:"tags"` // URL of the OpenID Connect provider. Url *string `pulumi:"url"` }
A collection of arguments for invoking getOpenIdConnectProvider.
type LookupOpenIdConnectProviderOutputArgs ¶
type LookupOpenIdConnectProviderOutputArgs struct { // ARN of the OpenID Connect provider. Arn pulumi.StringPtrInput `pulumi:"arn"` // Map of resource tags for the IAM OIDC provider. Tags pulumi.StringMapInput `pulumi:"tags"` // URL of the OpenID Connect provider. Url pulumi.StringPtrInput `pulumi:"url"` }
A collection of arguments for invoking getOpenIdConnectProvider.
func (LookupOpenIdConnectProviderOutputArgs) ElementType ¶
func (LookupOpenIdConnectProviderOutputArgs) ElementType() reflect.Type
type LookupOpenIdConnectProviderResult ¶
type LookupOpenIdConnectProviderResult struct { Arn string `pulumi:"arn"` // List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.) ClientIdLists []string `pulumi:"clientIdLists"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Map of resource tags for the IAM OIDC provider. Tags map[string]string `pulumi:"tags"` // List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s). ThumbprintLists []string `pulumi:"thumbprintLists"` Url string `pulumi:"url"` }
A collection of values returned by getOpenIdConnectProvider.
func LookupOpenIdConnectProvider ¶
func LookupOpenIdConnectProvider(ctx *pulumi.Context, args *LookupOpenIdConnectProviderArgs, opts ...pulumi.InvokeOption) (*LookupOpenIdConnectProviderResult, error)
This data source can be used to fetch information about a specific IAM OpenID Connect provider. By using this data source, you can retrieve the the resource information by either its `arn` or `url`.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupOpenIdConnectProvider(ctx, &iam.LookupOpenIdConnectProviderArgs{ Arn: pulumi.StringRef("arn:aws:iam::123456789012:oidc-provider/accounts.google.com"), }, nil) if err != nil { return err } return nil }) }
```
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupOpenIdConnectProvider(ctx, &iam.LookupOpenIdConnectProviderArgs{ Url: pulumi.StringRef("https://accounts.google.com"), }, nil) if err != nil { return err } return nil }) }
```
type LookupOpenIdConnectProviderResultOutput ¶
type LookupOpenIdConnectProviderResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getOpenIdConnectProvider.
func LookupOpenIdConnectProviderOutput ¶
func LookupOpenIdConnectProviderOutput(ctx *pulumi.Context, args LookupOpenIdConnectProviderOutputArgs, opts ...pulumi.InvokeOption) LookupOpenIdConnectProviderResultOutput
func (LookupOpenIdConnectProviderResultOutput) Arn ¶
func (o LookupOpenIdConnectProviderResultOutput) Arn() pulumi.StringOutput
func (LookupOpenIdConnectProviderResultOutput) ClientIdLists ¶
func (o LookupOpenIdConnectProviderResultOutput) ClientIdLists() pulumi.StringArrayOutput
List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
func (LookupOpenIdConnectProviderResultOutput) ElementType ¶
func (LookupOpenIdConnectProviderResultOutput) ElementType() reflect.Type
func (LookupOpenIdConnectProviderResultOutput) Id ¶
func (o LookupOpenIdConnectProviderResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupOpenIdConnectProviderResultOutput) Tags ¶
func (o LookupOpenIdConnectProviderResultOutput) Tags() pulumi.StringMapOutput
Map of resource tags for the IAM OIDC provider.
func (LookupOpenIdConnectProviderResultOutput) ThumbprintLists ¶
func (o LookupOpenIdConnectProviderResultOutput) ThumbprintLists() pulumi.StringArrayOutput
List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
func (LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutput ¶
func (o LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutput() LookupOpenIdConnectProviderResultOutput
func (LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutputWithContext ¶
func (o LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutputWithContext(ctx context.Context) LookupOpenIdConnectProviderResultOutput
func (LookupOpenIdConnectProviderResultOutput) Url ¶
func (o LookupOpenIdConnectProviderResultOutput) Url() pulumi.StringOutput
type LookupPolicyArgs ¶
type LookupPolicyArgs struct { // ARN of the IAM policy. // Conflicts with `name` and `pathPrefix`. Arn *string `pulumi:"arn"` // Name of the IAM policy. // Conflicts with `arn`. Name *string `pulumi:"name"` // Prefix of the path to the IAM policy. // Defaults to a slash (`/`). // Conflicts with `arn`. PathPrefix *string `pulumi:"pathPrefix"` // Key-value mapping of tags for the IAM Policy. Tags map[string]string `pulumi:"tags"` }
A collection of arguments for invoking getPolicy.
type LookupPolicyOutputArgs ¶
type LookupPolicyOutputArgs struct { // ARN of the IAM policy. // Conflicts with `name` and `pathPrefix`. Arn pulumi.StringPtrInput `pulumi:"arn"` // Name of the IAM policy. // Conflicts with `arn`. Name pulumi.StringPtrInput `pulumi:"name"` // Prefix of the path to the IAM policy. // Defaults to a slash (`/`). // Conflicts with `arn`. PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"` // Key-value mapping of tags for the IAM Policy. Tags pulumi.StringMapInput `pulumi:"tags"` }
A collection of arguments for invoking getPolicy.
func (LookupPolicyOutputArgs) ElementType ¶
func (LookupPolicyOutputArgs) ElementType() reflect.Type
type LookupPolicyResult ¶
type LookupPolicyResult struct { // ARN of the policy. Arn string `pulumi:"arn"` // Description of the policy. Description string `pulumi:"description"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Name string `pulumi:"name"` // Path to the policy. Path string `pulumi:"path"` PathPrefix *string `pulumi:"pathPrefix"` // Policy document of the policy. Policy string `pulumi:"policy"` // Policy's ID. PolicyId string `pulumi:"policyId"` // Key-value mapping of tags for the IAM Policy. Tags map[string]string `pulumi:"tags"` }
A collection of values returned by getPolicy.
func LookupPolicy ¶
func LookupPolicy(ctx *pulumi.Context, args *LookupPolicyArgs, opts ...pulumi.InvokeOption) (*LookupPolicyResult, error)
This data source can be used to fetch information about a specific IAM policy.
## Example Usage ### By ARN
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{ Arn: pulumi.StringRef("arn:aws:iam::123456789012:policy/UsersManageOwnCredentials"), }, nil) if err != nil { return err } return nil }) }
``` ### By Name
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{ Name: pulumi.StringRef("test_policy"), }, nil) if err != nil { return err } return nil }) }
```
type LookupPolicyResultOutput ¶
type LookupPolicyResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getPolicy.
func LookupPolicyOutput ¶
func LookupPolicyOutput(ctx *pulumi.Context, args LookupPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupPolicyResultOutput
func (LookupPolicyResultOutput) Arn ¶
func (o LookupPolicyResultOutput) Arn() pulumi.StringOutput
ARN of the policy.
func (LookupPolicyResultOutput) Description ¶
func (o LookupPolicyResultOutput) Description() pulumi.StringOutput
Description of the policy.
func (LookupPolicyResultOutput) ElementType ¶
func (LookupPolicyResultOutput) ElementType() reflect.Type
func (LookupPolicyResultOutput) Id ¶
func (o LookupPolicyResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupPolicyResultOutput) Name ¶
func (o LookupPolicyResultOutput) Name() pulumi.StringOutput
func (LookupPolicyResultOutput) Path ¶
func (o LookupPolicyResultOutput) Path() pulumi.StringOutput
Path to the policy.
func (LookupPolicyResultOutput) PathPrefix ¶
func (o LookupPolicyResultOutput) PathPrefix() pulumi.StringPtrOutput
func (LookupPolicyResultOutput) Policy ¶
func (o LookupPolicyResultOutput) Policy() pulumi.StringOutput
Policy document of the policy.
func (LookupPolicyResultOutput) PolicyId ¶
func (o LookupPolicyResultOutput) PolicyId() pulumi.StringOutput
Policy's ID.
func (LookupPolicyResultOutput) Tags ¶
func (o LookupPolicyResultOutput) Tags() pulumi.StringMapOutput
Key-value mapping of tags for the IAM Policy.
func (LookupPolicyResultOutput) ToLookupPolicyResultOutput ¶
func (o LookupPolicyResultOutput) ToLookupPolicyResultOutput() LookupPolicyResultOutput
func (LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext ¶
func (o LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext(ctx context.Context) LookupPolicyResultOutput
type LookupPrincipalPolicySimulationArgs ¶
type LookupPrincipalPolicySimulationArgs struct { // A set of IAM action names to run simulations for. Each entry in this set adds an additional hypothetical request to the simulation. // // Action names consist of a service prefix and an action verb separated by a colon, such as `s3:GetObject`. Refer to [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to see the full set of possible IAM action names across all AWS services. ActionNames []string `pulumi:"actionNames"` // A set of additional principal policy documents to include in the simulation. The simulator will behave as if each of these policies were associated with the object specified in `policySourceArn`, allowing you to test the effect of hypothetical policies not yet created. AdditionalPoliciesJsons []string `pulumi:"additionalPoliciesJsons"` // The ARN of an user that will appear as the "caller" of the simulated requests. If you do not specify `callerArn` then the simulation will use the `policySourceArn` instead, if it contains a user ARN. CallerArn *string `pulumi:"callerArn"` // Each `context` block defines an entry in the table of additional context keys in the simulated request. // // IAM uses context keys for both custom conditions and for interpolating dynamic request-specific values into policy values. If you use policies that include those features then you will need to provide suitable example values for those keys to achieve a realistic simulation. Contexts []GetPrincipalPolicySimulationContext `pulumi:"contexts"` // A set of [permissions boundary policy documents](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) to include in the simulation. PermissionsBoundaryPoliciesJsons []string `pulumi:"permissionsBoundaryPoliciesJsons"` // The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM user, group, or role whose policies will be included in the simulation. // // You must closely match the form of the real service request you are simulating in order to achieve a realistic result. You can use the following additional arguments to specify other characteristics of the simulated requests: PolicySourceArn string `pulumi:"policySourceArn"` // A set of ARNs of resources to include in the simulation. // // This argument is important for actions that have either required or optional resource types listed in [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html), and you must provide ARNs that identify AWS objects of the appropriate types for the chosen actions. // // The policy simulator only automatically loads policies associated with the `policySourceArn`, so if your given resources have their own resource-level policy then you'll also need to provide that explicitly using the `resourcePolicyJson` argument to achieve a realistic simulation. ResourceArns []string `pulumi:"resourceArns"` // Specifies a special simulation type to run. Some EC2 actions require special simulation behaviors and a particular set of resource ARNs to achieve a realistic result. // // For more details, see the `ResourceHandlingOption` request parameter for [the underlying `iam:SimulatePrincipalPolicy` action](https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html). ResourceHandlingOption *string `pulumi:"resourceHandlingOption"` // An AWS account ID to use for any resource ARN in `resourceArns` that doesn't include its own AWS account ID. If unspecified, the simulator will use the account ID from the `callerArn` argument as a placeholder. ResourceOwnerAccountId *string `pulumi:"resourceOwnerAccountId"` // An IAM policy document representing the resource-level policy of all of the resources specified in `resourceArns`. // // The policy simulator cannot automatically load policies that are associated with individual resources, as described in the documentation for `resourceArns` above. ResourcePolicyJson *string `pulumi:"resourcePolicyJson"` }
A collection of arguments for invoking getPrincipalPolicySimulation.
type LookupPrincipalPolicySimulationOutputArgs ¶
type LookupPrincipalPolicySimulationOutputArgs struct { // A set of IAM action names to run simulations for. Each entry in this set adds an additional hypothetical request to the simulation. // // Action names consist of a service prefix and an action verb separated by a colon, such as `s3:GetObject`. Refer to [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to see the full set of possible IAM action names across all AWS services. ActionNames pulumi.StringArrayInput `pulumi:"actionNames"` // A set of additional principal policy documents to include in the simulation. The simulator will behave as if each of these policies were associated with the object specified in `policySourceArn`, allowing you to test the effect of hypothetical policies not yet created. AdditionalPoliciesJsons pulumi.StringArrayInput `pulumi:"additionalPoliciesJsons"` // The ARN of an user that will appear as the "caller" of the simulated requests. If you do not specify `callerArn` then the simulation will use the `policySourceArn` instead, if it contains a user ARN. CallerArn pulumi.StringPtrInput `pulumi:"callerArn"` // Each `context` block defines an entry in the table of additional context keys in the simulated request. // // IAM uses context keys for both custom conditions and for interpolating dynamic request-specific values into policy values. If you use policies that include those features then you will need to provide suitable example values for those keys to achieve a realistic simulation. Contexts GetPrincipalPolicySimulationContextArrayInput `pulumi:"contexts"` // A set of [permissions boundary policy documents](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) to include in the simulation. PermissionsBoundaryPoliciesJsons pulumi.StringArrayInput `pulumi:"permissionsBoundaryPoliciesJsons"` // The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM user, group, or role whose policies will be included in the simulation. // // You must closely match the form of the real service request you are simulating in order to achieve a realistic result. You can use the following additional arguments to specify other characteristics of the simulated requests: PolicySourceArn pulumi.StringInput `pulumi:"policySourceArn"` // A set of ARNs of resources to include in the simulation. // // This argument is important for actions that have either required or optional resource types listed in [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html), and you must provide ARNs that identify AWS objects of the appropriate types for the chosen actions. // // The policy simulator only automatically loads policies associated with the `policySourceArn`, so if your given resources have their own resource-level policy then you'll also need to provide that explicitly using the `resourcePolicyJson` argument to achieve a realistic simulation. ResourceArns pulumi.StringArrayInput `pulumi:"resourceArns"` // Specifies a special simulation type to run. Some EC2 actions require special simulation behaviors and a particular set of resource ARNs to achieve a realistic result. // // For more details, see the `ResourceHandlingOption` request parameter for [the underlying `iam:SimulatePrincipalPolicy` action](https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html). ResourceHandlingOption pulumi.StringPtrInput `pulumi:"resourceHandlingOption"` // An AWS account ID to use for any resource ARN in `resourceArns` that doesn't include its own AWS account ID. If unspecified, the simulator will use the account ID from the `callerArn` argument as a placeholder. ResourceOwnerAccountId pulumi.StringPtrInput `pulumi:"resourceOwnerAccountId"` // An IAM policy document representing the resource-level policy of all of the resources specified in `resourceArns`. // // The policy simulator cannot automatically load policies that are associated with individual resources, as described in the documentation for `resourceArns` above. ResourcePolicyJson pulumi.StringPtrInput `pulumi:"resourcePolicyJson"` }
A collection of arguments for invoking getPrincipalPolicySimulation.
func (LookupPrincipalPolicySimulationOutputArgs) ElementType ¶
func (LookupPrincipalPolicySimulationOutputArgs) ElementType() reflect.Type
type LookupPrincipalPolicySimulationResult ¶
type LookupPrincipalPolicySimulationResult struct { ActionNames []string `pulumi:"actionNames"` AdditionalPoliciesJsons []string `pulumi:"additionalPoliciesJsons"` // `true` if all of the simulation results have decision "allowed", or `false` otherwise. AllAllowed bool `pulumi:"allAllowed"` CallerArn *string `pulumi:"callerArn"` Contexts []GetPrincipalPolicySimulationContext `pulumi:"contexts"` Id string `pulumi:"id"` PermissionsBoundaryPoliciesJsons []string `pulumi:"permissionsBoundaryPoliciesJsons"` PolicySourceArn string `pulumi:"policySourceArn"` ResourceArns []string `pulumi:"resourceArns"` ResourceHandlingOption *string `pulumi:"resourceHandlingOption"` ResourceOwnerAccountId *string `pulumi:"resourceOwnerAccountId"` ResourcePolicyJson *string `pulumi:"resourcePolicyJson"` // A set of result objects, one for each of the simulated requests, with the following nested attributes: Results []GetPrincipalPolicySimulationResult `pulumi:"results"` }
A collection of values returned by getPrincipalPolicySimulation.
func LookupPrincipalPolicySimulation ¶
func LookupPrincipalPolicySimulation(ctx *pulumi.Context, args *LookupPrincipalPolicySimulationArgs, opts ...pulumi.InvokeOption) (*LookupPrincipalPolicySimulationResult, error)
Runs a simulation of the IAM policies of a particular principal against a given hypothetical request.
You can use this data source in conjunction with Preconditions and Postconditions so that your configuration can test either whether it should have sufficient access to do its own work, or whether policies your configuration declares itself are sufficient for their intended use elsewhere.
> **Note:** Correctly using this data source requires familiarity with various details of AWS Identity and Access Management, and how various AWS services integrate with it. For general information on the AWS IAM policy simulator, see [Testing IAM policies with the IAM policy simulator](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html). This data source wraps the `iam:SimulatePrincipalPolicy` API action described on that page.
## Example Usage
type LookupPrincipalPolicySimulationResultOutput ¶
type LookupPrincipalPolicySimulationResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getPrincipalPolicySimulation.
func LookupPrincipalPolicySimulationOutput ¶
func LookupPrincipalPolicySimulationOutput(ctx *pulumi.Context, args LookupPrincipalPolicySimulationOutputArgs, opts ...pulumi.InvokeOption) LookupPrincipalPolicySimulationResultOutput
func (LookupPrincipalPolicySimulationResultOutput) ActionNames ¶
func (o LookupPrincipalPolicySimulationResultOutput) ActionNames() pulumi.StringArrayOutput
func (LookupPrincipalPolicySimulationResultOutput) AdditionalPoliciesJsons ¶
func (o LookupPrincipalPolicySimulationResultOutput) AdditionalPoliciesJsons() pulumi.StringArrayOutput
func (LookupPrincipalPolicySimulationResultOutput) AllAllowed ¶
func (o LookupPrincipalPolicySimulationResultOutput) AllAllowed() pulumi.BoolOutput
`true` if all of the simulation results have decision "allowed", or `false` otherwise.
func (LookupPrincipalPolicySimulationResultOutput) CallerArn ¶
func (o LookupPrincipalPolicySimulationResultOutput) CallerArn() pulumi.StringPtrOutput
func (LookupPrincipalPolicySimulationResultOutput) ElementType ¶
func (LookupPrincipalPolicySimulationResultOutput) ElementType() reflect.Type
func (LookupPrincipalPolicySimulationResultOutput) Id ¶
func (o LookupPrincipalPolicySimulationResultOutput) Id() pulumi.StringOutput
func (LookupPrincipalPolicySimulationResultOutput) PermissionsBoundaryPoliciesJsons ¶
func (o LookupPrincipalPolicySimulationResultOutput) PermissionsBoundaryPoliciesJsons() pulumi.StringArrayOutput
func (LookupPrincipalPolicySimulationResultOutput) PolicySourceArn ¶
func (o LookupPrincipalPolicySimulationResultOutput) PolicySourceArn() pulumi.StringOutput
func (LookupPrincipalPolicySimulationResultOutput) ResourceArns ¶
func (o LookupPrincipalPolicySimulationResultOutput) ResourceArns() pulumi.StringArrayOutput
func (LookupPrincipalPolicySimulationResultOutput) ResourceHandlingOption ¶
func (o LookupPrincipalPolicySimulationResultOutput) ResourceHandlingOption() pulumi.StringPtrOutput
func (LookupPrincipalPolicySimulationResultOutput) ResourceOwnerAccountId ¶
func (o LookupPrincipalPolicySimulationResultOutput) ResourceOwnerAccountId() pulumi.StringPtrOutput
func (LookupPrincipalPolicySimulationResultOutput) ResourcePolicyJson ¶
func (o LookupPrincipalPolicySimulationResultOutput) ResourcePolicyJson() pulumi.StringPtrOutput
func (LookupPrincipalPolicySimulationResultOutput) Results ¶
func (o LookupPrincipalPolicySimulationResultOutput) Results() GetPrincipalPolicySimulationResultArrayOutput
A set of result objects, one for each of the simulated requests, with the following nested attributes:
func (LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutput ¶
func (o LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutput() LookupPrincipalPolicySimulationResultOutput
func (LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutputWithContext ¶
func (o LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) LookupPrincipalPolicySimulationResultOutput
type LookupRoleArgs ¶
type LookupRoleArgs struct { // Friendly IAM role name to match. Name string `pulumi:"name"` // Tags attached to the role. Tags map[string]string `pulumi:"tags"` }
A collection of arguments for invoking getRole.
type LookupRoleOutputArgs ¶
type LookupRoleOutputArgs struct { // Friendly IAM role name to match. Name pulumi.StringInput `pulumi:"name"` // Tags attached to the role. Tags pulumi.StringMapInput `pulumi:"tags"` }
A collection of arguments for invoking getRole.
func (LookupRoleOutputArgs) ElementType ¶
func (LookupRoleOutputArgs) ElementType() reflect.Type
type LookupRoleResult ¶
type LookupRoleResult struct { // ARN of the role. Arn string `pulumi:"arn"` // Policy document associated with the role. AssumeRolePolicy string `pulumi:"assumeRolePolicy"` // Creation date of the role in RFC 3339 format. CreateDate string `pulumi:"createDate"` // Description for the role. Description string `pulumi:"description"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Maximum session duration. MaxSessionDuration int `pulumi:"maxSessionDuration"` Name string `pulumi:"name"` // Path to the role. Path string `pulumi:"path"` // The ARN of the policy that is used to set the permissions boundary for the role. PermissionsBoundary string `pulumi:"permissionsBoundary"` // Contains information about the last time that an IAM role was used. See `roleLastUsed` for details. RoleLastUseds []GetRoleRoleLastUsed `pulumi:"roleLastUseds"` // Tags attached to the role. Tags map[string]string `pulumi:"tags"` // Stable and unique string identifying the role. UniqueId string `pulumi:"uniqueId"` }
A collection of values returned by getRole.
func LookupRole ¶
func LookupRole(ctx *pulumi.Context, args *LookupRoleArgs, opts ...pulumi.InvokeOption) (*LookupRoleResult, error)
This data source can be used to fetch information about a specific IAM role. By using this data source, you can reference IAM role properties without having to hard code ARNs as input.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupRole(ctx, &iam.LookupRoleArgs{ Name: "an_example_role_name", }, nil) if err != nil { return err } return nil }) }
```
type LookupRoleResultOutput ¶
type LookupRoleResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getRole.
func LookupRoleOutput ¶
func LookupRoleOutput(ctx *pulumi.Context, args LookupRoleOutputArgs, opts ...pulumi.InvokeOption) LookupRoleResultOutput
func (LookupRoleResultOutput) Arn ¶
func (o LookupRoleResultOutput) Arn() pulumi.StringOutput
ARN of the role.
func (LookupRoleResultOutput) AssumeRolePolicy ¶
func (o LookupRoleResultOutput) AssumeRolePolicy() pulumi.StringOutput
Policy document associated with the role.
func (LookupRoleResultOutput) CreateDate ¶
func (o LookupRoleResultOutput) CreateDate() pulumi.StringOutput
Creation date of the role in RFC 3339 format.
func (LookupRoleResultOutput) Description ¶
func (o LookupRoleResultOutput) Description() pulumi.StringOutput
Description for the role.
func (LookupRoleResultOutput) ElementType ¶
func (LookupRoleResultOutput) ElementType() reflect.Type
func (LookupRoleResultOutput) Id ¶
func (o LookupRoleResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupRoleResultOutput) MaxSessionDuration ¶
func (o LookupRoleResultOutput) MaxSessionDuration() pulumi.IntOutput
Maximum session duration.
func (LookupRoleResultOutput) Name ¶
func (o LookupRoleResultOutput) Name() pulumi.StringOutput
func (LookupRoleResultOutput) Path ¶
func (o LookupRoleResultOutput) Path() pulumi.StringOutput
Path to the role.
func (LookupRoleResultOutput) PermissionsBoundary ¶
func (o LookupRoleResultOutput) PermissionsBoundary() pulumi.StringOutput
The ARN of the policy that is used to set the permissions boundary for the role.
func (LookupRoleResultOutput) RoleLastUseds ¶
func (o LookupRoleResultOutput) RoleLastUseds() GetRoleRoleLastUsedArrayOutput
Contains information about the last time that an IAM role was used. See `roleLastUsed` for details.
func (LookupRoleResultOutput) Tags ¶
func (o LookupRoleResultOutput) Tags() pulumi.StringMapOutput
Tags attached to the role.
func (LookupRoleResultOutput) ToLookupRoleResultOutput ¶
func (o LookupRoleResultOutput) ToLookupRoleResultOutput() LookupRoleResultOutput
func (LookupRoleResultOutput) ToLookupRoleResultOutputWithContext ¶
func (o LookupRoleResultOutput) ToLookupRoleResultOutputWithContext(ctx context.Context) LookupRoleResultOutput
func (LookupRoleResultOutput) UniqueId ¶
func (o LookupRoleResultOutput) UniqueId() pulumi.StringOutput
Stable and unique string identifying the role.
type LookupSamlProviderArgs ¶
type LookupSamlProviderArgs struct { // ARN assigned by AWS for the provider. Arn string `pulumi:"arn"` // Tags attached to the SAML provider. Tags map[string]string `pulumi:"tags"` }
A collection of arguments for invoking getSamlProvider.
type LookupSamlProviderOutputArgs ¶
type LookupSamlProviderOutputArgs struct { // ARN assigned by AWS for the provider. Arn pulumi.StringInput `pulumi:"arn"` // Tags attached to the SAML provider. Tags pulumi.StringMapInput `pulumi:"tags"` }
A collection of arguments for invoking getSamlProvider.
func (LookupSamlProviderOutputArgs) ElementType ¶
func (LookupSamlProviderOutputArgs) ElementType() reflect.Type
type LookupSamlProviderResult ¶
type LookupSamlProviderResult struct { Arn string `pulumi:"arn"` // Creation date of the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`. CreateDate string `pulumi:"createDate"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Name of the provider. Name string `pulumi:"name"` // The XML document generated by an identity provider that supports SAML 2.0. SamlMetadataDocument string `pulumi:"samlMetadataDocument"` // Tags attached to the SAML provider. Tags map[string]string `pulumi:"tags"` // Expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2007 15:04:05 MST`. ValidUntil string `pulumi:"validUntil"` }
A collection of values returned by getSamlProvider.
func LookupSamlProvider ¶
func LookupSamlProvider(ctx *pulumi.Context, args *LookupSamlProviderArgs, opts ...pulumi.InvokeOption) (*LookupSamlProviderResult, error)
This data source can be used to fetch information about a specific IAM SAML provider. This will allow you to easily retrieve the metadata document of an existing SAML provider.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupSamlProvider(ctx, &iam.LookupSamlProviderArgs{ Arn: "arn:aws:iam::123456789:saml-provider/myprovider", }, nil) if err != nil { return err } return nil }) }
```
type LookupSamlProviderResultOutput ¶
type LookupSamlProviderResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getSamlProvider.
func LookupSamlProviderOutput ¶
func LookupSamlProviderOutput(ctx *pulumi.Context, args LookupSamlProviderOutputArgs, opts ...pulumi.InvokeOption) LookupSamlProviderResultOutput
func (LookupSamlProviderResultOutput) Arn ¶
func (o LookupSamlProviderResultOutput) Arn() pulumi.StringOutput
func (LookupSamlProviderResultOutput) CreateDate ¶
func (o LookupSamlProviderResultOutput) CreateDate() pulumi.StringOutput
Creation date of the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.
func (LookupSamlProviderResultOutput) ElementType ¶
func (LookupSamlProviderResultOutput) ElementType() reflect.Type
func (LookupSamlProviderResultOutput) Id ¶
func (o LookupSamlProviderResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupSamlProviderResultOutput) Name ¶
func (o LookupSamlProviderResultOutput) Name() pulumi.StringOutput
Name of the provider.
func (LookupSamlProviderResultOutput) SamlMetadataDocument ¶
func (o LookupSamlProviderResultOutput) SamlMetadataDocument() pulumi.StringOutput
The XML document generated by an identity provider that supports SAML 2.0.
func (LookupSamlProviderResultOutput) Tags ¶
func (o LookupSamlProviderResultOutput) Tags() pulumi.StringMapOutput
Tags attached to the SAML provider.
func (LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutput ¶
func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutput() LookupSamlProviderResultOutput
func (LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutputWithContext ¶
func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutputWithContext(ctx context.Context) LookupSamlProviderResultOutput
func (LookupSamlProviderResultOutput) ValidUntil ¶
func (o LookupSamlProviderResultOutput) ValidUntil() pulumi.StringOutput
Expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2007 15:04:05 MST`.
type LookupServerCertificateArgs ¶
type LookupServerCertificateArgs struct { // sort results by expiration date. returns the certificate with expiration date in furthest in the future. Latest *bool `pulumi:"latest"` // exact name of the cert to lookup Name *string `pulumi:"name"` // prefix of cert to filter by NamePrefix *string `pulumi:"namePrefix"` // prefix of path to filter by PathPrefix *string `pulumi:"pathPrefix"` }
A collection of arguments for invoking getServerCertificate.
type LookupServerCertificateOutputArgs ¶
type LookupServerCertificateOutputArgs struct { // sort results by expiration date. returns the certificate with expiration date in furthest in the future. Latest pulumi.BoolPtrInput `pulumi:"latest"` // exact name of the cert to lookup Name pulumi.StringPtrInput `pulumi:"name"` // prefix of cert to filter by NamePrefix pulumi.StringPtrInput `pulumi:"namePrefix"` // prefix of path to filter by PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"` }
A collection of arguments for invoking getServerCertificate.
func (LookupServerCertificateOutputArgs) ElementType ¶
func (LookupServerCertificateOutputArgs) ElementType() reflect.Type
type LookupServerCertificateResult ¶
type LookupServerCertificateResult struct { // is set to the ARN of the IAM Server Certificate Arn string `pulumi:"arn"` // is the public key certificate (PEM-encoded). This is useful when [configuring back-end instance authentication](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html) policy for load balancer CertificateBody string `pulumi:"certificateBody"` // is the public key certificate chain (PEM-encoded) if exists, empty otherwise CertificateChain string `pulumi:"certificateChain"` // is set to the expiration date of the IAM Server Certificate ExpirationDate string `pulumi:"expirationDate"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` Latest *bool `pulumi:"latest"` Name string `pulumi:"name"` NamePrefix *string `pulumi:"namePrefix"` // is set to the path of the IAM Server Certificate Path string `pulumi:"path"` PathPrefix *string `pulumi:"pathPrefix"` // is the date when the server certificate was uploaded UploadDate string `pulumi:"uploadDate"` }
A collection of values returned by getServerCertificate.
func LookupServerCertificate ¶
func LookupServerCertificate(ctx *pulumi.Context, args *LookupServerCertificateArgs, opts ...pulumi.InvokeOption) (*LookupServerCertificateResult, error)
Use this data source to lookup information about IAM Server Certificates.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { my_domain, err := iam.LookupServerCertificate(ctx, &iam.LookupServerCertificateArgs{ NamePrefix: pulumi.StringRef("my-domain.org"), Latest: pulumi.BoolRef(true), }, nil) if err != nil { return err } _, err = elb.NewLoadBalancer(ctx, "elb", &elb.LoadBalancerArgs{ Listeners: elb.LoadBalancerListenerArray{ &elb.LoadBalancerListenerArgs{ InstancePort: pulumi.Int(8000), InstanceProtocol: pulumi.String("https"), LbPort: pulumi.Int(443), LbProtocol: pulumi.String("https"), SslCertificateId: *pulumi.String(my_domain.Arn), }, }, }) if err != nil { return err } return nil }) }
```
type LookupServerCertificateResultOutput ¶
type LookupServerCertificateResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getServerCertificate.
func LookupServerCertificateOutput ¶
func LookupServerCertificateOutput(ctx *pulumi.Context, args LookupServerCertificateOutputArgs, opts ...pulumi.InvokeOption) LookupServerCertificateResultOutput
func (LookupServerCertificateResultOutput) Arn ¶
func (o LookupServerCertificateResultOutput) Arn() pulumi.StringOutput
is set to the ARN of the IAM Server Certificate
func (LookupServerCertificateResultOutput) CertificateBody ¶
func (o LookupServerCertificateResultOutput) CertificateBody() pulumi.StringOutput
is the public key certificate (PEM-encoded). This is useful when [configuring back-end instance authentication](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html) policy for load balancer
func (LookupServerCertificateResultOutput) CertificateChain ¶
func (o LookupServerCertificateResultOutput) CertificateChain() pulumi.StringOutput
is the public key certificate chain (PEM-encoded) if exists, empty otherwise
func (LookupServerCertificateResultOutput) ElementType ¶
func (LookupServerCertificateResultOutput) ElementType() reflect.Type
func (LookupServerCertificateResultOutput) ExpirationDate ¶
func (o LookupServerCertificateResultOutput) ExpirationDate() pulumi.StringOutput
is set to the expiration date of the IAM Server Certificate
func (LookupServerCertificateResultOutput) Id ¶
func (o LookupServerCertificateResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupServerCertificateResultOutput) Latest ¶
func (o LookupServerCertificateResultOutput) Latest() pulumi.BoolPtrOutput
func (LookupServerCertificateResultOutput) Name ¶
func (o LookupServerCertificateResultOutput) Name() pulumi.StringOutput
func (LookupServerCertificateResultOutput) NamePrefix ¶
func (o LookupServerCertificateResultOutput) NamePrefix() pulumi.StringPtrOutput
func (LookupServerCertificateResultOutput) Path ¶
func (o LookupServerCertificateResultOutput) Path() pulumi.StringOutput
is set to the path of the IAM Server Certificate
func (LookupServerCertificateResultOutput) PathPrefix ¶
func (o LookupServerCertificateResultOutput) PathPrefix() pulumi.StringPtrOutput
func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput ¶
func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput() LookupServerCertificateResultOutput
func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext ¶
func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext(ctx context.Context) LookupServerCertificateResultOutput
func (LookupServerCertificateResultOutput) UploadDate ¶
func (o LookupServerCertificateResultOutput) UploadDate() pulumi.StringOutput
is the date when the server certificate was uploaded
type LookupUserArgs ¶
type LookupUserArgs struct { // Map of key-value pairs associated with the user. Tags map[string]string `pulumi:"tags"` // Friendly IAM user name to match. UserName string `pulumi:"userName"` }
A collection of arguments for invoking getUser.
type LookupUserOutputArgs ¶
type LookupUserOutputArgs struct { // Map of key-value pairs associated with the user. Tags pulumi.StringMapInput `pulumi:"tags"` // Friendly IAM user name to match. UserName pulumi.StringInput `pulumi:"userName"` }
A collection of arguments for invoking getUser.
func (LookupUserOutputArgs) ElementType ¶
func (LookupUserOutputArgs) ElementType() reflect.Type
type LookupUserResult ¶
type LookupUserResult struct { // ARN assigned by AWS for this user. Arn string `pulumi:"arn"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` // Path in which this user was created. Path string `pulumi:"path"` // The ARN of the policy that is used to set the permissions boundary for the user. PermissionsBoundary string `pulumi:"permissionsBoundary"` // Map of key-value pairs associated with the user. Tags map[string]string `pulumi:"tags"` // Unique ID assigned by AWS for this user. UserId string `pulumi:"userId"` // Name associated to this User UserName string `pulumi:"userName"` }
A collection of values returned by getUser.
func LookupUser ¶
func LookupUser(ctx *pulumi.Context, args *LookupUserArgs, opts ...pulumi.InvokeOption) (*LookupUserResult, error)
This data source can be used to fetch information about a specific IAM user. By using this data source, you can reference IAM user properties without having to hard code ARNs or unique IDs as input.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.LookupUser(ctx, &iam.LookupUserArgs{ UserName: "an_example_user_name", }, nil) if err != nil { return err } return nil }) }
```
type LookupUserResultOutput ¶
type LookupUserResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getUser.
func LookupUserOutput ¶
func LookupUserOutput(ctx *pulumi.Context, args LookupUserOutputArgs, opts ...pulumi.InvokeOption) LookupUserResultOutput
func (LookupUserResultOutput) Arn ¶
func (o LookupUserResultOutput) Arn() pulumi.StringOutput
ARN assigned by AWS for this user.
func (LookupUserResultOutput) ElementType ¶
func (LookupUserResultOutput) ElementType() reflect.Type
func (LookupUserResultOutput) Id ¶
func (o LookupUserResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupUserResultOutput) Path ¶
func (o LookupUserResultOutput) Path() pulumi.StringOutput
Path in which this user was created.
func (LookupUserResultOutput) PermissionsBoundary ¶
func (o LookupUserResultOutput) PermissionsBoundary() pulumi.StringOutput
The ARN of the policy that is used to set the permissions boundary for the user.
func (LookupUserResultOutput) Tags ¶
func (o LookupUserResultOutput) Tags() pulumi.StringMapOutput
Map of key-value pairs associated with the user.
func (LookupUserResultOutput) ToLookupUserResultOutput ¶
func (o LookupUserResultOutput) ToLookupUserResultOutput() LookupUserResultOutput
func (LookupUserResultOutput) ToLookupUserResultOutputWithContext ¶
func (o LookupUserResultOutput) ToLookupUserResultOutputWithContext(ctx context.Context) LookupUserResultOutput
func (LookupUserResultOutput) UserId ¶
func (o LookupUserResultOutput) UserId() pulumi.StringOutput
Unique ID assigned by AWS for this user.
func (LookupUserResultOutput) UserName ¶
func (o LookupUserResultOutput) UserName() pulumi.StringOutput
Name associated to this User
type ManagedPolicy ¶
type ManagedPolicy string
func (ManagedPolicy) ElementType ¶
func (ManagedPolicy) ElementType() reflect.Type
func (ManagedPolicy) ToManagedPolicyOutput ¶
func (e ManagedPolicy) ToManagedPolicyOutput() ManagedPolicyOutput
func (ManagedPolicy) ToManagedPolicyOutputWithContext ¶
func (e ManagedPolicy) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput
func (ManagedPolicy) ToManagedPolicyPtrOutput ¶
func (e ManagedPolicy) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
func (ManagedPolicy) ToManagedPolicyPtrOutputWithContext ¶
func (e ManagedPolicy) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput
func (ManagedPolicy) ToStringOutput ¶
func (e ManagedPolicy) ToStringOutput() pulumi.StringOutput
func (ManagedPolicy) ToStringOutputWithContext ¶
func (e ManagedPolicy) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput
func (ManagedPolicy) ToStringPtrOutput ¶
func (e ManagedPolicy) ToStringPtrOutput() pulumi.StringPtrOutput
func (ManagedPolicy) ToStringPtrOutputWithContext ¶
func (e ManagedPolicy) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput
type ManagedPolicyInput ¶
type ManagedPolicyInput interface { pulumi.Input ToManagedPolicyOutput() ManagedPolicyOutput ToManagedPolicyOutputWithContext(context.Context) ManagedPolicyOutput }
ManagedPolicyInput is an input type that accepts ManagedPolicyArgs and ManagedPolicyOutput values. You can construct a concrete instance of `ManagedPolicyInput` via:
ManagedPolicyArgs{...}
type ManagedPolicyOutput ¶
type ManagedPolicyOutput struct{ *pulumi.OutputState }
func (ManagedPolicyOutput) ElementType ¶
func (ManagedPolicyOutput) ElementType() reflect.Type
func (ManagedPolicyOutput) ToManagedPolicyOutput ¶
func (o ManagedPolicyOutput) ToManagedPolicyOutput() ManagedPolicyOutput
func (ManagedPolicyOutput) ToManagedPolicyOutputWithContext ¶
func (o ManagedPolicyOutput) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput
func (ManagedPolicyOutput) ToManagedPolicyPtrOutput ¶
func (o ManagedPolicyOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
func (ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext ¶
func (o ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput
func (ManagedPolicyOutput) ToStringOutput ¶
func (o ManagedPolicyOutput) ToStringOutput() pulumi.StringOutput
func (ManagedPolicyOutput) ToStringOutputWithContext ¶
func (o ManagedPolicyOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput
func (ManagedPolicyOutput) ToStringPtrOutput ¶
func (o ManagedPolicyOutput) ToStringPtrOutput() pulumi.StringPtrOutput
func (ManagedPolicyOutput) ToStringPtrOutputWithContext ¶
func (o ManagedPolicyOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput
type ManagedPolicyPtrInput ¶
type ManagedPolicyPtrInput interface { pulumi.Input ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput ToManagedPolicyPtrOutputWithContext(context.Context) ManagedPolicyPtrOutput }
func ManagedPolicyPtr ¶
func ManagedPolicyPtr(v string) ManagedPolicyPtrInput
type ManagedPolicyPtrOutput ¶
type ManagedPolicyPtrOutput struct{ *pulumi.OutputState }
func (ManagedPolicyPtrOutput) Elem ¶
func (o ManagedPolicyPtrOutput) Elem() ManagedPolicyOutput
func (ManagedPolicyPtrOutput) ElementType ¶
func (ManagedPolicyPtrOutput) ElementType() reflect.Type
func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput ¶
func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext ¶
func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput
func (ManagedPolicyPtrOutput) ToStringPtrOutput ¶
func (o ManagedPolicyPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput
func (ManagedPolicyPtrOutput) ToStringPtrOutputWithContext ¶
func (o ManagedPolicyPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput
type OpenIdConnectProvider ¶
type OpenIdConnectProvider struct { pulumi.CustomResourceState // The ARN assigned by AWS for this provider. Arn pulumi.StringOutput `pulumi:"arn"` // A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.) ClientIdLists pulumi.StringArrayOutput `pulumi:"clientIdLists"` // Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s). ThumbprintLists pulumi.StringArrayOutput `pulumi:"thumbprintLists"` // The URL of the identity provider. Corresponds to the _iss_ claim. Url pulumi.StringOutput `pulumi:"url"` }
Provides an IAM OpenID Connect provider.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewOpenIdConnectProvider(ctx, "default", &iam.OpenIdConnectProviderArgs{ ClientIdLists: pulumi.StringArray{ pulumi.String("266362248691-342342xasdasdasda-apps.googleusercontent.com"), }, ThumbprintLists: pulumi.StringArray{ pulumi.String("cf23df2207d99a74fbe169e3eba035e633b65d94"), }, Url: pulumi.String("https://accounts.google.com"), }) if err != nil { return err } return nil }) }
```
## Import
IAM OpenID Connect Providers can be imported using the `arn`, e.g.,
```sh
$ pulumi import aws:iam/openIdConnectProvider:OpenIdConnectProvider default arn:aws:iam::123456789012:oidc-provider/accounts.google.com
```
func GetOpenIdConnectProvider ¶
func GetOpenIdConnectProvider(ctx *pulumi.Context, name string, id pulumi.IDInput, state *OpenIdConnectProviderState, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)
GetOpenIdConnectProvider gets an existing OpenIdConnectProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewOpenIdConnectProvider ¶
func NewOpenIdConnectProvider(ctx *pulumi.Context, name string, args *OpenIdConnectProviderArgs, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)
NewOpenIdConnectProvider registers a new resource with the given unique name, arguments, and options.
func (*OpenIdConnectProvider) ElementType ¶
func (*OpenIdConnectProvider) ElementType() reflect.Type
func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutput ¶
func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput
func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext ¶
func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput
type OpenIdConnectProviderArgs ¶
type OpenIdConnectProviderArgs struct { // A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.) ClientIdLists pulumi.StringArrayInput // Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s). ThumbprintLists pulumi.StringArrayInput // The URL of the identity provider. Corresponds to the _iss_ claim. Url pulumi.StringInput }
The set of arguments for constructing a OpenIdConnectProvider resource.
func (OpenIdConnectProviderArgs) ElementType ¶
func (OpenIdConnectProviderArgs) ElementType() reflect.Type
type OpenIdConnectProviderArray ¶
type OpenIdConnectProviderArray []OpenIdConnectProviderInput
func (OpenIdConnectProviderArray) ElementType ¶
func (OpenIdConnectProviderArray) ElementType() reflect.Type
func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput ¶
func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput
func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext ¶
func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput
type OpenIdConnectProviderArrayInput ¶
type OpenIdConnectProviderArrayInput interface { pulumi.Input ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput ToOpenIdConnectProviderArrayOutputWithContext(context.Context) OpenIdConnectProviderArrayOutput }
OpenIdConnectProviderArrayInput is an input type that accepts OpenIdConnectProviderArray and OpenIdConnectProviderArrayOutput values. You can construct a concrete instance of `OpenIdConnectProviderArrayInput` via:
OpenIdConnectProviderArray{ OpenIdConnectProviderArgs{...} }
type OpenIdConnectProviderArrayOutput ¶
type OpenIdConnectProviderArrayOutput struct{ *pulumi.OutputState }
func (OpenIdConnectProviderArrayOutput) ElementType ¶
func (OpenIdConnectProviderArrayOutput) ElementType() reflect.Type
func (OpenIdConnectProviderArrayOutput) Index ¶
func (o OpenIdConnectProviderArrayOutput) Index(i pulumi.IntInput) OpenIdConnectProviderOutput
func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput ¶
func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput
func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext ¶
func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput
type OpenIdConnectProviderInput ¶
type OpenIdConnectProviderInput interface { pulumi.Input ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput }
type OpenIdConnectProviderMap ¶
type OpenIdConnectProviderMap map[string]OpenIdConnectProviderInput
func (OpenIdConnectProviderMap) ElementType ¶
func (OpenIdConnectProviderMap) ElementType() reflect.Type
func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput ¶
func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput
func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext ¶
func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput
type OpenIdConnectProviderMapInput ¶
type OpenIdConnectProviderMapInput interface { pulumi.Input ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput ToOpenIdConnectProviderMapOutputWithContext(context.Context) OpenIdConnectProviderMapOutput }
OpenIdConnectProviderMapInput is an input type that accepts OpenIdConnectProviderMap and OpenIdConnectProviderMapOutput values. You can construct a concrete instance of `OpenIdConnectProviderMapInput` via:
OpenIdConnectProviderMap{ "key": OpenIdConnectProviderArgs{...} }
type OpenIdConnectProviderMapOutput ¶
type OpenIdConnectProviderMapOutput struct{ *pulumi.OutputState }
func (OpenIdConnectProviderMapOutput) ElementType ¶
func (OpenIdConnectProviderMapOutput) ElementType() reflect.Type
func (OpenIdConnectProviderMapOutput) MapIndex ¶
func (o OpenIdConnectProviderMapOutput) MapIndex(k pulumi.StringInput) OpenIdConnectProviderOutput
func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput ¶
func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput
func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext ¶
func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput
type OpenIdConnectProviderOutput ¶
type OpenIdConnectProviderOutput struct{ *pulumi.OutputState }
func (OpenIdConnectProviderOutput) Arn ¶
func (o OpenIdConnectProviderOutput) Arn() pulumi.StringOutput
The ARN assigned by AWS for this provider.
func (OpenIdConnectProviderOutput) ClientIdLists ¶
func (o OpenIdConnectProviderOutput) ClientIdLists() pulumi.StringArrayOutput
A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
func (OpenIdConnectProviderOutput) ElementType ¶
func (OpenIdConnectProviderOutput) ElementType() reflect.Type
func (OpenIdConnectProviderOutput) Tags ¶
func (o OpenIdConnectProviderOutput) Tags() pulumi.StringMapOutput
Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (OpenIdConnectProviderOutput) TagsAll ¶
func (o OpenIdConnectProviderOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (OpenIdConnectProviderOutput) ThumbprintLists ¶
func (o OpenIdConnectProviderOutput) ThumbprintLists() pulumi.StringArrayOutput
A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput ¶
func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput
func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext ¶
func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput
func (OpenIdConnectProviderOutput) Url ¶
func (o OpenIdConnectProviderOutput) Url() pulumi.StringOutput
The URL of the identity provider. Corresponds to the _iss_ claim.
type OpenIdConnectProviderState ¶
type OpenIdConnectProviderState struct { // The ARN assigned by AWS for this provider. Arn pulumi.StringPtrInput // A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.) ClientIdLists pulumi.StringArrayInput // Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s). ThumbprintLists pulumi.StringArrayInput // The URL of the identity provider. Corresponds to the _iss_ claim. Url pulumi.StringPtrInput }
func (OpenIdConnectProviderState) ElementType ¶
func (OpenIdConnectProviderState) ElementType() reflect.Type
type Policy ¶
type Policy struct { pulumi.CustomResourceState // The ARN assigned by AWS to this policy. Arn pulumi.StringOutput `pulumi:"arn"` // Description of the IAM policy. Description pulumi.StringPtrOutput `pulumi:"description"` // The name of the policy. If omitted, the provider will assign a random, unique name. Name pulumi.StringOutput `pulumi:"name"` // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringOutput `pulumi:"namePrefix"` // Path in which to create the policy. // See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Path pulumi.StringPtrOutput `pulumi:"path"` // The policy document. This is a JSON formatted string. Policy pulumi.StringOutput `pulumi:"policy"` // The policy's ID. PolicyId pulumi.StringOutput `pulumi:"policyId"` // Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` }
Provides an IAM policy.
## Example Usage
```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { tmpJSON0, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": []string{ "ec2:Describe*", }, "Effect": "Allow", "Resource": "*", }, }, }) if err != nil { return err } json0 := string(tmpJSON0) _, err = iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{ Path: pulumi.String("/"), Description: pulumi.String("My test policy"), Policy: pulumi.String(json0), }) if err != nil { return err } return nil }) }
```
## Import
IAM Policies can be imported using the `arn`, e.g.,
```sh
$ pulumi import aws:iam/policy:Policy administrator arn:aws:iam::123456789012:policy/UsersManageOwnCredentials
```
func GetPolicy ¶
func GetPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)
GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewPolicy ¶
func NewPolicy(ctx *pulumi.Context, name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)
NewPolicy registers a new resource with the given unique name, arguments, and options.
func (*Policy) ElementType ¶
func (*Policy) ToPolicyOutput ¶
func (i *Policy) ToPolicyOutput() PolicyOutput
func (*Policy) ToPolicyOutputWithContext ¶
func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
type PolicyArgs ¶
type PolicyArgs struct { // Description of the IAM policy. Description pulumi.StringPtrInput // The name of the policy. If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // Path in which to create the policy. // See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Path pulumi.StringPtrInput // The policy document. This is a JSON formatted string. Policy pulumi.Input // Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput }
The set of arguments for constructing a Policy resource.
func (PolicyArgs) ElementType ¶
func (PolicyArgs) ElementType() reflect.Type
type PolicyArray ¶
type PolicyArray []PolicyInput
func (PolicyArray) ElementType ¶
func (PolicyArray) ElementType() reflect.Type
func (PolicyArray) ToPolicyArrayOutput ¶
func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput
func (PolicyArray) ToPolicyArrayOutputWithContext ¶
func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput
type PolicyArrayInput ¶
type PolicyArrayInput interface { pulumi.Input ToPolicyArrayOutput() PolicyArrayOutput ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput }
PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via:
PolicyArray{ PolicyArgs{...} }
type PolicyArrayOutput ¶
type PolicyArrayOutput struct{ *pulumi.OutputState }
func (PolicyArrayOutput) ElementType ¶
func (PolicyArrayOutput) ElementType() reflect.Type
func (PolicyArrayOutput) Index ¶
func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput
func (PolicyArrayOutput) ToPolicyArrayOutput ¶
func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput
func (PolicyArrayOutput) ToPolicyArrayOutputWithContext ¶
func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput
type PolicyAttachment ¶
type PolicyAttachment struct { pulumi.CustomResourceState // The group(s) the policy should be applied to Groups pulumi.StringArrayOutput `pulumi:"groups"` // The name of the attachment. This cannot be an empty string. Name pulumi.StringOutput `pulumi:"name"` // The ARN of the policy you want to apply PolicyArn pulumi.StringOutput `pulumi:"policyArn"` // The role(s) the policy should be applied to Roles pulumi.StringArrayOutput `pulumi:"roles"` // The user(s) the policy should be applied to Users pulumi.StringArrayOutput `pulumi:"users"` }
Attaches a Managed IAM Policy to user(s), role(s), and/or group(s)
!> **WARNING:** The iam.PolicyAttachment resource creates **exclusive** attachments of IAM policies. Across the entire AWS account, all of the users/roles/groups to which a single policy is attached must be declared by a single iam.PolicyAttachment resource. This means that even any users/roles/groups that have the attached policy via any other mechanism (including other resources managed by this provider) will have that attached policy revoked by this resource. Consider `iam.RolePolicyAttachment`, `iam.UserPolicyAttachment`, or `iam.GroupPolicyAttachment` instead. These resources do not enforce exclusive attachment of an IAM policy.
> **NOTE:** The usage of this resource conflicts with the `iam.GroupPolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.UserPolicyAttachment` resources and will permanently show a difference if both are defined.
> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { user, err := iam.NewUser(ctx, "user", nil) if err != nil { return err } assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "Service", Identifiers: []string{ "ec2.amazonaws.com", }, }, }, Actions: []string{ "sts:AssumeRole", }, }, }, }, nil) if err != nil { return err } role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{ AssumeRolePolicy: *pulumi.String(assumeRole.Json), }) if err != nil { return err } group, err := iam.NewGroup(ctx, "group", nil) if err != nil { return err } policyPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Actions: []string{ "ec2:Describe*", }, Resources: []string{ "*", }, }, }, }, nil) if err != nil { return err } policyPolicy, err := iam.NewPolicy(ctx, "policyPolicy", &iam.PolicyArgs{ Description: pulumi.String("A test policy"), Policy: *pulumi.String(policyPolicyDocument.Json), }) if err != nil { return err } _, err = iam.NewPolicyAttachment(ctx, "test-attach", &iam.PolicyAttachmentArgs{ Users: pulumi.AnyArray{ user.Name, }, Roles: pulumi.AnyArray{ role.Name, }, Groups: pulumi.AnyArray{ group.Name, }, PolicyArn: policyPolicy.Arn, }) if err != nil { return err } return nil }) }
```
func GetPolicyAttachment ¶
func GetPolicyAttachment(ctx *pulumi.Context, name string, id pulumi.IDInput, state *PolicyAttachmentState, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)
GetPolicyAttachment gets an existing PolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewPolicyAttachment ¶
func NewPolicyAttachment(ctx *pulumi.Context, name string, args *PolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)
NewPolicyAttachment registers a new resource with the given unique name, arguments, and options.
func (*PolicyAttachment) ElementType ¶
func (*PolicyAttachment) ElementType() reflect.Type
func (*PolicyAttachment) ToPolicyAttachmentOutput ¶
func (i *PolicyAttachment) ToPolicyAttachmentOutput() PolicyAttachmentOutput
func (*PolicyAttachment) ToPolicyAttachmentOutputWithContext ¶
func (i *PolicyAttachment) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput
type PolicyAttachmentArgs ¶
type PolicyAttachmentArgs struct { // The group(s) the policy should be applied to Groups pulumi.ArrayInput // The name of the attachment. This cannot be an empty string. Name pulumi.StringPtrInput // The ARN of the policy you want to apply PolicyArn pulumi.StringInput // The role(s) the policy should be applied to Roles pulumi.ArrayInput // The user(s) the policy should be applied to Users pulumi.ArrayInput }
The set of arguments for constructing a PolicyAttachment resource.
func (PolicyAttachmentArgs) ElementType ¶
func (PolicyAttachmentArgs) ElementType() reflect.Type
type PolicyAttachmentArray ¶
type PolicyAttachmentArray []PolicyAttachmentInput
func (PolicyAttachmentArray) ElementType ¶
func (PolicyAttachmentArray) ElementType() reflect.Type
func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutput ¶
func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput
func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext ¶
func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput
type PolicyAttachmentArrayInput ¶
type PolicyAttachmentArrayInput interface { pulumi.Input ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput ToPolicyAttachmentArrayOutputWithContext(context.Context) PolicyAttachmentArrayOutput }
PolicyAttachmentArrayInput is an input type that accepts PolicyAttachmentArray and PolicyAttachmentArrayOutput values. You can construct a concrete instance of `PolicyAttachmentArrayInput` via:
PolicyAttachmentArray{ PolicyAttachmentArgs{...} }
type PolicyAttachmentArrayOutput ¶
type PolicyAttachmentArrayOutput struct{ *pulumi.OutputState }
func (PolicyAttachmentArrayOutput) ElementType ¶
func (PolicyAttachmentArrayOutput) ElementType() reflect.Type
func (PolicyAttachmentArrayOutput) Index ¶
func (o PolicyAttachmentArrayOutput) Index(i pulumi.IntInput) PolicyAttachmentOutput
func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput ¶
func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput
func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext ¶
func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput
type PolicyAttachmentInput ¶
type PolicyAttachmentInput interface { pulumi.Input ToPolicyAttachmentOutput() PolicyAttachmentOutput ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput }
type PolicyAttachmentMap ¶
type PolicyAttachmentMap map[string]PolicyAttachmentInput
func (PolicyAttachmentMap) ElementType ¶
func (PolicyAttachmentMap) ElementType() reflect.Type
func (PolicyAttachmentMap) ToPolicyAttachmentMapOutput ¶
func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput
func (PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext ¶
func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput
type PolicyAttachmentMapInput ¶
type PolicyAttachmentMapInput interface { pulumi.Input ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput ToPolicyAttachmentMapOutputWithContext(context.Context) PolicyAttachmentMapOutput }
PolicyAttachmentMapInput is an input type that accepts PolicyAttachmentMap and PolicyAttachmentMapOutput values. You can construct a concrete instance of `PolicyAttachmentMapInput` via:
PolicyAttachmentMap{ "key": PolicyAttachmentArgs{...} }
type PolicyAttachmentMapOutput ¶
type PolicyAttachmentMapOutput struct{ *pulumi.OutputState }
func (PolicyAttachmentMapOutput) ElementType ¶
func (PolicyAttachmentMapOutput) ElementType() reflect.Type
func (PolicyAttachmentMapOutput) MapIndex ¶
func (o PolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) PolicyAttachmentOutput
func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput ¶
func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput
func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext ¶
func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput
type PolicyAttachmentOutput ¶
type PolicyAttachmentOutput struct{ *pulumi.OutputState }
func (PolicyAttachmentOutput) ElementType ¶
func (PolicyAttachmentOutput) ElementType() reflect.Type
func (PolicyAttachmentOutput) Groups ¶
func (o PolicyAttachmentOutput) Groups() pulumi.StringArrayOutput
The group(s) the policy should be applied to
func (PolicyAttachmentOutput) Name ¶
func (o PolicyAttachmentOutput) Name() pulumi.StringOutput
The name of the attachment. This cannot be an empty string.
func (PolicyAttachmentOutput) PolicyArn ¶
func (o PolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
The ARN of the policy you want to apply
func (PolicyAttachmentOutput) Roles ¶
func (o PolicyAttachmentOutput) Roles() pulumi.StringArrayOutput
The role(s) the policy should be applied to
func (PolicyAttachmentOutput) ToPolicyAttachmentOutput ¶
func (o PolicyAttachmentOutput) ToPolicyAttachmentOutput() PolicyAttachmentOutput
func (PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext ¶
func (o PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput
func (PolicyAttachmentOutput) Users ¶
func (o PolicyAttachmentOutput) Users() pulumi.StringArrayOutput
The user(s) the policy should be applied to
type PolicyAttachmentState ¶
type PolicyAttachmentState struct { // The group(s) the policy should be applied to Groups pulumi.ArrayInput // The name of the attachment. This cannot be an empty string. Name pulumi.StringPtrInput // The ARN of the policy you want to apply PolicyArn pulumi.StringPtrInput // The role(s) the policy should be applied to Roles pulumi.ArrayInput // The user(s) the policy should be applied to Users pulumi.ArrayInput }
func (PolicyAttachmentState) ElementType ¶
func (PolicyAttachmentState) ElementType() reflect.Type
type PolicyInput ¶
type PolicyInput interface { pulumi.Input ToPolicyOutput() PolicyOutput ToPolicyOutputWithContext(ctx context.Context) PolicyOutput }
type PolicyMap ¶
type PolicyMap map[string]PolicyInput
func (PolicyMap) ElementType ¶
func (PolicyMap) ToPolicyMapOutput ¶
func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput
func (PolicyMap) ToPolicyMapOutputWithContext ¶
func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput
type PolicyMapInput ¶
type PolicyMapInput interface { pulumi.Input ToPolicyMapOutput() PolicyMapOutput ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput }
PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via:
PolicyMap{ "key": PolicyArgs{...} }
type PolicyMapOutput ¶
type PolicyMapOutput struct{ *pulumi.OutputState }
func (PolicyMapOutput) ElementType ¶
func (PolicyMapOutput) ElementType() reflect.Type
func (PolicyMapOutput) MapIndex ¶
func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput
func (PolicyMapOutput) ToPolicyMapOutput ¶
func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput
func (PolicyMapOutput) ToPolicyMapOutputWithContext ¶
func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput
type PolicyOutput ¶
type PolicyOutput struct{ *pulumi.OutputState }
func (PolicyOutput) Arn ¶
func (o PolicyOutput) Arn() pulumi.StringOutput
The ARN assigned by AWS to this policy.
func (PolicyOutput) Description ¶
func (o PolicyOutput) Description() pulumi.StringPtrOutput
Description of the IAM policy.
func (PolicyOutput) ElementType ¶
func (PolicyOutput) ElementType() reflect.Type
func (PolicyOutput) Name ¶
func (o PolicyOutput) Name() pulumi.StringOutput
The name of the policy. If omitted, the provider will assign a random, unique name.
func (PolicyOutput) NamePrefix ¶
func (o PolicyOutput) NamePrefix() pulumi.StringOutput
Creates a unique name beginning with the specified prefix. Conflicts with `name`.
func (PolicyOutput) Path ¶
func (o PolicyOutput) Path() pulumi.StringPtrOutput
Path in which to create the policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
func (PolicyOutput) Policy ¶
func (o PolicyOutput) Policy() pulumi.StringOutput
The policy document. This is a JSON formatted string.
func (PolicyOutput) PolicyId ¶
func (o PolicyOutput) PolicyId() pulumi.StringOutput
The policy's ID.
func (PolicyOutput) Tags ¶
func (o PolicyOutput) Tags() pulumi.StringMapOutput
Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (PolicyOutput) TagsAll ¶
func (o PolicyOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (PolicyOutput) ToPolicyOutput ¶
func (o PolicyOutput) ToPolicyOutput() PolicyOutput
func (PolicyOutput) ToPolicyOutputWithContext ¶
func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
type PolicyState ¶
type PolicyState struct { // The ARN assigned by AWS to this policy. Arn pulumi.StringPtrInput // Description of the IAM policy. Description pulumi.StringPtrInput // The name of the policy. If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // Path in which to create the policy. // See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Path pulumi.StringPtrInput // The policy document. This is a JSON formatted string. Policy pulumi.Input // The policy's ID. PolicyId pulumi.StringPtrInput // Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput }
func (PolicyState) ElementType ¶
func (PolicyState) ElementType() reflect.Type
type Role ¶
type Role struct { pulumi.CustomResourceState // Amazon Resource Name (ARN) specifying the role. Arn pulumi.StringOutput `pulumi:"arn"` // Policy that grants an entity permission to assume the role. // // > **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource. However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works. // // The following arguments are optional: AssumeRolePolicy pulumi.StringOutput `pulumi:"assumeRolePolicy"` // Creation date of the IAM role. CreateDate pulumi.StringOutput `pulumi:"createDate"` // Description of the role. Description pulumi.StringPtrOutput `pulumi:"description"` // Whether to force detaching any policies the role has before destroying it. Defaults to `false`. ForceDetachPolicies pulumi.BoolPtrOutput `pulumi:"forceDetachPolicies"` // Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`. InlinePolicies RoleInlinePolicyArrayOutput `pulumi:"inlinePolicies"` ManagedPolicyArns pulumi.StringArrayOutput `pulumi:"managedPolicyArns"` // Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours. MaxSessionDuration pulumi.IntPtrOutput `pulumi:"maxSessionDuration"` // Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Name pulumi.StringOutput `pulumi:"name"` // Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringOutput `pulumi:"namePrefix"` // Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Path pulumi.StringPtrOutput `pulumi:"path"` // ARN of the policy that is used to set the permissions boundary for the role. PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"` // Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // Stable and unique string identifying the role. UniqueId pulumi.StringOutput `pulumi:"uniqueId"` }
Provides an IAM role.
> **NOTE:** If policies are attached to the role via the `iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `forceDetachPolicies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.RolePolicyAttachment` resource (recommended) does not have this requirement.
> **NOTE:** If you use this resource's `managedPolicyArns` argument or `inlinePolicy` configuration blocks, this resource will take over exclusive management of the role's respective policy types (e.g., both policy types if both arguments are used). These arguments are incompatible with other ways of managing a role's policies, such as `iam.PolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.RolePolicy`. If you attempt to manage a role's policies by multiple means, you will get resource cycling and/or errors.
## Example Usage ### Basic Example
```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { tmpJSON0, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": "sts:AssumeRole", "Effect": "Allow", "Sid": "", "Principal": map[string]interface{}{ "Service": "ec2.amazonaws.com", }, }, }, }) if err != nil { return err } json0 := string(tmpJSON0) _, err = iam.NewRole(ctx, "testRole", &iam.RoleArgs{ AssumeRolePolicy: pulumi.String(json0), Tags: pulumi.StringMap{ "tag-key": pulumi.String("tag-value"), }, }) if err != nil { return err } return nil }) }
``` ### Example of Using Data Source for Assume Role Policy
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { instanceAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "sts:AssumeRole", }, Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "Service", Identifiers: []string{ "ec2.amazonaws.com", }, }, }, }, }, }, nil) if err != nil { return err } _, err = iam.NewRole(ctx, "instance", &iam.RoleArgs{ Path: pulumi.String("/system/"), AssumeRolePolicy: *pulumi.String(instanceAssumeRolePolicy.Json), }) if err != nil { return err } return nil }) }
``` ### Example of Exclusive Inline Policies
This example creates an IAM role with two inline IAM policies. If someone adds another inline policy out-of-band, on the next apply, this provider will remove that policy. If someone deletes these policies out-of-band, this provider will recreate them.
```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { inlinePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "ec2:DescribeAccountAttributes", }, Resources: []string{ "*", }, }, }, }, nil) if err != nil { return err } tmpJSON0, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": []string{ "ec2:Describe*", }, "Effect": "Allow", "Resource": "*", }, }, }) if err != nil { return err } json0 := string(tmpJSON0) _, err = iam.NewRole(ctx, "example", &iam.RoleArgs{ AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json), InlinePolicies: iam.RoleInlinePolicyArray{ &iam.RoleInlinePolicyArgs{ Name: pulumi.String("my_inline_policy"), Policy: pulumi.String(json0), }, &iam.RoleInlinePolicyArgs{ Name: pulumi.String("policy-8675309"), Policy: *pulumi.String(inlinePolicy.Json), }, }, }) if err != nil { return err } return nil }) }
``` ### Example of Removing Inline Policies
This example creates an IAM role with what appears to be empty IAM `inlinePolicy` argument instead of using `inlinePolicy` as a configuration block. The result is that if someone were to add an inline policy out-of-band, on the next apply, this provider will remove that policy.
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewRole(ctx, "example", &iam.RoleArgs{ AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json), InlinePolicies: iam.RoleInlinePolicyArray{ nil, }, }) if err != nil { return err } return nil }) }
``` ### Example of Exclusive Managed Policies
This example creates an IAM role and attaches two managed IAM policies. If someone attaches another managed policy out-of-band, on the next apply, this provider will detach that policy. If someone detaches these policies out-of-band, this provider will attach them again.
```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { tmpJSON0, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": []string{ "ec2:Describe*", }, "Effect": "Allow", "Resource": "*", }, }, }) if err != nil { return err } json0 := string(tmpJSON0) policyOne, err := iam.NewPolicy(ctx, "policyOne", &iam.PolicyArgs{ Policy: pulumi.String(json0), }) if err != nil { return err } tmpJSON1, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": []string{ "s3:ListAllMyBuckets", "s3:ListBucket", "s3:HeadBucket", }, "Effect": "Allow", "Resource": "*", }, }, }) if err != nil { return err } json1 := string(tmpJSON1) policyTwo, err := iam.NewPolicy(ctx, "policyTwo", &iam.PolicyArgs{ Policy: pulumi.String(json1), }) if err != nil { return err } _, err = iam.NewRole(ctx, "example", &iam.RoleArgs{ AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json), ManagedPolicyArns: pulumi.StringArray{ policyOne.Arn, policyTwo.Arn, }, }) if err != nil { return err } return nil }) }
``` ### Example of Removing Managed Policies
This example creates an IAM role with an empty `managedPolicyArns` argument. If someone attaches a policy out-of-band, on the next apply, this provider will detach that policy.
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewRole(ctx, "example", &iam.RoleArgs{ AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json), ManagedPolicyArns: pulumi.StringArray{}, }) if err != nil { return err } return nil }) }
```
## Import
IAM Roles can be imported using the `name`, e.g.,
```sh
$ pulumi import aws:iam/role:Role developer developer_name
```
func GetRole ¶
func GetRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RoleState, opts ...pulumi.ResourceOption) (*Role, error)
GetRole gets an existing Role resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRole ¶
func NewRole(ctx *pulumi.Context, name string, args *RoleArgs, opts ...pulumi.ResourceOption) (*Role, error)
NewRole registers a new resource with the given unique name, arguments, and options.
func (*Role) ElementType ¶
func (*Role) ToRoleOutput ¶
func (i *Role) ToRoleOutput() RoleOutput
func (*Role) ToRoleOutputWithContext ¶
func (i *Role) ToRoleOutputWithContext(ctx context.Context) RoleOutput
type RoleArgs ¶
type RoleArgs struct { // Policy that grants an entity permission to assume the role. // // > **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource. However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works. // // The following arguments are optional: AssumeRolePolicy pulumi.Input // Description of the role. Description pulumi.StringPtrInput // Whether to force detaching any policies the role has before destroying it. Defaults to `false`. ForceDetachPolicies pulumi.BoolPtrInput // Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`. InlinePolicies RoleInlinePolicyArrayInput ManagedPolicyArns pulumi.StringArrayInput // Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours. MaxSessionDuration pulumi.IntPtrInput // Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Name pulumi.StringPtrInput // Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Path pulumi.StringPtrInput // ARN of the policy that is used to set the permissions boundary for the role. PermissionsBoundary pulumi.StringPtrInput // Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput }
The set of arguments for constructing a Role resource.
func (RoleArgs) ElementType ¶
type RoleArray ¶
type RoleArray []RoleInput
func (RoleArray) ElementType ¶
func (RoleArray) ToRoleArrayOutput ¶
func (i RoleArray) ToRoleArrayOutput() RoleArrayOutput
func (RoleArray) ToRoleArrayOutputWithContext ¶
func (i RoleArray) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput
type RoleArrayInput ¶
type RoleArrayInput interface { pulumi.Input ToRoleArrayOutput() RoleArrayOutput ToRoleArrayOutputWithContext(context.Context) RoleArrayOutput }
RoleArrayInput is an input type that accepts RoleArray and RoleArrayOutput values. You can construct a concrete instance of `RoleArrayInput` via:
RoleArray{ RoleArgs{...} }
type RoleArrayOutput ¶
type RoleArrayOutput struct{ *pulumi.OutputState }
func (RoleArrayOutput) ElementType ¶
func (RoleArrayOutput) ElementType() reflect.Type
func (RoleArrayOutput) Index ¶
func (o RoleArrayOutput) Index(i pulumi.IntInput) RoleOutput
func (RoleArrayOutput) ToRoleArrayOutput ¶
func (o RoleArrayOutput) ToRoleArrayOutput() RoleArrayOutput
func (RoleArrayOutput) ToRoleArrayOutputWithContext ¶
func (o RoleArrayOutput) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput
type RoleInlinePolicy ¶
type RoleInlinePolicyArgs ¶
type RoleInlinePolicyArgs struct { // Name of the role policy. Name pulumi.StringPtrInput `pulumi:"name"` // Policy document as a JSON formatted string. Policy pulumi.StringPtrInput `pulumi:"policy"` }
func (RoleInlinePolicyArgs) ElementType ¶
func (RoleInlinePolicyArgs) ElementType() reflect.Type
func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutput ¶
func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput
func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext ¶
func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput
type RoleInlinePolicyArray ¶
type RoleInlinePolicyArray []RoleInlinePolicyInput
func (RoleInlinePolicyArray) ElementType ¶
func (RoleInlinePolicyArray) ElementType() reflect.Type
func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput ¶
func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput
func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext ¶
func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput
type RoleInlinePolicyArrayInput ¶
type RoleInlinePolicyArrayInput interface { pulumi.Input ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput ToRoleInlinePolicyArrayOutputWithContext(context.Context) RoleInlinePolicyArrayOutput }
RoleInlinePolicyArrayInput is an input type that accepts RoleInlinePolicyArray and RoleInlinePolicyArrayOutput values. You can construct a concrete instance of `RoleInlinePolicyArrayInput` via:
RoleInlinePolicyArray{ RoleInlinePolicyArgs{...} }
type RoleInlinePolicyArrayOutput ¶
type RoleInlinePolicyArrayOutput struct{ *pulumi.OutputState }
func (RoleInlinePolicyArrayOutput) ElementType ¶
func (RoleInlinePolicyArrayOutput) ElementType() reflect.Type
func (RoleInlinePolicyArrayOutput) Index ¶
func (o RoleInlinePolicyArrayOutput) Index(i pulumi.IntInput) RoleInlinePolicyOutput
func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput ¶
func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput
func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext ¶
func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput
type RoleInlinePolicyInput ¶
type RoleInlinePolicyInput interface { pulumi.Input ToRoleInlinePolicyOutput() RoleInlinePolicyOutput ToRoleInlinePolicyOutputWithContext(context.Context) RoleInlinePolicyOutput }
RoleInlinePolicyInput is an input type that accepts RoleInlinePolicyArgs and RoleInlinePolicyOutput values. You can construct a concrete instance of `RoleInlinePolicyInput` via:
RoleInlinePolicyArgs{...}
type RoleInlinePolicyOutput ¶
type RoleInlinePolicyOutput struct{ *pulumi.OutputState }
func (RoleInlinePolicyOutput) ElementType ¶
func (RoleInlinePolicyOutput) ElementType() reflect.Type
func (RoleInlinePolicyOutput) Name ¶
func (o RoleInlinePolicyOutput) Name() pulumi.StringPtrOutput
Name of the role policy.
func (RoleInlinePolicyOutput) Policy ¶
func (o RoleInlinePolicyOutput) Policy() pulumi.StringPtrOutput
Policy document as a JSON formatted string.
func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutput ¶
func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput
func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext ¶
func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput
type RoleInput ¶
type RoleInput interface { pulumi.Input ToRoleOutput() RoleOutput ToRoleOutputWithContext(ctx context.Context) RoleOutput }
type RoleMap ¶
func (RoleMap) ElementType ¶
func (RoleMap) ToRoleMapOutput ¶
func (i RoleMap) ToRoleMapOutput() RoleMapOutput
func (RoleMap) ToRoleMapOutputWithContext ¶
func (i RoleMap) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput
type RoleMapInput ¶
type RoleMapInput interface { pulumi.Input ToRoleMapOutput() RoleMapOutput ToRoleMapOutputWithContext(context.Context) RoleMapOutput }
RoleMapInput is an input type that accepts RoleMap and RoleMapOutput values. You can construct a concrete instance of `RoleMapInput` via:
RoleMap{ "key": RoleArgs{...} }
type RoleMapOutput ¶
type RoleMapOutput struct{ *pulumi.OutputState }
func (RoleMapOutput) ElementType ¶
func (RoleMapOutput) ElementType() reflect.Type
func (RoleMapOutput) MapIndex ¶
func (o RoleMapOutput) MapIndex(k pulumi.StringInput) RoleOutput
func (RoleMapOutput) ToRoleMapOutput ¶
func (o RoleMapOutput) ToRoleMapOutput() RoleMapOutput
func (RoleMapOutput) ToRoleMapOutputWithContext ¶
func (o RoleMapOutput) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput
type RoleOutput ¶
type RoleOutput struct{ *pulumi.OutputState }
func (RoleOutput) Arn ¶
func (o RoleOutput) Arn() pulumi.StringOutput
Amazon Resource Name (ARN) specifying the role.
func (RoleOutput) AssumeRolePolicy ¶
func (o RoleOutput) AssumeRolePolicy() pulumi.StringOutput
Policy that grants an entity permission to assume the role.
> **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource. However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works.
The following arguments are optional:
func (RoleOutput) CreateDate ¶
func (o RoleOutput) CreateDate() pulumi.StringOutput
Creation date of the IAM role.
func (RoleOutput) Description ¶
func (o RoleOutput) Description() pulumi.StringPtrOutput
Description of the role.
func (RoleOutput) ElementType ¶
func (RoleOutput) ElementType() reflect.Type
func (RoleOutput) ForceDetachPolicies ¶
func (o RoleOutput) ForceDetachPolicies() pulumi.BoolPtrOutput
Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
func (RoleOutput) InlinePolicies ¶
func (o RoleOutput) InlinePolicies() RoleInlinePolicyArrayOutput
Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
func (RoleOutput) ManagedPolicyArns ¶
func (o RoleOutput) ManagedPolicyArns() pulumi.StringArrayOutput
func (RoleOutput) MaxSessionDuration ¶
func (o RoleOutput) MaxSessionDuration() pulumi.IntPtrOutput
Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
func (RoleOutput) Name ¶
func (o RoleOutput) Name() pulumi.StringOutput
Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
func (RoleOutput) NamePrefix ¶
func (o RoleOutput) NamePrefix() pulumi.StringOutput
Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
func (RoleOutput) Path ¶
func (o RoleOutput) Path() pulumi.StringPtrOutput
Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
func (RoleOutput) PermissionsBoundary ¶
func (o RoleOutput) PermissionsBoundary() pulumi.StringPtrOutput
ARN of the policy that is used to set the permissions boundary for the role.
func (RoleOutput) Tags ¶
func (o RoleOutput) Tags() pulumi.StringMapOutput
Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (RoleOutput) TagsAll ¶
func (o RoleOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (RoleOutput) ToRoleOutput ¶
func (o RoleOutput) ToRoleOutput() RoleOutput
func (RoleOutput) ToRoleOutputWithContext ¶
func (o RoleOutput) ToRoleOutputWithContext(ctx context.Context) RoleOutput
func (RoleOutput) UniqueId ¶
func (o RoleOutput) UniqueId() pulumi.StringOutput
Stable and unique string identifying the role.
type RolePolicy ¶
type RolePolicy struct { pulumi.CustomResourceState // The name of the role policy. If omitted, this provider will // assign a random, unique name. Name pulumi.StringOutput `pulumi:"name"` // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"` // The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide Policy pulumi.StringOutput `pulumi:"policy"` // The name of the IAM role to attach to the policy. Role pulumi.StringOutput `pulumi:"role"` }
Provides an IAM role inline policy.
> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `inlinePolicy` argument. When using that argument and this resource, both will attempt to manage the role's inline policies and the provider will show a permanent difference.
## Example Usage
```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { tmpJSON0, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": "sts:AssumeRole", "Effect": "Allow", "Sid": "", "Principal": map[string]interface{}{ "Service": "ec2.amazonaws.com", }, }, }, }) if err != nil { return err } json0 := string(tmpJSON0) testRole, err := iam.NewRole(ctx, "testRole", &iam.RoleArgs{ AssumeRolePolicy: pulumi.String(json0), }) if err != nil { return err } tmpJSON1, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": []string{ "ec2:Describe*", }, "Effect": "Allow", "Resource": "*", }, }, }) if err != nil { return err } json1 := string(tmpJSON1) _, err = iam.NewRolePolicy(ctx, "testPolicy", &iam.RolePolicyArgs{ Role: testRole.ID(), Policy: pulumi.String(json1), }) if err != nil { return err } return nil }) }
```
## Import
IAM Role Policies can be imported using the `role_name:role_policy_name`, e.g.,
```sh
$ pulumi import aws:iam/rolePolicy:RolePolicy mypolicy role_of_mypolicy_name:mypolicy_name
```
func GetRolePolicy ¶
func GetRolePolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RolePolicyState, opts ...pulumi.ResourceOption) (*RolePolicy, error)
GetRolePolicy gets an existing RolePolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRolePolicy ¶
func NewRolePolicy(ctx *pulumi.Context, name string, args *RolePolicyArgs, opts ...pulumi.ResourceOption) (*RolePolicy, error)
NewRolePolicy registers a new resource with the given unique name, arguments, and options.
func (*RolePolicy) ElementType ¶
func (*RolePolicy) ElementType() reflect.Type
func (*RolePolicy) ToRolePolicyOutput ¶
func (i *RolePolicy) ToRolePolicyOutput() RolePolicyOutput
func (*RolePolicy) ToRolePolicyOutputWithContext ¶
func (i *RolePolicy) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput
type RolePolicyArgs ¶
type RolePolicyArgs struct { // The name of the role policy. If omitted, this provider will // assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide Policy pulumi.Input // The name of the IAM role to attach to the policy. Role pulumi.Input }
The set of arguments for constructing a RolePolicy resource.
func (RolePolicyArgs) ElementType ¶
func (RolePolicyArgs) ElementType() reflect.Type
type RolePolicyArray ¶
type RolePolicyArray []RolePolicyInput
func (RolePolicyArray) ElementType ¶
func (RolePolicyArray) ElementType() reflect.Type
func (RolePolicyArray) ToRolePolicyArrayOutput ¶
func (i RolePolicyArray) ToRolePolicyArrayOutput() RolePolicyArrayOutput
func (RolePolicyArray) ToRolePolicyArrayOutputWithContext ¶
func (i RolePolicyArray) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput
type RolePolicyArrayInput ¶
type RolePolicyArrayInput interface { pulumi.Input ToRolePolicyArrayOutput() RolePolicyArrayOutput ToRolePolicyArrayOutputWithContext(context.Context) RolePolicyArrayOutput }
RolePolicyArrayInput is an input type that accepts RolePolicyArray and RolePolicyArrayOutput values. You can construct a concrete instance of `RolePolicyArrayInput` via:
RolePolicyArray{ RolePolicyArgs{...} }
type RolePolicyArrayOutput ¶
type RolePolicyArrayOutput struct{ *pulumi.OutputState }
func (RolePolicyArrayOutput) ElementType ¶
func (RolePolicyArrayOutput) ElementType() reflect.Type
func (RolePolicyArrayOutput) Index ¶
func (o RolePolicyArrayOutput) Index(i pulumi.IntInput) RolePolicyOutput
func (RolePolicyArrayOutput) ToRolePolicyArrayOutput ¶
func (o RolePolicyArrayOutput) ToRolePolicyArrayOutput() RolePolicyArrayOutput
func (RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext ¶
func (o RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput
type RolePolicyAttachment ¶
type RolePolicyAttachment struct { pulumi.CustomResourceState // The ARN of the policy you want to apply PolicyArn pulumi.StringOutput `pulumi:"policyArn"` // The name of the IAM role to which the policy should be applied Role pulumi.StringOutput `pulumi:"role"` }
Attaches a Managed IAM Policy to an IAM role
> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.
> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "Service", Identifiers: []string{ "ec2.amazonaws.com", }, }, }, Actions: []string{ "sts:AssumeRole", }, }, }, }, nil) if err != nil { return err } role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{ AssumeRolePolicy: *pulumi.String(assumeRole.Json), }) if err != nil { return err } policyPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Actions: []string{ "ec2:Describe*", }, Resources: []string{ "*", }, }, }, }, nil) if err != nil { return err } policyPolicy, err := iam.NewPolicy(ctx, "policyPolicy", &iam.PolicyArgs{ Description: pulumi.String("A test policy"), Policy: *pulumi.String(policyPolicyDocument.Json), }) if err != nil { return err } _, err = iam.NewRolePolicyAttachment(ctx, "test-attach", &iam.RolePolicyAttachmentArgs{ Role: role.Name, PolicyArn: policyPolicy.Arn, }) if err != nil { return err } return nil }) }
```
## Import
IAM role policy attachments can be imported using the role name and policy arn separated by `/`.
```sh
$ pulumi import aws:iam/rolePolicyAttachment:RolePolicyAttachment test-attach test-role/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy
```
func GetRolePolicyAttachment ¶
func GetRolePolicyAttachment(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RolePolicyAttachmentState, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)
GetRolePolicyAttachment gets an existing RolePolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRolePolicyAttachment ¶
func NewRolePolicyAttachment(ctx *pulumi.Context, name string, args *RolePolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)
NewRolePolicyAttachment registers a new resource with the given unique name, arguments, and options.
func (*RolePolicyAttachment) ElementType ¶
func (*RolePolicyAttachment) ElementType() reflect.Type
func (*RolePolicyAttachment) ToRolePolicyAttachmentOutput ¶
func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput
func (*RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext ¶
func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput
type RolePolicyAttachmentArgs ¶
type RolePolicyAttachmentArgs struct { // The ARN of the policy you want to apply PolicyArn pulumi.StringInput // The name of the IAM role to which the policy should be applied Role pulumi.Input }
The set of arguments for constructing a RolePolicyAttachment resource.
func (RolePolicyAttachmentArgs) ElementType ¶
func (RolePolicyAttachmentArgs) ElementType() reflect.Type
type RolePolicyAttachmentArray ¶
type RolePolicyAttachmentArray []RolePolicyAttachmentInput
func (RolePolicyAttachmentArray) ElementType ¶
func (RolePolicyAttachmentArray) ElementType() reflect.Type
func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput ¶
func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput
func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext ¶
func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput
type RolePolicyAttachmentArrayInput ¶
type RolePolicyAttachmentArrayInput interface { pulumi.Input ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput ToRolePolicyAttachmentArrayOutputWithContext(context.Context) RolePolicyAttachmentArrayOutput }
RolePolicyAttachmentArrayInput is an input type that accepts RolePolicyAttachmentArray and RolePolicyAttachmentArrayOutput values. You can construct a concrete instance of `RolePolicyAttachmentArrayInput` via:
RolePolicyAttachmentArray{ RolePolicyAttachmentArgs{...} }
type RolePolicyAttachmentArrayOutput ¶
type RolePolicyAttachmentArrayOutput struct{ *pulumi.OutputState }
func (RolePolicyAttachmentArrayOutput) ElementType ¶
func (RolePolicyAttachmentArrayOutput) ElementType() reflect.Type
func (RolePolicyAttachmentArrayOutput) Index ¶
func (o RolePolicyAttachmentArrayOutput) Index(i pulumi.IntInput) RolePolicyAttachmentOutput
func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput ¶
func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput
func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext ¶
func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput
type RolePolicyAttachmentInput ¶
type RolePolicyAttachmentInput interface { pulumi.Input ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput }
type RolePolicyAttachmentMap ¶
type RolePolicyAttachmentMap map[string]RolePolicyAttachmentInput
func (RolePolicyAttachmentMap) ElementType ¶
func (RolePolicyAttachmentMap) ElementType() reflect.Type
func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput ¶
func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput
func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext ¶
func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput
type RolePolicyAttachmentMapInput ¶
type RolePolicyAttachmentMapInput interface { pulumi.Input ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput ToRolePolicyAttachmentMapOutputWithContext(context.Context) RolePolicyAttachmentMapOutput }
RolePolicyAttachmentMapInput is an input type that accepts RolePolicyAttachmentMap and RolePolicyAttachmentMapOutput values. You can construct a concrete instance of `RolePolicyAttachmentMapInput` via:
RolePolicyAttachmentMap{ "key": RolePolicyAttachmentArgs{...} }
type RolePolicyAttachmentMapOutput ¶
type RolePolicyAttachmentMapOutput struct{ *pulumi.OutputState }
func (RolePolicyAttachmentMapOutput) ElementType ¶
func (RolePolicyAttachmentMapOutput) ElementType() reflect.Type
func (RolePolicyAttachmentMapOutput) MapIndex ¶
func (o RolePolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) RolePolicyAttachmentOutput
func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput ¶
func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput
func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext ¶
func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput
type RolePolicyAttachmentOutput ¶
type RolePolicyAttachmentOutput struct{ *pulumi.OutputState }
func (RolePolicyAttachmentOutput) ElementType ¶
func (RolePolicyAttachmentOutput) ElementType() reflect.Type
func (RolePolicyAttachmentOutput) PolicyArn ¶
func (o RolePolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
The ARN of the policy you want to apply
func (RolePolicyAttachmentOutput) Role ¶
func (o RolePolicyAttachmentOutput) Role() pulumi.StringOutput
The name of the IAM role to which the policy should be applied
func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput ¶
func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput
func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext ¶
func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput
type RolePolicyAttachmentState ¶
type RolePolicyAttachmentState struct { // The ARN of the policy you want to apply PolicyArn pulumi.StringPtrInput // The name of the IAM role to which the policy should be applied Role pulumi.Input }
func (RolePolicyAttachmentState) ElementType ¶
func (RolePolicyAttachmentState) ElementType() reflect.Type
type RolePolicyInput ¶
type RolePolicyInput interface { pulumi.Input ToRolePolicyOutput() RolePolicyOutput ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput }
type RolePolicyMap ¶
type RolePolicyMap map[string]RolePolicyInput
func (RolePolicyMap) ElementType ¶
func (RolePolicyMap) ElementType() reflect.Type
func (RolePolicyMap) ToRolePolicyMapOutput ¶
func (i RolePolicyMap) ToRolePolicyMapOutput() RolePolicyMapOutput
func (RolePolicyMap) ToRolePolicyMapOutputWithContext ¶
func (i RolePolicyMap) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput
type RolePolicyMapInput ¶
type RolePolicyMapInput interface { pulumi.Input ToRolePolicyMapOutput() RolePolicyMapOutput ToRolePolicyMapOutputWithContext(context.Context) RolePolicyMapOutput }
RolePolicyMapInput is an input type that accepts RolePolicyMap and RolePolicyMapOutput values. You can construct a concrete instance of `RolePolicyMapInput` via:
RolePolicyMap{ "key": RolePolicyArgs{...} }
type RolePolicyMapOutput ¶
type RolePolicyMapOutput struct{ *pulumi.OutputState }
func (RolePolicyMapOutput) ElementType ¶
func (RolePolicyMapOutput) ElementType() reflect.Type
func (RolePolicyMapOutput) MapIndex ¶
func (o RolePolicyMapOutput) MapIndex(k pulumi.StringInput) RolePolicyOutput
func (RolePolicyMapOutput) ToRolePolicyMapOutput ¶
func (o RolePolicyMapOutput) ToRolePolicyMapOutput() RolePolicyMapOutput
func (RolePolicyMapOutput) ToRolePolicyMapOutputWithContext ¶
func (o RolePolicyMapOutput) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput
type RolePolicyOutput ¶
type RolePolicyOutput struct{ *pulumi.OutputState }
func (RolePolicyOutput) ElementType ¶
func (RolePolicyOutput) ElementType() reflect.Type
func (RolePolicyOutput) Name ¶
func (o RolePolicyOutput) Name() pulumi.StringOutput
The name of the role policy. If omitted, this provider will assign a random, unique name.
func (RolePolicyOutput) NamePrefix ¶
func (o RolePolicyOutput) NamePrefix() pulumi.StringPtrOutput
Creates a unique name beginning with the specified prefix. Conflicts with `name`.
func (RolePolicyOutput) Policy ¶
func (o RolePolicyOutput) Policy() pulumi.StringOutput
The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide
func (RolePolicyOutput) Role ¶
func (o RolePolicyOutput) Role() pulumi.StringOutput
The name of the IAM role to attach to the policy.
func (RolePolicyOutput) ToRolePolicyOutput ¶
func (o RolePolicyOutput) ToRolePolicyOutput() RolePolicyOutput
func (RolePolicyOutput) ToRolePolicyOutputWithContext ¶
func (o RolePolicyOutput) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput
type RolePolicyState ¶
type RolePolicyState struct { // The name of the role policy. If omitted, this provider will // assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide Policy pulumi.Input // The name of the IAM role to attach to the policy. Role pulumi.Input }
func (RolePolicyState) ElementType ¶
func (RolePolicyState) ElementType() reflect.Type
type RoleState ¶
type RoleState struct { // Amazon Resource Name (ARN) specifying the role. Arn pulumi.StringPtrInput // Policy that grants an entity permission to assume the role. // // > **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource. However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works. // // The following arguments are optional: AssumeRolePolicy pulumi.Input // Creation date of the IAM role. CreateDate pulumi.StringPtrInput // Description of the role. Description pulumi.StringPtrInput // Whether to force detaching any policies the role has before destroying it. Defaults to `false`. ForceDetachPolicies pulumi.BoolPtrInput // Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`. InlinePolicies RoleInlinePolicyArrayInput ManagedPolicyArns pulumi.StringArrayInput // Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours. MaxSessionDuration pulumi.IntPtrInput // Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Name pulumi.StringPtrInput // Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. Path pulumi.StringPtrInput // ARN of the policy that is used to set the permissions boundary for the role. PermissionsBoundary pulumi.StringPtrInput // Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // Stable and unique string identifying the role. UniqueId pulumi.StringPtrInput }
func (RoleState) ElementType ¶
type SamlProvider ¶
type SamlProvider struct { pulumi.CustomResourceState // The ARN assigned by AWS for this provider. Arn pulumi.StringOutput `pulumi:"arn"` // The name of the provider to create. Name pulumi.StringOutput `pulumi:"name"` // An XML document generated by an identity provider that supports SAML 2.0. SamlMetadataDocument pulumi.StringOutput `pulumi:"samlMetadataDocument"` // Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`. ValidUntil pulumi.StringOutput `pulumi:"validUntil"` }
Provides an IAM SAML provider.
## Example Usage
```go package main
import (
"os" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput { data, err := os.ReadFile(path) if err != nil { panic(err.Error()) } return pulumi.String(string(data)) } func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewSamlProvider(ctx, "default", &iam.SamlProviderArgs{ SamlMetadataDocument: readFileOrPanic("saml-metadata.xml"), }) if err != nil { return err } return nil }) }
```
## Import
IAM SAML Providers can be imported using the `arn`, e.g.,
```sh
$ pulumi import aws:iam/samlProvider:SamlProvider default arn:aws:iam::123456789012:saml-provider/SAMLADFS
```
func GetSamlProvider ¶
func GetSamlProvider(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SamlProviderState, opts ...pulumi.ResourceOption) (*SamlProvider, error)
GetSamlProvider gets an existing SamlProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSamlProvider ¶
func NewSamlProvider(ctx *pulumi.Context, name string, args *SamlProviderArgs, opts ...pulumi.ResourceOption) (*SamlProvider, error)
NewSamlProvider registers a new resource with the given unique name, arguments, and options.
func (*SamlProvider) ElementType ¶
func (*SamlProvider) ElementType() reflect.Type
func (*SamlProvider) ToSamlProviderOutput ¶
func (i *SamlProvider) ToSamlProviderOutput() SamlProviderOutput
func (*SamlProvider) ToSamlProviderOutputWithContext ¶
func (i *SamlProvider) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput
type SamlProviderArgs ¶
type SamlProviderArgs struct { // The name of the provider to create. Name pulumi.StringPtrInput // An XML document generated by an identity provider that supports SAML 2.0. SamlMetadataDocument pulumi.StringInput // Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput }
The set of arguments for constructing a SamlProvider resource.
func (SamlProviderArgs) ElementType ¶
func (SamlProviderArgs) ElementType() reflect.Type
type SamlProviderArray ¶
type SamlProviderArray []SamlProviderInput
func (SamlProviderArray) ElementType ¶
func (SamlProviderArray) ElementType() reflect.Type
func (SamlProviderArray) ToSamlProviderArrayOutput ¶
func (i SamlProviderArray) ToSamlProviderArrayOutput() SamlProviderArrayOutput
func (SamlProviderArray) ToSamlProviderArrayOutputWithContext ¶
func (i SamlProviderArray) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput
type SamlProviderArrayInput ¶
type SamlProviderArrayInput interface { pulumi.Input ToSamlProviderArrayOutput() SamlProviderArrayOutput ToSamlProviderArrayOutputWithContext(context.Context) SamlProviderArrayOutput }
SamlProviderArrayInput is an input type that accepts SamlProviderArray and SamlProviderArrayOutput values. You can construct a concrete instance of `SamlProviderArrayInput` via:
SamlProviderArray{ SamlProviderArgs{...} }
type SamlProviderArrayOutput ¶
type SamlProviderArrayOutput struct{ *pulumi.OutputState }
func (SamlProviderArrayOutput) ElementType ¶
func (SamlProviderArrayOutput) ElementType() reflect.Type
func (SamlProviderArrayOutput) Index ¶
func (o SamlProviderArrayOutput) Index(i pulumi.IntInput) SamlProviderOutput
func (SamlProviderArrayOutput) ToSamlProviderArrayOutput ¶
func (o SamlProviderArrayOutput) ToSamlProviderArrayOutput() SamlProviderArrayOutput
func (SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext ¶
func (o SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput
type SamlProviderInput ¶
type SamlProviderInput interface { pulumi.Input ToSamlProviderOutput() SamlProviderOutput ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput }
type SamlProviderMap ¶
type SamlProviderMap map[string]SamlProviderInput
func (SamlProviderMap) ElementType ¶
func (SamlProviderMap) ElementType() reflect.Type
func (SamlProviderMap) ToSamlProviderMapOutput ¶
func (i SamlProviderMap) ToSamlProviderMapOutput() SamlProviderMapOutput
func (SamlProviderMap) ToSamlProviderMapOutputWithContext ¶
func (i SamlProviderMap) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput
type SamlProviderMapInput ¶
type SamlProviderMapInput interface { pulumi.Input ToSamlProviderMapOutput() SamlProviderMapOutput ToSamlProviderMapOutputWithContext(context.Context) SamlProviderMapOutput }
SamlProviderMapInput is an input type that accepts SamlProviderMap and SamlProviderMapOutput values. You can construct a concrete instance of `SamlProviderMapInput` via:
SamlProviderMap{ "key": SamlProviderArgs{...} }
type SamlProviderMapOutput ¶
type SamlProviderMapOutput struct{ *pulumi.OutputState }
func (SamlProviderMapOutput) ElementType ¶
func (SamlProviderMapOutput) ElementType() reflect.Type
func (SamlProviderMapOutput) MapIndex ¶
func (o SamlProviderMapOutput) MapIndex(k pulumi.StringInput) SamlProviderOutput
func (SamlProviderMapOutput) ToSamlProviderMapOutput ¶
func (o SamlProviderMapOutput) ToSamlProviderMapOutput() SamlProviderMapOutput
func (SamlProviderMapOutput) ToSamlProviderMapOutputWithContext ¶
func (o SamlProviderMapOutput) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput
type SamlProviderOutput ¶
type SamlProviderOutput struct{ *pulumi.OutputState }
func (SamlProviderOutput) Arn ¶
func (o SamlProviderOutput) Arn() pulumi.StringOutput
The ARN assigned by AWS for this provider.
func (SamlProviderOutput) ElementType ¶
func (SamlProviderOutput) ElementType() reflect.Type
func (SamlProviderOutput) Name ¶
func (o SamlProviderOutput) Name() pulumi.StringOutput
The name of the provider to create.
func (SamlProviderOutput) SamlMetadataDocument ¶
func (o SamlProviderOutput) SamlMetadataDocument() pulumi.StringOutput
An XML document generated by an identity provider that supports SAML 2.0.
func (SamlProviderOutput) Tags ¶
func (o SamlProviderOutput) Tags() pulumi.StringMapOutput
Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (SamlProviderOutput) TagsAll ¶
func (o SamlProviderOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (SamlProviderOutput) ToSamlProviderOutput ¶
func (o SamlProviderOutput) ToSamlProviderOutput() SamlProviderOutput
func (SamlProviderOutput) ToSamlProviderOutputWithContext ¶
func (o SamlProviderOutput) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput
func (SamlProviderOutput) ValidUntil ¶
func (o SamlProviderOutput) ValidUntil() pulumi.StringOutput
The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.
type SamlProviderState ¶
type SamlProviderState struct { // The ARN assigned by AWS for this provider. Arn pulumi.StringPtrInput // The name of the provider to create. Name pulumi.StringPtrInput // An XML document generated by an identity provider that supports SAML 2.0. SamlMetadataDocument pulumi.StringPtrInput // Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`. ValidUntil pulumi.StringPtrInput }
func (SamlProviderState) ElementType ¶
func (SamlProviderState) ElementType() reflect.Type
type ServerCertificate ¶
type ServerCertificate struct { pulumi.CustomResourceState // The Amazon Resource Name (ARN) specifying the server certificate. Arn pulumi.StringOutput `pulumi:"arn"` // The contents of the public key certificate in // PEM-encoded format. CertificateBody pulumi.StringOutput `pulumi:"certificateBody"` // The contents of the certificate chain. // This is typically a concatenation of the PEM-encoded public key certificates // of the chain. CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"` // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire. Expiration pulumi.StringOutput `pulumi:"expiration"` // The name of the Server Certificate. Do not include the // path in this value. If omitted, the provider will assign a random, unique name. Name pulumi.StringOutput `pulumi:"name"` // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringOutput `pulumi:"namePrefix"` // The IAM path for the server certificate. If it is not // included, it defaults to a slash (/). If this certificate is for use with // AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. // See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths. Path pulumi.StringPtrOutput `pulumi:"path"` // The contents of the private key in PEM-encoded format. PrivateKey pulumi.StringOutput `pulumi:"privateKey"` // Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. // // > **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded. UploadDate pulumi.StringOutput `pulumi:"uploadDate"` }
Provides an IAM Server Certificate resource to upload Server Certificates. Certs uploaded to IAM can easily work with other AWS services such as:
- AWS Elastic Beanstalk - Elastic Load Balancing - CloudFront - AWS OpsWorks
For information about server certificates in IAM, see [Managing Server Certificates][2] in AWS Documentation.
## Example Usage
**Using certs on file:**
```go package main
import (
"os" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput { data, err := os.ReadFile(path) if err != nil { panic(err.Error()) } return pulumi.String(string(data)) } func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{ CertificateBody: readFileOrPanic("self-ca-cert.pem"), PrivateKey: readFileOrPanic("test-key.pem"), }) if err != nil { return err } return nil }) }
```
**Example with cert in-line:**
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewServerCertificate(ctx, "testCertAlt", &iam.ServerCertificateArgs{ CertificateBody: pulumi.String("-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\n"), PrivateKey: pulumi.String("-----BEGIN RSA PRIVATE KEY-----\n[......] # cert contents\n-----END RSA PRIVATE KEY-----\n\n"), }) if err != nil { return err } return nil }) }
```
**Use in combination with an AWS ELB resource:**
Some properties of an IAM Server Certificates cannot be updated while they are in use. In order for the provider to effectively manage a Certificate in this situation, it is recommended you utilize the `namePrefix` attribute and enable the `createBeforeDestroy`. This will allow this provider to create a new, updated `iam.ServerCertificate` resource and replace it in dependant resources before attempting to destroy the old version.
```go package main
import (
"os" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput { data, err := os.ReadFile(path) if err != nil { panic(err.Error()) } return pulumi.String(string(data)) } func main() { pulumi.Run(func(ctx *pulumi.Context) error { testCert, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{ NamePrefix: pulumi.String("example-cert"), CertificateBody: readFileOrPanic("self-ca-cert.pem"), PrivateKey: readFileOrPanic("test-key.pem"), }) if err != nil { return err } _, err = elb.NewLoadBalancer(ctx, "ourapp", &elb.LoadBalancerArgs{ AvailabilityZones: pulumi.StringArray{ pulumi.String("us-west-2a"), }, CrossZoneLoadBalancing: pulumi.Bool(true), Listeners: elb.LoadBalancerListenerArray{ &elb.LoadBalancerListenerArgs{ InstancePort: pulumi.Int(8000), InstanceProtocol: pulumi.String("http"), LbPort: pulumi.Int(443), LbProtocol: pulumi.String("https"), SslCertificateId: testCert.Arn, }, }, }) if err != nil { return err } return nil }) }
```
## Import
IAM Server Certificates can be imported using the `name`, e.g.,
```sh
$ pulumi import aws:iam/serverCertificate:ServerCertificate certificate example.com-certificate-until-2018
```
[1]https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html [2]https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html
func GetServerCertificate ¶
func GetServerCertificate(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ServerCertificateState, opts ...pulumi.ResourceOption) (*ServerCertificate, error)
GetServerCertificate gets an existing ServerCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewServerCertificate ¶
func NewServerCertificate(ctx *pulumi.Context, name string, args *ServerCertificateArgs, opts ...pulumi.ResourceOption) (*ServerCertificate, error)
NewServerCertificate registers a new resource with the given unique name, arguments, and options.
func (*ServerCertificate) ElementType ¶
func (*ServerCertificate) ElementType() reflect.Type
func (*ServerCertificate) ToServerCertificateOutput ¶
func (i *ServerCertificate) ToServerCertificateOutput() ServerCertificateOutput
func (*ServerCertificate) ToServerCertificateOutputWithContext ¶
func (i *ServerCertificate) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput
type ServerCertificateArgs ¶
type ServerCertificateArgs struct { // The contents of the public key certificate in // PEM-encoded format. CertificateBody pulumi.StringInput // The contents of the certificate chain. // This is typically a concatenation of the PEM-encoded public key certificates // of the chain. CertificateChain pulumi.StringPtrInput // The name of the Server Certificate. Do not include the // path in this value. If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The IAM path for the server certificate. If it is not // included, it defaults to a slash (/). If this certificate is for use with // AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. // See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths. Path pulumi.StringPtrInput // The contents of the private key in PEM-encoded format. PrivateKey pulumi.StringInput // Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. // // > **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain. Tags pulumi.StringMapInput }
The set of arguments for constructing a ServerCertificate resource.
func (ServerCertificateArgs) ElementType ¶
func (ServerCertificateArgs) ElementType() reflect.Type
type ServerCertificateArray ¶
type ServerCertificateArray []ServerCertificateInput
func (ServerCertificateArray) ElementType ¶
func (ServerCertificateArray) ElementType() reflect.Type
func (ServerCertificateArray) ToServerCertificateArrayOutput ¶
func (i ServerCertificateArray) ToServerCertificateArrayOutput() ServerCertificateArrayOutput
func (ServerCertificateArray) ToServerCertificateArrayOutputWithContext ¶
func (i ServerCertificateArray) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput
type ServerCertificateArrayInput ¶
type ServerCertificateArrayInput interface { pulumi.Input ToServerCertificateArrayOutput() ServerCertificateArrayOutput ToServerCertificateArrayOutputWithContext(context.Context) ServerCertificateArrayOutput }
ServerCertificateArrayInput is an input type that accepts ServerCertificateArray and ServerCertificateArrayOutput values. You can construct a concrete instance of `ServerCertificateArrayInput` via:
ServerCertificateArray{ ServerCertificateArgs{...} }
type ServerCertificateArrayOutput ¶
type ServerCertificateArrayOutput struct{ *pulumi.OutputState }
func (ServerCertificateArrayOutput) ElementType ¶
func (ServerCertificateArrayOutput) ElementType() reflect.Type
func (ServerCertificateArrayOutput) Index ¶
func (o ServerCertificateArrayOutput) Index(i pulumi.IntInput) ServerCertificateOutput
func (ServerCertificateArrayOutput) ToServerCertificateArrayOutput ¶
func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutput() ServerCertificateArrayOutput
func (ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext ¶
func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput
type ServerCertificateInput ¶
type ServerCertificateInput interface { pulumi.Input ToServerCertificateOutput() ServerCertificateOutput ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput }
type ServerCertificateMap ¶
type ServerCertificateMap map[string]ServerCertificateInput
func (ServerCertificateMap) ElementType ¶
func (ServerCertificateMap) ElementType() reflect.Type
func (ServerCertificateMap) ToServerCertificateMapOutput ¶
func (i ServerCertificateMap) ToServerCertificateMapOutput() ServerCertificateMapOutput
func (ServerCertificateMap) ToServerCertificateMapOutputWithContext ¶
func (i ServerCertificateMap) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput
type ServerCertificateMapInput ¶
type ServerCertificateMapInput interface { pulumi.Input ToServerCertificateMapOutput() ServerCertificateMapOutput ToServerCertificateMapOutputWithContext(context.Context) ServerCertificateMapOutput }
ServerCertificateMapInput is an input type that accepts ServerCertificateMap and ServerCertificateMapOutput values. You can construct a concrete instance of `ServerCertificateMapInput` via:
ServerCertificateMap{ "key": ServerCertificateArgs{...} }
type ServerCertificateMapOutput ¶
type ServerCertificateMapOutput struct{ *pulumi.OutputState }
func (ServerCertificateMapOutput) ElementType ¶
func (ServerCertificateMapOutput) ElementType() reflect.Type
func (ServerCertificateMapOutput) MapIndex ¶
func (o ServerCertificateMapOutput) MapIndex(k pulumi.StringInput) ServerCertificateOutput
func (ServerCertificateMapOutput) ToServerCertificateMapOutput ¶
func (o ServerCertificateMapOutput) ToServerCertificateMapOutput() ServerCertificateMapOutput
func (ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext ¶
func (o ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput
type ServerCertificateOutput ¶
type ServerCertificateOutput struct{ *pulumi.OutputState }
func (ServerCertificateOutput) Arn ¶
func (o ServerCertificateOutput) Arn() pulumi.StringOutput
The Amazon Resource Name (ARN) specifying the server certificate.
func (ServerCertificateOutput) CertificateBody ¶
func (o ServerCertificateOutput) CertificateBody() pulumi.StringOutput
The contents of the public key certificate in PEM-encoded format.
func (ServerCertificateOutput) CertificateChain ¶
func (o ServerCertificateOutput) CertificateChain() pulumi.StringPtrOutput
The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.
func (ServerCertificateOutput) ElementType ¶
func (ServerCertificateOutput) ElementType() reflect.Type
func (ServerCertificateOutput) Expiration ¶
func (o ServerCertificateOutput) Expiration() pulumi.StringOutput
Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.
func (ServerCertificateOutput) Name ¶
func (o ServerCertificateOutput) Name() pulumi.StringOutput
The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.
func (ServerCertificateOutput) NamePrefix ¶
func (o ServerCertificateOutput) NamePrefix() pulumi.StringOutput
Creates a unique name beginning with the specified prefix. Conflicts with `name`.
func (ServerCertificateOutput) Path ¶
func (o ServerCertificateOutput) Path() pulumi.StringPtrOutput
The IAM path for the server certificate. If it is not included, it defaults to a slash (/). If this certificate is for use with AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
func (ServerCertificateOutput) PrivateKey ¶
func (o ServerCertificateOutput) PrivateKey() pulumi.StringOutput
The contents of the private key in PEM-encoded format.
func (ServerCertificateOutput) Tags ¶
func (o ServerCertificateOutput) Tags() pulumi.StringMapOutput
Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
> **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
func (ServerCertificateOutput) TagsAll ¶
func (o ServerCertificateOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (ServerCertificateOutput) ToServerCertificateOutput ¶
func (o ServerCertificateOutput) ToServerCertificateOutput() ServerCertificateOutput
func (ServerCertificateOutput) ToServerCertificateOutputWithContext ¶
func (o ServerCertificateOutput) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput
func (ServerCertificateOutput) UploadDate ¶
func (o ServerCertificateOutput) UploadDate() pulumi.StringOutput
Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.
type ServerCertificateState ¶
type ServerCertificateState struct { // The Amazon Resource Name (ARN) specifying the server certificate. Arn pulumi.StringPtrInput // The contents of the public key certificate in // PEM-encoded format. CertificateBody pulumi.StringPtrInput // The contents of the certificate chain. // This is typically a concatenation of the PEM-encoded public key certificates // of the chain. CertificateChain pulumi.StringPtrInput // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire. Expiration pulumi.StringPtrInput // The name of the Server Certificate. Do not include the // path in this value. If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified // prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The IAM path for the server certificate. If it is not // included, it defaults to a slash (/). If this certificate is for use with // AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. // See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths. Path pulumi.StringPtrInput // The contents of the private key in PEM-encoded format. PrivateKey pulumi.StringPtrInput // Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. // // > **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded. UploadDate pulumi.StringPtrInput }
func (ServerCertificateState) ElementType ¶
func (ServerCertificateState) ElementType() reflect.Type
type ServiceLinkedRole ¶
type ServiceLinkedRole struct { pulumi.CustomResourceState // The Amazon Resource Name (ARN) specifying the role. Arn pulumi.StringOutput `pulumi:"arn"` // The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html). AwsServiceName pulumi.StringOutput `pulumi:"awsServiceName"` // The creation date of the IAM role. CreateDate pulumi.StringOutput `pulumi:"createDate"` // Additional string appended to the role name. Not all AWS services support custom suffixes. CustomSuffix pulumi.StringPtrOutput `pulumi:"customSuffix"` // The description of the role. Description pulumi.StringPtrOutput `pulumi:"description"` // The name of the role. Name pulumi.StringOutput `pulumi:"name"` // The path of the role. Path pulumi.StringOutput `pulumi:"path"` // Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // The stable and unique string identifying the role. UniqueId pulumi.StringOutput `pulumi:"uniqueId"` }
Provides an [IAM service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewServiceLinkedRole(ctx, "elasticbeanstalk", &iam.ServiceLinkedRoleArgs{ AwsServiceName: pulumi.String("elasticbeanstalk.amazonaws.com"), }) if err != nil { return err } return nil }) }
```
## Import
IAM service-linked roles can be imported using role ARN, e.g.,
```sh
$ pulumi import aws:iam/serviceLinkedRole:ServiceLinkedRole elasticbeanstalk arn:aws:iam::123456789012:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk
```
func GetServiceLinkedRole ¶
func GetServiceLinkedRole(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ServiceLinkedRoleState, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)
GetServiceLinkedRole gets an existing ServiceLinkedRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewServiceLinkedRole ¶
func NewServiceLinkedRole(ctx *pulumi.Context, name string, args *ServiceLinkedRoleArgs, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)
NewServiceLinkedRole registers a new resource with the given unique name, arguments, and options.
func (*ServiceLinkedRole) ElementType ¶
func (*ServiceLinkedRole) ElementType() reflect.Type
func (*ServiceLinkedRole) ToServiceLinkedRoleOutput ¶
func (i *ServiceLinkedRole) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput
func (*ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext ¶
func (i *ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput
type ServiceLinkedRoleArgs ¶
type ServiceLinkedRoleArgs struct { // The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html). AwsServiceName pulumi.StringInput // Additional string appended to the role name. Not all AWS services support custom suffixes. CustomSuffix pulumi.StringPtrInput // The description of the role. Description pulumi.StringPtrInput // Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput }
The set of arguments for constructing a ServiceLinkedRole resource.
func (ServiceLinkedRoleArgs) ElementType ¶
func (ServiceLinkedRoleArgs) ElementType() reflect.Type
type ServiceLinkedRoleArray ¶
type ServiceLinkedRoleArray []ServiceLinkedRoleInput
func (ServiceLinkedRoleArray) ElementType ¶
func (ServiceLinkedRoleArray) ElementType() reflect.Type
func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput ¶
func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput
func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext ¶
func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput
type ServiceLinkedRoleArrayInput ¶
type ServiceLinkedRoleArrayInput interface { pulumi.Input ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput ToServiceLinkedRoleArrayOutputWithContext(context.Context) ServiceLinkedRoleArrayOutput }
ServiceLinkedRoleArrayInput is an input type that accepts ServiceLinkedRoleArray and ServiceLinkedRoleArrayOutput values. You can construct a concrete instance of `ServiceLinkedRoleArrayInput` via:
ServiceLinkedRoleArray{ ServiceLinkedRoleArgs{...} }
type ServiceLinkedRoleArrayOutput ¶
type ServiceLinkedRoleArrayOutput struct{ *pulumi.OutputState }
func (ServiceLinkedRoleArrayOutput) ElementType ¶
func (ServiceLinkedRoleArrayOutput) ElementType() reflect.Type
func (ServiceLinkedRoleArrayOutput) Index ¶
func (o ServiceLinkedRoleArrayOutput) Index(i pulumi.IntInput) ServiceLinkedRoleOutput
func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput ¶
func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput
func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext ¶
func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput
type ServiceLinkedRoleInput ¶
type ServiceLinkedRoleInput interface { pulumi.Input ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput }
type ServiceLinkedRoleMap ¶
type ServiceLinkedRoleMap map[string]ServiceLinkedRoleInput
func (ServiceLinkedRoleMap) ElementType ¶
func (ServiceLinkedRoleMap) ElementType() reflect.Type
func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput ¶
func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput
func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext ¶
func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput
type ServiceLinkedRoleMapInput ¶
type ServiceLinkedRoleMapInput interface { pulumi.Input ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput ToServiceLinkedRoleMapOutputWithContext(context.Context) ServiceLinkedRoleMapOutput }
ServiceLinkedRoleMapInput is an input type that accepts ServiceLinkedRoleMap and ServiceLinkedRoleMapOutput values. You can construct a concrete instance of `ServiceLinkedRoleMapInput` via:
ServiceLinkedRoleMap{ "key": ServiceLinkedRoleArgs{...} }
type ServiceLinkedRoleMapOutput ¶
type ServiceLinkedRoleMapOutput struct{ *pulumi.OutputState }
func (ServiceLinkedRoleMapOutput) ElementType ¶
func (ServiceLinkedRoleMapOutput) ElementType() reflect.Type
func (ServiceLinkedRoleMapOutput) MapIndex ¶
func (o ServiceLinkedRoleMapOutput) MapIndex(k pulumi.StringInput) ServiceLinkedRoleOutput
func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput ¶
func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput
func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext ¶
func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput
type ServiceLinkedRoleOutput ¶
type ServiceLinkedRoleOutput struct{ *pulumi.OutputState }
func (ServiceLinkedRoleOutput) Arn ¶
func (o ServiceLinkedRoleOutput) Arn() pulumi.StringOutput
The Amazon Resource Name (ARN) specifying the role.
func (ServiceLinkedRoleOutput) AwsServiceName ¶
func (o ServiceLinkedRoleOutput) AwsServiceName() pulumi.StringOutput
The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
func (ServiceLinkedRoleOutput) CreateDate ¶
func (o ServiceLinkedRoleOutput) CreateDate() pulumi.StringOutput
The creation date of the IAM role.
func (ServiceLinkedRoleOutput) CustomSuffix ¶
func (o ServiceLinkedRoleOutput) CustomSuffix() pulumi.StringPtrOutput
Additional string appended to the role name. Not all AWS services support custom suffixes.
func (ServiceLinkedRoleOutput) Description ¶
func (o ServiceLinkedRoleOutput) Description() pulumi.StringPtrOutput
The description of the role.
func (ServiceLinkedRoleOutput) ElementType ¶
func (ServiceLinkedRoleOutput) ElementType() reflect.Type
func (ServiceLinkedRoleOutput) Name ¶
func (o ServiceLinkedRoleOutput) Name() pulumi.StringOutput
The name of the role.
func (ServiceLinkedRoleOutput) Path ¶
func (o ServiceLinkedRoleOutput) Path() pulumi.StringOutput
The path of the role.
func (ServiceLinkedRoleOutput) Tags ¶
func (o ServiceLinkedRoleOutput) Tags() pulumi.StringMapOutput
Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (ServiceLinkedRoleOutput) TagsAll ¶
func (o ServiceLinkedRoleOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput ¶
func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput
func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext ¶
func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput
func (ServiceLinkedRoleOutput) UniqueId ¶
func (o ServiceLinkedRoleOutput) UniqueId() pulumi.StringOutput
The stable and unique string identifying the role.
type ServiceLinkedRoleState ¶
type ServiceLinkedRoleState struct { // The Amazon Resource Name (ARN) specifying the role. Arn pulumi.StringPtrInput // The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html). AwsServiceName pulumi.StringPtrInput // The creation date of the IAM role. CreateDate pulumi.StringPtrInput // Additional string appended to the role name. Not all AWS services support custom suffixes. CustomSuffix pulumi.StringPtrInput // The description of the role. Description pulumi.StringPtrInput // The name of the role. Name pulumi.StringPtrInput // The path of the role. Path pulumi.StringPtrInput // Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // The stable and unique string identifying the role. UniqueId pulumi.StringPtrInput }
func (ServiceLinkedRoleState) ElementType ¶
func (ServiceLinkedRoleState) ElementType() reflect.Type
type ServiceSpecificCredential ¶
type ServiceSpecificCredential struct { pulumi.CustomResourceState // The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials. ServiceName pulumi.StringOutput `pulumi:"serviceName"` // The generated password for the service-specific credential. ServicePassword pulumi.StringOutput `pulumi:"servicePassword"` // The unique identifier for the service-specific credential. ServiceSpecificCredentialId pulumi.StringOutput `pulumi:"serviceSpecificCredentialId"` // The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example. ServiceUserName pulumi.StringOutput `pulumi:"serviceUserName"` // The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`. Status pulumi.StringPtrOutput `pulumi:"status"` // The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service. UserName pulumi.StringOutput `pulumi:"userName"` }
Provides an IAM Service Specific Credential.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleUser, err := iam.NewUser(ctx, "exampleUser", nil) if err != nil { return err } _, err = iam.NewServiceSpecificCredential(ctx, "exampleServiceSpecificCredential", &iam.ServiceSpecificCredentialArgs{ ServiceName: pulumi.String("codecommit.amazonaws.com"), UserName: exampleUser.Name, }) if err != nil { return err } return nil }) }
```
## Import
IAM Service Specific Credentials can be imported using the `service_name:user_name:service_specific_credential_id`, e.g.
```sh
$ pulumi import aws:iam/serviceSpecificCredential:ServiceSpecificCredential default `codecommit.amazonaws.com:example:some-id`
```
func GetServiceSpecificCredential ¶
func GetServiceSpecificCredential(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ServiceSpecificCredentialState, opts ...pulumi.ResourceOption) (*ServiceSpecificCredential, error)
GetServiceSpecificCredential gets an existing ServiceSpecificCredential resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewServiceSpecificCredential ¶
func NewServiceSpecificCredential(ctx *pulumi.Context, name string, args *ServiceSpecificCredentialArgs, opts ...pulumi.ResourceOption) (*ServiceSpecificCredential, error)
NewServiceSpecificCredential registers a new resource with the given unique name, arguments, and options.
func (*ServiceSpecificCredential) ElementType ¶
func (*ServiceSpecificCredential) ElementType() reflect.Type
func (*ServiceSpecificCredential) ToServiceSpecificCredentialOutput ¶
func (i *ServiceSpecificCredential) ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput
func (*ServiceSpecificCredential) ToServiceSpecificCredentialOutputWithContext ¶
func (i *ServiceSpecificCredential) ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput
type ServiceSpecificCredentialArgs ¶
type ServiceSpecificCredentialArgs struct { // The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials. ServiceName pulumi.StringInput // The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`. Status pulumi.StringPtrInput // The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service. UserName pulumi.StringInput }
The set of arguments for constructing a ServiceSpecificCredential resource.
func (ServiceSpecificCredentialArgs) ElementType ¶
func (ServiceSpecificCredentialArgs) ElementType() reflect.Type
type ServiceSpecificCredentialArray ¶
type ServiceSpecificCredentialArray []ServiceSpecificCredentialInput
func (ServiceSpecificCredentialArray) ElementType ¶
func (ServiceSpecificCredentialArray) ElementType() reflect.Type
func (ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutput ¶
func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput
func (ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutputWithContext ¶
func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput
type ServiceSpecificCredentialArrayInput ¶
type ServiceSpecificCredentialArrayInput interface { pulumi.Input ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput ToServiceSpecificCredentialArrayOutputWithContext(context.Context) ServiceSpecificCredentialArrayOutput }
ServiceSpecificCredentialArrayInput is an input type that accepts ServiceSpecificCredentialArray and ServiceSpecificCredentialArrayOutput values. You can construct a concrete instance of `ServiceSpecificCredentialArrayInput` via:
ServiceSpecificCredentialArray{ ServiceSpecificCredentialArgs{...} }
type ServiceSpecificCredentialArrayOutput ¶
type ServiceSpecificCredentialArrayOutput struct{ *pulumi.OutputState }
func (ServiceSpecificCredentialArrayOutput) ElementType ¶
func (ServiceSpecificCredentialArrayOutput) ElementType() reflect.Type
func (ServiceSpecificCredentialArrayOutput) Index ¶
func (o ServiceSpecificCredentialArrayOutput) Index(i pulumi.IntInput) ServiceSpecificCredentialOutput
func (ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutput ¶
func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput
func (ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutputWithContext ¶
func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput
type ServiceSpecificCredentialInput ¶
type ServiceSpecificCredentialInput interface { pulumi.Input ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput }
type ServiceSpecificCredentialMap ¶
type ServiceSpecificCredentialMap map[string]ServiceSpecificCredentialInput
func (ServiceSpecificCredentialMap) ElementType ¶
func (ServiceSpecificCredentialMap) ElementType() reflect.Type
func (ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutput ¶
func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput
func (ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutputWithContext ¶
func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput
type ServiceSpecificCredentialMapInput ¶
type ServiceSpecificCredentialMapInput interface { pulumi.Input ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput ToServiceSpecificCredentialMapOutputWithContext(context.Context) ServiceSpecificCredentialMapOutput }
ServiceSpecificCredentialMapInput is an input type that accepts ServiceSpecificCredentialMap and ServiceSpecificCredentialMapOutput values. You can construct a concrete instance of `ServiceSpecificCredentialMapInput` via:
ServiceSpecificCredentialMap{ "key": ServiceSpecificCredentialArgs{...} }
type ServiceSpecificCredentialMapOutput ¶
type ServiceSpecificCredentialMapOutput struct{ *pulumi.OutputState }
func (ServiceSpecificCredentialMapOutput) ElementType ¶
func (ServiceSpecificCredentialMapOutput) ElementType() reflect.Type
func (ServiceSpecificCredentialMapOutput) MapIndex ¶
func (o ServiceSpecificCredentialMapOutput) MapIndex(k pulumi.StringInput) ServiceSpecificCredentialOutput
func (ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutput ¶
func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput
func (ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutputWithContext ¶
func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput
type ServiceSpecificCredentialOutput ¶
type ServiceSpecificCredentialOutput struct{ *pulumi.OutputState }
func (ServiceSpecificCredentialOutput) ElementType ¶
func (ServiceSpecificCredentialOutput) ElementType() reflect.Type
func (ServiceSpecificCredentialOutput) ServiceName ¶
func (o ServiceSpecificCredentialOutput) ServiceName() pulumi.StringOutput
The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.
func (ServiceSpecificCredentialOutput) ServicePassword ¶
func (o ServiceSpecificCredentialOutput) ServicePassword() pulumi.StringOutput
The generated password for the service-specific credential.
func (ServiceSpecificCredentialOutput) ServiceSpecificCredentialId ¶
func (o ServiceSpecificCredentialOutput) ServiceSpecificCredentialId() pulumi.StringOutput
The unique identifier for the service-specific credential.
func (ServiceSpecificCredentialOutput) ServiceUserName ¶
func (o ServiceSpecificCredentialOutput) ServiceUserName() pulumi.StringOutput
The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.
func (ServiceSpecificCredentialOutput) Status ¶
func (o ServiceSpecificCredentialOutput) Status() pulumi.StringPtrOutput
The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.
func (ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutput ¶
func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput
func (ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutputWithContext ¶
func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput
func (ServiceSpecificCredentialOutput) UserName ¶
func (o ServiceSpecificCredentialOutput) UserName() pulumi.StringOutput
The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.
type ServiceSpecificCredentialState ¶
type ServiceSpecificCredentialState struct { // The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials. ServiceName pulumi.StringPtrInput // The generated password for the service-specific credential. ServicePassword pulumi.StringPtrInput // The unique identifier for the service-specific credential. ServiceSpecificCredentialId pulumi.StringPtrInput // The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example. ServiceUserName pulumi.StringPtrInput // The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`. Status pulumi.StringPtrInput // The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service. UserName pulumi.StringPtrInput }
func (ServiceSpecificCredentialState) ElementType ¶
func (ServiceSpecificCredentialState) ElementType() reflect.Type
type SigningCertificate ¶
type SigningCertificate struct { pulumi.CustomResourceState // The contents of the signing certificate in PEM-encoded format. CertificateBody pulumi.StringOutput `pulumi:"certificateBody"` // The ID for the signing certificate. CertificateId pulumi.StringOutput `pulumi:"certificateId"` // The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used. Status pulumi.StringPtrOutput `pulumi:"status"` // The name of the user the signing certificate is for. UserName pulumi.StringOutput `pulumi:"userName"` }
Provides an IAM Signing Certificate resource to upload Signing Certificates.
> **Note:** All arguments including the certificate body will be stored in the raw state as plain-text. ## Example Usage
**Using certs on file:**
```go package main
import (
"os" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput { data, err := os.ReadFile(path) if err != nil { panic(err.Error()) } return pulumi.String(string(data)) } func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewSigningCertificate(ctx, "testCert", &iam.SigningCertificateArgs{ Username: pulumi.String("some_test_cert"), CertificateBody: readFileOrPanic("self-ca-cert.pem"), }) if err != nil { return err } return nil }) }
```
**Example with cert in-line:**
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewSigningCertificate(ctx, "testCertAlt", &iam.SigningCertificateArgs{ CertificateBody: pulumi.String("-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\n"), Username: pulumi.String("some_test_cert"), }) if err != nil { return err } return nil }) }
```
## Import
IAM Signing Certificates can be imported using the `id`, e.g.,
```sh
$ pulumi import aws:iam/signingCertificate:SigningCertificate certificate IDIDIDIDID:user-name
```
func GetSigningCertificate ¶
func GetSigningCertificate(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SigningCertificateState, opts ...pulumi.ResourceOption) (*SigningCertificate, error)
GetSigningCertificate gets an existing SigningCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSigningCertificate ¶
func NewSigningCertificate(ctx *pulumi.Context, name string, args *SigningCertificateArgs, opts ...pulumi.ResourceOption) (*SigningCertificate, error)
NewSigningCertificate registers a new resource with the given unique name, arguments, and options.
func (*SigningCertificate) ElementType ¶
func (*SigningCertificate) ElementType() reflect.Type
func (*SigningCertificate) ToSigningCertificateOutput ¶
func (i *SigningCertificate) ToSigningCertificateOutput() SigningCertificateOutput
func (*SigningCertificate) ToSigningCertificateOutputWithContext ¶
func (i *SigningCertificate) ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput
type SigningCertificateArgs ¶
type SigningCertificateArgs struct { // The contents of the signing certificate in PEM-encoded format. CertificateBody pulumi.StringInput // The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used. Status pulumi.StringPtrInput // The name of the user the signing certificate is for. UserName pulumi.StringInput }
The set of arguments for constructing a SigningCertificate resource.
func (SigningCertificateArgs) ElementType ¶
func (SigningCertificateArgs) ElementType() reflect.Type
type SigningCertificateArray ¶
type SigningCertificateArray []SigningCertificateInput
func (SigningCertificateArray) ElementType ¶
func (SigningCertificateArray) ElementType() reflect.Type
func (SigningCertificateArray) ToSigningCertificateArrayOutput ¶
func (i SigningCertificateArray) ToSigningCertificateArrayOutput() SigningCertificateArrayOutput
func (SigningCertificateArray) ToSigningCertificateArrayOutputWithContext ¶
func (i SigningCertificateArray) ToSigningCertificateArrayOutputWithContext(ctx context.Context) SigningCertificateArrayOutput
type SigningCertificateArrayInput ¶
type SigningCertificateArrayInput interface { pulumi.Input ToSigningCertificateArrayOutput() SigningCertificateArrayOutput ToSigningCertificateArrayOutputWithContext(context.Context) SigningCertificateArrayOutput }
SigningCertificateArrayInput is an input type that accepts SigningCertificateArray and SigningCertificateArrayOutput values. You can construct a concrete instance of `SigningCertificateArrayInput` via:
SigningCertificateArray{ SigningCertificateArgs{...} }
type SigningCertificateArrayOutput ¶
type SigningCertificateArrayOutput struct{ *pulumi.OutputState }
func (SigningCertificateArrayOutput) ElementType ¶
func (SigningCertificateArrayOutput) ElementType() reflect.Type
func (SigningCertificateArrayOutput) Index ¶
func (o SigningCertificateArrayOutput) Index(i pulumi.IntInput) SigningCertificateOutput
func (SigningCertificateArrayOutput) ToSigningCertificateArrayOutput ¶
func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutput() SigningCertificateArrayOutput
func (SigningCertificateArrayOutput) ToSigningCertificateArrayOutputWithContext ¶
func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutputWithContext(ctx context.Context) SigningCertificateArrayOutput
type SigningCertificateInput ¶
type SigningCertificateInput interface { pulumi.Input ToSigningCertificateOutput() SigningCertificateOutput ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput }
type SigningCertificateMap ¶
type SigningCertificateMap map[string]SigningCertificateInput
func (SigningCertificateMap) ElementType ¶
func (SigningCertificateMap) ElementType() reflect.Type
func (SigningCertificateMap) ToSigningCertificateMapOutput ¶
func (i SigningCertificateMap) ToSigningCertificateMapOutput() SigningCertificateMapOutput
func (SigningCertificateMap) ToSigningCertificateMapOutputWithContext ¶
func (i SigningCertificateMap) ToSigningCertificateMapOutputWithContext(ctx context.Context) SigningCertificateMapOutput
type SigningCertificateMapInput ¶
type SigningCertificateMapInput interface { pulumi.Input ToSigningCertificateMapOutput() SigningCertificateMapOutput ToSigningCertificateMapOutputWithContext(context.Context) SigningCertificateMapOutput }
SigningCertificateMapInput is an input type that accepts SigningCertificateMap and SigningCertificateMapOutput values. You can construct a concrete instance of `SigningCertificateMapInput` via:
SigningCertificateMap{ "key": SigningCertificateArgs{...} }
type SigningCertificateMapOutput ¶
type SigningCertificateMapOutput struct{ *pulumi.OutputState }
func (SigningCertificateMapOutput) ElementType ¶
func (SigningCertificateMapOutput) ElementType() reflect.Type
func (SigningCertificateMapOutput) MapIndex ¶
func (o SigningCertificateMapOutput) MapIndex(k pulumi.StringInput) SigningCertificateOutput
func (SigningCertificateMapOutput) ToSigningCertificateMapOutput ¶
func (o SigningCertificateMapOutput) ToSigningCertificateMapOutput() SigningCertificateMapOutput
func (SigningCertificateMapOutput) ToSigningCertificateMapOutputWithContext ¶
func (o SigningCertificateMapOutput) ToSigningCertificateMapOutputWithContext(ctx context.Context) SigningCertificateMapOutput
type SigningCertificateOutput ¶
type SigningCertificateOutput struct{ *pulumi.OutputState }
func (SigningCertificateOutput) CertificateBody ¶
func (o SigningCertificateOutput) CertificateBody() pulumi.StringOutput
The contents of the signing certificate in PEM-encoded format.
func (SigningCertificateOutput) CertificateId ¶
func (o SigningCertificateOutput) CertificateId() pulumi.StringOutput
The ID for the signing certificate.
func (SigningCertificateOutput) ElementType ¶
func (SigningCertificateOutput) ElementType() reflect.Type
func (SigningCertificateOutput) Status ¶
func (o SigningCertificateOutput) Status() pulumi.StringPtrOutput
The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.
func (SigningCertificateOutput) ToSigningCertificateOutput ¶
func (o SigningCertificateOutput) ToSigningCertificateOutput() SigningCertificateOutput
func (SigningCertificateOutput) ToSigningCertificateOutputWithContext ¶
func (o SigningCertificateOutput) ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput
func (SigningCertificateOutput) UserName ¶
func (o SigningCertificateOutput) UserName() pulumi.StringOutput
The name of the user the signing certificate is for.
type SigningCertificateState ¶
type SigningCertificateState struct { // The contents of the signing certificate in PEM-encoded format. CertificateBody pulumi.StringPtrInput // The ID for the signing certificate. CertificateId pulumi.StringPtrInput // The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used. Status pulumi.StringPtrInput // The name of the user the signing certificate is for. UserName pulumi.StringPtrInput }
func (SigningCertificateState) ElementType ¶
func (SigningCertificateState) ElementType() reflect.Type
type SshKey ¶
type SshKey struct { pulumi.CustomResourceState // Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`. Encoding pulumi.StringOutput `pulumi:"encoding"` // The MD5 message digest of the SSH public key. Fingerprint pulumi.StringOutput `pulumi:"fingerprint"` // The SSH public key. The public key must be encoded in ssh-rsa format or PEM format. PublicKey pulumi.StringOutput `pulumi:"publicKey"` // The unique identifier for the SSH public key. SshPublicKeyId pulumi.StringOutput `pulumi:"sshPublicKeyId"` // The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`. Status pulumi.StringOutput `pulumi:"status"` // The name of the IAM user to associate the SSH public key with. Username pulumi.StringOutput `pulumi:"username"` }
Uploads an SSH public key and associates it with the specified IAM user.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { userUser, err := iam.NewUser(ctx, "userUser", &iam.UserArgs{ Path: pulumi.String("/"), }) if err != nil { return err } _, err = iam.NewSshKey(ctx, "userSshKey", &iam.SshKeyArgs{ Username: userUser.Name, Encoding: pulumi.String("SSH"), PublicKey: pulumi.String("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com"), }) if err != nil { return err } return nil }) }
```
## Import
SSH public keys can be imported using the `username`, `ssh_public_key_id`, and `encoding` e.g.,
```sh
$ pulumi import aws:iam/sshKey:SshKey user user:APKAJNCNNJICVN7CFKCA:SSH
```
func GetSshKey ¶
func GetSshKey(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SshKeyState, opts ...pulumi.ResourceOption) (*SshKey, error)
GetSshKey gets an existing SshKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSshKey ¶
func NewSshKey(ctx *pulumi.Context, name string, args *SshKeyArgs, opts ...pulumi.ResourceOption) (*SshKey, error)
NewSshKey registers a new resource with the given unique name, arguments, and options.
func (*SshKey) ElementType ¶
func (*SshKey) ToSshKeyOutput ¶
func (i *SshKey) ToSshKeyOutput() SshKeyOutput
func (*SshKey) ToSshKeyOutputWithContext ¶
func (i *SshKey) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput
type SshKeyArgs ¶
type SshKeyArgs struct { // Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`. Encoding pulumi.StringInput // The SSH public key. The public key must be encoded in ssh-rsa format or PEM format. PublicKey pulumi.StringInput // The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`. Status pulumi.StringPtrInput // The name of the IAM user to associate the SSH public key with. Username pulumi.StringInput }
The set of arguments for constructing a SshKey resource.
func (SshKeyArgs) ElementType ¶
func (SshKeyArgs) ElementType() reflect.Type
type SshKeyArray ¶
type SshKeyArray []SshKeyInput
func (SshKeyArray) ElementType ¶
func (SshKeyArray) ElementType() reflect.Type
func (SshKeyArray) ToSshKeyArrayOutput ¶
func (i SshKeyArray) ToSshKeyArrayOutput() SshKeyArrayOutput
func (SshKeyArray) ToSshKeyArrayOutputWithContext ¶
func (i SshKeyArray) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput
type SshKeyArrayInput ¶
type SshKeyArrayInput interface { pulumi.Input ToSshKeyArrayOutput() SshKeyArrayOutput ToSshKeyArrayOutputWithContext(context.Context) SshKeyArrayOutput }
SshKeyArrayInput is an input type that accepts SshKeyArray and SshKeyArrayOutput values. You can construct a concrete instance of `SshKeyArrayInput` via:
SshKeyArray{ SshKeyArgs{...} }
type SshKeyArrayOutput ¶
type SshKeyArrayOutput struct{ *pulumi.OutputState }
func (SshKeyArrayOutput) ElementType ¶
func (SshKeyArrayOutput) ElementType() reflect.Type
func (SshKeyArrayOutput) Index ¶
func (o SshKeyArrayOutput) Index(i pulumi.IntInput) SshKeyOutput
func (SshKeyArrayOutput) ToSshKeyArrayOutput ¶
func (o SshKeyArrayOutput) ToSshKeyArrayOutput() SshKeyArrayOutput
func (SshKeyArrayOutput) ToSshKeyArrayOutputWithContext ¶
func (o SshKeyArrayOutput) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput
type SshKeyInput ¶
type SshKeyInput interface { pulumi.Input ToSshKeyOutput() SshKeyOutput ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput }
type SshKeyMap ¶
type SshKeyMap map[string]SshKeyInput
func (SshKeyMap) ElementType ¶
func (SshKeyMap) ToSshKeyMapOutput ¶
func (i SshKeyMap) ToSshKeyMapOutput() SshKeyMapOutput
func (SshKeyMap) ToSshKeyMapOutputWithContext ¶
func (i SshKeyMap) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput
type SshKeyMapInput ¶
type SshKeyMapInput interface { pulumi.Input ToSshKeyMapOutput() SshKeyMapOutput ToSshKeyMapOutputWithContext(context.Context) SshKeyMapOutput }
SshKeyMapInput is an input type that accepts SshKeyMap and SshKeyMapOutput values. You can construct a concrete instance of `SshKeyMapInput` via:
SshKeyMap{ "key": SshKeyArgs{...} }
type SshKeyMapOutput ¶
type SshKeyMapOutput struct{ *pulumi.OutputState }
func (SshKeyMapOutput) ElementType ¶
func (SshKeyMapOutput) ElementType() reflect.Type
func (SshKeyMapOutput) MapIndex ¶
func (o SshKeyMapOutput) MapIndex(k pulumi.StringInput) SshKeyOutput
func (SshKeyMapOutput) ToSshKeyMapOutput ¶
func (o SshKeyMapOutput) ToSshKeyMapOutput() SshKeyMapOutput
func (SshKeyMapOutput) ToSshKeyMapOutputWithContext ¶
func (o SshKeyMapOutput) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput
type SshKeyOutput ¶
type SshKeyOutput struct{ *pulumi.OutputState }
func (SshKeyOutput) ElementType ¶
func (SshKeyOutput) ElementType() reflect.Type
func (SshKeyOutput) Encoding ¶
func (o SshKeyOutput) Encoding() pulumi.StringOutput
Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
func (SshKeyOutput) Fingerprint ¶
func (o SshKeyOutput) Fingerprint() pulumi.StringOutput
The MD5 message digest of the SSH public key.
func (SshKeyOutput) PublicKey ¶
func (o SshKeyOutput) PublicKey() pulumi.StringOutput
The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
func (SshKeyOutput) SshPublicKeyId ¶
func (o SshKeyOutput) SshPublicKeyId() pulumi.StringOutput
The unique identifier for the SSH public key.
func (SshKeyOutput) Status ¶
func (o SshKeyOutput) Status() pulumi.StringOutput
The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
func (SshKeyOutput) ToSshKeyOutput ¶
func (o SshKeyOutput) ToSshKeyOutput() SshKeyOutput
func (SshKeyOutput) ToSshKeyOutputWithContext ¶
func (o SshKeyOutput) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput
func (SshKeyOutput) Username ¶
func (o SshKeyOutput) Username() pulumi.StringOutput
The name of the IAM user to associate the SSH public key with.
type SshKeyState ¶
type SshKeyState struct { // Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`. Encoding pulumi.StringPtrInput // The MD5 message digest of the SSH public key. Fingerprint pulumi.StringPtrInput // The SSH public key. The public key must be encoded in ssh-rsa format or PEM format. PublicKey pulumi.StringPtrInput // The unique identifier for the SSH public key. SshPublicKeyId pulumi.StringPtrInput // The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`. Status pulumi.StringPtrInput // The name of the IAM user to associate the SSH public key with. Username pulumi.StringPtrInput }
func (SshKeyState) ElementType ¶
func (SshKeyState) ElementType() reflect.Type
type User ¶
type User struct { pulumi.CustomResourceState // The ARN assigned by AWS for this user. Arn pulumi.StringOutput `pulumi:"arn"` // When destroying this user, destroy even if it // has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy` // a user with non-provider-managed access keys and login profile will fail to be destroyed. ForceDestroy pulumi.BoolPtrOutput `pulumi:"forceDestroy"` // The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser". Name pulumi.StringOutput `pulumi:"name"` // Path in which to create the user. Path pulumi.StringPtrOutput `pulumi:"path"` // The ARN of the policy that is used to set the permissions boundary for the user. PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"` // Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // The [unique ID][1] assigned by AWS. UniqueId pulumi.StringOutput `pulumi:"uniqueId"` }
Provides an IAM user.
> *NOTE:* If policies are attached to the user via the `iam.PolicyAttachment` resource and you are modifying the user `name` or `path`, the `forceDestroy` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.UserPolicyAttachment` resource (recommended) does not have this requirement.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{ Path: pulumi.String("/system/"), Tags: pulumi.StringMap{ "tag-key": pulumi.String("tag-value"), }, }) if err != nil { return err } _, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{ User: lbUser.Name, }) if err != nil { return err } lbRoPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Actions: []string{ "ec2:Describe*", }, Resources: []string{ "*", }, }, }, }, nil) if err != nil { return err } _, err = iam.NewUserPolicy(ctx, "lbRoUserPolicy", &iam.UserPolicyArgs{ User: lbUser.Name, Policy: *pulumi.String(lbRoPolicyDocument.Json), }) if err != nil { return err } return nil }) }
```
## Import
IAM Users can be imported using the `name`, e.g.,
```sh
$ pulumi import aws:iam/user:User lb loadbalancer
```
func GetUser ¶
func GetUser(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserState, opts ...pulumi.ResourceOption) (*User, error)
GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUser ¶
func NewUser(ctx *pulumi.Context, name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error)
NewUser registers a new resource with the given unique name, arguments, and options.
func (*User) ElementType ¶
func (*User) ToUserOutput ¶
func (i *User) ToUserOutput() UserOutput
func (*User) ToUserOutputWithContext ¶
func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput
type UserArgs ¶
type UserArgs struct { // When destroying this user, destroy even if it // has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy` // a user with non-provider-managed access keys and login profile will fail to be destroyed. ForceDestroy pulumi.BoolPtrInput // The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser". Name pulumi.StringPtrInput // Path in which to create the user. Path pulumi.StringPtrInput // The ARN of the policy that is used to set the permissions boundary for the user. PermissionsBoundary pulumi.StringPtrInput // Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput }
The set of arguments for constructing a User resource.
func (UserArgs) ElementType ¶
type UserArray ¶
type UserArray []UserInput
func (UserArray) ElementType ¶
func (UserArray) ToUserArrayOutput ¶
func (i UserArray) ToUserArrayOutput() UserArrayOutput
func (UserArray) ToUserArrayOutputWithContext ¶
func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput
type UserArrayInput ¶
type UserArrayInput interface { pulumi.Input ToUserArrayOutput() UserArrayOutput ToUserArrayOutputWithContext(context.Context) UserArrayOutput }
UserArrayInput is an input type that accepts UserArray and UserArrayOutput values. You can construct a concrete instance of `UserArrayInput` via:
UserArray{ UserArgs{...} }
type UserArrayOutput ¶
type UserArrayOutput struct{ *pulumi.OutputState }
func (UserArrayOutput) ElementType ¶
func (UserArrayOutput) ElementType() reflect.Type
func (UserArrayOutput) Index ¶
func (o UserArrayOutput) Index(i pulumi.IntInput) UserOutput
func (UserArrayOutput) ToUserArrayOutput ¶
func (o UserArrayOutput) ToUserArrayOutput() UserArrayOutput
func (UserArrayOutput) ToUserArrayOutputWithContext ¶
func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput
type UserGroupMembership ¶
type UserGroupMembership struct { pulumi.CustomResourceState // A list of IAM Groups to add the user to Groups pulumi.StringArrayOutput `pulumi:"groups"` // The name of the IAM User to add to groups User pulumi.StringOutput `pulumi:"user"` }
Provides a resource for adding an IAM User to IAM Groups. This resource can be used multiple times with the same user for non-overlapping groups.
To exclusively manage the users in a group, see the `iam.GroupMembership` resource.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { user1, err := iam.NewUser(ctx, "user1", nil) if err != nil { return err } group1, err := iam.NewGroup(ctx, "group1", nil) if err != nil { return err } group2, err := iam.NewGroup(ctx, "group2", nil) if err != nil { return err } _, err = iam.NewUserGroupMembership(ctx, "example1", &iam.UserGroupMembershipArgs{ User: user1.Name, Groups: pulumi.StringArray{ group1.Name, group2.Name, }, }) if err != nil { return err } group3, err := iam.NewGroup(ctx, "group3", nil) if err != nil { return err } _, err = iam.NewUserGroupMembership(ctx, "example2", &iam.UserGroupMembershipArgs{ User: user1.Name, Groups: pulumi.StringArray{ group3.Name, }, }) if err != nil { return err } return nil }) }
```
## Import
IAM user group membership can be imported using the user name and group names separated by `/`.
```sh
$ pulumi import aws:iam/userGroupMembership:UserGroupMembership example1 user1/group1/group2
```
func GetUserGroupMembership ¶
func GetUserGroupMembership(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserGroupMembershipState, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)
GetUserGroupMembership gets an existing UserGroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserGroupMembership ¶
func NewUserGroupMembership(ctx *pulumi.Context, name string, args *UserGroupMembershipArgs, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)
NewUserGroupMembership registers a new resource with the given unique name, arguments, and options.
func (*UserGroupMembership) ElementType ¶
func (*UserGroupMembership) ElementType() reflect.Type
func (*UserGroupMembership) ToUserGroupMembershipOutput ¶
func (i *UserGroupMembership) ToUserGroupMembershipOutput() UserGroupMembershipOutput
func (*UserGroupMembership) ToUserGroupMembershipOutputWithContext ¶
func (i *UserGroupMembership) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput
type UserGroupMembershipArgs ¶
type UserGroupMembershipArgs struct { // A list of IAM Groups to add the user to Groups pulumi.StringArrayInput // The name of the IAM User to add to groups User pulumi.StringInput }
The set of arguments for constructing a UserGroupMembership resource.
func (UserGroupMembershipArgs) ElementType ¶
func (UserGroupMembershipArgs) ElementType() reflect.Type
type UserGroupMembershipArray ¶
type UserGroupMembershipArray []UserGroupMembershipInput
func (UserGroupMembershipArray) ElementType ¶
func (UserGroupMembershipArray) ElementType() reflect.Type
func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutput ¶
func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput
func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext ¶
func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput
type UserGroupMembershipArrayInput ¶
type UserGroupMembershipArrayInput interface { pulumi.Input ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput ToUserGroupMembershipArrayOutputWithContext(context.Context) UserGroupMembershipArrayOutput }
UserGroupMembershipArrayInput is an input type that accepts UserGroupMembershipArray and UserGroupMembershipArrayOutput values. You can construct a concrete instance of `UserGroupMembershipArrayInput` via:
UserGroupMembershipArray{ UserGroupMembershipArgs{...} }
type UserGroupMembershipArrayOutput ¶
type UserGroupMembershipArrayOutput struct{ *pulumi.OutputState }
func (UserGroupMembershipArrayOutput) ElementType ¶
func (UserGroupMembershipArrayOutput) ElementType() reflect.Type
func (UserGroupMembershipArrayOutput) Index ¶
func (o UserGroupMembershipArrayOutput) Index(i pulumi.IntInput) UserGroupMembershipOutput
func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput ¶
func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput
func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext ¶
func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput
type UserGroupMembershipInput ¶
type UserGroupMembershipInput interface { pulumi.Input ToUserGroupMembershipOutput() UserGroupMembershipOutput ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput }
type UserGroupMembershipMap ¶
type UserGroupMembershipMap map[string]UserGroupMembershipInput
func (UserGroupMembershipMap) ElementType ¶
func (UserGroupMembershipMap) ElementType() reflect.Type
func (UserGroupMembershipMap) ToUserGroupMembershipMapOutput ¶
func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput
func (UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext ¶
func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput
type UserGroupMembershipMapInput ¶
type UserGroupMembershipMapInput interface { pulumi.Input ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput ToUserGroupMembershipMapOutputWithContext(context.Context) UserGroupMembershipMapOutput }
UserGroupMembershipMapInput is an input type that accepts UserGroupMembershipMap and UserGroupMembershipMapOutput values. You can construct a concrete instance of `UserGroupMembershipMapInput` via:
UserGroupMembershipMap{ "key": UserGroupMembershipArgs{...} }
type UserGroupMembershipMapOutput ¶
type UserGroupMembershipMapOutput struct{ *pulumi.OutputState }
func (UserGroupMembershipMapOutput) ElementType ¶
func (UserGroupMembershipMapOutput) ElementType() reflect.Type
func (UserGroupMembershipMapOutput) MapIndex ¶
func (o UserGroupMembershipMapOutput) MapIndex(k pulumi.StringInput) UserGroupMembershipOutput
func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput ¶
func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput
func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext ¶
func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput
type UserGroupMembershipOutput ¶
type UserGroupMembershipOutput struct{ *pulumi.OutputState }
func (UserGroupMembershipOutput) ElementType ¶
func (UserGroupMembershipOutput) ElementType() reflect.Type
func (UserGroupMembershipOutput) Groups ¶
func (o UserGroupMembershipOutput) Groups() pulumi.StringArrayOutput
A list of IAM Groups to add the user to
func (UserGroupMembershipOutput) ToUserGroupMembershipOutput ¶
func (o UserGroupMembershipOutput) ToUserGroupMembershipOutput() UserGroupMembershipOutput
func (UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext ¶
func (o UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput
func (UserGroupMembershipOutput) User ¶
func (o UserGroupMembershipOutput) User() pulumi.StringOutput
The name of the IAM User to add to groups
type UserGroupMembershipState ¶
type UserGroupMembershipState struct { // A list of IAM Groups to add the user to Groups pulumi.StringArrayInput // The name of the IAM User to add to groups User pulumi.StringPtrInput }
func (UserGroupMembershipState) ElementType ¶
func (UserGroupMembershipState) ElementType() reflect.Type
type UserInput ¶
type UserInput interface { pulumi.Input ToUserOutput() UserOutput ToUserOutputWithContext(ctx context.Context) UserOutput }
type UserLoginProfile ¶
type UserLoginProfile struct { pulumi.CustomResourceState // The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import. EncryptedPassword pulumi.StringOutput `pulumi:"encryptedPassword"` // The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import. KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"` // The plain text password, only available when `pgpKey` is not provided. Password pulumi.StringOutput `pulumi:"password"` // The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`. PasswordLength pulumi.IntPtrOutput `pulumi:"passwordLength"` // Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. PasswordResetRequired pulumi.BoolOutput `pulumi:"passwordResetRequired"` // Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument. PgpKey pulumi.StringPtrOutput `pulumi:"pgpKey"` // The IAM user's name. User pulumi.StringOutput `pulumi:"user"` }
Manages an IAM User Login Profile with limited support for password creation during this provider resource creation. Uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.
> To reset an IAM User login password via this provider, you can use delete and recreate this resource or change any of the arguments.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { exampleUser, err := iam.NewUser(ctx, "exampleUser", &iam.UserArgs{ Path: pulumi.String("/"), ForceDestroy: pulumi.Bool(true), }) if err != nil { return err } exampleUserLoginProfile, err := iam.NewUserLoginProfile(ctx, "exampleUserLoginProfile", &iam.UserLoginProfileArgs{ User: exampleUser.Name, PgpKey: pulumi.String("keybase:some_person_that_exists"), }) if err != nil { return err } ctx.Export("password", exampleUserLoginProfile.EncryptedPassword) return nil }) }
```
## Import
IAM User Login Profiles can be imported without password information support via the IAM User name, e.g.,
```sh
$ pulumi import aws:iam/userLoginProfile:UserLoginProfile example myusername
```
Since this provider has no method to read the PGP or password information during import, use [`ignore_changes` argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to ignore them unless password recreation is desired. e.g. terraform resource "aws_iam_user_login_profile" "example" {
... other configuration ... ¶
lifecycle { ignore_changes = [ password_length, password_reset_required, pgp_key, ] } }
func GetUserLoginProfile ¶
func GetUserLoginProfile(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserLoginProfileState, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)
GetUserLoginProfile gets an existing UserLoginProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserLoginProfile ¶
func NewUserLoginProfile(ctx *pulumi.Context, name string, args *UserLoginProfileArgs, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)
NewUserLoginProfile registers a new resource with the given unique name, arguments, and options.
func (*UserLoginProfile) ElementType ¶
func (*UserLoginProfile) ElementType() reflect.Type
func (*UserLoginProfile) ToUserLoginProfileOutput ¶
func (i *UserLoginProfile) ToUserLoginProfileOutput() UserLoginProfileOutput
func (*UserLoginProfile) ToUserLoginProfileOutputWithContext ¶
func (i *UserLoginProfile) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput
type UserLoginProfileArgs ¶
type UserLoginProfileArgs struct { // The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`. PasswordLength pulumi.IntPtrInput // Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. PasswordResetRequired pulumi.BoolPtrInput // Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument. PgpKey pulumi.StringPtrInput // The IAM user's name. User pulumi.StringInput }
The set of arguments for constructing a UserLoginProfile resource.
func (UserLoginProfileArgs) ElementType ¶
func (UserLoginProfileArgs) ElementType() reflect.Type
type UserLoginProfileArray ¶
type UserLoginProfileArray []UserLoginProfileInput
func (UserLoginProfileArray) ElementType ¶
func (UserLoginProfileArray) ElementType() reflect.Type
func (UserLoginProfileArray) ToUserLoginProfileArrayOutput ¶
func (i UserLoginProfileArray) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput
func (UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext ¶
func (i UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput
type UserLoginProfileArrayInput ¶
type UserLoginProfileArrayInput interface { pulumi.Input ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput ToUserLoginProfileArrayOutputWithContext(context.Context) UserLoginProfileArrayOutput }
UserLoginProfileArrayInput is an input type that accepts UserLoginProfileArray and UserLoginProfileArrayOutput values. You can construct a concrete instance of `UserLoginProfileArrayInput` via:
UserLoginProfileArray{ UserLoginProfileArgs{...} }
type UserLoginProfileArrayOutput ¶
type UserLoginProfileArrayOutput struct{ *pulumi.OutputState }
func (UserLoginProfileArrayOutput) ElementType ¶
func (UserLoginProfileArrayOutput) ElementType() reflect.Type
func (UserLoginProfileArrayOutput) Index ¶
func (o UserLoginProfileArrayOutput) Index(i pulumi.IntInput) UserLoginProfileOutput
func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput ¶
func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput
func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext ¶
func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput
type UserLoginProfileInput ¶
type UserLoginProfileInput interface { pulumi.Input ToUserLoginProfileOutput() UserLoginProfileOutput ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput }
type UserLoginProfileMap ¶
type UserLoginProfileMap map[string]UserLoginProfileInput
func (UserLoginProfileMap) ElementType ¶
func (UserLoginProfileMap) ElementType() reflect.Type
func (UserLoginProfileMap) ToUserLoginProfileMapOutput ¶
func (i UserLoginProfileMap) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput
func (UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext ¶
func (i UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput
type UserLoginProfileMapInput ¶
type UserLoginProfileMapInput interface { pulumi.Input ToUserLoginProfileMapOutput() UserLoginProfileMapOutput ToUserLoginProfileMapOutputWithContext(context.Context) UserLoginProfileMapOutput }
UserLoginProfileMapInput is an input type that accepts UserLoginProfileMap and UserLoginProfileMapOutput values. You can construct a concrete instance of `UserLoginProfileMapInput` via:
UserLoginProfileMap{ "key": UserLoginProfileArgs{...} }
type UserLoginProfileMapOutput ¶
type UserLoginProfileMapOutput struct{ *pulumi.OutputState }
func (UserLoginProfileMapOutput) ElementType ¶
func (UserLoginProfileMapOutput) ElementType() reflect.Type
func (UserLoginProfileMapOutput) MapIndex ¶
func (o UserLoginProfileMapOutput) MapIndex(k pulumi.StringInput) UserLoginProfileOutput
func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutput ¶
func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput
func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext ¶
func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput
type UserLoginProfileOutput ¶
type UserLoginProfileOutput struct{ *pulumi.OutputState }
func (UserLoginProfileOutput) ElementType ¶
func (UserLoginProfileOutput) ElementType() reflect.Type
func (UserLoginProfileOutput) EncryptedPassword ¶
func (o UserLoginProfileOutput) EncryptedPassword() pulumi.StringOutput
The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import.
func (UserLoginProfileOutput) KeyFingerprint ¶
func (o UserLoginProfileOutput) KeyFingerprint() pulumi.StringOutput
The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.
func (UserLoginProfileOutput) Password ¶
func (o UserLoginProfileOutput) Password() pulumi.StringOutput
The plain text password, only available when `pgpKey` is not provided.
func (UserLoginProfileOutput) PasswordLength ¶
func (o UserLoginProfileOutput) PasswordLength() pulumi.IntPtrOutput
The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.
func (UserLoginProfileOutput) PasswordResetRequired ¶
func (o UserLoginProfileOutput) PasswordResetRequired() pulumi.BoolOutput
Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.
func (UserLoginProfileOutput) PgpKey ¶
func (o UserLoginProfileOutput) PgpKey() pulumi.StringPtrOutput
Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
func (UserLoginProfileOutput) ToUserLoginProfileOutput ¶
func (o UserLoginProfileOutput) ToUserLoginProfileOutput() UserLoginProfileOutput
func (UserLoginProfileOutput) ToUserLoginProfileOutputWithContext ¶
func (o UserLoginProfileOutput) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput
func (UserLoginProfileOutput) User ¶
func (o UserLoginProfileOutput) User() pulumi.StringOutput
The IAM user's name.
type UserLoginProfileState ¶
type UserLoginProfileState struct { // The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import. EncryptedPassword pulumi.StringPtrInput // The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import. KeyFingerprint pulumi.StringPtrInput // The plain text password, only available when `pgpKey` is not provided. Password pulumi.StringPtrInput // The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`. PasswordLength pulumi.IntPtrInput // Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation. PasswordResetRequired pulumi.BoolPtrInput // Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument. PgpKey pulumi.StringPtrInput // The IAM user's name. User pulumi.StringPtrInput }
func (UserLoginProfileState) ElementType ¶
func (UserLoginProfileState) ElementType() reflect.Type
type UserMap ¶
func (UserMap) ElementType ¶
func (UserMap) ToUserMapOutput ¶
func (i UserMap) ToUserMapOutput() UserMapOutput
func (UserMap) ToUserMapOutputWithContext ¶
func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput
type UserMapInput ¶
type UserMapInput interface { pulumi.Input ToUserMapOutput() UserMapOutput ToUserMapOutputWithContext(context.Context) UserMapOutput }
UserMapInput is an input type that accepts UserMap and UserMapOutput values. You can construct a concrete instance of `UserMapInput` via:
UserMap{ "key": UserArgs{...} }
type UserMapOutput ¶
type UserMapOutput struct{ *pulumi.OutputState }
func (UserMapOutput) ElementType ¶
func (UserMapOutput) ElementType() reflect.Type
func (UserMapOutput) MapIndex ¶
func (o UserMapOutput) MapIndex(k pulumi.StringInput) UserOutput
func (UserMapOutput) ToUserMapOutput ¶
func (o UserMapOutput) ToUserMapOutput() UserMapOutput
func (UserMapOutput) ToUserMapOutputWithContext ¶
func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput
type UserOutput ¶
type UserOutput struct{ *pulumi.OutputState }
func (UserOutput) Arn ¶
func (o UserOutput) Arn() pulumi.StringOutput
The ARN assigned by AWS for this user.
func (UserOutput) ElementType ¶
func (UserOutput) ElementType() reflect.Type
func (UserOutput) ForceDestroy ¶
func (o UserOutput) ForceDestroy() pulumi.BoolPtrOutput
When destroying this user, destroy even if it has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy` a user with non-provider-managed access keys and login profile will fail to be destroyed.
func (UserOutput) Name ¶
func (o UserOutput) Name() pulumi.StringOutput
The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
func (UserOutput) Path ¶
func (o UserOutput) Path() pulumi.StringPtrOutput
Path in which to create the user.
func (UserOutput) PermissionsBoundary ¶
func (o UserOutput) PermissionsBoundary() pulumi.StringPtrOutput
The ARN of the policy that is used to set the permissions boundary for the user.
func (UserOutput) Tags ¶
func (o UserOutput) Tags() pulumi.StringMapOutput
Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (UserOutput) TagsAll ¶
func (o UserOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (UserOutput) ToUserOutput ¶
func (o UserOutput) ToUserOutput() UserOutput
func (UserOutput) ToUserOutputWithContext ¶
func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput
func (UserOutput) UniqueId ¶
func (o UserOutput) UniqueId() pulumi.StringOutput
The [unique ID][1] assigned by AWS.
type UserPolicy ¶
type UserPolicy struct { pulumi.CustomResourceState // The name of the policy. If omitted, the provider will assign a random, unique name. Name pulumi.StringOutput `pulumi:"name"` // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"` // The policy document. This is a JSON formatted string. Policy pulumi.StringOutput `pulumi:"policy"` // IAM user to which to attach this policy. User pulumi.StringOutput `pulumi:"user"` }
Provides an IAM policy attached to a user.
## Example Usage
```go package main
import (
"encoding/json" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{ Path: pulumi.String("/system/"), }) if err != nil { return err } tmpJSON0, err := json.Marshal(map[string]interface{}{ "Version": "2012-10-17", "Statement": []map[string]interface{}{ map[string]interface{}{ "Action": []string{ "ec2:Describe*", }, "Effect": "Allow", "Resource": "*", }, }, }) if err != nil { return err } json0 := string(tmpJSON0) _, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{ User: lbUser.Name, Policy: pulumi.String(json0), }) if err != nil { return err } _, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{ User: lbUser.Name, }) if err != nil { return err } return nil }) }
```
## Import
IAM User Policies can be imported using the `user_name:user_policy_name`, e.g.,
```sh
$ pulumi import aws:iam/userPolicy:UserPolicy mypolicy user_of_mypolicy_name:mypolicy_name
```
func GetUserPolicy ¶
func GetUserPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserPolicyState, opts ...pulumi.ResourceOption) (*UserPolicy, error)
GetUserPolicy gets an existing UserPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserPolicy ¶
func NewUserPolicy(ctx *pulumi.Context, name string, args *UserPolicyArgs, opts ...pulumi.ResourceOption) (*UserPolicy, error)
NewUserPolicy registers a new resource with the given unique name, arguments, and options.
func (*UserPolicy) ElementType ¶
func (*UserPolicy) ElementType() reflect.Type
func (*UserPolicy) ToUserPolicyOutput ¶
func (i *UserPolicy) ToUserPolicyOutput() UserPolicyOutput
func (*UserPolicy) ToUserPolicyOutputWithContext ¶
func (i *UserPolicy) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput
type UserPolicyArgs ¶
type UserPolicyArgs struct { // The name of the policy. If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The policy document. This is a JSON formatted string. Policy pulumi.Input // IAM user to which to attach this policy. User pulumi.StringInput }
The set of arguments for constructing a UserPolicy resource.
func (UserPolicyArgs) ElementType ¶
func (UserPolicyArgs) ElementType() reflect.Type
type UserPolicyArray ¶
type UserPolicyArray []UserPolicyInput
func (UserPolicyArray) ElementType ¶
func (UserPolicyArray) ElementType() reflect.Type
func (UserPolicyArray) ToUserPolicyArrayOutput ¶
func (i UserPolicyArray) ToUserPolicyArrayOutput() UserPolicyArrayOutput
func (UserPolicyArray) ToUserPolicyArrayOutputWithContext ¶
func (i UserPolicyArray) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput
type UserPolicyArrayInput ¶
type UserPolicyArrayInput interface { pulumi.Input ToUserPolicyArrayOutput() UserPolicyArrayOutput ToUserPolicyArrayOutputWithContext(context.Context) UserPolicyArrayOutput }
UserPolicyArrayInput is an input type that accepts UserPolicyArray and UserPolicyArrayOutput values. You can construct a concrete instance of `UserPolicyArrayInput` via:
UserPolicyArray{ UserPolicyArgs{...} }
type UserPolicyArrayOutput ¶
type UserPolicyArrayOutput struct{ *pulumi.OutputState }
func (UserPolicyArrayOutput) ElementType ¶
func (UserPolicyArrayOutput) ElementType() reflect.Type
func (UserPolicyArrayOutput) Index ¶
func (o UserPolicyArrayOutput) Index(i pulumi.IntInput) UserPolicyOutput
func (UserPolicyArrayOutput) ToUserPolicyArrayOutput ¶
func (o UserPolicyArrayOutput) ToUserPolicyArrayOutput() UserPolicyArrayOutput
func (UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext ¶
func (o UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput
type UserPolicyAttachment ¶
type UserPolicyAttachment struct { pulumi.CustomResourceState // The ARN of the policy you want to apply PolicyArn pulumi.StringOutput `pulumi:"policyArn"` // The user the policy should be applied to User pulumi.StringOutput `pulumi:"user"` }
Attaches a Managed IAM Policy to an IAM user
> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { user, err := iam.NewUser(ctx, "user", nil) if err != nil { return err } policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{ Description: pulumi.String("A test policy"), Policy: pulumi.Any("{ ... policy JSON ... }"), }) if err != nil { return err } _, err = iam.NewUserPolicyAttachment(ctx, "test-attach", &iam.UserPolicyAttachmentArgs{ User: user.Name, PolicyArn: policy.Arn, }) if err != nil { return err } return nil }) }
```
## Import
IAM user policy attachments can be imported using the user name and policy arn separated by `/`.
```sh
$ pulumi import aws:iam/userPolicyAttachment:UserPolicyAttachment test-attach test-user/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy
```
func GetUserPolicyAttachment ¶
func GetUserPolicyAttachment(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserPolicyAttachmentState, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)
GetUserPolicyAttachment gets an existing UserPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserPolicyAttachment ¶
func NewUserPolicyAttachment(ctx *pulumi.Context, name string, args *UserPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)
NewUserPolicyAttachment registers a new resource with the given unique name, arguments, and options.
func (*UserPolicyAttachment) ElementType ¶
func (*UserPolicyAttachment) ElementType() reflect.Type
func (*UserPolicyAttachment) ToUserPolicyAttachmentOutput ¶
func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput
func (*UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext ¶
func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput
type UserPolicyAttachmentArgs ¶
type UserPolicyAttachmentArgs struct { // The ARN of the policy you want to apply PolicyArn pulumi.StringInput // The user the policy should be applied to User pulumi.Input }
The set of arguments for constructing a UserPolicyAttachment resource.
func (UserPolicyAttachmentArgs) ElementType ¶
func (UserPolicyAttachmentArgs) ElementType() reflect.Type
type UserPolicyAttachmentArray ¶
type UserPolicyAttachmentArray []UserPolicyAttachmentInput
func (UserPolicyAttachmentArray) ElementType ¶
func (UserPolicyAttachmentArray) ElementType() reflect.Type
func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput ¶
func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput
func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext ¶
func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput
type UserPolicyAttachmentArrayInput ¶
type UserPolicyAttachmentArrayInput interface { pulumi.Input ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput ToUserPolicyAttachmentArrayOutputWithContext(context.Context) UserPolicyAttachmentArrayOutput }
UserPolicyAttachmentArrayInput is an input type that accepts UserPolicyAttachmentArray and UserPolicyAttachmentArrayOutput values. You can construct a concrete instance of `UserPolicyAttachmentArrayInput` via:
UserPolicyAttachmentArray{ UserPolicyAttachmentArgs{...} }
type UserPolicyAttachmentArrayOutput ¶
type UserPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }
func (UserPolicyAttachmentArrayOutput) ElementType ¶
func (UserPolicyAttachmentArrayOutput) ElementType() reflect.Type
func (UserPolicyAttachmentArrayOutput) Index ¶
func (o UserPolicyAttachmentArrayOutput) Index(i pulumi.IntInput) UserPolicyAttachmentOutput
func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput ¶
func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput
func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext ¶
func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput
type UserPolicyAttachmentInput ¶
type UserPolicyAttachmentInput interface { pulumi.Input ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput }
type UserPolicyAttachmentMap ¶
type UserPolicyAttachmentMap map[string]UserPolicyAttachmentInput
func (UserPolicyAttachmentMap) ElementType ¶
func (UserPolicyAttachmentMap) ElementType() reflect.Type
func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput ¶
func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput
func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext ¶
func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput
type UserPolicyAttachmentMapInput ¶
type UserPolicyAttachmentMapInput interface { pulumi.Input ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput ToUserPolicyAttachmentMapOutputWithContext(context.Context) UserPolicyAttachmentMapOutput }
UserPolicyAttachmentMapInput is an input type that accepts UserPolicyAttachmentMap and UserPolicyAttachmentMapOutput values. You can construct a concrete instance of `UserPolicyAttachmentMapInput` via:
UserPolicyAttachmentMap{ "key": UserPolicyAttachmentArgs{...} }
type UserPolicyAttachmentMapOutput ¶
type UserPolicyAttachmentMapOutput struct{ *pulumi.OutputState }
func (UserPolicyAttachmentMapOutput) ElementType ¶
func (UserPolicyAttachmentMapOutput) ElementType() reflect.Type
func (UserPolicyAttachmentMapOutput) MapIndex ¶
func (o UserPolicyAttachmentMapOutput) MapIndex(k pulumi.StringInput) UserPolicyAttachmentOutput
func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput ¶
func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput
func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext ¶
func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput
type UserPolicyAttachmentOutput ¶
type UserPolicyAttachmentOutput struct{ *pulumi.OutputState }
func (UserPolicyAttachmentOutput) ElementType ¶
func (UserPolicyAttachmentOutput) ElementType() reflect.Type
func (UserPolicyAttachmentOutput) PolicyArn ¶
func (o UserPolicyAttachmentOutput) PolicyArn() pulumi.StringOutput
The ARN of the policy you want to apply
func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput ¶
func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput
func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext ¶
func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput
func (UserPolicyAttachmentOutput) User ¶
func (o UserPolicyAttachmentOutput) User() pulumi.StringOutput
The user the policy should be applied to
type UserPolicyAttachmentState ¶
type UserPolicyAttachmentState struct { // The ARN of the policy you want to apply PolicyArn pulumi.StringPtrInput // The user the policy should be applied to User pulumi.Input }
func (UserPolicyAttachmentState) ElementType ¶
func (UserPolicyAttachmentState) ElementType() reflect.Type
type UserPolicyInput ¶
type UserPolicyInput interface { pulumi.Input ToUserPolicyOutput() UserPolicyOutput ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput }
type UserPolicyMap ¶
type UserPolicyMap map[string]UserPolicyInput
func (UserPolicyMap) ElementType ¶
func (UserPolicyMap) ElementType() reflect.Type
func (UserPolicyMap) ToUserPolicyMapOutput ¶
func (i UserPolicyMap) ToUserPolicyMapOutput() UserPolicyMapOutput
func (UserPolicyMap) ToUserPolicyMapOutputWithContext ¶
func (i UserPolicyMap) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput
type UserPolicyMapInput ¶
type UserPolicyMapInput interface { pulumi.Input ToUserPolicyMapOutput() UserPolicyMapOutput ToUserPolicyMapOutputWithContext(context.Context) UserPolicyMapOutput }
UserPolicyMapInput is an input type that accepts UserPolicyMap and UserPolicyMapOutput values. You can construct a concrete instance of `UserPolicyMapInput` via:
UserPolicyMap{ "key": UserPolicyArgs{...} }
type UserPolicyMapOutput ¶
type UserPolicyMapOutput struct{ *pulumi.OutputState }
func (UserPolicyMapOutput) ElementType ¶
func (UserPolicyMapOutput) ElementType() reflect.Type
func (UserPolicyMapOutput) MapIndex ¶
func (o UserPolicyMapOutput) MapIndex(k pulumi.StringInput) UserPolicyOutput
func (UserPolicyMapOutput) ToUserPolicyMapOutput ¶
func (o UserPolicyMapOutput) ToUserPolicyMapOutput() UserPolicyMapOutput
func (UserPolicyMapOutput) ToUserPolicyMapOutputWithContext ¶
func (o UserPolicyMapOutput) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput
type UserPolicyOutput ¶
type UserPolicyOutput struct{ *pulumi.OutputState }
func (UserPolicyOutput) ElementType ¶
func (UserPolicyOutput) ElementType() reflect.Type
func (UserPolicyOutput) Name ¶
func (o UserPolicyOutput) Name() pulumi.StringOutput
The name of the policy. If omitted, the provider will assign a random, unique name.
func (UserPolicyOutput) NamePrefix ¶
func (o UserPolicyOutput) NamePrefix() pulumi.StringPtrOutput
Creates a unique name beginning with the specified prefix. Conflicts with `name`.
func (UserPolicyOutput) Policy ¶
func (o UserPolicyOutput) Policy() pulumi.StringOutput
The policy document. This is a JSON formatted string.
func (UserPolicyOutput) ToUserPolicyOutput ¶
func (o UserPolicyOutput) ToUserPolicyOutput() UserPolicyOutput
func (UserPolicyOutput) ToUserPolicyOutputWithContext ¶
func (o UserPolicyOutput) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput
func (UserPolicyOutput) User ¶
func (o UserPolicyOutput) User() pulumi.StringOutput
IAM user to which to attach this policy.
type UserPolicyState ¶
type UserPolicyState struct { // The name of the policy. If omitted, the provider will assign a random, unique name. Name pulumi.StringPtrInput // Creates a unique name beginning with the specified prefix. Conflicts with `name`. NamePrefix pulumi.StringPtrInput // The policy document. This is a JSON formatted string. Policy pulumi.Input // IAM user to which to attach this policy. User pulumi.StringPtrInput }
func (UserPolicyState) ElementType ¶
func (UserPolicyState) ElementType() reflect.Type
type UserState ¶
type UserState struct { // The ARN assigned by AWS for this user. Arn pulumi.StringPtrInput // When destroying this user, destroy even if it // has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy` // a user with non-provider-managed access keys and login profile will fail to be destroyed. ForceDestroy pulumi.BoolPtrInput // The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser". Name pulumi.StringPtrInput // Path in which to create the user. Path pulumi.StringPtrInput // The ARN of the policy that is used to set the permissions boundary for the user. PermissionsBoundary pulumi.StringPtrInput // Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // The [unique ID][1] assigned by AWS. UniqueId pulumi.StringPtrInput }
func (UserState) ElementType ¶
type VirtualMfaDevice ¶
type VirtualMfaDevice struct { pulumi.CustomResourceState // The Amazon Resource Name (ARN) specifying the virtual mfa device. Arn pulumi.StringOutput `pulumi:"arn"` // The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded. Base32StringSeed pulumi.StringOutput `pulumi:"base32StringSeed"` // The date and time when the virtual MFA device was enabled. EnableDate pulumi.StringOutput `pulumi:"enableDate"` // The path for the virtual MFA device. Path pulumi.StringPtrOutput `pulumi:"path"` // A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format. QrCodePng pulumi.StringOutput `pulumi:"qrCodePng"` // Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapOutput `pulumi:"tags"` // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"` // The associated IAM User name if the virtual MFA device is enabled. UserName pulumi.StringOutput `pulumi:"userName"` // The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device. VirtualMfaDeviceName pulumi.StringOutput `pulumi:"virtualMfaDeviceName"` }
Provides an IAM Virtual MFA Device.
> **Note:** All attributes will be stored in the raw state as plain-text. **Note:** A virtual MFA device cannot be directly associated with an IAM User from the provider.
To associate the virtual MFA device with a user and enable it, use the code returned in either `base32StringSeed` or `qrCodePng` to generate TOTP authentication codes. The authentication codes can then be used with the AWS CLI command [`aws iam enable-mfa-device`](https://docs.aws.amazon.com/cli/latest/reference/iam/enable-mfa-device.html) or the AWS API call [`EnableMFADevice`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html).
## Example Usage
**Using certs on file:**
```go package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.NewVirtualMfaDevice(ctx, "example", &iam.VirtualMfaDeviceArgs{ VirtualMfaDeviceName: pulumi.String("example"), }) if err != nil { return err } return nil }) }
```
## Import
IAM Virtual MFA Devices can be imported using the `arn`, e.g.,
```sh
$ pulumi import aws:iam/virtualMfaDevice:VirtualMfaDevice example arn:aws:iam::123456789012:mfa/example
```
func GetVirtualMfaDevice ¶
func GetVirtualMfaDevice(ctx *pulumi.Context, name string, id pulumi.IDInput, state *VirtualMfaDeviceState, opts ...pulumi.ResourceOption) (*VirtualMfaDevice, error)
GetVirtualMfaDevice gets an existing VirtualMfaDevice resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewVirtualMfaDevice ¶
func NewVirtualMfaDevice(ctx *pulumi.Context, name string, args *VirtualMfaDeviceArgs, opts ...pulumi.ResourceOption) (*VirtualMfaDevice, error)
NewVirtualMfaDevice registers a new resource with the given unique name, arguments, and options.
func (*VirtualMfaDevice) ElementType ¶
func (*VirtualMfaDevice) ElementType() reflect.Type
func (*VirtualMfaDevice) ToVirtualMfaDeviceOutput ¶
func (i *VirtualMfaDevice) ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput
func (*VirtualMfaDevice) ToVirtualMfaDeviceOutputWithContext ¶
func (i *VirtualMfaDevice) ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput
type VirtualMfaDeviceArgs ¶
type VirtualMfaDeviceArgs struct { // The path for the virtual MFA device. Path pulumi.StringPtrInput // Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device. VirtualMfaDeviceName pulumi.StringInput }
The set of arguments for constructing a VirtualMfaDevice resource.
func (VirtualMfaDeviceArgs) ElementType ¶
func (VirtualMfaDeviceArgs) ElementType() reflect.Type
type VirtualMfaDeviceArray ¶
type VirtualMfaDeviceArray []VirtualMfaDeviceInput
func (VirtualMfaDeviceArray) ElementType ¶
func (VirtualMfaDeviceArray) ElementType() reflect.Type
func (VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutput ¶
func (i VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput
func (VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutputWithContext ¶
func (i VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutputWithContext(ctx context.Context) VirtualMfaDeviceArrayOutput
type VirtualMfaDeviceArrayInput ¶
type VirtualMfaDeviceArrayInput interface { pulumi.Input ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput ToVirtualMfaDeviceArrayOutputWithContext(context.Context) VirtualMfaDeviceArrayOutput }
VirtualMfaDeviceArrayInput is an input type that accepts VirtualMfaDeviceArray and VirtualMfaDeviceArrayOutput values. You can construct a concrete instance of `VirtualMfaDeviceArrayInput` via:
VirtualMfaDeviceArray{ VirtualMfaDeviceArgs{...} }
type VirtualMfaDeviceArrayOutput ¶
type VirtualMfaDeviceArrayOutput struct{ *pulumi.OutputState }
func (VirtualMfaDeviceArrayOutput) ElementType ¶
func (VirtualMfaDeviceArrayOutput) ElementType() reflect.Type
func (VirtualMfaDeviceArrayOutput) Index ¶
func (o VirtualMfaDeviceArrayOutput) Index(i pulumi.IntInput) VirtualMfaDeviceOutput
func (VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutput ¶
func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput
func (VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutputWithContext ¶
func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutputWithContext(ctx context.Context) VirtualMfaDeviceArrayOutput
type VirtualMfaDeviceInput ¶
type VirtualMfaDeviceInput interface { pulumi.Input ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput }
type VirtualMfaDeviceMap ¶
type VirtualMfaDeviceMap map[string]VirtualMfaDeviceInput
func (VirtualMfaDeviceMap) ElementType ¶
func (VirtualMfaDeviceMap) ElementType() reflect.Type
func (VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutput ¶
func (i VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput
func (VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutputWithContext ¶
func (i VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutputWithContext(ctx context.Context) VirtualMfaDeviceMapOutput
type VirtualMfaDeviceMapInput ¶
type VirtualMfaDeviceMapInput interface { pulumi.Input ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput ToVirtualMfaDeviceMapOutputWithContext(context.Context) VirtualMfaDeviceMapOutput }
VirtualMfaDeviceMapInput is an input type that accepts VirtualMfaDeviceMap and VirtualMfaDeviceMapOutput values. You can construct a concrete instance of `VirtualMfaDeviceMapInput` via:
VirtualMfaDeviceMap{ "key": VirtualMfaDeviceArgs{...} }
type VirtualMfaDeviceMapOutput ¶
type VirtualMfaDeviceMapOutput struct{ *pulumi.OutputState }
func (VirtualMfaDeviceMapOutput) ElementType ¶
func (VirtualMfaDeviceMapOutput) ElementType() reflect.Type
func (VirtualMfaDeviceMapOutput) MapIndex ¶
func (o VirtualMfaDeviceMapOutput) MapIndex(k pulumi.StringInput) VirtualMfaDeviceOutput
func (VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutput ¶
func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput
func (VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutputWithContext ¶
func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutputWithContext(ctx context.Context) VirtualMfaDeviceMapOutput
type VirtualMfaDeviceOutput ¶
type VirtualMfaDeviceOutput struct{ *pulumi.OutputState }
func (VirtualMfaDeviceOutput) Arn ¶
func (o VirtualMfaDeviceOutput) Arn() pulumi.StringOutput
The Amazon Resource Name (ARN) specifying the virtual mfa device.
func (VirtualMfaDeviceOutput) Base32StringSeed ¶
func (o VirtualMfaDeviceOutput) Base32StringSeed() pulumi.StringOutput
The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded.
func (VirtualMfaDeviceOutput) ElementType ¶
func (VirtualMfaDeviceOutput) ElementType() reflect.Type
func (VirtualMfaDeviceOutput) EnableDate ¶
func (o VirtualMfaDeviceOutput) EnableDate() pulumi.StringOutput
The date and time when the virtual MFA device was enabled.
func (VirtualMfaDeviceOutput) Path ¶
func (o VirtualMfaDeviceOutput) Path() pulumi.StringPtrOutput
The path for the virtual MFA device.
func (VirtualMfaDeviceOutput) QrCodePng ¶
func (o VirtualMfaDeviceOutput) QrCodePng() pulumi.StringOutput
A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format.
func (VirtualMfaDeviceOutput) Tags ¶
func (o VirtualMfaDeviceOutput) Tags() pulumi.StringMapOutput
Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
func (VirtualMfaDeviceOutput) TagsAll ¶
func (o VirtualMfaDeviceOutput) TagsAll() pulumi.StringMapOutput
A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
func (VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutput ¶
func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput
func (VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutputWithContext ¶
func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput
func (VirtualMfaDeviceOutput) UserName ¶
func (o VirtualMfaDeviceOutput) UserName() pulumi.StringOutput
The associated IAM User name if the virtual MFA device is enabled.
func (VirtualMfaDeviceOutput) VirtualMfaDeviceName ¶
func (o VirtualMfaDeviceOutput) VirtualMfaDeviceName() pulumi.StringOutput
The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
type VirtualMfaDeviceState ¶
type VirtualMfaDeviceState struct { // The Amazon Resource Name (ARN) specifying the virtual mfa device. Arn pulumi.StringPtrInput // The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded. Base32StringSeed pulumi.StringPtrInput // The date and time when the virtual MFA device was enabled. EnableDate pulumi.StringPtrInput // The path for the virtual MFA device. Path pulumi.StringPtrInput // A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format. QrCodePng pulumi.StringPtrInput // Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. Tags pulumi.StringMapInput // A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. TagsAll pulumi.StringMapInput // The associated IAM User name if the virtual MFA device is enabled. UserName pulumi.StringPtrInput // The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device. VirtualMfaDeviceName pulumi.StringPtrInput }
func (VirtualMfaDeviceState) ElementType ¶
func (VirtualMfaDeviceState) ElementType() reflect.Type
Source Files ¶
- accessKey.go
- accountAlias.go
- accountPasswordPolicy.go
- getAccessKeys.go
- getAccountAlias.go
- getGroup.go
- getInstanceProfile.go
- getInstanceProfiles.go
- getOpenIdConnectProvider.go
- getPolicy.go
- getPolicyDocument.go
- getPrincipalPolicySimulation.go
- getRole.go
- getRoles.go
- getSamlProvider.go
- getServerCertificate.go
- getSessionContext.go
- getUser.go
- getUserSshKey.go
- getUsers.go
- group.go
- groupMembership.go
- groupPolicy.go
- groupPolicyAttachment.go
- init.go
- instanceProfile.go
- openIdConnectProvider.go
- policy.go
- policyAttachment.go
- pulumiEnums.go
- pulumiTypes.go
- role.go
- rolePolicy.go
- rolePolicyAttachment.go
- samlProvider.go
- serverCertificate.go
- serviceLinkedRole.go
- serviceSpecificCredential.go
- signingCertificate.go
- sshKey.go
- user.go
- userGroupMembership.go
- userLoginProfile.go
- userPolicy.go
- userPolicyAttachment.go
- virtualMfaDevice.go