iam

package
v6.0.0-alpha.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 17, 2023 License: Apache-2.0 Imports: 7 Imported by: 36

Documentation

Index

Constants

View Source
const (
	ManagedPolicyAPIGatewayServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/APIGatewayServiceRolePolicy")
	ManagedPolicyAWSAccountActivityAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountActivityAccess")
	ManagedPolicyAWSAccountManagementFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountManagementFullAccess")
	ManagedPolicyAWSAccountManagementReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountManagementReadOnlyAccess")
	ManagedPolicyAWSAccountUsageReportAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSAccountUsageReportAccess")
	ManagedPolicyAWSAgentlessDiscoveryService                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSAgentlessDiscoveryService")
	ManagedPolicyAWSAppMeshEnvoyAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshEnvoyAccess")
	ManagedPolicyAWSAppMeshFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshFullAccess")
	ManagedPolicyAWSAppMeshPreviewEnvoyAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshPreviewEnvoyAccess")
	ManagedPolicyAWSAppMeshPreviewServiceRolePolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshPreviewServiceRolePolicy")
	ManagedPolicyAWSAppMeshReadOnly                                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppMeshReadOnly")
	ManagedPolicyAWSAppMeshServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAppMeshServiceRolePolicy")
	ManagedPolicyAWSAppRunnerFullAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppRunnerFullAccess")
	ManagedPolicyAWSAppRunnerReadOnlyAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppRunnerReadOnlyAccess")
	ManagedPolicyAWSAppRunnerServicePolicyForECRAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSAppRunnerServicePolicyForECRAccess")
	ManagedPolicyAWSAppSyncAdministrator                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppSyncAdministrator")
	ManagedPolicyAWSAppSyncInvokeFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppSyncInvokeFullAccess")
	ManagedPolicyAWSAppSyncPushToCloudWatchLogs                                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSAppSyncPushToCloudWatchLogs")
	ManagedPolicyAWSAppSyncSchemaAuthor                                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSAppSyncSchemaAuthor")
	ManagedPolicyAWSAppSyncServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAppSyncServiceRolePolicy")
	ManagedPolicyAWSApplicationAutoScalingCustomResourcePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoScalingCustomResourcePolicy")
	ManagedPolicyAWSApplicationAutoscalingAppStreamFleetPolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingAppStreamFleetPolicy")
	ManagedPolicyAWSApplicationAutoscalingCassandraTablePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingCassandraTablePolicy")
	ManagedPolicyAWSApplicationAutoscalingComprehendEndpointPolicy              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingComprehendEndpointPolicy")
	ManagedPolicyAWSApplicationAutoscalingDynamoDBTablePolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingDynamoDBTablePolicy")
	ManagedPolicyAWSApplicationAutoscalingEC2SpotFleetRequestPolicy             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEC2SpotFleetRequestPolicy")
	ManagedPolicyAWSApplicationAutoscalingECSServicePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingECSServicePolicy")
	ManagedPolicyAWSApplicationAutoscalingEMRInstanceGroupPolicy                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingEMRInstanceGroupPolicy")
	ManagedPolicyAWSApplicationAutoscalingElastiCacheRGPolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingElastiCacheRGPolicy")
	ManagedPolicyAWSApplicationAutoscalingKafkaClusterPolicy                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingKafkaClusterPolicy")
	ManagedPolicyAWSApplicationAutoscalingLambdaConcurrencyPolicy               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingLambdaConcurrencyPolicy")
	ManagedPolicyAWSApplicationAutoscalingNeptuneClusterPolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingNeptuneClusterPolicy")
	ManagedPolicyAWSApplicationAutoscalingRDSClusterPolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingRDSClusterPolicy")
	ManagedPolicyAWSApplicationAutoscalingSageMakerEndpointPolicy               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationAutoscalingSageMakerEndpointPolicy")
	ManagedPolicyAWSApplicationDiscoveryAgentAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentAccess")
	ManagedPolicyAWSApplicationDiscoveryAgentlessCollectorAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryAgentlessCollectorAccess")
	ManagedPolicyAWSApplicationDiscoveryServiceFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationDiscoveryServiceFullAccess")
	ManagedPolicyAWSApplicationMigrationAgentInstallationPolicy                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationAgentInstallationPolicy")
	ManagedPolicyAWSApplicationMigrationAgentPolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationAgentPolicy")
	ManagedPolicy_AWSApplicationMigrationAgentPolicy_v2                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationAgentPolicy_v2")
	ManagedPolicyAWSApplicationMigrationConversionServerPolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationConversionServerPolicy")
	ManagedPolicyAWSApplicationMigrationEC2Access                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationEC2Access")
	ManagedPolicyAWSApplicationMigrationFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationFullAccess")
	ManagedPolicyAWSApplicationMigrationMGHAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationMGHAccess")
	ManagedPolicyAWSApplicationMigrationReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationReadOnlyAccess")
	ManagedPolicyAWSApplicationMigrationReplicationServerPolicy                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSApplicationMigrationReplicationServerPolicy")
	ManagedPolicyAWSApplicationMigrationSSMAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationSSMAccess")
	ManagedPolicyAWSApplicationMigrationServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSApplicationMigrationServiceRolePolicy")
	ManagedPolicyAWSApplicationMigrationVCenterClientPolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSApplicationMigrationVCenterClientPolicy")
	ManagedPolicyAWSArtifactAccountSync                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSArtifactAccountSync")
	ManagedPolicyAWSAuditManagerAdministratorAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSAuditManagerAdministratorAccess")
	ManagedPolicyAWSAuditManagerServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAuditManagerServiceRolePolicy")
	ManagedPolicyAWSAutoScalingPlansEC2AutoScalingPolicy                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSAutoScalingPlansEC2AutoScalingPolicy")
	ManagedPolicyAWSBackupAuditAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupAuditAccess")
	ManagedPolicyAWSBackupDataTransferAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupDataTransferAccess")
	ManagedPolicyAWSBackupFullAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupFullAccess")
	ManagedPolicyAWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBackupGatewayServiceRolePolicyForVirtualMachineMetadataSync")
	ManagedPolicyAWSBackupOperatorAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupOperatorAccess")
	ManagedPolicyAWSBackupOrganizationAdminAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupOrganizationAdminAccess")
	ManagedPolicyAWSBackupRestoreAccessForSAPHANA                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupRestoreAccessForSAPHANA")
	ManagedPolicyAWSBackupServiceLinkedRolePolicyForBackup                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackup")
	ManagedPolicyAWSBackupServiceLinkedRolePolicyForBackupTest                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSBackupServiceLinkedRolePolicyForBackupTest")
	ManagedPolicyAWSBackupServiceRolePolicyForBackup                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup")
	ManagedPolicyAWSBackupServiceRolePolicyForRestores                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForRestores")
	ManagedPolicyAWSBackupServiceRolePolicyForS3Backup                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Backup")
	ManagedPolicyAWSBackupServiceRolePolicyForS3Restore                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSBackupServiceRolePolicyForS3Restore")
	ManagedPolicyAWSBatchFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSBatchFullAccess")
	ManagedPolicyAWSBatchServiceEventTargetRole                                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBatchServiceEventTargetRole")
	ManagedPolicyAWSBatchServiceRole                                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole")
	ManagedPolicyAWSBillingConductorFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSBillingConductorFullAccess")
	ManagedPolicyAWSBillingConductorReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSBillingConductorReadOnlyAccess")
	ManagedPolicyAWSBillingReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSBillingReadOnlyAccess")
	ManagedPolicyAWSBudgetsActionsWithAWSResourceControlAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSBudgetsActionsWithAWSResourceControlAccess")
	ManagedPolicy_AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM  = ManagedPolicy("arn:aws:iam::aws:policy/AWSBudgetsActions_RolePolicyForResourceAdministrationWithSSM")
	ManagedPolicyAWSBudgetsReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSBudgetsReadOnlyAccess")
	ManagedPolicyAWSBugBustFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSBugBustFullAccess")
	ManagedPolicyAWSBugBustPlayerAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSBugBustPlayerAccess")
	ManagedPolicyAWSBugBustServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSBugBustServiceRolePolicy")
	ManagedPolicyAWSCertificateManagerFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerFullAccess")
	ManagedPolicyAWSCertificateManagerPrivateCAAuditor                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAAuditor")
	ManagedPolicyAWSCertificateManagerPrivateCAFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAFullAccess")
	ManagedPolicyAWSCertificateManagerPrivateCAPrivilegedUser                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAPrivilegedUser")
	ManagedPolicyAWSCertificateManagerPrivateCAReadOnly                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAReadOnly")
	ManagedPolicyAWSCertificateManagerPrivateCAUser                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerPrivateCAUser")
	ManagedPolicyAWSCertificateManagerReadOnly                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCertificateManagerReadOnly")
	ManagedPolicyAWSChatbotServiceLinkedRolePolicy                              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSChatbotServiceLinkedRolePolicy")
	ManagedPolicyAWSCleanRoomsFullAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCleanRoomsFullAccess")
	ManagedPolicyAWSCleanRoomsFullAccessNoQuerying                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSCleanRoomsFullAccessNoQuerying")
	ManagedPolicyAWSCleanRoomsReadOnlyAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCleanRoomsReadOnlyAccess")
	ManagedPolicyAWSCloud9Administrator                                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9Administrator")
	ManagedPolicyAWSCloud9EnvironmentMember                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9EnvironmentMember")
	ManagedPolicyAWSCloud9SSMInstanceProfile                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9SSMInstanceProfile")
	ManagedPolicyAWSCloud9ServiceRolePolicy                                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCloud9ServiceRolePolicy")
	ManagedPolicyAWSCloud9User                                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloud9User")
	ManagedPolicyAWSCloudFormationFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudFormationFullAccess")
	ManagedPolicyAWSCloudFormationReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess")
	ManagedPolicyAWSCloudFrontLogger                                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCloudFrontLogger")
	ManagedPolicyAWSCloudHSMFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMFullAccess")
	ManagedPolicyAWSCloudHSMReadOnlyAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudHSMReadOnlyAccess")
	ManagedPolicyAWSCloudHSMRole                                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCloudHSMRole")
	// Deprecated: No longer supported. Use CloudTrail_FullAccess instead.
	ManagedPolicyAWSCloudTrailFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailFullAccess")
	// Deprecated: No longer supported. Use CloudTrail_ReadOnlyAccess instead.
	ManagedPolicyAWSCloudTrailReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrailReadOnlyAccess")
	// Deprecated: No longer supported. Use CloudWatchLambdaInsightsExecutionRolePolicy instead.
	ManagedPolicyAWSCloudWatchLambdaInsightsExecutionRolePolicy           = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudWatchLambdaInsightsExecutionRolePolicy")
	ManagedPolicyAWSCloudMapDiscoverInstanceAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapDiscoverInstanceAccess")
	ManagedPolicyAWSCloudMapFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapFullAccess")
	ManagedPolicyAWSCloudMapReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapReadOnlyAccess")
	ManagedPolicyAWSCloudMapRegisterInstanceAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudMapRegisterInstanceAccess")
	ManagedPolicyAWSCloudShellFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudShellFullAccess")
	ManagedPolicy_CloudTrail_FullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrail_FullAccess")
	ManagedPolicy_CloudTrail_ReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSCloudTrail_ReadOnlyAccess")
	ManagedPolicy_AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCloudWatchAlarms_ActionSSMIncidentsServiceRolePolicy")
	ManagedPolicyAWSCodeArtifactAdminAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeArtifactAdminAccess")
	ManagedPolicyAWSCodeArtifactReadOnlyAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeArtifactReadOnlyAccess")
	ManagedPolicyAWSCodeBuildAdminAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess")
	ManagedPolicyAWSCodeBuildDeveloperAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess")
	ManagedPolicyAWSCodeBuildReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeBuildReadOnlyAccess")
	ManagedPolicyAWSCodeCommitFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitFullAccess")
	ManagedPolicyAWSCodeCommitPowerUser                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitPowerUser")
	ManagedPolicyAWSCodeCommitReadOnly                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeCommitReadOnly")
	ManagedPolicyAWSCodeDeployDeployerAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployDeployerAccess")
	ManagedPolicyAWSCodeDeployFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployFullAccess")
	ManagedPolicyAWSCodeDeployReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess")
	ManagedPolicyAWSCodeDeployRole                                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole")
	ManagedPolicyAWSCodeDeployRoleForCloudFormation                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForCloudFormation")
	ManagedPolicyAWSCodeDeployRoleForECS                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployRoleForECS")
	ManagedPolicyAWSCodeDeployRoleForECSLimited                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeDeployRoleForECSLimited")
	ManagedPolicyAWSCodeDeployRoleForLambda                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda")
	ManagedPolicyAWSCodeDeployRoleForLambdaLimited                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambdaLimited")
	ManagedPolicyAWSCodePipelineApproverAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineApproverAccess")
	ManagedPolicyAWSCodePipelineCustomActionAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineCustomActionAccess")
	// Deprecated: No longer supported. Use CodePipeline_FullAccess instead.
	ManagedPolicyAWSCodePipelineFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineFullAccess")
	// Deprecated: No longer supported. Use CodePipeline_ReadOnlyAccess instead.
	ManagedPolicyAWSCodePipelineReadOnlyAccess             = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipelineReadOnlyAccess")
	ManagedPolicy_CodePipeline_FullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipeline_FullAccess")
	ManagedPolicy_CodePipeline_ReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodePipeline_ReadOnlyAccess")
	ManagedPolicyAWSCodeStarFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSCodeStarFullAccess")
	ManagedPolicyAWSCodeStarNotificationsServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSCodeStarNotificationsServiceRolePolicy")
	ManagedPolicyAWSCodeStarServiceRole                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole")
	ManagedPolicy_AWS_ConfigRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWS_ConfigRole")
	// Deprecated: This has been deprecated in favour of `AWS_ConfigRole`
	ManagedPolicyAWSConfigRole                                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRole")
	ManagedPolicyAWSCompromisedKeyQuarantine                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantine")
	ManagedPolicyAWSCompromisedKeyQuarantineV2                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSCompromisedKeyQuarantineV2")
	ManagedPolicyAWSConfigMultiAccountSetupPolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSConfigMultiAccountSetupPolicy")
	ManagedPolicyAWSConfigRemediationServiceRolePolicy              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSConfigRemediationServiceRolePolicy")
	ManagedPolicyAWSConfigRoleForOrganizations                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations")
	ManagedPolicyAWSConfigRulesExecutionRole                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSConfigRulesExecutionRole")
	ManagedPolicyAWSConfigServiceRolePolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSConfigServiceRolePolicy")
	ManagedPolicyAWSConfigUserAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSConfigUserAccess")
	ManagedPolicyAWSConnector                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSConnector")
	ManagedPolicyAWSControlTowerServiceRolePolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSControlTowerServiceRolePolicy")
	ManagedPolicyAWSCostAndUsageReportAutomationPolicy              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSCostAndUsageReportAutomationPolicy")
	ManagedPolicyAWSDataExchangeFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeFullAccess")
	ManagedPolicyAWSDataExchangeProviderFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeProviderFullAccess")
	ManagedPolicyAWSDataExchangeReadOnly                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeReadOnly")
	ManagedPolicyAWSDataExchangeSubscriberFullAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataExchangeSubscriberFullAccess")
	ManagedPolicyAWSDataLifecycleManagerServiceRole                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRole")
	ManagedPolicyAWSDataLifecycleManagerServiceRoleForAMIManagement = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRoleForAMIManagement")
	ManagedPolicyAWSDataPipelineRole                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDataPipelineRole")
	ManagedPolicy_AWSDataPipeline_FullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_FullAccess")
	ManagedPolicy_AWSDataPipeline_PowerUser                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataPipeline_PowerUser")
	ManagedPolicyAWSDataSyncFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataSyncFullAccess")
	ManagedPolicyAWSDataSyncReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSDataSyncReadOnlyAccess")
	ManagedPolicyAWSDeepLensLambdaFunctionAccessPolicy              = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepLensLambdaFunctionAccessPolicy")
	ManagedPolicyAWSDeepLensServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDeepLensServiceRolePolicy")
	ManagedPolicyAWSDeepRacerAccountAdminAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerAccountAdminAccess")
	ManagedPolicyAWSDeepRacerCloudFormationAccessPolicy             = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerCloudFormationAccessPolicy")
	ManagedPolicyAWSDeepRacerDefaultMultiUserAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerDefaultMultiUserAccess")
	ManagedPolicyAWSDeepRacerFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerFullAccess")
	ManagedPolicyAWSDeepRacerRoboMakerAccessPolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy")
	ManagedPolicyAWSDeepRacerServiceRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy")
	ManagedPolicyAWSDenyAll                                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSDenyAll")
	ManagedPolicyAWSDeviceFarmFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSDeviceFarmFullAccess")
	ManagedPolicyAWSDeviceFarmServiceRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmServiceRolePolicy")
	ManagedPolicyAWSDeviceFarmTestGridServiceRolePolicy             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSDeviceFarmTestGridServiceRolePolicy")
	ManagedPolicyAWSDirectConnectFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectFullAccess")
	ManagedPolicyAWSDirectConnectReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectConnectReadOnlyAccess")
	ManagedPolicyAWSDirectConnectServiceRolePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSDirectConnectServiceRolePolicy")
	ManagedPolicyAWSDirectoryServiceFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceFullAccess")
	ManagedPolicyAWSDirectoryServiceReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSDirectoryServiceReadOnlyAccess")
	ManagedPolicyAWSDiscoveryContinuousExportFirehosePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/AWSDiscoveryContinuousExportFirehosePolicy")
	ManagedPolicyAWSEC2CapacityReservationFleetRolePolicy           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2CapacityReservationFleetRolePolicy")
	ManagedPolicyAWSEC2FleetServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2FleetServiceRolePolicy")
	ManagedPolicyAWSEC2SpotFleetServiceRolePolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotFleetServiceRolePolicy")
	ManagedPolicyAWSEC2SpotServiceRolePolicy                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEC2SpotServiceRolePolicy")
	ManagedPolicy_AWSECRPullThroughCache_ServiceRolePolicy          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSECRPullThroughCache_ServiceRolePolicy")
	ManagedPolicyAWSElasticBeanstalkCustomPlatformforEC2Role        = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkCustomPlatformforEC2Role")
	ManagedPolicyAWSElasticBeanstalkEnhancedHealth                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth")
	// Deprecated: This policy is deprecated. Please use the AWS managed policy AdministratorAccess-AWSElasticBeanstalk instead.
	ManagedPolicyAWSElasticBeanstalkFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess")
	ManagedPolicyAWSElasticBeanstalkMaintenance                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkMaintenance")
	ManagedPolicyAWSElasticBeanstalkManagedUpdatesCustomerRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy")
	ManagedPolicyAWSElasticBeanstalkManagedUpdatesServiceRolePolicy  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkManagedUpdatesServiceRolePolicy")
	ManagedPolicyAWSElasticBeanstalkMulticontainerDocker             = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker")
	// Deprecated: This policy is deprecated. Please use the AWS managed policy AWSElasticBeanstalkReadOnly instead.
	ManagedPolicyAWSElasticBeanstalkReadOnlyAccess    = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnlyAccess")
	ManagedPolicyAWSElasticBeanstalkReadOnly          = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkReadOnly")
	ManagedPolicyAWSElasticBeanstalkRoleCWL           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCWL")
	ManagedPolicyAWSElasticBeanstalkRoleCore          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleCore")
	ManagedPolicyAWSElasticBeanstalkRoleECS           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleECS")
	ManagedPolicyAWSElasticBeanstalkRoleRDS           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleRDS")
	ManagedPolicyAWSElasticBeanstalkRoleSNS           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleSNS")
	ManagedPolicyAWSElasticBeanstalkRoleWorkerTier    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkRoleWorkerTier")
	ManagedPolicyAWSElasticBeanstalkService           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService")
	ManagedPolicyAWSElasticBeanstalkServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticBeanstalkServiceRolePolicy")
	ManagedPolicyAWSElasticBeanstalkWebTier           = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier")
	// Deprecated: This has been deprecated in favour of `AWSElasticBeanstalkWorkerTier`
	ManagedPolicyAWSElasticBeanstakWorkerTier                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier")
	ManagedPolicyAWSElasticBeanstalkWorkerTier                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier")
	ManagedPolicyAWSElasticDisasterRecoveryAgentInstallationPolicy    = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryAgentInstallationPolicy")
	ManagedPolicyAWSElasticDisasterRecoveryAgentPolicy                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryAgentPolicy")
	ManagedPolicyAWSElasticDisasterRecoveryConsoleFullAccess          = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess")
	ManagedPolicyAWSElasticDisasterRecoveryConversionServerPolicy     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryConversionServerPolicy")
	ManagedPolicyAWSElasticDisasterRecoveryEc2InstancePolicy          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryEc2InstancePolicy")
	ManagedPolicyAWSElasticDisasterRecoveryFailbackInstallationPolicy = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryFailbackInstallationPolicy")
	ManagedPolicyAWSElasticDisasterRecoveryFailbackPolicy             = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryFailbackPolicy")
	ManagedPolicyAWSElasticDisasterRecoveryReadOnlyAccess             = ManagedPolicy("arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryReadOnlyAccess")
	ManagedPolicyAWSElasticDisasterRecoveryRecoveryInstancePolicy     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryRecoveryInstancePolicy")
	ManagedPolicyAWSElasticDisasterRecoveryReplicationServerPolicy    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryReplicationServerPolicy")
	ManagedPolicyAWSElasticDisasterRecoveryServiceRolePolicy          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticDisasterRecoveryServiceRolePolicy")
	ManagedPolicyAWSElasticDisasterRecoveryStagingAccountPolicy       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy")
	ManagedPolicy_AWSElasticDisasterRecoveryStagingAccountPolicy_v2   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSElasticDisasterRecoveryStagingAccountPolicy_v2")
	ManagedPolicyAWSElasticLoadBalancingClassicServiceRolePolicy      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingClassicServiceRolePolicy")
	ManagedPolicyAWSElasticLoadBalancingServiceRolePolicy             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSElasticLoadBalancingServiceRolePolicy")
	ManagedPolicyAWSElementalMediaConvertFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaConvertFullAccess")
	ManagedPolicyAWSElementalMediaConvertReadOnly                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaConvertReadOnly")
	ManagedPolicyAWSElementalMediaLiveFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaLiveFullAccess")
	ManagedPolicyAWSElementalMediaLiveReadOnly                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaLiveReadOnly")
	ManagedPolicyAWSElementalMediaPackageFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaPackageFullAccess")
	ManagedPolicyAWSElementalMediaPackageReadOnly                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaPackageReadOnly")
	ManagedPolicyAWSElementalMediaStoreFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaStoreFullAccess")
	ManagedPolicyAWSElementalMediaStoreReadOnly                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaStoreReadOnly")
	ManagedPolicyAWSElementalMediaTailorFullAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaTailorFullAccess")
	ManagedPolicyAWSElementalMediaTailorReadOnly                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSElementalMediaTailorReadOnly")
	ManagedPolicyAWSEnhancedClassicNetworkingMangementPolicy          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSEnhancedClassicNetworkingMangementPolicy")
	ManagedPolicyAWSFMAdminFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSFMAdminFullAccess")
	ManagedPolicyAWSFMAdminReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSFMAdminReadOnlyAccess")
	ManagedPolicyAWSFMMemberReadOnlyAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSFMMemberReadOnlyAccess")
	ManagedPolicyAWSFaultInjectionSimulatorEC2Access                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEC2Access")
	ManagedPolicyAWSFaultInjectionSimulatorECSAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorECSAccess")
	ManagedPolicyAWSFaultInjectionSimulatorEKSAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorEKSAccess")
	ManagedPolicyAWSFaultInjectionSimulatorNetworkAccess              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorNetworkAccess")
	ManagedPolicyAWSFaultInjectionSimulatorRDSAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorRDSAccess")
	ManagedPolicyAWSFaultInjectionSimulatorSSMAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSFaultInjectionSimulatorSSMAccess")
	ManagedPolicyAWSForWordPressPluginPolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSForWordPressPluginPolicy")
	ManagedPolicyAWSGlobalAcceleratorSLRPolicy                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSGlobalAcceleratorSLRPolicy")
	ManagedPolicyAWSGlueConsoleFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueConsoleFullAccess")
	ManagedPolicyAWSGlueConsoleSageMakerNotebookFullAccess            = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueConsoleSageMakerNotebookFullAccess")
	ManagedPolicyAWSGlueDataBrewServiceRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGlueDataBrewServiceRole")
	ManagedPolicyAWSGlueSchemaRegistryFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueSchemaRegistryFullAccess")
	ManagedPolicyAWSGlueSchemaRegistryReadonlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSGlueSchemaRegistryReadonlyAccess")
	ManagedPolicyAWSGlueServiceNotebookRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGlueServiceNotebookRole")
	ManagedPolicyAWSGlueServiceRole                                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole")
	ManagedPolicyAWSGrafanaAccountAdministrator                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSGrafanaAccountAdministrator")
	ManagedPolicyAWSGrafanaConsoleReadOnlyAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSGrafanaConsoleReadOnlyAccess")
	ManagedPolicyAWSGrafanaWorkspacePermissionManagement              = ManagedPolicy("arn:aws:iam::aws:policy/AWSGrafanaWorkspacePermissionManagement")
	ManagedPolicyAWSGreengrassFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassFullAccess")
	// Deprecated: Please use AWSGreengrassFullAccess instead
	ManagedPolicyAWSGreengrassFullccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassFullAccess")
	ManagedPolicyAWSGreengrassReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSGreengrassReadOnlyAccess")
	ManagedPolicyAWSGreengrassResourceAccessRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy")
	ManagedPolicyAWSHealthFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSHealthFullAccess")
	ManagedPolicy_AWSHealth_EventProcessorServiceRolePolicy                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSHealth_EventProcessorServiceRolePolicy")
	ManagedPolicyAWSIPAMServiceRolePolicy                                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIPAMServiceRolePolicy")
	ManagedPolicyAWSIQContractServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIQContractServiceRolePolicy")
	ManagedPolicyAWSIQFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSIQFullAccess")
	ManagedPolicyAWSIQPermissionServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIQPermissionServiceRolePolicy")
	ManagedPolicyAWSIdentitySyncFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSIdentitySyncFullAccess")
	ManagedPolicyAWSIdentitySyncReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSIdentitySyncReadOnlyAccess")
	ManagedPolicyAWSImageBuilderFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSImageBuilderFullAccess")
	ManagedPolicyAWSImageBuilderReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSImageBuilderReadOnlyAccess")
	ManagedPolicyAWSImportExportFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportFullAccess")
	ManagedPolicyAWSImportExportReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSImportExportReadOnlyAccess")
	ManagedPolicyAWSIncidentManagerResolverAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSIncidentManagerResolverAccess")
	ManagedPolicyAWSIncidentManagerServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIncidentManagerServiceRolePolicy")
	ManagedPolicyAWSIoT1ClickFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoT1ClickFullAccess")
	ManagedPolicyAWSIoT1ClickReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoT1ClickReadOnlyAccess")
	ManagedPolicyAWSIoTAnalyticsFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTAnalyticsFullAccess")
	ManagedPolicyAWSIoTAnalyticsReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTAnalyticsReadOnlyAccess")
	ManagedPolicyAWSIoTConfigAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigAccess")
	ManagedPolicyAWSIoTConfigReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTConfigReadOnlyAccess")
	ManagedPolicyAWSIoTDataAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDataAccess")
	ManagedPolicyAWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAddThingsToThingGroupMitigationAction")
	ManagedPolicyAWSIoTDeviceDefenderAudit                                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderAudit")
	ManagedPolicyAWSIoTDeviceDefenderEnableIoTLoggingMitigationAction      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderEnableIoTLoggingMitigationAction")
	ManagedPolicyAWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderPublishFindingsToSNSMitigationAction")
	ManagedPolicyAWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderReplaceDefaultPolicyMitigationAction")
	ManagedPolicyAWSIoTDeviceDefenderUpdateCACertMitigationAction          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateCACertMitigationAction")
	ManagedPolicyAWSIoTDeviceDefenderUpdateDeviceCertMitigationAction      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTDeviceDefenderUpdateDeviceCertMitigationAction")
	ManagedPolicyAWSIoTDeviceTesterForFreeRTOSFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDeviceTesterForFreeRTOSFullAccess")
	ManagedPolicyAWSIoTDeviceTesterForGreengrassFullAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTDeviceTesterForGreengrassFullAccess")
	ManagedPolicyAWSIoTEventsFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTEventsFullAccess")
	ManagedPolicyAWSIoTEventsReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTEventsReadOnlyAccess")
	ManagedPolicyAWSIoTFleetHubFederationAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTFleetHubFederationAccess")
	ManagedPolicyAWSIoTFleetwiseServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIoTFleetwiseServiceRolePolicy")
	ManagedPolicyAWSIoTFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTFullAccess")
	ManagedPolicyAWSIoTLogging                                             = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTLogging")
	ManagedPolicyAWSIoTOTAUpdate                                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTOTAUpdate")
	ManagedPolicyAWSIoTRuleActions                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTRuleActions")
	ManagedPolicyAWSIoTSiteWiseConsoleFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTSiteWiseConsoleFullAccess")
	ManagedPolicyAWSIoTSiteWiseFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTSiteWiseFullAccess")
	ManagedPolicyAWSIoTSiteWiseMonitorPortalAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTSiteWiseMonitorPortalAccess")
	ManagedPolicyAWSIoTSiteWiseMonitorServiceRolePolicy                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIoTSiteWiseMonitorServiceRolePolicy")
	ManagedPolicyAWSIoTSiteWiseReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTSiteWiseReadOnlyAccess")
	ManagedPolicyAWSIoTThingsRegistration                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration")
	ManagedPolicyAWSIoTWirelessDataAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessDataAccess")
	ManagedPolicyAWSIoTWirelessFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessFullAccess")
	ManagedPolicyAWSIoTWirelessFullPublishAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessFullPublishAccess")
	ManagedPolicyAWSIoTWirelessGatewayCertManager                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessGatewayCertManager")
	ManagedPolicyAWSIoTWirelessLogging                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessLogging")
	ManagedPolicyAWSIoTWirelessReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSIoTWirelessReadOnlyAccess")
	ManagedPolicyAWSIotRoboRunnerFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSIotRoboRunnerFullAccess")
	ManagedPolicyAWSIotRoboRunnerReadOnly                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSIotRoboRunnerReadOnly")
	ManagedPolicyAWSIotRoboRunnerServiceRolePolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSIotRoboRunnerServiceRolePolicy")
	ManagedPolicyAWSKeyManagementServiceCustomKeyStoresServiceRolePolicy   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceCustomKeyStoresServiceRolePolicy")
	ManagedPolicyAWSKeyManagementServiceMultiRegionKeysServiceRolePolicy   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSKeyManagementServiceMultiRegionKeysServiceRolePolicy")
	ManagedPolicyAWSKeyManagementServicePowerUser                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser")
	ManagedPolicyAWSLakeFormationCrossAccountManager                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSLakeFormationCrossAccountManager")
	ManagedPolicyAWSLakeFormationDataAdmin                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSLakeFormationDataAdmin")
	ManagedPolicyAWSLambdaBasicExecutionRole                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole")
	ManagedPolicyAWSLambdaDynamoDBExecutionRole                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaDynamoDBExecutionRole")
	ManagedPolicyAWSLambdaENIManagementAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaENIManagementAccess")
	ManagedPolicyAWSLambdaExecute                                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaExecute")
	// Deprecated: This has been deprecated in favour of `LambdaFullAccess`
	ManagedPolicyAWSLambdaFullAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaFullAccess")
	ManagedPolicyLambdaFullAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_FullAccess")
	ManagedPolicyAWSLambdaInvocationDynamoDB   = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaInvocation-DynamoDB")
	ManagedPolicyAWSLambdaKinesisExecutionRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole")
	// Deprecated: This has been deprecated in favour of `LambdaReadOnlyAccess`
	ManagedPolicyAWSLambdaReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambdaReadOnlyAccess")
	ManagedPolicyLambdaReadOnlyAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSLambda_ReadOnlyAccess")
	ManagedPolicyAWSLambdaMSKExecutionRole                                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaMSKExecutionRole")
	ManagedPolicyAWSLambdaReplicator                                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLambdaReplicator")
	ManagedPolicyAWSLambdaRole                                                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaRole")
	ManagedPolicyAWSLambdaSQSQueueExecutionRole                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaSQSQueueExecutionRole")
	ManagedPolicyAWSLambdaVPCAccessExecutionRole                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole")
	ManagedPolicyAWSLicenseManagerConsumptionPolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSLicenseManagerConsumptionPolicy")
	ManagedPolicyAWSLicenseManagerLinuxSubscriptionsServiceRolePolicy          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerLinuxSubscriptionsServiceRolePolicy")
	ManagedPolicyAWSLicenseManagerMasterAccountRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMasterAccountRolePolicy")
	ManagedPolicyAWSLicenseManagerMemberAccountRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerMemberAccountRolePolicy")
	ManagedPolicyAWSLicenseManagerServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerServiceRolePolicy")
	ManagedPolicyAWSLicenseManagerUserSubscriptionsServiceRolePolicy           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSLicenseManagerUserSubscriptionsServiceRolePolicy")
	ManagedPolicyAWSM2ServicePolicy                                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSM2ServicePolicy")
	ManagedPolicyAWSManagedServicesDeploymentToolkitPolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSManagedServicesDeploymentToolkitPolicy")
	ManagedPolicy_AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_DetectiveControlsConfig_ServiceRolePolicy")
	ManagedPolicy_AWSManagedServices_EventsServiceRolePolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSManagedServices_EventsServiceRolePolicy")
	ManagedPolicyAWSMarketplaceAmiIngestion                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceAmiIngestion")
	ManagedPolicyAWSMarketplaceFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceFullAccess")
	ManagedPolicyAWSMarketplaceGetEntitlements                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceGetEntitlements")
	ManagedPolicyAWSMarketplaceImageBuildFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceImageBuildFullAccess")
	ManagedPolicyAWSMarketplaceLicenseManagementServiceRolePolicy              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMarketplaceLicenseManagementServiceRolePolicy")
	ManagedPolicyAWSMarketplaceManageSubscriptions                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceManageSubscriptions")
	ManagedPolicyAWSMarketplaceMeteringFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceMeteringFullAccess")
	ManagedPolicyAWSMarketplaceMeteringRegisterUsage                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceMeteringRegisterUsage")
	ManagedPolicyAWSMarketplaceProcurementSystemAdminFullAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceProcurementSystemAdminFullAccess")
	ManagedPolicyAWSMarketplacePurchaseOrdersServiceRolePolicy                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMarketplacePurchaseOrdersServiceRolePolicy")
	ManagedPolicyAWSMarketplaceReadonly                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceRead-only")
	ManagedPolicyAWSMarketplaceSellerFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceSellerFullAccess")
	ManagedPolicyAWSMarketplaceSellerProductsFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsFullAccess")
	ManagedPolicyAWSMarketplaceSellerProductsReadOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSMarketplaceSellerProductsReadOnly")
	ManagedPolicyAWSMediaTailorServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMediaTailorServiceRolePolicy")
	ManagedPolicyAWSMigrationHubDMSAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMigrationHubDMSAccess")
	ManagedPolicyAWSMigrationHubDiscoveryAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMigrationHubDiscoveryAccess")
	ManagedPolicyAWSMigrationHubFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubFullAccess")
	ManagedPolicyAWSMigrationHubOrchestratorConsoleFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorConsoleFullAccess")
	ManagedPolicyAWSMigrationHubOrchestratorInstanceRolePolicy                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorInstanceRolePolicy")
	ManagedPolicyAWSMigrationHubOrchestratorPlugin                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubOrchestratorPlugin")
	ManagedPolicyAWSMigrationHubOrchestratorServiceRolePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubOrchestratorServiceRolePolicy")
	ManagedPolicyAWSMigrationHubRefactorSpacesFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubRefactorSpacesFullAccess")
	ManagedPolicyAWSMigrationHubRefactorSpacesServiceRolePolicy                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubRefactorSpacesServiceRolePolicy")
	ManagedPolicyAWSMigrationHubSMSAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMigrationHubSMSAccess")
	ManagedPolicyAWSMigrationHubStrategyCollector                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubStrategyCollector")
	ManagedPolicyAWSMigrationHubStrategyConsoleFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSMigrationHubStrategyConsoleFullAccess")
	ManagedPolicyAWSMigrationHubStrategyServiceRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSMigrationHubStrategyServiceRolePolicy")
	ManagedPolicy_AWSMobileHub_FullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_FullAccess")
	ManagedPolicy_AWSMobileHub_ReadOnly                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSMobileHub_ReadOnly")
	// Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSMobileHub_FullAccess or AWSMobileHub_ReadOnly instead.
	ManagedPolicy_AWSMobileHub_ServiceUseOnly               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSMobileHub_ServiceUseOnly")
	ManagedPolicyAWSNetworkFirewallServiceRolePolicy        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSNetworkFirewallServiceRolePolicy")
	ManagedPolicyAWSNetworkManagerCloudWANServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerCloudWANServiceRolePolicy")
	ManagedPolicyAWSNetworkManagerFullAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AWSNetworkManagerFullAccess")
	ManagedPolicyAWSNetworkManagerReadOnlyAccess            = ManagedPolicy("arn:aws:iam::aws:policy/AWSNetworkManagerReadOnlyAccess")
	ManagedPolicyAWSNetworkManagerServiceRolePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSNetworkManagerServiceRolePolicy")
	ManagedPolicyAWSOpsWorksCMInstanceProfileRole           = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCMInstanceProfileRole")
	ManagedPolicyAWSOpsWorksCMServiceRole                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksCMServiceRole")
	ManagedPolicyAWSOpsWorksCloudWatchLogs                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksCloudWatchLogs")
	// Deprecated: This policy is deprecated and will be removed in a future release. Please use OpsWorks_FullAccess instead.
	ManagedPolicyAWSOpsWorksFullAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksFullAccess")
	ManagedPolicyAWSOpsWorksInstanceRegistration = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksInstanceRegistration")
	// Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSOpsWorksRegisterCLI_EC2 or AWSOpsWorksRegisterCLI_OnPremises instead.
	ManagedPolicyAWSOpsWorksRegisterCLI = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI")
	// Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSOpsWorksCMServiceRole instead.
	ManagedPolicyAWSOpsWorksRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSOpsWorksRole")
	// Deprecated: This policy is deprecated and will be removed in a future release. Please use AWSQuickSightDescribeRDS instead.
	ManagedPolicyAWSQuickSightDescribeRD                                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS")
	ManagedPolicy_AWSOpsWorksRegisterCLI_EC2                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_EC2")
	ManagedPolicy_AWSOpsWorksRegisterCLI_OnPremises                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorksRegisterCLI_OnPremises")
	ManagedPolicy_OpsWorks_FullAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSOpsWorks_FullAccess")
	ManagedPolicyAWSOrganizationsFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSOrganizationsFullAccess")
	ManagedPolicyAWSOrganizationsReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSOrganizationsReadOnlyAccess")
	ManagedPolicyAWSOrganizationsServiceTrustPolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy")
	ManagedPolicyAWSOutpostsAuthorizeServerPolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSOutpostsAuthorizeServerPolicy")
	ManagedPolicyAWSOutpostsServiceRolePolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSOutpostsServiceRolePolicy")
	ManagedPolicyAWSPanoramaApplianceRolePolicy                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceRolePolicy")
	ManagedPolicyAWSPanoramaApplianceServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaApplianceServiceRolePolicy")
	ManagedPolicyAWSPanoramaFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSPanoramaFullAccess")
	ManagedPolicyAWSPanoramaGreengrassGroupRolePolicy                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaGreengrassGroupRolePolicy")
	ManagedPolicyAWSPanoramaSageMakerRolePolicy                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaSageMakerRolePolicy")
	ManagedPolicyAWSPanoramaServiceLinkedRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSPanoramaServiceLinkedRolePolicy")
	ManagedPolicyAWSPanoramaServiceRolePolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSPanoramaServiceRolePolicy")
	ManagedPolicyAWSPriceListServiceFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSPriceListServiceFullAccess")
	ManagedPolicyAWSPrivateCAAuditor                                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAAuditor")
	ManagedPolicyAWSPrivateCAFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAFullAccess")
	ManagedPolicyAWSPrivateCAPrivilegedUser                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAPrivilegedUser")
	ManagedPolicyAWSPrivateCAReadOnly                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAReadOnly")
	ManagedPolicyAWSPrivateCAUser                                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateCAUser")
	ManagedPolicyAWSPrivateMarketplaceAdminFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateMarketplaceAdminFullAccess")
	ManagedPolicyAWSPrivateMarketplaceRequests                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSPrivateMarketplaceRequests")
	ManagedPolicyAWSPrivateNetworksServiceRolePolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSPrivateNetworksServiceRolePolicy")
	ManagedPolicyAWSProtonCodeBuildProvisioningBasicAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonCodeBuildProvisioningBasicAccess")
	ManagedPolicyAWSProtonCodeBuildProvisioningServiceRolePolicy             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSProtonCodeBuildProvisioningServiceRolePolicy")
	ManagedPolicyAWSProtonDeveloperAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonDeveloperAccess")
	ManagedPolicyAWSProtonFullAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonFullAccess")
	ManagedPolicyAWSProtonReadOnlyAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSProtonReadOnlyAccess")
	ManagedPolicyAWSProtonSyncServiceRolePolicy                              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSProtonSyncServiceRolePolicy")
	ManagedPolicyAWSPurchaseOrdersServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSPurchaseOrdersServiceRolePolicy")
	ManagedPolicyAWSQuickSightDescribeRDS                                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRDS")
	ManagedPolicyAWSQuickSightDescribeRedshift                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightDescribeRedshift")
	ManagedPolicyAWSQuickSightElasticsearchPolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightElasticsearchPolicy")
	ManagedPolicyAWSQuickSightIoTAnalyticsAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSQuickSightIoTAnalyticsAccess")
	ManagedPolicyAWSQuickSightListIAM                                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightListIAM")
	ManagedPolicyAWSQuickSightSageMakerPolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightSageMakerPolicy")
	ManagedPolicyAWSQuickSightTimestreamPolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuickSightTimestreamPolicy")
	ManagedPolicyAWSQuicksightAthenaAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuicksightAthenaAccess")
	ManagedPolicyAWSQuicksightOpenSearchPolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSQuicksightOpenSearchPolicy")
	ManagedPolicyAWSReachabilityAnalyzerServiceRolePolicy                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSReachabilityAnalyzerServiceRolePolicy")
	ManagedPolicyAWSRefactoringToolkitFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSRefactoringToolkitFullAccess")
	ManagedPolicyAWSRefactoringToolkitSidecarPolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSRefactoringToolkitSidecarPolicy")
	ManagedPolicyAWSResourceAccessManagerFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceAccessManagerFullAccess")
	ManagedPolicyAWSResourceAccessManagerReadOnlyAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceAccessManagerReadOnlyAccess")
	ManagedPolicyAWSResourceAccessManagerResourceShareParticipantAccess      = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceAccessManagerResourceShareParticipantAccess")
	ManagedPolicyAWSResourceAccessManagerServiceRolePolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSResourceAccessManagerServiceRolePolicy")
	ManagedPolicyAWSResourceExplorerFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceExplorerFullAccess")
	ManagedPolicyAWSResourceExplorerReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceExplorerReadOnlyAccess")
	ManagedPolicyAWSResourceExplorerServiceRolePolicy                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSResourceExplorerServiceRolePolicy")
	ManagedPolicyAWSResourceGroupsReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSResourceGroupsReadOnlyAccess")
	ManagedPolicyAWSRoboMakerReadOnlyAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSRoboMakerReadOnlyAccess")
	ManagedPolicyAWSRoboMakerServicePolicy                                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSRoboMakerServicePolicy")
	ManagedPolicyAWSRoboMakerServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSRoboMakerServiceRolePolicy")
	ManagedPolicy_AWSRoboMaker_FullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSRoboMaker_FullAccess")
	ManagedPolicyAWSRolesAnywhereServicePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSRolesAnywhereServicePolicy")
	ManagedPolicyAWSSSMForSAPServiceLinkedRolePolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSSMForSAPServiceLinkedRolePolicy")
	ManagedPolicyAWSSSMOpsInsightsServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSSMOpsInsightsServiceRolePolicy")
	ManagedPolicyAWSSSODirectoryAdministrator                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSODirectoryAdministrator")
	ManagedPolicyAWSSSODirectoryReadOnly                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSODirectoryReadOnly")
	ManagedPolicyAWSSSOMasterAccountAdministrator                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSOMasterAccountAdministrator")
	ManagedPolicyAWSSSOMemberAccountAdministrator                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSOMemberAccountAdministrator")
	ManagedPolicyAWSSSOReadOnly                                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSSSOReadOnly")
	ManagedPolicyAWSSSOServiceRolePolicy                                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy")
	ManagedPolicyAWSSavingsPlansFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSSavingsPlansFullAccess")
	ManagedPolicyAWSSavingsPlansReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSSavingsPlansReadOnlyAccess")
	ManagedPolicyAWSSecurityHubFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSSecurityHubFullAccess")
	ManagedPolicyAWSSecurityHubOrganizationsAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSSecurityHubOrganizationsAccess")
	ManagedPolicyAWSSecurityHubReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSSecurityHubReadOnlyAccess")
	ManagedPolicyAWSSecurityHubServiceRolePolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSecurityHubServiceRolePolicy")
	ManagedPolicyAWSServiceCatalogAdminFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAdminFullAccess")
	ManagedPolicyAWSServiceCatalogAdminReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAdminReadOnlyAccess")
	ManagedPolicyAWSServiceCatalogAppRegistryFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryFullAccess")
	ManagedPolicyAWSServiceCatalogAppRegistryReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogAppRegistryReadOnlyAccess")
	ManagedPolicyAWSServiceCatalogAppRegistryServiceRolePolicy               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogAppRegistryServiceRolePolicy")
	ManagedPolicyAWSServiceCatalogEndUserFullAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogEndUserFullAccess")
	ManagedPolicyAWSServiceCatalogEndUserReadOnlyAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSServiceCatalogEndUserReadOnlyAccess")
	ManagedPolicyAWSServiceCatalogSyncServiceRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceCatalogSyncServiceRolePolicy")
	ManagedPolicyAWSServiceRoleForAmazonEKSNodegroup                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForAmazonEKSNodegroup")
	ManagedPolicyAWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCloudWatchAlarmsActionSSMServiceRolePolicy")
	ManagedPolicyAWSServiceRoleForCodeGuruProfiler                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForCodeGuru-Profiler")
	ManagedPolicyAWSServiceRoleForEC2ScheduledInstances                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForEC2ScheduledInstances")
	ManagedPolicyAWSServiceRoleForGroundStationDataflowEndpointGroupPolicy   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForGroundStationDataflowEndpointGroupPolicy")
	ManagedPolicyAWSServiceRoleForImageBuilder                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForImageBuilder")
	ManagedPolicyAWSServiceRoleForIoTSiteWise                                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForIoTSiteWise")
	ManagedPolicyAWSServiceRoleForLogDeliveryPolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForLogDeliveryPolicy")
	ManagedPolicyAWSServiceRoleForMonitronPolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForMonitronPolicy")
	ManagedPolicyAWSServiceRoleForSMS                                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRoleForSMS")
	ManagedPolicyAWSServiceRolePolicyForBackupReports                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSServiceRolePolicyForBackupReports")
	ManagedPolicyAWSShieldDRTAccessPolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy")
	ManagedPolicyAWSShieldServiceRolePolicy                                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSShieldServiceRolePolicy")
	ManagedPolicyAWSStepFunctionsConsoleFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsConsoleFullAccess")
	ManagedPolicyAWSStepFunctionsFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsFullAccess")
	ManagedPolicyAWSStepFunctionsReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess")
	ManagedPolicyAWSStorageGatewayFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayFullAccess")
	ManagedPolicyAWSStorageGatewayReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSStorageGatewayReadOnlyAccess")
	ManagedPolicyAWSStorageGatewayServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSStorageGatewayServiceRolePolicy")
	ManagedPolicyAWSSupportAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAccess")
	ManagedPolicyAWSSupportAppFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAppFullAccess")
	ManagedPolicyAWSSupportAppReadOnlyAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportAppReadOnlyAccess")
	ManagedPolicyAWSSupportPlansFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportPlansFullAccess")
	ManagedPolicyAWSSupportPlansReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AWSSupportPlansReadOnlyAccess")
	ManagedPolicyAWSSupportServiceRolePolicy                                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy")
	ManagedPolicyAWSSystemsManagerAccountDiscoveryServicePolicy              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerAccountDiscoveryServicePolicy")
	ManagedPolicyAWSSystemsManagerChangeManagementServicePolicy              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerChangeManagementServicePolicy")
	ManagedPolicyAWSSystemsManagerForSAPFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSSystemsManagerForSAPFullAccess")
	ManagedPolicyAWSSystemsManagerForSAPReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSSystemsManagerForSAPReadOnlyAccess")
	ManagedPolicyAWSSystemsManagerOpsDataSyncServiceRolePolicy               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSSystemsManagerOpsDataSyncServiceRolePolicy")
	ManagedPolicyAWSThinkboxAWSPortalAdminPolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAWSPortalAdminPolicy")
	ManagedPolicyAWSThinkboxAWSPortalGatewayPolicy                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAWSPortalGatewayPolicy")
	ManagedPolicyAWSThinkboxAWSPortalWorkerPolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAWSPortalWorkerPolicy")
	ManagedPolicyAWSThinkboxAssetServerPolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxAssetServerPolicy")
	ManagedPolicyAWSThinkboxDeadlineResourceTrackerAccessPolicy              = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAccessPolicy")
	ManagedPolicyAWSThinkboxDeadlineResourceTrackerAdminPolicy               = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineResourceTrackerAdminPolicy")
	ManagedPolicyAWSThinkboxDeadlineSpotEventPluginAdminPolicy               = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginAdminPolicy")
	ManagedPolicyAWSThinkboxDeadlineSpotEventPluginWorkerPolicy              = ManagedPolicy("arn:aws:iam::aws:policy/AWSThinkboxDeadlineSpotEventPluginWorkerPolicy")
	ManagedPolicyAWSTransferConsoleFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AWSTransferConsoleFullAccess")
	ManagedPolicyAWSTransferFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSTransferFullAccess")
	ManagedPolicyAWSTransferLoggingAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess")
	ManagedPolicyAWSTransferReadOnlyAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AWSTransferReadOnlyAccess")
	ManagedPolicyAWSTrustedAdvisorPriorityFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityFullAccess")
	ManagedPolicyAWSTrustedAdvisorPriorityReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSTrustedAdvisorPriorityReadOnlyAccess")
	ManagedPolicyAWSTrustedAdvisorReportingServiceRolePolicy                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorReportingServiceRolePolicy")
	ManagedPolicyAWSTrustedAdvisorServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy")
	ManagedPolicyAWSVPCS2SVpnServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVPCS2SVpnServiceRolePolicy")
	ManagedPolicyAWSVPCTransitGatewayServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVPCTransitGatewayServiceRolePolicy")
	ManagedPolicyAWSVPCVerifiedAccessServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVPCVerifiedAccessServiceRolePolicy")
	ManagedPolicyAWSVendorInsightsAssessorFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsAssessorFullAccess")
	ManagedPolicyAWSVendorInsightsAssessorReadOnly                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsAssessorReadOnly")
	ManagedPolicyAWSVendorInsightsVendorFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsVendorFullAccess")
	ManagedPolicyAWSVendorInsightsVendorReadOnly                             = ManagedPolicy("arn:aws:iam::aws:policy/AWSVendorInsightsVendorReadOnly")
	ManagedPolicyAWSVpcLatticeServiceRolePolicy                              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSVpcLatticeServiceRolePolicy")
	ManagedPolicyAWSWAFConsoleFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFConsoleFullAccess")
	ManagedPolicyAWSWAFConsoleReadOnlyAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFConsoleReadOnlyAccess")
	ManagedPolicyAWSWAFFullAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFFullAccess")
	ManagedPolicyAWSWAFReadOnlyAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess")
	ManagedPolicyAWSWellArchitectedOrganizationsServiceRolePolicy            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AWSWellArchitectedOrganizationsServiceRolePolicy")
	ManagedPolicyAWSWickrFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AWSWickrFullAccess")
	ManagedPolicyAWSXrayCrossAccountSharingConfiguration                     = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayCrossAccountSharingConfiguration")
	ManagedPolicyAWSXrayFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayFullAccess")
	ManagedPolicyAWSXrayReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess")
	ManagedPolicyAWSXrayWriteOnlyAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess")
	ManagedPolicyAWSXRayDaemonWriteAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess")
	ManagedPolicyAccessAnalyzerServiceRolePolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AccessAnalyzerServiceRolePolicy")
	ManagedPolicyAdministratorAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess")
	ManagedPolicyAdministratorAccessAWSElasticBeanstalk                      = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess-AWSElasticBeanstalk")
	ManagedPolicyAdministratorAccessAmplify                                  = ManagedPolicy("arn:aws:iam::aws:policy/AdministratorAccess-Amplify")
	ManagedPolicyAlexaForBusinessDeviceSetup                                 = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup")
	ManagedPolicyAlexaForBusinessFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessFullAccess")
	ManagedPolicyAlexaForBusinessGatewayExecution                            = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessGatewayExecution")
	ManagedPolicyAlexaForBusinessLifesizeDelegatedAccessPolicy               = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessLifesizeDelegatedAccessPolicy")
	ManagedPolicyAlexaForBusinessNetworkProfileServicePolicy                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AlexaForBusinessNetworkProfileServicePolicy")
	ManagedPolicyAlexaForBusinessPolyDelegatedAccessPolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessPolyDelegatedAccessPolicy")
	ManagedPolicyAlexaForBusinessReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AlexaForBusinessReadOnlyAccess")
	ManagedPolicyAmazonAPIGatewayAdministrator                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator")
	ManagedPolicyAmazonAPIGatewayInvokeFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAPIGatewayInvokeFullAccess")
	ManagedPolicyAmazonAPIGatewayPushToCloudWatchLogs                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs")
	ManagedPolicyAmazonAppFlowFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppFlowFullAccess")
	ManagedPolicyAmazonAppFlowReadOnlyAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppFlowReadOnlyAccess")
	ManagedPolicyAmazonAppStreamFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamFullAccess")
	ManagedPolicyAmazonAppStreamPCAAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAppStreamPCAAccess")
	ManagedPolicyAmazonAppStreamReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAppStreamReadOnlyAccess")
	ManagedPolicyAmazonAppStreamServiceAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonAppStreamServiceAccess")
	ManagedPolicyAmazonAthenaFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAthenaFullAccess")
	ManagedPolicyAmazonAugmentedAIFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAugmentedAIFullAccess")
	ManagedPolicyAmazonAugmentedAIHumanLoopFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAugmentedAIHumanLoopFullAccess")
	ManagedPolicyAmazonAugmentedAIIntegratedAPIAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonAugmentedAIIntegratedAPIAccess")
	ManagedPolicyAmazonBraketFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonBraketFullAccess")
	ManagedPolicyAmazonBraketJobsExecutionPolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonBraketJobsExecutionPolicy")
	ManagedPolicyAmazonBraketServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonBraketServiceRolePolicy")
	ManagedPolicyAmazonChimeFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeFullAccess")
	ManagedPolicyAmazonChimeReadOnly                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeReadOnly")
	ManagedPolicyAmazonChimeSDK                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeSDK")
	ManagedPolicyAmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeSDKMediaPipelinesServiceLinkedRolePolicy")
	ManagedPolicyAmazonChimeServiceRolePolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeServiceRolePolicy")
	ManagedPolicyAmazonChimeTranscriptionServiceLinkedRolePolicy             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeTranscriptionServiceLinkedRolePolicy")
	ManagedPolicyAmazonChimeUserManagement                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonChimeUserManagement")
	ManagedPolicyAmazonChimeVoiceConnectorServiceLinkedRolePolicy            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonChimeVoiceConnectorServiceLinkedRolePolicy")
	ManagedPolicyAmazonCloudDirectoryFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryFullAccess")
	ManagedPolicyAmazonCloudDirectoryReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudDirectoryReadOnlyAccess")
	ManagedPolicyAmazonCloudWatchEvidentlyFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyFullAccess")
	ManagedPolicyAmazonCloudWatchEvidentlyReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchEvidentlyReadOnlyAccess")
	ManagedPolicyAmazonCloudWatchEvidentlyServiceRolePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchEvidentlyServiceRolePolicy")
	ManagedPolicyAmazonCloudWatchRUMFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchRUMFullAccess")
	ManagedPolicyAmazonCloudWatchRUMReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCloudWatchRUMReadOnlyAccess")
	ManagedPolicyAmazonCloudWatchRUMServiceRolePolicy                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCloudWatchRUMServiceRolePolicy")
	ManagedPolicyAmazonCodeGuruProfilerAgentAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruProfilerAgentAccess")
	ManagedPolicyAmazonCodeGuruProfilerFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruProfilerFullAccess")
	ManagedPolicyAmazonCodeGuruProfilerReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruProfilerReadOnlyAccess")
	ManagedPolicyAmazonCodeGuruReviewerFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruReviewerFullAccess")
	ManagedPolicyAmazonCodeGuruReviewerReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCodeGuruReviewerReadOnlyAccess")
	ManagedPolicyAmazonCodeGuruReviewerServiceRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCodeGuruReviewerServiceRolePolicy")
	ManagedPolicyAmazonCognitoDeveloperAuthenticatedIdentities               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoDeveloperAuthenticatedIdentities")
	ManagedPolicyAmazonCognitoIdpEmailServiceRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpEmailServiceRolePolicy")
	ManagedPolicyAmazonCognitoIdpServiceRolePolicy                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonCognitoIdpServiceRolePolicy")
	ManagedPolicyAmazonCognitoPowerUser                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoPowerUser")
	ManagedPolicyAmazonCognitoReadOnly                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoReadOnly")
	ManagedPolicyAmazonCognitoUnauthenticatedIdentities                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonCognitoUnauthenticatedIdentities")
	ManagedPolicyAmazonConnectCampaignsServiceLinkedRolePolicy               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonConnectCampaignsServiceLinkedRolePolicy")
	ManagedPolicyAmazonConnectReadOnlyAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonConnectReadOnlyAccess")
	ManagedPolicyAmazonConnectServiceLinkedRolePolicy                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonConnectServiceLinkedRolePolicy")
	ManagedPolicyAmazonConnectVoiceIDFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonConnectVoiceIDFullAccess")
	ManagedPolicy_AmazonConnect_FullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonConnect_FullAccess")
	ManagedPolicyAmazonDMSCloudWatchLogsRole                                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole")
	ManagedPolicyAmazonDMSRedshiftS3Role                                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role")
	ManagedPolicyAmazonDMSVPCManagementRole                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole")
	ManagedPolicyAmazonDRSVPCManagement                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDRSVPCManagement")
	ManagedPolicyAmazonDetectiveFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDetectiveFullAccess")
	ManagedPolicyAmazonDetectiveInvestigatorAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDetectiveInvestigatorAccess")
	ManagedPolicyAmazonDetectiveMemberAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDetectiveMemberAccess")
	ManagedPolicyAmazonDetectiveServiceLinkedRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonDetectiveServiceLinkedRolePolicy")
	ManagedPolicyAmazonDevOpsGuruConsoleFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruConsoleFullAccess")
	ManagedPolicyAmazonDevOpsGuruFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruFullAccess")
	ManagedPolicyAmazonDevOpsGuruOrganizationsAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruOrganizationsAccess")
	ManagedPolicyAmazonDevOpsGuruReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDevOpsGuruReadOnlyAccess")
	ManagedPolicyAmazonDevOpsGuruServiceRolePolicy                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonDevOpsGuruServiceRolePolicy")
	ManagedPolicyAmazonDocDBElasticServiceRolePolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonDocDB-ElasticServiceRolePolicy")
	ManagedPolicyAmazonDocDBConsoleFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDocDBConsoleFullAccess")
	ManagedPolicyAmazonDocDBFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDocDBFullAccess")
	ManagedPolicyAmazonDocDBReadOnlyAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDocDBReadOnlyAccess")
	ManagedPolicyAmazonDynamoDBFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess")
	ManagedPolicyAmazonDynamoDBFullAccesswithDataPipeline                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBFullAccesswithDataPipeline")
	ManagedPolicyAmazonDynamoDBReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess")
	ManagedPolicyAmazonEBSCSIDriverPolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy")
	ManagedPolicyAmazonEC2ContainerRegistryFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess")
	ManagedPolicyAmazonEC2ContainerRegistryPowerUser                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser")
	ManagedPolicyAmazonEC2ContainerRegistryReadOnly                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly")
	ManagedPolicyAmazonEC2ContainerServiceAutoscaleRole                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole")
	ManagedPolicyAmazonEC2ContainerServiceEventsRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceEventsRole")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use AmazonECS_FullAccess instead.
	ManagedPolicyAmazonEC2ContainerServiceFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess")
	ManagedPolicyAmazonEC2ContainerServiceRole       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole")
	ManagedPolicyAmazonEC2ContainerServiceforEC2Role = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role")
	ManagedPolicyAmazonEC2FullAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2FullAccess")
	ManagedPolicyAmazonEC2ReadOnlyAccess             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess")
	// Deprecated: This policy is deprecated and will be removed in a future release.
	ManagedPolicyAmazonEC2ReportsAccess               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2ReportsAccess")
	ManagedPolicyAmazonEC2RolePolicyForLaunchWizard   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEC2RolePolicyForLaunchWizard")
	ManagedPolicyAmazonEC2RoleforAWSCodeDeploy        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeploy")
	ManagedPolicyAmazonEC2RoleforAWSCodeDeployLimited = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforAWSCodeDeployLimited")
	ManagedPolicyAmazonEC2RoleforDataPipelineRole     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforDataPipelineRole")
	ManagedPolicyAmazonEC2RoleforSSM                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM")
	ManagedPolicyAmazonEC2SpotFleetAutoscaleRole      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetAutoscaleRole")
	// Deprecated: This policy is deprecated and will be removed in a future release.
	ManagedPolicyAmazonEC2SpotFleetRole                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetRole")
	ManagedPolicyAmazonEC2SpotFleetTaggingRole                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEC2SpotFleetTaggingRole")
	ManagedPolicyAmazonECSFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonECS_FullAccess")
	ManagedPolicyAmazonECSServiceRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonECSServiceRolePolicy")
	ManagedPolicyAmazonECSTaskExecutionRolePolicy               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy")
	ManagedPolicyAmazonEKSClusterPolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy")
	ManagedPolicyAmazonEKSConnectorServiceRolePolicy            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSConnectorServiceRolePolicy")
	ManagedPolicyAmazonEKSFargatePodExecutionRolePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy")
	ManagedPolicyAmazonEKSForFargateServiceRolePolicy           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSForFargateServiceRolePolicy")
	ManagedPolicyAmazonEKSLocalOutpostClusterPolicy             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSLocalOutpostClusterPolicy")
	ManagedPolicyAmazonEKSLocalOutpostServiceRolePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSLocalOutpostServiceRolePolicy")
	ManagedPolicyAmazonEKSServicePolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSServicePolicy")
	ManagedPolicyAmazonEKSServiceRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEKSServiceRolePolicy")
	ManagedPolicyAmazonEKSVPCResourceController                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSVPCResourceController")
	ManagedPolicyAmazonEKSWorkerNodePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy")
	ManagedPolicy_AmazonEKS_CNI_Policy                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy")
	ManagedPolicyAmazonEMRCleanupPolicy                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEMRCleanupPolicy")
	ManagedPolicyAmazonEMRContainersServiceRolePolicy           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEMRContainersServiceRolePolicy")
	ManagedPolicy_AmazonEMRFullAccessPolicy_v2                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEMRFullAccessPolicy_v2")
	ManagedPolicy_AmazonEMRReadOnlyAccessPolicy_v2              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEMRReadOnlyAccessPolicy_v2")
	ManagedPolicyAmazonEMRServerlessServiceRolePolicy           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEMRServerlessServiceRolePolicy")
	ManagedPolicy_AmazonEMRServicePolicy_v2                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonEMRServicePolicy_v2")
	ManagedPolicyAmazonESCognitoAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESCognitoAccess")
	ManagedPolicyAmazonESFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESFullAccess")
	ManagedPolicyAmazonESReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonESReadOnlyAccess")
	ManagedPolicyAmazonElastiCacheFullAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheFullAccess")
	ManagedPolicyAmazonElastiCacheReadOnlyAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess")
	ManagedPolicyAmazonElasticContainerRegistryPublicFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicFullAccess")
	ManagedPolicyAmazonElasticContainerRegistryPublicPowerUser  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicPowerUser")
	ManagedPolicyAmazonElasticContainerRegistryPublicReadOnly   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticContainerRegistryPublicReadOnly")
	ManagedPolicyAmazonElasticFileSystemClientFullAccess        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess")
	ManagedPolicyAmazonElasticFileSystemClientReadOnlyAccess    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadOnlyAccess")
	ManagedPolicyAmazonElasticFileSystemClientReadWriteAccess   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemClientReadWriteAccess")
	ManagedPolicyAmazonElasticFileSystemFullAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemFullAccess")
	ManagedPolicyAmazonElasticFileSystemReadOnlyAccess          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess")
	ManagedPolicyAmazonElasticFileSystemServiceRolePolicy       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonElasticFileSystemServiceRolePolicy")
	ManagedPolicyAmazonElasticFileSystemsUtils                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticFileSystemsUtils")
	ManagedPolicyAmazonElasticMapReduceEditorsRole              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceEditorsRole")
	ManagedPolicyAmazonElasticMapReduceFullAccess               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceFullAccess")
	ManagedPolicyAmazonElasticMapReducePlacementGroupPolicy     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReducePlacementGroupPolicy")
	ManagedPolicyAmazonElasticMapReduceReadOnlyAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticMapReduceReadOnlyAccess")
	ManagedPolicyAmazonElasticMapReduceRole                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceRole")
	ManagedPolicyAmazonElasticMapReduceforAutoScalingRole       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforAutoScalingRole")
	ManagedPolicyAmazonElasticMapReduceforEC2Role               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_FullAccess instead.
	ManagedPolicyAmazonElasticTranscoderFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderFullAccess")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_JobsSubmitter instead.
	ManagedPolicyAmazonElasticTranscoderJobsSubmitter = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderJobsSubmitter")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use ElasticTranscoder_ReadOnlyAccess instead.
	ManagedPolicyAmazonElasticTranscoderReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoderReadOnlyAccess")
	ManagedPolicyAmazonElasticTranscoderRole                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonElasticTranscoderRole")
	ManagedPolicy_ElasticTranscoder_FullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoder_FullAccess")
	ManagedPolicy_ElasticTranscoder_JobsSubmitter                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoder_JobsSubmitter")
	ManagedPolicy_ElasticTranscoder_ReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonElasticTranscoder_ReadOnlyAccess")
	ManagedPolicyAmazonElasticsearchServiceRolePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonElasticsearchServiceRolePolicy")
	ManagedPolicyAmazonEventBridgeApiDestinationsServiceRolePolicy     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeApiDestinationsServiceRolePolicy")
	ManagedPolicyAmazonEventBridgeFullAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess")
	ManagedPolicyAmazonEventBridgePipesFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgePipesFullAccess")
	ManagedPolicyAmazonEventBridgePipesOperatorAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgePipesOperatorAccess")
	ManagedPolicyAmazonEventBridgePipesReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgePipesReadOnlyAccess")
	ManagedPolicyAmazonEventBridgeReadOnlyAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeReadOnlyAccess")
	ManagedPolicyAmazonEventBridgeSchedulerFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerFullAccess")
	ManagedPolicyAmazonEventBridgeSchedulerReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchedulerReadOnlyAccess")
	ManagedPolicyAmazonEventBridgeSchemasFullAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchemasFullAccess")
	ManagedPolicyAmazonEventBridgeSchemasReadOnlyAccess                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonEventBridgeSchemasReadOnlyAccess")
	ManagedPolicyAmazonEventBridgeSchemasServiceRolePolicy             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonEventBridgeSchemasServiceRolePolicy")
	ManagedPolicyAmazonFISServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonFISServiceRolePolicy")
	ManagedPolicyAmazonFSxConsoleFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxConsoleFullAccess")
	ManagedPolicyAmazonFSxConsoleReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxConsoleReadOnlyAccess")
	ManagedPolicyAmazonFSxFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxFullAccess")
	ManagedPolicyAmazonFSxReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFSxReadOnlyAccess")
	ManagedPolicyAmazonFSxServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonFSxServiceRolePolicy")
	ManagedPolicyAmazonForecastFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonForecastFullAccess")
	ManagedPolicyAmazonFraudDetectorFullAccessPolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFraudDetectorFullAccessPolicy")
	ManagedPolicyAmazonFreeRTOSFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonFreeRTOSFullAccess")
	ManagedPolicyAmazonFreeRTOSOTAUpdate                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonFreeRTOSOTAUpdate")
	ManagedPolicyAmazonGlacierFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierFullAccess")
	ManagedPolicyAmazonGlacierReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess")
	ManagedPolicyAmazonGrafanaAthenaAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess")
	ManagedPolicyAmazonGrafanaRedshiftAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonGrafanaRedshiftAccess")
	ManagedPolicyAmazonGrafanaServiceLinkedRolePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonGrafanaServiceLinkedRolePolicy")
	ManagedPolicyAmazonGuardDutyFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGuardDutyFullAccess")
	ManagedPolicyAmazonGuardDutyMalwareProtectionServiceRolePolicy     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyMalwareProtectionServiceRolePolicy")
	ManagedPolicyAmazonGuardDutyReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonGuardDutyReadOnlyAccess")
	ManagedPolicyAmazonGuardDutyServiceRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonGuardDutyServiceRolePolicy")
	ManagedPolicyAmazonHealthLakeFullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHealthLakeFullAccess")
	ManagedPolicyAmazonHealthLakeReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHealthLakeReadOnlyAccess")
	ManagedPolicyAmazonHoneycodeFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeFullAccess")
	ManagedPolicyAmazonHoneycodeReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeReadOnlyAccess")
	ManagedPolicyAmazonHoneycodeServiceRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonHoneycodeServiceRolePolicy")
	ManagedPolicyAmazonHoneycodeTeamAssociationFullAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationFullAccess")
	ManagedPolicyAmazonHoneycodeTeamAssociationReadOnlyAccess          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeTeamAssociationReadOnlyAccess")
	ManagedPolicyAmazonHoneycodeWorkbookFullAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookFullAccess")
	ManagedPolicyAmazonHoneycodeWorkbookReadOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonHoneycodeWorkbookReadOnlyAccess")
	ManagedPolicyAmazonInspector2FullAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspector2FullAccess")
	ManagedPolicyAmazonInspector2ReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspector2ReadOnlyAccess")
	ManagedPolicyAmazonInspector2ServiceRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonInspector2ServiceRolePolicy")
	ManagedPolicyAmazonInspectorFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorFullAccess")
	ManagedPolicyAmazonInspectorReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonInspectorReadOnlyAccess")
	ManagedPolicyAmazonInspectorServiceRolePolicy                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonInspectorServiceRolePolicy")
	ManagedPolicyAmazonKendraFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKendraFullAccess")
	ManagedPolicyAmazonKendraReadOnlyAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKendraReadOnlyAccess")
	ManagedPolicyAmazonKeyspacesFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKeyspacesFullAccess")
	ManagedPolicyAmazonKeyspacesReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKeyspacesReadOnlyAccess")
	ManagedPolicyAmazonKinesisAnalyticsFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsFullAccess")
	ManagedPolicyAmazonKinesisAnalyticsReadOnly                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisAnalyticsReadOnly")
	ManagedPolicyAmazonKinesisFirehoseFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseFullAccess")
	ManagedPolicyAmazonKinesisFirehoseReadOnlyAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFirehoseReadOnlyAccess")
	ManagedPolicyAmazonKinesisFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisFullAccess")
	ManagedPolicyAmazonKinesisReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess")
	ManagedPolicyAmazonKinesisVideoStreamsFullAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsFullAccess")
	ManagedPolicyAmazonKinesisVideoStreamsReadOnlyAccess               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonKinesisVideoStreamsReadOnlyAccess")
	ManagedPolicy_AmazonLaunchWizard_Fullaccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLaunchWizard_Fullaccess")
	ManagedPolicyAmazonLexChannelsAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonLexChannelsAccess")
	ManagedPolicyAmazonLexFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexFullAccess")
	ManagedPolicyAmazonLexReadOnly                                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexReadOnly")
	ManagedPolicyAmazonLexRunBotsOnly                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLexRunBotsOnly")
	ManagedPolicyAmazonLexV2BotPolicy                                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonLexV2BotPolicy")
	ManagedPolicyAmazonLookoutEquipmentFullAccess                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutEquipmentFullAccess")
	ManagedPolicyAmazonLookoutEquipmentReadOnlyAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutEquipmentReadOnlyAccess")
	ManagedPolicyAmazonLookoutMetricsFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutMetricsFullAccess")
	ManagedPolicyAmazonLookoutMetricsReadOnlyAccess                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutMetricsReadOnlyAccess")
	ManagedPolicyAmazonLookoutVisionConsoleFullAccess                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleFullAccess")
	ManagedPolicyAmazonLookoutVisionConsoleReadOnlyAccess              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionConsoleReadOnlyAccess")
	ManagedPolicyAmazonLookoutVisionFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionFullAccess")
	ManagedPolicyAmazonLookoutVisionReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonLookoutVisionReadOnlyAccess")
	ManagedPolicyAmazonMCSFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMCSFullAccess")
	ManagedPolicyAmazonMCSReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMCSReadOnlyAccess")
	ManagedPolicyAmazonMQApiFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQApiFullAccess")
	ManagedPolicyAmazonMQApiReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQApiReadOnlyAccess")
	ManagedPolicyAmazonMQFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQFullAccess")
	ManagedPolicyAmazonMQReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMQReadOnlyAccess")
	ManagedPolicyAmazonMQServiceRolePolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonMQServiceRolePolicy")
	ManagedPolicyAmazonMSKConnectReadOnlyAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMSKConnectReadOnlyAccess")
	ManagedPolicyAmazonMSKFullAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMSKFullAccess")
	ManagedPolicyAmazonMSKReadOnlyAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMSKReadOnlyAccess")
	ManagedPolicyAmazonMWAAServiceRolePolicy                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonMWAAServiceRolePolicy")
	ManagedPolicyAmazonMachineLearningBatchPredictionsAccess           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningBatchPredictionsAccess")
	ManagedPolicyAmazonMachineLearningCreateOnlyAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningCreateOnlyAccess")
	ManagedPolicyAmazonMachineLearningFullAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningFullAccess")
	ManagedPolicyAmazonMachineLearningManageRealTimeEndpointOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningManageRealTimeEndpointOnlyAccess")
	ManagedPolicyAmazonMachineLearningReadOnlyAccess                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningReadOnlyAccess")
	ManagedPolicyAmazonMachineLearningRealTimePredictionOnlyAccess     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMachineLearningRealTimePredictionOnlyAccess")
	// Deprecated: This policy is deprecated. Use AmazonMachineLearningRoleforRedshiftDataSourceV3 instead.
	ManagedPolicyAmazonMachineLearningRoleforRedshiftDataSource                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSource")
	ManagedPolicyAmazonMachineLearningRoleforRedshiftDataSourceV3                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMachineLearningRoleforRedshiftDataSourceV3")
	ManagedPolicyAmazonMacieFullAccess                                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMacieFullAccess")
	ManagedPolicyAmazonMacieHandshakeRole                                             = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMacieHandshakeRole")
	ManagedPolicyAmazonMacieServiceRole                                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonMacieServiceRole")
	ManagedPolicyAmazonMacieServiceRolePolicy                                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonMacieServiceRolePolicy")
	ManagedPolicyAmazonManagedBlockchainConsoleFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonManagedBlockchainConsoleFullAccess")
	ManagedPolicyAmazonManagedBlockchainFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonManagedBlockchainFullAccess")
	ManagedPolicyAmazonManagedBlockchainReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonManagedBlockchainReadOnlyAccess")
	ManagedPolicyAmazonManagedBlockchainServiceRolePolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonManagedBlockchainServiceRolePolicy")
	ManagedPolicyAmazonMechanicalTurkFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkFullAccess")
	ManagedPolicyAmazonMechanicalTurkReadOnly                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMechanicalTurkReadOnly")
	ManagedPolicyAmazonMemoryDBFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMemoryDBFullAccess")
	ManagedPolicyAmazonMemoryDBReadOnlyAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMemoryDBReadOnlyAccess")
	ManagedPolicyAmazonMobileAnalyticsFinancialReportAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFinancialReportAccess")
	ManagedPolicyAmazonMobileAnalyticsFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsFullAccess")
	ManagedPolicyAmazonMobileAnalyticsNonfinancialReportAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsNon-financialReportAccess")
	ManagedPolicyAmazonMobileAnalyticsWriteOnlyAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMobileAnalyticsWriteOnlyAccess")
	ManagedPolicyAmazonMonitronFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonMonitronFullAccess")
	ManagedPolicyAmazonNimbleStudioLaunchProfileWorker                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonNimbleStudio-LaunchProfileWorker")
	ManagedPolicyAmazonNimbleStudioStudioAdmin                                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioAdmin")
	ManagedPolicyAmazonNimbleStudioStudioUser                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonNimbleStudio-StudioUser")
	ManagedPolicyAmazonOmicsFullAccess                                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOmicsFullAccess")
	ManagedPolicyAmazonOmicsReadOnlyAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOmicsReadOnlyAccess")
	ManagedPolicyAmazonOpenSearchIngestionServiceRolePolicy                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchIngestionServiceRolePolicy")
	ManagedPolicyAmazonOpenSearchServerlessServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServerlessServiceRolePolicy")
	ManagedPolicyAmazonOpenSearchServiceCognitoAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOpenSearchServiceCognitoAccess")
	ManagedPolicyAmazonOpenSearchServiceFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOpenSearchServiceFullAccess")
	ManagedPolicyAmazonOpenSearchServiceReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonOpenSearchServiceReadOnlyAccess")
	ManagedPolicyAmazonOpenSearchServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonOpenSearchServiceRolePolicy")
	ManagedPolicyAmazonPersonalizeFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonPersonalizeFullAccess")
	ManagedPolicyAmazonPollyFullAccess                                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyFullAccess")
	ManagedPolicyAmazonPollyReadOnlyAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPollyReadOnlyAccess")
	ManagedPolicyAmazonPrometheusConsoleFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusConsoleFullAccess")
	ManagedPolicyAmazonPrometheusFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusFullAccess")
	ManagedPolicyAmazonPrometheusQueryAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusQueryAccess")
	ManagedPolicyAmazonPrometheusRemoteWriteAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonPrometheusRemoteWriteAccess")
	ManagedPolicyAmazonQLDBConsoleFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonQLDBConsoleFullAccess")
	ManagedPolicyAmazonQLDBFullAccess                                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonQLDBFullAccess")
	ManagedPolicyAmazonQLDBReadOnly                                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonQLDBReadOnly")
	ManagedPolicyAmazonRDSBetaServiceRolePolicy                                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSBetaServiceRolePolicy")
	ManagedPolicyAmazonRDSCustomPreviewServiceRolePolicy                              = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomPreviewServiceRolePolicy")
	ManagedPolicyAmazonRDSCustomServiceRolePolicy                                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSCustomServiceRolePolicy")
	ManagedPolicyAmazonRDSDataFullAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSDataFullAccess")
	ManagedPolicyAmazonRDSDirectoryServiceAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess")
	ManagedPolicyAmazonRDSEnhancedMonitoringRole                                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole")
	ManagedPolicyAmazonRDSFullAccess                                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSFullAccess")
	ManagedPolicyAmazonRDSPerformanceInsightsReadOnly                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSPerformanceInsightsReadOnly")
	ManagedPolicyAmazonRDSPreviewServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSPreviewServiceRolePolicy")
	ManagedPolicyAmazonRDSReadOnlyAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess")
	ManagedPolicyAmazonRDSServiceRolePolicy                                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRDSServiceRolePolicy")
	ManagedPolicyAmazonRedshiftAllCommandsFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftAllCommandsFullAccess")
	ManagedPolicyAmazonRedshiftDataFullAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftDataFullAccess")
	ManagedPolicyAmazonRedshiftFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftFullAccess")
	ManagedPolicyAmazonRedshiftQueryEditor                                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditor")
	ManagedPolicyAmazonRedshiftQueryEditorV2FullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2FullAccess")
	ManagedPolicyAmazonRedshiftQueryEditorV2NoSharing                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2NoSharing")
	ManagedPolicyAmazonRedshiftQueryEditorV2ReadSharing                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadSharing")
	ManagedPolicyAmazonRedshiftQueryEditorV2ReadWriteSharing                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadWriteSharing")
	ManagedPolicyAmazonRedshiftReadOnlyAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess")
	ManagedPolicyAmazonRedshiftServiceLinkedRolePolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonRedshiftServiceLinkedRolePolicy")
	ManagedPolicyAmazonRekognitionCustomLabelsFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionCustomLabelsFullAccess")
	ManagedPolicyAmazonRekognitionFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionFullAccess")
	ManagedPolicyAmazonRekognitionReadOnlyAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRekognitionReadOnlyAccess")
	ManagedPolicyAmazonRekognitionServiceRole                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonRekognitionServiceRole")
	ManagedPolicyAmazonRoute53AutoNamingFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53AutoNamingFullAccess")
	ManagedPolicyAmazonRoute53AutoNamingReadOnlyAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53AutoNamingReadOnlyAccess")
	ManagedPolicyAmazonRoute53AutoNamingRegistrantAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53AutoNamingRegistrantAccess")
	ManagedPolicyAmazonRoute53DomainsFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsFullAccess")
	ManagedPolicyAmazonRoute53DomainsReadOnlyAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess")
	ManagedPolicyAmazonRoute53FullAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53FullAccess")
	ManagedPolicyAmazonRoute53ReadOnlyAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ReadOnlyAccess")
	ManagedPolicyAmazonRoute53RecoveryClusterFullAccess                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterFullAccess")
	ManagedPolicyAmazonRoute53RecoveryClusterReadOnlyAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryClusterReadOnlyAccess")
	ManagedPolicyAmazonRoute53RecoveryControlConfigFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigFullAccess")
	ManagedPolicyAmazonRoute53RecoveryControlConfigReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryControlConfigReadOnlyAccess")
	ManagedPolicyAmazonRoute53RecoveryReadinessFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessFullAccess")
	ManagedPolicyAmazonRoute53RecoveryReadinessReadOnlyAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53RecoveryReadinessReadOnlyAccess")
	ManagedPolicyAmazonRoute53ResolverFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ResolverFullAccess")
	ManagedPolicyAmazonRoute53ResolverReadOnlyAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonRoute53ResolverReadOnlyAccess")
	ManagedPolicyAmazonS3FullAccess                                                   = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3FullAccess")
	ManagedPolicyAmazonS3ObjectLambdaExecutionRolePolicy                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonS3ObjectLambdaExecutionRolePolicy")
	ManagedPolicyAmazonS3OutpostsFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3OutpostsFullAccess")
	ManagedPolicyAmazonS3OutpostsReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3OutpostsReadOnlyAccess")
	ManagedPolicyAmazonS3ReadOnlyAccess                                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess")
	ManagedPolicyAmazonSESFullAccess                                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESFullAccess")
	ManagedPolicyAmazonSESReadOnlyAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSESReadOnlyAccess")
	ManagedPolicyAmazonSNSFullAccess                                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSFullAccess")
	ManagedPolicyAmazonSNSReadOnlyAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess")
	ManagedPolicyAmazonSNSRole                                                        = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSNSRole")
	ManagedPolicyAmazonSQSFullAccess                                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSFullAccess")
	ManagedPolicyAmazonSQSReadOnlyAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSQSReadOnlyAccess")
	ManagedPolicyAmazonSSMAutomationApproverAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMAutomationApproverAccess")
	ManagedPolicyAmazonSSMAutomationRole                                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole")
	ManagedPolicyAmazonSSMDirectoryServiceAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMDirectoryServiceAccess")
	ManagedPolicyAmazonSSMFullAccess                                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMFullAccess")
	ManagedPolicyAmazonSSMMaintenanceWindowRole                                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSSMMaintenanceWindowRole")
	ManagedPolicyAmazonSSMManagedEC2InstanceDefaultPolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMManagedEC2InstanceDefaultPolicy")
	ManagedPolicyAmazonSSMPatchAssociation                                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMPatchAssociation")
	ManagedPolicyAmazonSSMReadOnlyAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess")
	ManagedPolicyAmazonSSMManagedInstanceCore                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore")
	ManagedPolicyAmazonSSMServiceRolePolicy                                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonSSMServiceRolePolicy")
	ManagedPolicyAmazonSageMakerAdminServiceCatalogProductsServiceRolePolicy          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerAdmin-ServiceCatalogProductsServiceRolePolicy")
	ManagedPolicyAmazonSageMakerCanvasForecastAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerCanvasForecastAccess")
	ManagedPolicyAmazonSageMakerCanvasFullAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerCanvasFullAccess")
	ManagedPolicyAmazonSageMakerCoreServiceRolePolicy                                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerCoreServiceRolePolicy")
	ManagedPolicyAmazonSageMakerEdgeDeviceFleetPolicy                                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerEdgeDeviceFleetPolicy")
	ManagedPolicyAmazonSageMakerFeatureStoreAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerFeatureStoreAccess")
	ManagedPolicyAmazonSageMakerFullAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerFullAccess")
	ManagedPolicyAmazonSageMakerGeospatialExecutionRole                               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialExecutionRole")
	ManagedPolicyAmazonSageMakerGeospatialFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerGeospatialFullAccess")
	ManagedPolicyAmazonSageMakerGroundTruthExecution                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerGroundTruthExecution")
	ManagedPolicyAmazonSageMakerMechanicalTurkAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerMechanicalTurkAccess")
	ManagedPolicyAmazonSageMakerModelGovernanceUseAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerModelGovernanceUseAccess")
	ManagedPolicyAmazonSageMakerNotebooksServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonSageMakerNotebooksServiceRolePolicy")
	ManagedPolicyAmazonSageMakerPipelinesIntegrations                                 = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerPipelinesIntegrations")
	ManagedPolicyAmazonSageMakerReadOnly                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerReadOnly")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsApiGatewayServiceRolePolicy")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCloudformationServiceRolePolicy")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSageMakerServiceCatalogProductsCodeBuildServiceRolePolicy")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy   = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsCodePipelineServiceRolePolicy")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsEventsServiceRolePolicy")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsFirehoseServiceRolePolicy")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy           = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsGlueServiceRolePolicy")
	ManagedPolicyAmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonSageMakerServiceCatalogProductsLambdaServiceRolePolicy")
	ManagedPolicyAmazonSecurityLakePermissionsBoundary                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSecurityLakePermissionsBoundary")
	ManagedPolicyAmazonSumerianFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonSumerianFullAccess")
	ManagedPolicyAmazonTextractFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTextractFullAccess")
	ManagedPolicyAmazonTextractServiceRole                                            = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AmazonTextractServiceRole")
	ManagedPolicyAmazonTimestreamConsoleFullAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTimestreamConsoleFullAccess")
	ManagedPolicyAmazonTimestreamFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTimestreamFullAccess")
	ManagedPolicyAmazonTimestreamReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTimestreamReadOnlyAccess")
	ManagedPolicyAmazonTranscribeFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTranscribeFullAccess")
	ManagedPolicyAmazonTranscribeReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/AmazonTranscribeReadOnlyAccess")
	ManagedPolicyAmazonVPCCrossAccountNetworkInterfaceOperations                      = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCCrossAccountNetworkInterfaceOperations")
	ManagedPolicyAmazonVPCFullAccess                                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCFullAccess")
	ManagedPolicyAmazonVPCReadOnlyAccess                                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonVPCReadOnlyAccess")
	ManagedPolicyAmazonWorkDocsFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkDocsFullAccess")
	ManagedPolicyAmazonWorkDocsReadOnlyAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkDocsReadOnlyAccess")
	ManagedPolicyAmazonWorkMailEventsServiceRolePolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonWorkMailEventsServiceRolePolicy")
	ManagedPolicyAmazonWorkMailFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailFullAccess")
	ManagedPolicyAmazonWorkMailMessageFlowFullAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowFullAccess")
	ManagedPolicyAmazonWorkMailMessageFlowReadOnlyAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailMessageFlowReadOnlyAccess")
	ManagedPolicyAmazonWorkMailReadOnlyAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkMailReadOnlyAccess")
	ManagedPolicyAmazonWorkSpacesAdmin                                                = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesAdmin")
	ManagedPolicyAmazonWorkSpacesApplicationManagerAdminAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesApplicationManagerAdminAccess")
	ManagedPolicyAmazonWorkSpacesSelfServiceAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess")
	ManagedPolicyAmazonWorkSpacesServiceAccess                                        = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess")
	ManagedPolicyAmazonWorkSpacesWebReadOnly                                          = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkSpacesWebReadOnly")
	ManagedPolicyAmazonWorkSpacesWebServiceRolePolicy                                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AmazonWorkSpacesWebServiceRolePolicy")
	ManagedPolicyAmazonWorkspacesPCAAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AmazonWorkspacesPCAAccess")
	ManagedPolicyAmazonZocaloFullAccess                                               = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloFullAccess")
	ManagedPolicyAmazonZocaloReadOnlyAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/AmazonZocaloReadOnlyAccess")
	ManagedPolicyAppIntegrationsServiceLinkedRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AppIntegrationsServiceLinkedRolePolicy")
	ManagedPolicyAppRunnerNetworkingServiceRolePolicy                                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AppRunnerNetworkingServiceRolePolicy")
	ManagedPolicyAppRunnerServiceRolePolicy                                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AppRunnerServiceRolePolicy")
	ManagedPolicyApplicationAutoScalingForAmazonAppStreamAccess                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ApplicationAutoScalingForAmazonAppStreamAccess")
	ManagedPolicyApplicationDiscoveryServiceContinuousExportServiceRolePolicy         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ApplicationDiscoveryServiceContinuousExportServiceRolePolicy")
	ManagedPolicyAutoScalingConsoleFullAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleFullAccess")
	ManagedPolicyAutoScalingConsoleReadOnlyAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingConsoleReadOnlyAccess")
	ManagedPolicyAutoScalingFullAccess                                                = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingFullAccess")
	ManagedPolicyAutoScalingNotificationAccessRole                                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AutoScalingNotificationAccessRole")
	ManagedPolicyAutoScalingReadOnlyAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/AutoScalingReadOnlyAccess")
	ManagedPolicyAutoScalingServiceRolePolicy                                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy")
	ManagedPolicyAwsGlueDataBrewFullAccessPolicy                                      = ManagedPolicy("arn:aws:iam::aws:policy/AwsGlueDataBrewFullAccessPolicy")
	ManagedPolicyAwsGlueSessionUserRestrictedNotebookPolicy                           = ManagedPolicy("arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedNotebookPolicy")
	ManagedPolicyAwsGlueSessionUserRestrictedNotebookServiceRole                      = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedNotebookServiceRole")
	ManagedPolicyAwsGlueSessionUserRestrictedPolicy                                   = ManagedPolicy("arn:aws:iam::aws:policy/AwsGlueSessionUserRestrictedPolicy")
	ManagedPolicyAwsGlueSessionUserRestrictedServiceRole                              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/AwsGlueSessionUserRestrictedServiceRole")
	ManagedPolicyBatchServiceRolePolicy                                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/BatchServiceRolePolicy")
	ManagedPolicyBilling                                                              = ManagedPolicy("arn:aws:iam::aws:policy/job-function/Billing")
	ManagedPolicyCertificateManagerServiceRolePolicy                                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CertificateManagerServiceRolePolicy")
	ManagedPolicyClientVPNServiceConnectionsRolePolicy                                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceConnectionsRolePolicy")
	ManagedPolicyClientVPNServiceRolePolicy                                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ClientVPNServiceRolePolicy")
	ManagedPolicyCloudFormationStackSetsOrgAdminServiceRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgAdminServiceRolePolicy")
	ManagedPolicyCloudFormationStackSetsOrgMemberServiceRolePolicy                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudFormationStackSetsOrgMemberServiceRolePolicy")
	ManagedPolicyCloudFrontFullAccess                                                 = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontFullAccess")
	ManagedPolicyCloudFrontReadOnlyAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/CloudFrontReadOnlyAccess")
	ManagedPolicyCloudHSMServiceRolePolicy                                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudHSMServiceRolePolicy")
	ManagedPolicyCloudSearchFullAccess                                                = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchFullAccess")
	ManagedPolicyCloudSearchReadOnlyAccess                                            = ManagedPolicy("arn:aws:iam::aws:policy/CloudSearchReadOnlyAccess")
	ManagedPolicyCloudTrailServiceRolePolicy                                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudTrailServiceRolePolicy")
	ManagedPolicyCloudWatchCrossAccountAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudWatch-CrossAccountAccess")
	ManagedPolicyCloudWatchActionsEC2Access                                           = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchActionsEC2Access")
	ManagedPolicyCloudWatchAgentAdminPolicy                                           = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchAgentAdminPolicy")
	ManagedPolicyCloudWatchAgentServerPolicy                                          = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy")
	ManagedPolicyCloudWatchApplicationInsightsFullAccess                              = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchApplicationInsightsFullAccess")
	ManagedPolicyCloudWatchApplicationInsightsReadOnlyAccess                          = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchApplicationInsightsReadOnlyAccess")
	ManagedPolicyCloudWatchAutomaticDashboardsAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchAutomaticDashboardsAccess")
	ManagedPolicyCloudWatchCrossAccountSharingConfiguration                           = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchCrossAccountSharingConfiguration")
	ManagedPolicyCloudWatchEventsBuiltInTargetExecutionAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsBuiltInTargetExecutionAccess")
	ManagedPolicyCloudWatchEventsFullAccess                                           = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsFullAccess")
	ManagedPolicyCloudWatchEventsInvocationAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/service-role/CloudWatchEventsInvocationAccess")
	ManagedPolicyCloudWatchEventsReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchEventsReadOnlyAccess")
	ManagedPolicyCloudWatchEventsServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudWatchEventsServiceRolePolicy")
	ManagedPolicyCloudWatchFullAccess                                                 = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchFullAccess")
	ManagedPolicyCloudWatchInternetMonitorServiceRolePolicy                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudWatchInternetMonitorServiceRolePolicy")
	ManagedPolicyCloudWatchLambdaInsightsExecutionRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy")
	ManagedPolicyCloudWatchLogsCrossAccountSharingConfiguration                       = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsCrossAccountSharingConfiguration")
	ManagedPolicyCloudWatchLogsFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsFullAccess")
	ManagedPolicyCloudWatchLogsReadOnlyAccess                                         = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchLogsReadOnlyAccess")
	ManagedPolicyCloudWatchReadOnlyAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess")
	ManagedPolicyCloudWatchSyntheticsFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchSyntheticsFullAccess")
	ManagedPolicyCloudWatchSyntheticsReadOnlyAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/CloudWatchSyntheticsReadOnlyAccess")
	ManagedPolicyCloudwatchApplicationInsightsServiceLinkedRolePolicy                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/CloudwatchApplicationInsightsServiceLinkedRolePolicy")
	ManagedPolicyComprehendDataAccessRolePolicy                                       = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ComprehendDataAccessRolePolicy")
	ManagedPolicyComprehendFullAccess                                                 = ManagedPolicy("arn:aws:iam::aws:policy/ComprehendFullAccess")
	ManagedPolicyComprehendMedicalFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/ComprehendMedicalFullAccess")
	ManagedPolicyComprehendReadOnly                                                   = ManagedPolicy("arn:aws:iam::aws:policy/ComprehendReadOnly")
	ManagedPolicyComputeOptimizerReadOnlyAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/ComputeOptimizerReadOnlyAccess")
	ManagedPolicyComputeOptimizerServiceRolePolicy                                    = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ComputeOptimizerServiceRolePolicy")
	ManagedPolicyConfigConformsServiceRolePolicy                                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ConfigConformsServiceRolePolicy")
	ManagedPolicyDAXServiceRolePolicy                                                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DAXServiceRolePolicy")
	ManagedPolicyDataScientist                                                        = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DataScientist")
	ManagedPolicyDatabaseAdministrator                                                = ManagedPolicy("arn:aws:iam::aws:policy/job-function/DatabaseAdministrator")
	ManagedPolicyDynamoDBCloudWatchContributorInsightsServiceRolePolicy               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DynamoDBCloudWatchContributorInsightsServiceRolePolicy")
	ManagedPolicyDynamoDBKinesisReplicationServiceRolePolicy                          = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DynamoDBKinesisReplicationServiceRolePolicy")
	ManagedPolicyDynamoDBReplicationServiceRolePolicy                                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/DynamoDBReplicationServiceRolePolicy")
	ManagedPolicyEC2FastLaunchServiceRolePolicy                                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/EC2FastLaunchServiceRolePolicy")
	ManagedPolicyEC2FleetTimeShiftableServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/EC2FleetTimeShiftableServiceRolePolicy")
	ManagedPolicyEC2InstanceConnect                                                   = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceConnect")
	ManagedPolicyEC2InstanceProfileForImageBuilder                                    = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilder")
	ManagedPolicyEC2InstanceProfileForImageBuilderECRContainerBuilds                  = ManagedPolicy("arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilderECRContainerBuilds")
	ManagedPolicyECRReplicationServiceRolePolicy                                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ECRReplicationServiceRolePolicy")
	ManagedPolicyEc2ImageBuilderCrossAccountDistributionAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/Ec2ImageBuilderCrossAccountDistributionAccess")
	ManagedPolicyEc2InstanceConnectEndpoint                                           = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Ec2InstanceConnectEndpoint")
	ManagedPolicyElastiCacheServiceRolePolicy                                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ElastiCacheServiceRolePolicy")
	ManagedPolicyElasticLoadBalancingFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess")
	ManagedPolicyElasticLoadBalancingReadOnly                                         = ManagedPolicy("arn:aws:iam::aws:policy/ElasticLoadBalancingReadOnly")
	ManagedPolicyElementalActivationsDownloadSoftwareAccess                           = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsDownloadSoftwareAccess")
	ManagedPolicyElementalActivationsFullAccess                                       = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsFullAccess")
	ManagedPolicyElementalActivationsGenerateLicenses                                 = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsGenerateLicenses")
	ManagedPolicyElementalActivationsReadOnlyAccess                                   = ManagedPolicy("arn:aws:iam::aws:policy/ElementalActivationsReadOnlyAccess")
	ManagedPolicyElementalAppliancesSoftwareFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/ElementalAppliancesSoftwareFullAccess")
	ManagedPolicyElementalAppliancesSoftwareReadOnlyAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/ElementalAppliancesSoftwareReadOnlyAccess")
	ManagedPolicyElementalSupportCenterFullAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/ElementalSupportCenterFullAccess")
	ManagedPolicyFMSServiceRolePolicy                                                 = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/FMSServiceRolePolicy")
	ManagedPolicyFSxDeleteServiceLinkedRoleAccess                                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/FSxDeleteServiceLinkedRoleAccess")
	ManagedPolicyFusionDevInternalServiceRolePolicy                                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/FusionDevInternalServiceRolePolicy")
	ManagedPolicyGameLiftGameServerGroupPolicy                                        = ManagedPolicy("arn:aws:iam::aws:policy/GameLiftGameServerGroupPolicy")
	ManagedPolicyGlobalAcceleratorFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/GlobalAcceleratorFullAccess")
	ManagedPolicyGlobalAcceleratorReadOnlyAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/GlobalAcceleratorReadOnlyAccess")
	ManagedPolicyGreengrassOTAUpdateArtifactAccess                                    = ManagedPolicy("arn:aws:iam::aws:policy/service-role/GreengrassOTAUpdateArtifactAccess")
	ManagedPolicyGroundTruthSyntheticConsoleFullAccess                                = ManagedPolicy("arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleFullAccess")
	ManagedPolicyGroundTruthSyntheticConsoleReadOnlyAccess                            = ManagedPolicy("arn:aws:iam::aws:policy/GroundTruthSyntheticConsoleReadOnlyAccess")
	ManagedPolicy_Health_OrganizationsServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Health_OrganizationsServiceRolePolicy")
	ManagedPolicyIAMAccessAdvisorReadOnly                                             = ManagedPolicy("arn:aws:iam::aws:policy/IAMAccessAdvisorReadOnly")
	ManagedPolicyIAMAccessAnalyzerFullAccess                                          = ManagedPolicy("arn:aws:iam::aws:policy/IAMAccessAnalyzerFullAccess")
	ManagedPolicyIAMAccessAnalyzerReadOnlyAccess                                      = ManagedPolicy("arn:aws:iam::aws:policy/IAMAccessAnalyzerReadOnlyAccess")
	ManagedPolicyIAMFullAccess                                                        = ManagedPolicy("arn:aws:iam::aws:policy/IAMFullAccess")
	ManagedPolicyIAMReadOnlyAccess                                                    = ManagedPolicy("arn:aws:iam::aws:policy/IAMReadOnlyAccess")
	ManagedPolicyIAMSelfManageServiceSpecificCredentials                              = ManagedPolicy("arn:aws:iam::aws:policy/IAMSelfManageServiceSpecificCredentials")
	ManagedPolicyIAMUserChangePassword                                                = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserChangePassword")
	ManagedPolicyIAMUserSSHKeys                                                       = ManagedPolicy("arn:aws:iam::aws:policy/IAMUserSSHKeys")
	ManagedPolicyIVSRecordToS3                                                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/IVSRecordToS3")
	ManagedPolicyKafkaConnectServiceRolePolicy                                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/KafkaConnectServiceRolePolicy")
	ManagedPolicyKafkaServiceRolePolicy                                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/KafkaServiceRolePolicy")
	ManagedPolicyLakeFormationDataAccessServiceRolePolicy                             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LakeFormationDataAccessServiceRolePolicy")
	ManagedPolicyLexBotPolicy                                                         = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LexBotPolicy")
	ManagedPolicyLexChannelPolicy                                                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LexChannelPolicy")
	ManagedPolicyLightsailExportAccess                                                = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/LightsailExportAccess")
	ManagedPolicyMediaPackageServiceRolePolicy                                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MediaPackageServiceRolePolicy")
	ManagedPolicyMemoryDBServiceRolePolicy                                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MemoryDBServiceRolePolicy")
	ManagedPolicyMigrationHubDMSAccessServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MigrationHubDMSAccessServiceRolePolicy")
	ManagedPolicyMigrationHubSMSAccessServiceRolePolicy                               = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MigrationHubSMSAccessServiceRolePolicy")
	ManagedPolicyMigrationHubServiceRolePolicy                                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MigrationHubServiceRolePolicy")
	ManagedPolicyMonitronServiceRolePolicy                                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/MonitronServiceRolePolicy")
	ManagedPolicyNeptuneConsoleFullAccess                                             = ManagedPolicy("arn:aws:iam::aws:policy/NeptuneConsoleFullAccess")
	ManagedPolicyNeptuneFullAccess                                                    = ManagedPolicy("arn:aws:iam::aws:policy/NeptuneFullAccess")
	ManagedPolicyNeptuneReadOnlyAccess                                                = ManagedPolicy("arn:aws:iam::aws:policy/NeptuneReadOnlyAccess")
	ManagedPolicyNetworkAdministrator                                                 = ManagedPolicy("arn:aws:iam::aws:policy/job-function/NetworkAdministrator")
	ManagedPolicyOAMFullAccess                                                        = ManagedPolicy("arn:aws:iam::aws:policy/OAMFullAccess")
	ManagedPolicyOAMReadOnlyAccess                                                    = ManagedPolicy("arn:aws:iam::aws:policy/OAMReadOnlyAccess")
	ManagedPolicyPowerUserAccess                                                      = ManagedPolicy("arn:aws:iam::aws:policy/PowerUserAccess")
	ManagedPolicyQuickSightAccessForS3StorageManagementAnalyticsReadOnly              = ManagedPolicy("arn:aws:iam::aws:policy/service-role/QuickSightAccessForS3StorageManagementAnalyticsReadOnly")
	ManagedPolicyRDSCloudHsmAuthorizationRole                                         = ManagedPolicy("arn:aws:iam::aws:policy/service-role/RDSCloudHsmAuthorizationRole")
	ManagedPolicyROSAManageSubscription                                               = ManagedPolicy("arn:aws:iam::aws:policy/ROSAManageSubscription")
	ManagedPolicyReadOnlyAccess                                                       = ManagedPolicy("arn:aws:iam::aws:policy/ReadOnlyAccess")
	ManagedPolicyResourceGroupsServiceRolePolicy                                      = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ResourceGroupsServiceRolePolicy")
	ManagedPolicyResourceGroupsandTagEditorFullAccess                                 = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorFullAccess")
	ManagedPolicyResourceGroupsandTagEditorReadOnlyAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/ResourceGroupsandTagEditorReadOnlyAccess")
	ManagedPolicyRoute53RecoveryReadinessServiceRolePolicy                            = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Route53RecoveryReadinessServiceRolePolicy")
	ManagedPolicyRoute53ResolverServiceRolePolicy                                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/Route53ResolverServiceRolePolicy")
	ManagedPolicyS3StorageLensServiceRolePolicy                                       = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/S3StorageLensServiceRolePolicy")
	ManagedPolicySecretsManagerReadWrite                                              = ManagedPolicy("arn:aws:iam::aws:policy/SecretsManagerReadWrite")
	ManagedPolicySecurityAudit                                                        = ManagedPolicy("arn:aws:iam::aws:policy/SecurityAudit")
	ManagedPolicySecurityLakeServiceLinkedRole                                        = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/SecurityLakeServiceLinkedRole")
	ManagedPolicyServerMigrationConnector                                             = ManagedPolicy("arn:aws:iam::aws:policy/ServerMigrationConnector")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServerMigration_ServiceRole instead.
	ManagedPolicyServerMigrationServiceRole = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRole")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogAdminFullAccess instead.
	ManagedPolicyServiceCatalogAdminFullAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminFullAccess")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogAdminReadOnlyAccess instead.
	ManagedPolicyServiceCatalogAdminReadOnlyAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogAdminReadOnlyAccess")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogEndUserReadOnlyAccess instead.
	ManagedPolicyServiceCatalogEndUserAccess = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserAccess")
	// Deprecated: This policy is deprecated and will be removed in a future release. Use AWSServiceCatalogEndUserFullAccess instead.
	ManagedPolicyServiceCatalogEndUserFullAccess                 = ManagedPolicy("arn:aws:iam::aws:policy/ServiceCatalogEndUserFullAccess")
	ManagedPolicyServerMigrationServiceConsoleFullAccess         = ManagedPolicy("arn:aws:iam::aws:policy/ServerMigrationServiceConsoleFullAccess")
	ManagedPolicyServerMigrationServiceLaunchRole                = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceLaunchRole")
	ManagedPolicyServerMigrationServiceRoleForInstanceValidation = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigrationServiceRoleForInstanceValidation")
	ManagedPolicy_AWSServerMigration_ServiceRole                 = ManagedPolicy("arn:aws:iam::aws:policy/service-role/ServerMigration_ServiceRole")
	ManagedPolicyServiceQuotasFullAccess                         = ManagedPolicy("arn:aws:iam::aws:policy/ServiceQuotasFullAccess")
	ManagedPolicyServiceQuotasReadOnlyAccess                     = ManagedPolicy("arn:aws:iam::aws:policy/ServiceQuotasReadOnlyAccess")
	ManagedPolicyServiceQuotasServiceRolePolicy                  = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/ServiceQuotasServiceRolePolicy")
	ManagedPolicySimpleWorkflowFullAccess                        = ManagedPolicy("arn:aws:iam::aws:policy/SimpleWorkflowFullAccess")
	ManagedPolicySupportUser                                     = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SupportUser")
	ManagedPolicySystemAdministrator                             = ManagedPolicy("arn:aws:iam::aws:policy/job-function/SystemAdministrator")
	ManagedPolicyTranslateFullAccess                             = ManagedPolicy("arn:aws:iam::aws:policy/TranslateFullAccess")
	ManagedPolicyTranslateReadOnly                               = ManagedPolicy("arn:aws:iam::aws:policy/TranslateReadOnly")
	ManagedPolicyVMImportExportRoleForAWSConnector               = ManagedPolicy("arn:aws:iam::aws:policy/service-role/VMImportExportRoleForAWSConnector")
	ManagedPolicyViewOnlyAccess                                  = ManagedPolicy("arn:aws:iam::aws:policy/job-function/ViewOnlyAccess")
	ManagedPolicyWAFLoggingServiceRolePolicy                     = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/WAFLoggingServiceRolePolicy")
	ManagedPolicyWAFRegionalLoggingServiceRolePolicy             = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/WAFRegionalLoggingServiceRolePolicy")
	ManagedPolicyWAFV2LoggingServiceRolePolicy                   = ManagedPolicy("arn:aws:iam::aws:policy/aws-service-role/WAFV2LoggingServiceRolePolicy")
	ManagedPolicyWellArchitectedConsoleFullAccess                = ManagedPolicy("arn:aws:iam::aws:policy/WellArchitectedConsoleFullAccess")
	ManagedPolicyWellArchitectedConsoleReadOnlyAccess            = ManagedPolicy("arn:aws:iam::aws:policy/WellArchitectedConsoleReadOnlyAccess")
	ManagedPolicyWorkLinkServiceRolePolicy                       = ManagedPolicy("arn:aws:iam::aws:policy/WorkLinkServiceRolePolicy")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessKey

type AccessKey struct {
	pulumi.CustomResourceState

	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Encrypted secret, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line.
	EncryptedSecret pulumi.StringOutput `pulumi:"encryptedSecret"`
	// Encrypted SES SMTP password, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line.
	EncryptedSesSmtpPasswordV4 pulumi.StringOutput `pulumi:"encryptedSesSmtpPasswordV4"`
	// Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.
	KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"`
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`).
	PgpKey pulumi.StringPtrOutput `pulumi:"pgpKey"`
	// Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
	Secret pulumi.StringOutput `pulumi:"secret"`
	// Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).
	SesSmtpPasswordV4 pulumi.StringOutput `pulumi:"sesSmtpPasswordV4"`
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// IAM user to associate with this access key.
	User pulumi.StringOutput `pulumi:"user"`
}

Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
		})
		if err != nil {
			return err
		}
		lbAccessKey, err := iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User:   lbUser.Name,
			PgpKey: pulumi.String("keybase:some_person_that_exists"),
		})
		if err != nil {
			return err
		}
		lbRoPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Actions: []string{
						"ec2:Describe*",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicy(ctx, "lbRoUserPolicy", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: *pulumi.String(lbRoPolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		ctx.Export("secret", lbAccessKey.EncryptedSecret)
		return nil
	})
}

```

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testUser, err := iam.NewUser(ctx, "testUser", &iam.UserArgs{
			Path: pulumi.String("/test/"),
		})
		if err != nil {
			return err
		}
		testAccessKey, err := iam.NewAccessKey(ctx, "testAccessKey", &iam.AccessKeyArgs{
			User: testUser.Name,
		})
		if err != nil {
			return err
		}
		ctx.Export("awsIamSmtpPasswordV4", testAccessKey.SesSmtpPasswordV4)
		return nil
	})
}

```

## Import

IAM Access Keys can be imported using the identifier, e.g.,

```sh

$ pulumi import aws:iam/accessKey:AccessKey example AKIA1234567890

```

Resource attributes such as `encrypted_secret`, `key_fingerprint`, `pgp_key`, `secret`, `ses_smtp_password_v4`, and `encrypted_ses_smtp_password_v4` are not available for imported resources as this information cannot be read from the IAM API.

func GetAccessKey

func GetAccessKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccessKeyState, opts ...pulumi.ResourceOption) (*AccessKey, error)

GetAccessKey gets an existing AccessKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessKey

func NewAccessKey(ctx *pulumi.Context,
	name string, args *AccessKeyArgs, opts ...pulumi.ResourceOption) (*AccessKey, error)

NewAccessKey registers a new resource with the given unique name, arguments, and options.

func (*AccessKey) ElementType

func (*AccessKey) ElementType() reflect.Type

func (*AccessKey) ToAccessKeyOutput

func (i *AccessKey) ToAccessKeyOutput() AccessKeyOutput

func (*AccessKey) ToAccessKeyOutputWithContext

func (i *AccessKey) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput

type AccessKeyArgs

type AccessKeyArgs struct {
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`).
	PgpKey pulumi.StringPtrInput
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrInput
	// IAM user to associate with this access key.
	User pulumi.StringInput
}

The set of arguments for constructing a AccessKey resource.

func (AccessKeyArgs) ElementType

func (AccessKeyArgs) ElementType() reflect.Type

type AccessKeyArray

type AccessKeyArray []AccessKeyInput

func (AccessKeyArray) ElementType

func (AccessKeyArray) ElementType() reflect.Type

func (AccessKeyArray) ToAccessKeyArrayOutput

func (i AccessKeyArray) ToAccessKeyArrayOutput() AccessKeyArrayOutput

func (AccessKeyArray) ToAccessKeyArrayOutputWithContext

func (i AccessKeyArray) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput

type AccessKeyArrayInput

type AccessKeyArrayInput interface {
	pulumi.Input

	ToAccessKeyArrayOutput() AccessKeyArrayOutput
	ToAccessKeyArrayOutputWithContext(context.Context) AccessKeyArrayOutput
}

AccessKeyArrayInput is an input type that accepts AccessKeyArray and AccessKeyArrayOutput values. You can construct a concrete instance of `AccessKeyArrayInput` via:

AccessKeyArray{ AccessKeyArgs{...} }

type AccessKeyArrayOutput

type AccessKeyArrayOutput struct{ *pulumi.OutputState }

func (AccessKeyArrayOutput) ElementType

func (AccessKeyArrayOutput) ElementType() reflect.Type

func (AccessKeyArrayOutput) Index

func (AccessKeyArrayOutput) ToAccessKeyArrayOutput

func (o AccessKeyArrayOutput) ToAccessKeyArrayOutput() AccessKeyArrayOutput

func (AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext

func (o AccessKeyArrayOutput) ToAccessKeyArrayOutputWithContext(ctx context.Context) AccessKeyArrayOutput

type AccessKeyInput

type AccessKeyInput interface {
	pulumi.Input

	ToAccessKeyOutput() AccessKeyOutput
	ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput
}

type AccessKeyMap

type AccessKeyMap map[string]AccessKeyInput

func (AccessKeyMap) ElementType

func (AccessKeyMap) ElementType() reflect.Type

func (AccessKeyMap) ToAccessKeyMapOutput

func (i AccessKeyMap) ToAccessKeyMapOutput() AccessKeyMapOutput

func (AccessKeyMap) ToAccessKeyMapOutputWithContext

func (i AccessKeyMap) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput

type AccessKeyMapInput

type AccessKeyMapInput interface {
	pulumi.Input

	ToAccessKeyMapOutput() AccessKeyMapOutput
	ToAccessKeyMapOutputWithContext(context.Context) AccessKeyMapOutput
}

AccessKeyMapInput is an input type that accepts AccessKeyMap and AccessKeyMapOutput values. You can construct a concrete instance of `AccessKeyMapInput` via:

AccessKeyMap{ "key": AccessKeyArgs{...} }

type AccessKeyMapOutput

type AccessKeyMapOutput struct{ *pulumi.OutputState }

func (AccessKeyMapOutput) ElementType

func (AccessKeyMapOutput) ElementType() reflect.Type

func (AccessKeyMapOutput) MapIndex

func (AccessKeyMapOutput) ToAccessKeyMapOutput

func (o AccessKeyMapOutput) ToAccessKeyMapOutput() AccessKeyMapOutput

func (AccessKeyMapOutput) ToAccessKeyMapOutputWithContext

func (o AccessKeyMapOutput) ToAccessKeyMapOutputWithContext(ctx context.Context) AccessKeyMapOutput

type AccessKeyOutput

type AccessKeyOutput struct{ *pulumi.OutputState }

func (AccessKeyOutput) CreateDate

func (o AccessKeyOutput) CreateDate() pulumi.StringOutput

Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.

func (AccessKeyOutput) ElementType

func (AccessKeyOutput) ElementType() reflect.Type

func (AccessKeyOutput) EncryptedSecret

func (o AccessKeyOutput) EncryptedSecret() pulumi.StringOutput

Encrypted secret, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line.

func (AccessKeyOutput) EncryptedSesSmtpPasswordV4

func (o AccessKeyOutput) EncryptedSesSmtpPasswordV4() pulumi.StringOutput

Encrypted SES SMTP password, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line.

func (AccessKeyOutput) KeyFingerprint

func (o AccessKeyOutput) KeyFingerprint() pulumi.StringOutput

Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.

func (AccessKeyOutput) PgpKey

Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`).

func (AccessKeyOutput) Secret

func (o AccessKeyOutput) Secret() pulumi.StringOutput

Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.

func (AccessKeyOutput) SesSmtpPasswordV4

func (o AccessKeyOutput) SesSmtpPasswordV4() pulumi.StringOutput

Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).

func (AccessKeyOutput) Status

Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.

func (AccessKeyOutput) ToAccessKeyOutput

func (o AccessKeyOutput) ToAccessKeyOutput() AccessKeyOutput

func (AccessKeyOutput) ToAccessKeyOutputWithContext

func (o AccessKeyOutput) ToAccessKeyOutputWithContext(ctx context.Context) AccessKeyOutput

func (AccessKeyOutput) User

IAM user to associate with this access key.

type AccessKeyState

type AccessKeyState struct {
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate pulumi.StringPtrInput
	// Encrypted secret, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted secret may be decrypted using the command line.
	EncryptedSecret pulumi.StringPtrInput
	// Encrypted SES SMTP password, base64 encoded, if `pgpKey` was specified. This attribute is not available for imported resources. The encrypted password may be decrypted using the command line.
	EncryptedSesSmtpPasswordV4 pulumi.StringPtrInput
	// Fingerprint of the PGP key used to encrypt the secret. This attribute is not available for imported resources.
	KeyFingerprint pulumi.StringPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`, for use in the `encryptedSecret` output attribute. If providing a base-64 encoded PGP public key, make sure to provide the "raw" version and not the "armored" one (e.g. avoid passing the `-a` option to `gpg --export`).
	PgpKey pulumi.StringPtrInput
	// Secret access key. This attribute is not available for imported resources. Note that this will be written to the state file. If you use this, please protect your backend state file judiciously. Alternatively, you may supply a `pgpKey` instead, which will prevent the secret from being stored in plaintext, at the cost of preventing the use of the secret key in automation.
	Secret pulumi.StringPtrInput
	// Secret access key converted into an SES SMTP password by applying [AWS's documented Sigv4 conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert). This attribute is not available for imported resources. As SigV4 is region specific, valid Provider regions are `ap-south-1`, `ap-southeast-2`, `eu-central-1`, `eu-west-1`, `us-east-1` and `us-west-2`. See current [AWS SES regions](https://docs.aws.amazon.com/general/latest/gr/rande.html#ses_region).
	SesSmtpPasswordV4 pulumi.StringPtrInput
	// Access key status to apply. Defaults to `Active`. Valid values are `Active` and `Inactive`.
	Status pulumi.StringPtrInput
	// IAM user to associate with this access key.
	User pulumi.StringPtrInput
}

func (AccessKeyState) ElementType

func (AccessKeyState) ElementType() reflect.Type

type AccountAlias

type AccountAlias struct {
	pulumi.CustomResourceState

	// The account alias
	AccountAlias pulumi.StringOutput `pulumi:"accountAlias"`
}

> **Note:** There is only a single account alias per AWS account.

Manages the account alias for the AWS Account.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewAccountAlias(ctx, "alias", &iam.AccountAliasArgs{
			AccountAlias: pulumi.String("my-account-alias"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

The current Account Alias can be imported using the `account_alias`, e.g.,

```sh

$ pulumi import aws:iam/accountAlias:AccountAlias alias my-account-alias

```

func GetAccountAlias

func GetAccountAlias(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccountAliasState, opts ...pulumi.ResourceOption) (*AccountAlias, error)

GetAccountAlias gets an existing AccountAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountAlias

func NewAccountAlias(ctx *pulumi.Context,
	name string, args *AccountAliasArgs, opts ...pulumi.ResourceOption) (*AccountAlias, error)

NewAccountAlias registers a new resource with the given unique name, arguments, and options.

func (*AccountAlias) ElementType

func (*AccountAlias) ElementType() reflect.Type

func (*AccountAlias) ToAccountAliasOutput

func (i *AccountAlias) ToAccountAliasOutput() AccountAliasOutput

func (*AccountAlias) ToAccountAliasOutputWithContext

func (i *AccountAlias) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput

type AccountAliasArgs

type AccountAliasArgs struct {
	// The account alias
	AccountAlias pulumi.StringInput
}

The set of arguments for constructing a AccountAlias resource.

func (AccountAliasArgs) ElementType

func (AccountAliasArgs) ElementType() reflect.Type

type AccountAliasArray

type AccountAliasArray []AccountAliasInput

func (AccountAliasArray) ElementType

func (AccountAliasArray) ElementType() reflect.Type

func (AccountAliasArray) ToAccountAliasArrayOutput

func (i AccountAliasArray) ToAccountAliasArrayOutput() AccountAliasArrayOutput

func (AccountAliasArray) ToAccountAliasArrayOutputWithContext

func (i AccountAliasArray) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput

type AccountAliasArrayInput

type AccountAliasArrayInput interface {
	pulumi.Input

	ToAccountAliasArrayOutput() AccountAliasArrayOutput
	ToAccountAliasArrayOutputWithContext(context.Context) AccountAliasArrayOutput
}

AccountAliasArrayInput is an input type that accepts AccountAliasArray and AccountAliasArrayOutput values. You can construct a concrete instance of `AccountAliasArrayInput` via:

AccountAliasArray{ AccountAliasArgs{...} }

type AccountAliasArrayOutput

type AccountAliasArrayOutput struct{ *pulumi.OutputState }

func (AccountAliasArrayOutput) ElementType

func (AccountAliasArrayOutput) ElementType() reflect.Type

func (AccountAliasArrayOutput) Index

func (AccountAliasArrayOutput) ToAccountAliasArrayOutput

func (o AccountAliasArrayOutput) ToAccountAliasArrayOutput() AccountAliasArrayOutput

func (AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext

func (o AccountAliasArrayOutput) ToAccountAliasArrayOutputWithContext(ctx context.Context) AccountAliasArrayOutput

type AccountAliasInput

type AccountAliasInput interface {
	pulumi.Input

	ToAccountAliasOutput() AccountAliasOutput
	ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput
}

type AccountAliasMap

type AccountAliasMap map[string]AccountAliasInput

func (AccountAliasMap) ElementType

func (AccountAliasMap) ElementType() reflect.Type

func (AccountAliasMap) ToAccountAliasMapOutput

func (i AccountAliasMap) ToAccountAliasMapOutput() AccountAliasMapOutput

func (AccountAliasMap) ToAccountAliasMapOutputWithContext

func (i AccountAliasMap) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput

type AccountAliasMapInput

type AccountAliasMapInput interface {
	pulumi.Input

	ToAccountAliasMapOutput() AccountAliasMapOutput
	ToAccountAliasMapOutputWithContext(context.Context) AccountAliasMapOutput
}

AccountAliasMapInput is an input type that accepts AccountAliasMap and AccountAliasMapOutput values. You can construct a concrete instance of `AccountAliasMapInput` via:

AccountAliasMap{ "key": AccountAliasArgs{...} }

type AccountAliasMapOutput

type AccountAliasMapOutput struct{ *pulumi.OutputState }

func (AccountAliasMapOutput) ElementType

func (AccountAliasMapOutput) ElementType() reflect.Type

func (AccountAliasMapOutput) MapIndex

func (AccountAliasMapOutput) ToAccountAliasMapOutput

func (o AccountAliasMapOutput) ToAccountAliasMapOutput() AccountAliasMapOutput

func (AccountAliasMapOutput) ToAccountAliasMapOutputWithContext

func (o AccountAliasMapOutput) ToAccountAliasMapOutputWithContext(ctx context.Context) AccountAliasMapOutput

type AccountAliasOutput

type AccountAliasOutput struct{ *pulumi.OutputState }

func (AccountAliasOutput) AccountAlias

func (o AccountAliasOutput) AccountAlias() pulumi.StringOutput

The account alias

func (AccountAliasOutput) ElementType

func (AccountAliasOutput) ElementType() reflect.Type

func (AccountAliasOutput) ToAccountAliasOutput

func (o AccountAliasOutput) ToAccountAliasOutput() AccountAliasOutput

func (AccountAliasOutput) ToAccountAliasOutputWithContext

func (o AccountAliasOutput) ToAccountAliasOutputWithContext(ctx context.Context) AccountAliasOutput

type AccountAliasState

type AccountAliasState struct {
	// The account alias
	AccountAlias pulumi.StringPtrInput
}

func (AccountAliasState) ElementType

func (AccountAliasState) ElementType() reflect.Type

type AccountPasswordPolicy

type AccountPasswordPolicy struct {
	pulumi.CustomResourceState

	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrOutput `pulumi:"allowUsersToChangePassword"`
	// Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.
	ExpirePasswords pulumi.BoolOutput `pulumi:"expirePasswords"`
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolOutput `pulumi:"hardExpiry"`
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntOutput `pulumi:"maxPasswordAge"`
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrOutput `pulumi:"minimumPasswordLength"`
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntOutput `pulumi:"passwordReusePrevention"`
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolOutput `pulumi:"requireLowercaseCharacters"`
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolOutput `pulumi:"requireNumbers"`
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolOutput `pulumi:"requireSymbols"`
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolOutput `pulumi:"requireUppercaseCharacters"`
}

> **Note:** There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.

Manages Password Policy for the AWS Account. See more about [Account Password Policy](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html) in the official AWS docs.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewAccountPasswordPolicy(ctx, "strict", &iam.AccountPasswordPolicyArgs{
			AllowUsersToChangePassword: pulumi.Bool(true),
			MinimumPasswordLength:      pulumi.Int(8),
			RequireLowercaseCharacters: pulumi.Bool(true),
			RequireNumbers:             pulumi.Bool(true),
			RequireSymbols:             pulumi.Bool(true),
			RequireUppercaseCharacters: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Account Password Policy can be imported using the word `iam-account-password-policy`, e.g.,

```sh

$ pulumi import aws:iam/accountPasswordPolicy:AccountPasswordPolicy strict iam-account-password-policy

```

func GetAccountPasswordPolicy

func GetAccountPasswordPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AccountPasswordPolicyState, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)

GetAccountPasswordPolicy gets an existing AccountPasswordPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountPasswordPolicy

func NewAccountPasswordPolicy(ctx *pulumi.Context,
	name string, args *AccountPasswordPolicyArgs, opts ...pulumi.ResourceOption) (*AccountPasswordPolicy, error)

NewAccountPasswordPolicy registers a new resource with the given unique name, arguments, and options.

func (*AccountPasswordPolicy) ElementType

func (*AccountPasswordPolicy) ElementType() reflect.Type

func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutput

func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput

func (*AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext

func (i *AccountPasswordPolicy) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput

type AccountPasswordPolicyArgs

type AccountPasswordPolicyArgs struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrInput
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolPtrInput
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntPtrInput
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrInput
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntPtrInput
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolPtrInput
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolPtrInput
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolPtrInput
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolPtrInput
}

The set of arguments for constructing a AccountPasswordPolicy resource.

func (AccountPasswordPolicyArgs) ElementType

func (AccountPasswordPolicyArgs) ElementType() reflect.Type

type AccountPasswordPolicyArray

type AccountPasswordPolicyArray []AccountPasswordPolicyInput

func (AccountPasswordPolicyArray) ElementType

func (AccountPasswordPolicyArray) ElementType() reflect.Type

func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput

func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput

func (AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext

func (i AccountPasswordPolicyArray) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyArrayInput

type AccountPasswordPolicyArrayInput interface {
	pulumi.Input

	ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput
	ToAccountPasswordPolicyArrayOutputWithContext(context.Context) AccountPasswordPolicyArrayOutput
}

AccountPasswordPolicyArrayInput is an input type that accepts AccountPasswordPolicyArray and AccountPasswordPolicyArrayOutput values. You can construct a concrete instance of `AccountPasswordPolicyArrayInput` via:

AccountPasswordPolicyArray{ AccountPasswordPolicyArgs{...} }

type AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyArrayOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyArrayOutput) ElementType

func (AccountPasswordPolicyArrayOutput) Index

func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput

func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutput() AccountPasswordPolicyArrayOutput

func (AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext

func (o AccountPasswordPolicyArrayOutput) ToAccountPasswordPolicyArrayOutputWithContext(ctx context.Context) AccountPasswordPolicyArrayOutput

type AccountPasswordPolicyInput

type AccountPasswordPolicyInput interface {
	pulumi.Input

	ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput
	ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput
}

type AccountPasswordPolicyMap

type AccountPasswordPolicyMap map[string]AccountPasswordPolicyInput

func (AccountPasswordPolicyMap) ElementType

func (AccountPasswordPolicyMap) ElementType() reflect.Type

func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput

func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput

func (AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext

func (i AccountPasswordPolicyMap) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput

type AccountPasswordPolicyMapInput

type AccountPasswordPolicyMapInput interface {
	pulumi.Input

	ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput
	ToAccountPasswordPolicyMapOutputWithContext(context.Context) AccountPasswordPolicyMapOutput
}

AccountPasswordPolicyMapInput is an input type that accepts AccountPasswordPolicyMap and AccountPasswordPolicyMapOutput values. You can construct a concrete instance of `AccountPasswordPolicyMapInput` via:

AccountPasswordPolicyMap{ "key": AccountPasswordPolicyArgs{...} }

type AccountPasswordPolicyMapOutput

type AccountPasswordPolicyMapOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyMapOutput) ElementType

func (AccountPasswordPolicyMapOutput) MapIndex

func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput

func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutput() AccountPasswordPolicyMapOutput

func (AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext

func (o AccountPasswordPolicyMapOutput) ToAccountPasswordPolicyMapOutputWithContext(ctx context.Context) AccountPasswordPolicyMapOutput

type AccountPasswordPolicyOutput

type AccountPasswordPolicyOutput struct{ *pulumi.OutputState }

func (AccountPasswordPolicyOutput) AllowUsersToChangePassword

func (o AccountPasswordPolicyOutput) AllowUsersToChangePassword() pulumi.BoolPtrOutput

Whether to allow users to change their own password

func (AccountPasswordPolicyOutput) ElementType

func (AccountPasswordPolicyOutput) ExpirePasswords

func (o AccountPasswordPolicyOutput) ExpirePasswords() pulumi.BoolOutput

Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.

func (AccountPasswordPolicyOutput) HardExpiry

Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)

func (AccountPasswordPolicyOutput) MaxPasswordAge

func (o AccountPasswordPolicyOutput) MaxPasswordAge() pulumi.IntOutput

The number of days that an user password is valid.

func (AccountPasswordPolicyOutput) MinimumPasswordLength

func (o AccountPasswordPolicyOutput) MinimumPasswordLength() pulumi.IntPtrOutput

Minimum length to require for user passwords.

func (AccountPasswordPolicyOutput) PasswordReusePrevention

func (o AccountPasswordPolicyOutput) PasswordReusePrevention() pulumi.IntOutput

The number of previous passwords that users are prevented from reusing.

func (AccountPasswordPolicyOutput) RequireLowercaseCharacters

func (o AccountPasswordPolicyOutput) RequireLowercaseCharacters() pulumi.BoolOutput

Whether to require lowercase characters for user passwords.

func (AccountPasswordPolicyOutput) RequireNumbers

func (o AccountPasswordPolicyOutput) RequireNumbers() pulumi.BoolOutput

Whether to require numbers for user passwords.

func (AccountPasswordPolicyOutput) RequireSymbols

func (o AccountPasswordPolicyOutput) RequireSymbols() pulumi.BoolOutput

Whether to require symbols for user passwords.

func (AccountPasswordPolicyOutput) RequireUppercaseCharacters

func (o AccountPasswordPolicyOutput) RequireUppercaseCharacters() pulumi.BoolOutput

Whether to require uppercase characters for user passwords.

func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput

func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutput() AccountPasswordPolicyOutput

func (AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext

func (o AccountPasswordPolicyOutput) ToAccountPasswordPolicyOutputWithContext(ctx context.Context) AccountPasswordPolicyOutput

type AccountPasswordPolicyState

type AccountPasswordPolicyState struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword pulumi.BoolPtrInput
	// Indicates whether passwords in the account expire. Returns `true` if `maxPasswordAge` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.
	ExpirePasswords pulumi.BoolPtrInput
	// Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)
	HardExpiry pulumi.BoolPtrInput
	// The number of days that an user password is valid.
	MaxPasswordAge pulumi.IntPtrInput
	// Minimum length to require for user passwords.
	MinimumPasswordLength pulumi.IntPtrInput
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention pulumi.IntPtrInput
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters pulumi.BoolPtrInput
	// Whether to require numbers for user passwords.
	RequireNumbers pulumi.BoolPtrInput
	// Whether to require symbols for user passwords.
	RequireSymbols pulumi.BoolPtrInput
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters pulumi.BoolPtrInput
}

func (AccountPasswordPolicyState) ElementType

func (AccountPasswordPolicyState) ElementType() reflect.Type

type GetAccessKeysAccessKey

type GetAccessKeysAccessKey struct {
	// Access key ID.
	AccessKeyId string `pulumi:"accessKeyId"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate string `pulumi:"createDate"`
	// Access key status. Possible values are `Active` and `Inactive`.
	Status string `pulumi:"status"`
}

type GetAccessKeysAccessKeyArgs

type GetAccessKeysAccessKeyArgs struct {
	// Access key ID.
	AccessKeyId pulumi.StringInput `pulumi:"accessKeyId"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.
	CreateDate pulumi.StringInput `pulumi:"createDate"`
	// Access key status. Possible values are `Active` and `Inactive`.
	Status pulumi.StringInput `pulumi:"status"`
}

func (GetAccessKeysAccessKeyArgs) ElementType

func (GetAccessKeysAccessKeyArgs) ElementType() reflect.Type

func (GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutput

func (i GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutput() GetAccessKeysAccessKeyOutput

func (GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutputWithContext

func (i GetAccessKeysAccessKeyArgs) ToGetAccessKeysAccessKeyOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyOutput

type GetAccessKeysAccessKeyArray

type GetAccessKeysAccessKeyArray []GetAccessKeysAccessKeyInput

func (GetAccessKeysAccessKeyArray) ElementType

func (GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutput

func (i GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput

func (GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutputWithContext

func (i GetAccessKeysAccessKeyArray) ToGetAccessKeysAccessKeyArrayOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyArrayOutput

type GetAccessKeysAccessKeyArrayInput

type GetAccessKeysAccessKeyArrayInput interface {
	pulumi.Input

	ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput
	ToGetAccessKeysAccessKeyArrayOutputWithContext(context.Context) GetAccessKeysAccessKeyArrayOutput
}

GetAccessKeysAccessKeyArrayInput is an input type that accepts GetAccessKeysAccessKeyArray and GetAccessKeysAccessKeyArrayOutput values. You can construct a concrete instance of `GetAccessKeysAccessKeyArrayInput` via:

GetAccessKeysAccessKeyArray{ GetAccessKeysAccessKeyArgs{...} }

type GetAccessKeysAccessKeyArrayOutput

type GetAccessKeysAccessKeyArrayOutput struct{ *pulumi.OutputState }

func (GetAccessKeysAccessKeyArrayOutput) ElementType

func (GetAccessKeysAccessKeyArrayOutput) Index

func (GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutput

func (o GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutput() GetAccessKeysAccessKeyArrayOutput

func (GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutputWithContext

func (o GetAccessKeysAccessKeyArrayOutput) ToGetAccessKeysAccessKeyArrayOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyArrayOutput

type GetAccessKeysAccessKeyInput

type GetAccessKeysAccessKeyInput interface {
	pulumi.Input

	ToGetAccessKeysAccessKeyOutput() GetAccessKeysAccessKeyOutput
	ToGetAccessKeysAccessKeyOutputWithContext(context.Context) GetAccessKeysAccessKeyOutput
}

GetAccessKeysAccessKeyInput is an input type that accepts GetAccessKeysAccessKeyArgs and GetAccessKeysAccessKeyOutput values. You can construct a concrete instance of `GetAccessKeysAccessKeyInput` via:

GetAccessKeysAccessKeyArgs{...}

type GetAccessKeysAccessKeyOutput

type GetAccessKeysAccessKeyOutput struct{ *pulumi.OutputState }

func (GetAccessKeysAccessKeyOutput) AccessKeyId

Access key ID.

func (GetAccessKeysAccessKeyOutput) CreateDate

Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) that the access key was created.

func (GetAccessKeysAccessKeyOutput) ElementType

func (GetAccessKeysAccessKeyOutput) Status

Access key status. Possible values are `Active` and `Inactive`.

func (GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutput

func (o GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutput() GetAccessKeysAccessKeyOutput

func (GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutputWithContext

func (o GetAccessKeysAccessKeyOutput) ToGetAccessKeysAccessKeyOutputWithContext(ctx context.Context) GetAccessKeysAccessKeyOutput

type GetAccessKeysArgs

type GetAccessKeysArgs struct {
	// Name of the IAM user associated with the access keys.
	User string `pulumi:"user"`
}

A collection of arguments for invoking getAccessKeys.

type GetAccessKeysOutputArgs

type GetAccessKeysOutputArgs struct {
	// Name of the IAM user associated with the access keys.
	User pulumi.StringInput `pulumi:"user"`
}

A collection of arguments for invoking getAccessKeys.

func (GetAccessKeysOutputArgs) ElementType

func (GetAccessKeysOutputArgs) ElementType() reflect.Type

type GetAccessKeysResult

type GetAccessKeysResult struct {
	// List of the IAM access keys associated with the specified user. See below.
	AccessKeys []GetAccessKeysAccessKey `pulumi:"accessKeys"`
	// The provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	User string `pulumi:"user"`
}

A collection of values returned by getAccessKeys.

func GetAccessKeys

func GetAccessKeys(ctx *pulumi.Context, args *GetAccessKeysArgs, opts ...pulumi.InvokeOption) (*GetAccessKeysResult, error)

This data source can be used to fetch information about IAM access keys of a specific IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetAccessKeys(ctx, &iam.GetAccessKeysArgs{
			User: "an_example_user_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetAccessKeysResultOutput

type GetAccessKeysResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getAccessKeys.

func (GetAccessKeysResultOutput) AccessKeys

List of the IAM access keys associated with the specified user. See below.

func (GetAccessKeysResultOutput) ElementType

func (GetAccessKeysResultOutput) ElementType() reflect.Type

func (GetAccessKeysResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetAccessKeysResultOutput) ToGetAccessKeysResultOutput

func (o GetAccessKeysResultOutput) ToGetAccessKeysResultOutput() GetAccessKeysResultOutput

func (GetAccessKeysResultOutput) ToGetAccessKeysResultOutputWithContext

func (o GetAccessKeysResultOutput) ToGetAccessKeysResultOutputWithContext(ctx context.Context) GetAccessKeysResultOutput

func (GetAccessKeysResultOutput) User

type GetGroupUser

type GetGroupUser struct {
	// User ARN.
	Arn string `pulumi:"arn"`
	// Path to the IAM user.
	Path string `pulumi:"path"`
	// Stable and unique string identifying the IAM user.
	UserId string `pulumi:"userId"`
	// Name of the IAM user.
	UserName string `pulumi:"userName"`
}

type GetGroupUserArgs

type GetGroupUserArgs struct {
	// User ARN.
	Arn pulumi.StringInput `pulumi:"arn"`
	// Path to the IAM user.
	Path pulumi.StringInput `pulumi:"path"`
	// Stable and unique string identifying the IAM user.
	UserId pulumi.StringInput `pulumi:"userId"`
	// Name of the IAM user.
	UserName pulumi.StringInput `pulumi:"userName"`
}

func (GetGroupUserArgs) ElementType

func (GetGroupUserArgs) ElementType() reflect.Type

func (GetGroupUserArgs) ToGetGroupUserOutput

func (i GetGroupUserArgs) ToGetGroupUserOutput() GetGroupUserOutput

func (GetGroupUserArgs) ToGetGroupUserOutputWithContext

func (i GetGroupUserArgs) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput

type GetGroupUserArray

type GetGroupUserArray []GetGroupUserInput

func (GetGroupUserArray) ElementType

func (GetGroupUserArray) ElementType() reflect.Type

func (GetGroupUserArray) ToGetGroupUserArrayOutput

func (i GetGroupUserArray) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput

func (GetGroupUserArray) ToGetGroupUserArrayOutputWithContext

func (i GetGroupUserArray) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput

type GetGroupUserArrayInput

type GetGroupUserArrayInput interface {
	pulumi.Input

	ToGetGroupUserArrayOutput() GetGroupUserArrayOutput
	ToGetGroupUserArrayOutputWithContext(context.Context) GetGroupUserArrayOutput
}

GetGroupUserArrayInput is an input type that accepts GetGroupUserArray and GetGroupUserArrayOutput values. You can construct a concrete instance of `GetGroupUserArrayInput` via:

GetGroupUserArray{ GetGroupUserArgs{...} }

type GetGroupUserArrayOutput

type GetGroupUserArrayOutput struct{ *pulumi.OutputState }

func (GetGroupUserArrayOutput) ElementType

func (GetGroupUserArrayOutput) ElementType() reflect.Type

func (GetGroupUserArrayOutput) Index

func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutput

func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutput() GetGroupUserArrayOutput

func (GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext

func (o GetGroupUserArrayOutput) ToGetGroupUserArrayOutputWithContext(ctx context.Context) GetGroupUserArrayOutput

type GetGroupUserInput

type GetGroupUserInput interface {
	pulumi.Input

	ToGetGroupUserOutput() GetGroupUserOutput
	ToGetGroupUserOutputWithContext(context.Context) GetGroupUserOutput
}

GetGroupUserInput is an input type that accepts GetGroupUserArgs and GetGroupUserOutput values. You can construct a concrete instance of `GetGroupUserInput` via:

GetGroupUserArgs{...}

type GetGroupUserOutput

type GetGroupUserOutput struct{ *pulumi.OutputState }

func (GetGroupUserOutput) Arn

User ARN.

func (GetGroupUserOutput) ElementType

func (GetGroupUserOutput) ElementType() reflect.Type

func (GetGroupUserOutput) Path

Path to the IAM user.

func (GetGroupUserOutput) ToGetGroupUserOutput

func (o GetGroupUserOutput) ToGetGroupUserOutput() GetGroupUserOutput

func (GetGroupUserOutput) ToGetGroupUserOutputWithContext

func (o GetGroupUserOutput) ToGetGroupUserOutputWithContext(ctx context.Context) GetGroupUserOutput

func (GetGroupUserOutput) UserId

Stable and unique string identifying the IAM user.

func (GetGroupUserOutput) UserName

func (o GetGroupUserOutput) UserName() pulumi.StringOutput

Name of the IAM user.

type GetInstanceProfilesArgs

type GetInstanceProfilesArgs struct {
	// IAM role name.
	RoleName string `pulumi:"roleName"`
}

A collection of arguments for invoking getInstanceProfiles.

type GetInstanceProfilesOutputArgs

type GetInstanceProfilesOutputArgs struct {
	// IAM role name.
	RoleName pulumi.StringInput `pulumi:"roleName"`
}

A collection of arguments for invoking getInstanceProfiles.

func (GetInstanceProfilesOutputArgs) ElementType

type GetInstanceProfilesResult

type GetInstanceProfilesResult struct {
	// Set of ARNs of instance profiles.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Set of IAM instance profile names.
	Names []string `pulumi:"names"`
	// Set of IAM instance profile paths.
	Paths    []string `pulumi:"paths"`
	RoleName string   `pulumi:"roleName"`
}

A collection of values returned by getInstanceProfiles.

func GetInstanceProfiles

func GetInstanceProfiles(ctx *pulumi.Context, args *GetInstanceProfilesArgs, opts ...pulumi.InvokeOption) (*GetInstanceProfilesResult, error)

This data source can be used to fetch information about all IAM instance profiles under a role. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetInstanceProfiles(ctx, &iam.GetInstanceProfilesArgs{
			RoleName: "an_example_iam_role_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetInstanceProfilesResultOutput

type GetInstanceProfilesResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getInstanceProfiles.

func (GetInstanceProfilesResultOutput) Arns

Set of ARNs of instance profiles.

func (GetInstanceProfilesResultOutput) ElementType

func (GetInstanceProfilesResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetInstanceProfilesResultOutput) Names

Set of IAM instance profile names.

func (GetInstanceProfilesResultOutput) Paths

Set of IAM instance profile paths.

func (GetInstanceProfilesResultOutput) RoleName

func (GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutput

func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutput() GetInstanceProfilesResultOutput

func (GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutputWithContext

func (o GetInstanceProfilesResultOutput) ToGetInstanceProfilesResultOutputWithContext(ctx context.Context) GetInstanceProfilesResultOutput

type GetPolicyDocumentArgs

type GetPolicyDocumentArgs struct {
	// List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from `sourcePolicyDocuments`.  Non-overriding statements will be added to the exported document.
	OverridePolicyDocuments []string `pulumi:"overridePolicyDocuments"`
	// ID for the policy document.
	PolicyId *string `pulumi:"policyId"`
	// List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` must have unique `sid`s. Statements with the same `sid` from `overridePolicyDocuments` will override source statements.
	SourcePolicyDocuments []string `pulumi:"sourcePolicyDocuments"`
	// Configuration block for a policy statement. Detailed below.
	Statements []GetPolicyDocumentStatement `pulumi:"statements"`
	// IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getPolicyDocument.

type GetPolicyDocumentOutputArgs

type GetPolicyDocumentOutputArgs struct {
	// List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank `sid`s will override statements with the same `sid` from earlier documents in the list. Statements with non-blank `sid`s will also override statements with the same `sid` from `sourcePolicyDocuments`.  Non-overriding statements will be added to the exported document.
	OverridePolicyDocuments pulumi.StringArrayInput `pulumi:"overridePolicyDocuments"`
	// ID for the policy document.
	PolicyId pulumi.StringPtrInput `pulumi:"policyId"`
	// List of IAM policy documents that are merged together into the exported document. Statements defined in `sourcePolicyDocuments` must have unique `sid`s. Statements with the same `sid` from `overridePolicyDocuments` will override source statements.
	SourcePolicyDocuments pulumi.StringArrayInput `pulumi:"sourcePolicyDocuments"`
	// Configuration block for a policy statement. Detailed below.
	Statements GetPolicyDocumentStatementArrayInput `pulumi:"statements"`
	// IAM policy document version. Valid values are `2008-10-17` and `2012-10-17`. Defaults to `2012-10-17`. For more information, see the [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html).
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getPolicyDocument.

func (GetPolicyDocumentOutputArgs) ElementType

type GetPolicyDocumentResult

type GetPolicyDocumentResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Standard JSON policy document rendered based on the arguments above.
	Json                    string                       `pulumi:"json"`
	OverridePolicyDocuments []string                     `pulumi:"overridePolicyDocuments"`
	PolicyId                *string                      `pulumi:"policyId"`
	SourcePolicyDocuments   []string                     `pulumi:"sourcePolicyDocuments"`
	Statements              []GetPolicyDocumentStatement `pulumi:"statements"`
	Version                 *string                      `pulumi:"version"`
}

A collection of values returned by getPolicyDocument.

func GetPolicyDocument

func GetPolicyDocument(ctx *pulumi.Context, args *GetPolicyDocumentArgs, opts ...pulumi.InvokeOption) (*GetPolicyDocumentResult, error)

Generates an IAM policy document in JSON format for use with resources that expect policy documents such as `iam.Policy`.

Using this data source to generate policy documents is *optional*. It is also valid to use literal JSON strings in your configuration or to use the `file` interpolation function to read a raw JSON policy document from a file.

## Example Usage ### Basic Example

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		examplePolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: pulumi.Array{
				iam.GetPolicyDocumentStatement{
					Sid: pulumi.StringRef("1"),
					Actions: []string{
						"s3:ListAllMyBuckets",
						"s3:GetBucketLocation",
					},
					Resources: []string{
						"arn:aws:s3:::*",
					},
				},
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"s3:ListBucket",
					},
					Resources: []string{
						fmt.Sprintf("arn:aws:s3:::%v", _var.S3_bucket_name),
					},
					Conditions: []iam.GetPolicyDocumentStatementCondition{
						{
							Test:     "StringLike",
							Variable: "s3:prefix",
							Values: []string{
								"",
								"home/",
								"home/&{aws:username}/",
							},
						},
					},
				},
				iam.GetPolicyDocumentStatement{
					Actions: []string{
						"s3:*",
					},
					Resources: []string{
						fmt.Sprintf("arn:aws:s3:::%v/home/&{aws:username}", _var.S3_bucket_name),
						fmt.Sprintf("arn:aws:s3:::%v/home/&{aws:username}/*", _var.S3_bucket_name),
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewPolicy(ctx, "examplePolicy", &iam.PolicyArgs{
			Path:   pulumi.String("/"),
			Policy: *pulumi.String(examplePolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example Multiple Condition Keys and Values

You can specify a [condition with multiple keys and values](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_multi-value-conditions.html) by supplying multiple `condition` blocks with the same `test` value, but differing `variable` and `values` values.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Actions: []string{
						"kms:Decrypt",
						"kms:GenerateDataKey",
					},
					Conditions: []iam.GetPolicyDocumentStatementCondition{
						{
							Test: "ForAnyValue:StringEquals",
							Values: []string{
								"pi",
							},
							Variable: "kms:EncryptionContext:service",
						},
						{
							Test: "ForAnyValue:StringEquals",
							Values: []string{
								"rds",
							},
							Variable: "kms:EncryptionContext:aws:pi:service",
						},
						{
							Test: "ForAnyValue:StringEquals",
							Values: []string{
								"db-AAAAABBBBBCCCCCDDDDDEEEEE",
								"db-EEEEEDDDDDCCCCCBBBBBAAAAA",
							},
							Variable: "kms:EncryptionContext:aws:rds:db-id",
						},
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

`data.aws_iam_policy_document.example_multiple_condition_keys_and_values.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

``` ### Example Assume-Role Policy with Multiple Principals

You can specify multiple principal blocks with different types. You can also use this data source to generate an assume-role policy.

```go package main

import ( "fmt"

"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { _, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "sts:AssumeRole", }, Principals: []iam.GetPolicyDocumentStatementPrincipal{ { Type: "Service", Identifiers: []string{ "firehose.amazonaws.com", }, }, { Type: "AWS", Identifiers: interface{}{ _var.Trusted_role_arn, }, }, { Type: "Federated", Identifiers: []string{ fmt.Sprintf("arn:aws:iam::%v:saml-provider/%v", _var.Account_id, _var.Provider_name), "cognito-identity.amazonaws.com", }, }, }, }, }, }, nil); if err != nil { return err } return nil }) } ``` ### Example Using A Source Document

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { source, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ SourcePolicyDocuments: interface{}{ source.Json, }, Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "arn:aws:s3:::somebucket", "arn:aws:s3:::somebucket/*", }, }, }, }, nil); if err != nil { return err } return nil }) } ```

`data.aws_iam_policy_document.source_document_example.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

``` ### Example Using An Override Document

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { override, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ OverridePolicyDocuments: interface{}{ override.Json, }, Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("SidToOverride"), Actions: []string{ "s3:*", }, Resources: []string{ "arn:aws:s3:::somebucket", "arn:aws:s3:::somebucket/*", }, }, }, }, nil); if err != nil { return err } return nil }) } ```

`data.aws_iam_policy_document.override_policy_document_example.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

``` ### Example with Both Source and Override Documents

You can also combine `sourcePolicyDocuments` and `overridePolicyDocuments` in the same document.

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { source, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceholder"), Actions: []string{ "ec2:DescribeAccountAttributes", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } override, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceholder"), Actions: []string{ "s3:GetObject", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ SourcePolicyDocuments: interface{}{ source.Json, }, OverridePolicyDocuments: interface{}{ override.Json, }, }, nil); if err != nil { return err } return nil }) } ```

`data.aws_iam_policy_document.politik.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

``` ### Example of Merging Source Documents

Multiple documents can be combined using the `sourcePolicyDocuments` or `overridePolicyDocuments` attributes. `sourcePolicyDocuments` requires that all documents have unique Sids, while `overridePolicyDocuments` will iteratively override matching Sids.

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { sourceOne, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("UniqueSidOne"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } sourceTwo, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: pulumi.Array{ iam.GetPolicyDocumentStatement{ Sid: pulumi.StringRef("UniqueSidTwo"), Actions: []string{ "iam:*", }, Resources: []string{ "*", }, }, iam.GetPolicyDocumentStatement{ Actions: []string{ "lambda:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ SourcePolicyDocuments: interface{}{ sourceOne.Json, sourceTwo.Json, }, }, nil); if err != nil { return err } return nil }) } ```

`data.aws_iam_policy_document.combined.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

``` ### Example of Merging Override Documents

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam" ) func main() { pulumi.Run(func(ctx *pulumi.Context) error { policyOne, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceHolderOne"), Effect: pulumi.StringRef("Allow"), Actions: []string{ "s3:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } policyTwo, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Effect: pulumi.StringRef("Allow"), Actions: []string{ "ec2:*", }, Resources: []string{ "*", }, }, { Sid: pulumi.StringRef("OverridePlaceHolderTwo"), Effect: pulumi.StringRef("Allow"), Actions: []string{ "iam:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } policyThree, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceHolderOne"), Effect: pulumi.StringRef("Deny"), Actions: []string{ "logs:*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } _, err = iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ OverridePolicyDocuments: interface{}{ policyOne.Json, policyTwo.Json, policyThree.Json, }, Statements: []iam.GetPolicyDocumentStatement{ { Sid: pulumi.StringRef("OverridePlaceHolderTwo"), Effect: pulumi.StringRef("Deny"), Actions: []string{ "*", }, Resources: []string{ "*", }, }, }, }, nil); if err != nil { return err } return nil }) } ```

`data.aws_iam_policy_document.combined.json` will evaluate to:

```go package main

import (

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		return nil
	})
}

```

type GetPolicyDocumentResultOutput

type GetPolicyDocumentResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPolicyDocument.

func (GetPolicyDocumentResultOutput) ElementType

func (GetPolicyDocumentResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetPolicyDocumentResultOutput) Json

Standard JSON policy document rendered based on the arguments above.

func (GetPolicyDocumentResultOutput) OverridePolicyDocuments

func (o GetPolicyDocumentResultOutput) OverridePolicyDocuments() pulumi.StringArrayOutput

func (GetPolicyDocumentResultOutput) PolicyId

func (GetPolicyDocumentResultOutput) SourcePolicyDocuments

func (o GetPolicyDocumentResultOutput) SourcePolicyDocuments() pulumi.StringArrayOutput

func (GetPolicyDocumentResultOutput) Statements

func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput

func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutput() GetPolicyDocumentResultOutput

func (GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext

func (o GetPolicyDocumentResultOutput) ToGetPolicyDocumentResultOutputWithContext(ctx context.Context) GetPolicyDocumentResultOutput

func (GetPolicyDocumentResultOutput) Version

type GetPolicyDocumentStatement

type GetPolicyDocumentStatement struct {
	// List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.
	Actions []string `pulumi:"actions"`
	// Configuration block for a condition. Detailed below.
	Conditions []GetPolicyDocumentStatementCondition `pulumi:"conditions"`
	// Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.
	Effect *string `pulumi:"effect"`
	// List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.
	NotActions []string `pulumi:"notActions"`
	// Like `principals` except these are principals that the statement does *not* apply to.
	NotPrincipals []GetPolicyDocumentStatementNotPrincipal `pulumi:"notPrincipals"`
	// List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.
	NotResources []string `pulumi:"notResources"`
	// Configuration block for principals. Detailed below.
	Principals []GetPolicyDocumentStatementPrincipal `pulumi:"principals"`
	// List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.
	Resources []string `pulumi:"resources"`
	// Sid (statement ID) is an identifier for a policy statement.
	Sid *string `pulumi:"sid"`
}

type GetPolicyDocumentStatementArgs

type GetPolicyDocumentStatementArgs struct {
	// List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.
	Actions pulumi.StringArrayInput `pulumi:"actions"`
	// Configuration block for a condition. Detailed below.
	Conditions GetPolicyDocumentStatementConditionArrayInput `pulumi:"conditions"`
	// Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.
	Effect pulumi.StringPtrInput `pulumi:"effect"`
	// List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.
	NotActions pulumi.StringArrayInput `pulumi:"notActions"`
	// Like `principals` except these are principals that the statement does *not* apply to.
	NotPrincipals GetPolicyDocumentStatementNotPrincipalArrayInput `pulumi:"notPrincipals"`
	// List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.
	NotResources pulumi.StringArrayInput `pulumi:"notResources"`
	// Configuration block for principals. Detailed below.
	Principals GetPolicyDocumentStatementPrincipalArrayInput `pulumi:"principals"`
	// List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.
	Resources pulumi.StringArrayInput `pulumi:"resources"`
	// Sid (statement ID) is an identifier for a policy statement.
	Sid pulumi.StringPtrInput `pulumi:"sid"`
}

func (GetPolicyDocumentStatementArgs) ElementType

func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput

func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput

func (GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext

func (i GetPolicyDocumentStatementArgs) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementArray

type GetPolicyDocumentStatementArray []GetPolicyDocumentStatementInput

func (GetPolicyDocumentStatementArray) ElementType

func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput

func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput

func (GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext

func (i GetPolicyDocumentStatementArray) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementArrayInput

type GetPolicyDocumentStatementArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput
	ToGetPolicyDocumentStatementArrayOutputWithContext(context.Context) GetPolicyDocumentStatementArrayOutput
}

GetPolicyDocumentStatementArrayInput is an input type that accepts GetPolicyDocumentStatementArray and GetPolicyDocumentStatementArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementArrayInput` via:

GetPolicyDocumentStatementArray{ GetPolicyDocumentStatementArgs{...} }

type GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementArrayOutput) ElementType

func (GetPolicyDocumentStatementArrayOutput) Index

func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput

func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutput() GetPolicyDocumentStatementArrayOutput

func (GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext

func (o GetPolicyDocumentStatementArrayOutput) ToGetPolicyDocumentStatementArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementArrayOutput

type GetPolicyDocumentStatementCondition

type GetPolicyDocumentStatementCondition struct {
	// Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.
	Test string `pulumi:"test"`
	// Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.
	Values []string `pulumi:"values"`
	// Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.
	Variable string `pulumi:"variable"`
}

type GetPolicyDocumentStatementConditionArgs

type GetPolicyDocumentStatementConditionArgs struct {
	// Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.
	Test pulumi.StringInput `pulumi:"test"`
	// Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.
	Values pulumi.StringArrayInput `pulumi:"values"`
	// Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.
	Variable pulumi.StringInput `pulumi:"variable"`
}

func (GetPolicyDocumentStatementConditionArgs) ElementType

func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput

func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext

func (i GetPolicyDocumentStatementConditionArgs) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput

type GetPolicyDocumentStatementConditionArray

type GetPolicyDocumentStatementConditionArray []GetPolicyDocumentStatementConditionInput

func (GetPolicyDocumentStatementConditionArray) ElementType

func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput

func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput

func (GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext

func (i GetPolicyDocumentStatementConditionArray) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionArrayInput

type GetPolicyDocumentStatementConditionArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput
	ToGetPolicyDocumentStatementConditionArrayOutputWithContext(context.Context) GetPolicyDocumentStatementConditionArrayOutput
}

GetPolicyDocumentStatementConditionArrayInput is an input type that accepts GetPolicyDocumentStatementConditionArray and GetPolicyDocumentStatementConditionArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionArrayInput` via:

GetPolicyDocumentStatementConditionArray{ GetPolicyDocumentStatementConditionArgs{...} }

type GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementConditionArrayOutput) ElementType

func (GetPolicyDocumentStatementConditionArrayOutput) Index

func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput

func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutput() GetPolicyDocumentStatementConditionArrayOutput

func (GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext

func (o GetPolicyDocumentStatementConditionArrayOutput) ToGetPolicyDocumentStatementConditionArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionArrayOutput

type GetPolicyDocumentStatementConditionInput

type GetPolicyDocumentStatementConditionInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput
	ToGetPolicyDocumentStatementConditionOutputWithContext(context.Context) GetPolicyDocumentStatementConditionOutput
}

GetPolicyDocumentStatementConditionInput is an input type that accepts GetPolicyDocumentStatementConditionArgs and GetPolicyDocumentStatementConditionOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementConditionInput` via:

GetPolicyDocumentStatementConditionArgs{...}

type GetPolicyDocumentStatementConditionOutput

type GetPolicyDocumentStatementConditionOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementConditionOutput) ElementType

func (GetPolicyDocumentStatementConditionOutput) Test

Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate.

func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput

func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutput() GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext

func (o GetPolicyDocumentStatementConditionOutput) ToGetPolicyDocumentStatementConditionOutputWithContext(ctx context.Context) GetPolicyDocumentStatementConditionOutput

func (GetPolicyDocumentStatementConditionOutput) Values

Values to evaluate the condition against. If multiple values are provided, the condition matches if at least one of them applies. That is, AWS evaluates multiple values as though using an "OR" boolean operation.

func (GetPolicyDocumentStatementConditionOutput) Variable

Name of a [Context Variable](http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#AvailableKeys) to apply the condition to. Context variables may either be standard AWS variables starting with `aws:` or service-specific variables prefixed with the service name.

type GetPolicyDocumentStatementInput

type GetPolicyDocumentStatementInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput
	ToGetPolicyDocumentStatementOutputWithContext(context.Context) GetPolicyDocumentStatementOutput
}

GetPolicyDocumentStatementInput is an input type that accepts GetPolicyDocumentStatementArgs and GetPolicyDocumentStatementOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementInput` via:

GetPolicyDocumentStatementArgs{...}

type GetPolicyDocumentStatementNotPrincipal

type GetPolicyDocumentStatementNotPrincipal struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers []string `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type string `pulumi:"type"`
}

type GetPolicyDocumentStatementNotPrincipalArgs

type GetPolicyDocumentStatementNotPrincipalArgs struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers pulumi.StringArrayInput `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type pulumi.StringInput `pulumi:"type"`
}

func (GetPolicyDocumentStatementNotPrincipalArgs) ElementType

func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput

func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext

func (i GetPolicyDocumentStatementNotPrincipalArgs) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput

type GetPolicyDocumentStatementNotPrincipalArray

type GetPolicyDocumentStatementNotPrincipalArray []GetPolicyDocumentStatementNotPrincipalInput

func (GetPolicyDocumentStatementNotPrincipalArray) ElementType

func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput

func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput

func (GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext

func (i GetPolicyDocumentStatementNotPrincipalArray) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalArrayInput

type GetPolicyDocumentStatementNotPrincipalArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput
	ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput
}

GetPolicyDocumentStatementNotPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArray and GetPolicyDocumentStatementNotPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalArrayInput` via:

GetPolicyDocumentStatementNotPrincipalArray{ GetPolicyDocumentStatementNotPrincipalArgs{...} }

type GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ElementType

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) Index

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput

func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutput() GetPolicyDocumentStatementNotPrincipalArrayOutput

func (GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext

func (o GetPolicyDocumentStatementNotPrincipalArrayOutput) ToGetPolicyDocumentStatementNotPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalArrayOutput

type GetPolicyDocumentStatementNotPrincipalInput

type GetPolicyDocumentStatementNotPrincipalInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput
	ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementNotPrincipalOutput
}

GetPolicyDocumentStatementNotPrincipalInput is an input type that accepts GetPolicyDocumentStatementNotPrincipalArgs and GetPolicyDocumentStatementNotPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementNotPrincipalInput` via:

GetPolicyDocumentStatementNotPrincipalArgs{...}

type GetPolicyDocumentStatementNotPrincipalOutput

type GetPolicyDocumentStatementNotPrincipalOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementNotPrincipalOutput) ElementType

func (GetPolicyDocumentStatementNotPrincipalOutput) Identifiers

List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.

func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput

func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutput() GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext

func (o GetPolicyDocumentStatementNotPrincipalOutput) ToGetPolicyDocumentStatementNotPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementNotPrincipalOutput

func (GetPolicyDocumentStatementNotPrincipalOutput) Type

Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.

type GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementOutput) Actions

List of actions that this statement either allows or denies. For example, `["ec2:RunInstances", "s3:*"]`.

func (GetPolicyDocumentStatementOutput) Conditions

Configuration block for a condition. Detailed below.

func (GetPolicyDocumentStatementOutput) Effect

Whether this statement allows or denies the given actions. Valid values are `Allow` and `Deny`. Defaults to `Allow`.

func (GetPolicyDocumentStatementOutput) ElementType

func (GetPolicyDocumentStatementOutput) NotActions

List of actions that this statement does *not* apply to. Use to apply a policy statement to all actions *except* those listed.

func (GetPolicyDocumentStatementOutput) NotPrincipals

Like `principals` except these are principals that the statement does *not* apply to.

func (GetPolicyDocumentStatementOutput) NotResources

List of resource ARNs that this statement does *not* apply to. Use to apply a policy statement to all resources *except* those listed. Conflicts with `resources`.

func (GetPolicyDocumentStatementOutput) Principals

Configuration block for principals. Detailed below.

func (GetPolicyDocumentStatementOutput) Resources

List of resource ARNs that this statement applies to. This is required by AWS if used for an IAM policy. Conflicts with `notResources`.

func (GetPolicyDocumentStatementOutput) Sid

Sid (statement ID) is an identifier for a policy statement.

func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput

func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutput() GetPolicyDocumentStatementOutput

func (GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext

func (o GetPolicyDocumentStatementOutput) ToGetPolicyDocumentStatementOutputWithContext(ctx context.Context) GetPolicyDocumentStatementOutput

type GetPolicyDocumentStatementPrincipal

type GetPolicyDocumentStatementPrincipal struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers []string `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type string `pulumi:"type"`
}

type GetPolicyDocumentStatementPrincipalArgs

type GetPolicyDocumentStatementPrincipalArgs struct {
	// List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`.  When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.
	Identifiers pulumi.StringArrayInput `pulumi:"identifiers"`
	// Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.
	Type pulumi.StringInput `pulumi:"type"`
}

func (GetPolicyDocumentStatementPrincipalArgs) ElementType

func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput

func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext

func (i GetPolicyDocumentStatementPrincipalArgs) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput

type GetPolicyDocumentStatementPrincipalArray

type GetPolicyDocumentStatementPrincipalArray []GetPolicyDocumentStatementPrincipalInput

func (GetPolicyDocumentStatementPrincipalArray) ElementType

func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput

func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput

func (GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext

func (i GetPolicyDocumentStatementPrincipalArray) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalArrayInput

type GetPolicyDocumentStatementPrincipalArrayInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput
	ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalArrayOutput
}

GetPolicyDocumentStatementPrincipalArrayInput is an input type that accepts GetPolicyDocumentStatementPrincipalArray and GetPolicyDocumentStatementPrincipalArrayOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalArrayInput` via:

GetPolicyDocumentStatementPrincipalArray{ GetPolicyDocumentStatementPrincipalArgs{...} }

type GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalArrayOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementPrincipalArrayOutput) ElementType

func (GetPolicyDocumentStatementPrincipalArrayOutput) Index

func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput

func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutput() GetPolicyDocumentStatementPrincipalArrayOutput

func (GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext

func (o GetPolicyDocumentStatementPrincipalArrayOutput) ToGetPolicyDocumentStatementPrincipalArrayOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalArrayOutput

type GetPolicyDocumentStatementPrincipalInput

type GetPolicyDocumentStatementPrincipalInput interface {
	pulumi.Input

	ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput
	ToGetPolicyDocumentStatementPrincipalOutputWithContext(context.Context) GetPolicyDocumentStatementPrincipalOutput
}

GetPolicyDocumentStatementPrincipalInput is an input type that accepts GetPolicyDocumentStatementPrincipalArgs and GetPolicyDocumentStatementPrincipalOutput values. You can construct a concrete instance of `GetPolicyDocumentStatementPrincipalInput` via:

GetPolicyDocumentStatementPrincipalArgs{...}

type GetPolicyDocumentStatementPrincipalOutput

type GetPolicyDocumentStatementPrincipalOutput struct{ *pulumi.OutputState }

func (GetPolicyDocumentStatementPrincipalOutput) ElementType

func (GetPolicyDocumentStatementPrincipalOutput) Identifiers

List of identifiers for principals. When `type` is `AWS`, these are IAM principal ARNs, e.g., `arn:aws:iam::12345678901:role/yak-role`. When `type` is `Service`, these are AWS Service roles, e.g., `lambda.amazonaws.com`. When `type` is `Federated`, these are web identity users or SAML provider ARNs, e.g., `accounts.google.com` or `arn:aws:iam::12345678901:saml-provider/yak-saml-provider`. When `type` is `CanonicalUser`, these are [canonical user IDs](https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId), e.g., `79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be`.

func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput

func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutput() GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext

func (o GetPolicyDocumentStatementPrincipalOutput) ToGetPolicyDocumentStatementPrincipalOutputWithContext(ctx context.Context) GetPolicyDocumentStatementPrincipalOutput

func (GetPolicyDocumentStatementPrincipalOutput) Type

Type of principal. Valid values include `AWS`, `Service`, `Federated`, `CanonicalUser` and `*`.

type GetPrincipalPolicySimulationContext

type GetPrincipalPolicySimulationContext struct {
	// The context _condition key_ to set.
	//
	// If you have policies containing `Condition` elements or using dynamic interpolations then you will need to provide suitable values for each condition key your policies use. See [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to find the various condition keys that are normally provided for real requests to each action of each AWS service.
	Key string `pulumi:"key"`
	// An IAM value type that determines how the policy simulator will interpret the strings given in `values`.
	//
	// For more information, see the `ContextKeyType` field of [`iam.ContextEntry`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ContextEntry.html) in the underlying API.
	Type string `pulumi:"type"`
	// A set of one or more values for this context entry.
	Values []string `pulumi:"values"`
}

type GetPrincipalPolicySimulationContextArgs

type GetPrincipalPolicySimulationContextArgs struct {
	// The context _condition key_ to set.
	//
	// If you have policies containing `Condition` elements or using dynamic interpolations then you will need to provide suitable values for each condition key your policies use. See [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to find the various condition keys that are normally provided for real requests to each action of each AWS service.
	Key pulumi.StringInput `pulumi:"key"`
	// An IAM value type that determines how the policy simulator will interpret the strings given in `values`.
	//
	// For more information, see the `ContextKeyType` field of [`iam.ContextEntry`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ContextEntry.html) in the underlying API.
	Type pulumi.StringInput `pulumi:"type"`
	// A set of one or more values for this context entry.
	Values pulumi.StringArrayInput `pulumi:"values"`
}

func (GetPrincipalPolicySimulationContextArgs) ElementType

func (GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutput

func (i GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput

func (GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutputWithContext

func (i GetPrincipalPolicySimulationContextArgs) ToGetPrincipalPolicySimulationContextOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextOutput

type GetPrincipalPolicySimulationContextArray

type GetPrincipalPolicySimulationContextArray []GetPrincipalPolicySimulationContextInput

func (GetPrincipalPolicySimulationContextArray) ElementType

func (GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutput

func (i GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput

func (GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutputWithContext

func (i GetPrincipalPolicySimulationContextArray) ToGetPrincipalPolicySimulationContextArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextArrayOutput

type GetPrincipalPolicySimulationContextArrayInput

type GetPrincipalPolicySimulationContextArrayInput interface {
	pulumi.Input

	ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput
	ToGetPrincipalPolicySimulationContextArrayOutputWithContext(context.Context) GetPrincipalPolicySimulationContextArrayOutput
}

GetPrincipalPolicySimulationContextArrayInput is an input type that accepts GetPrincipalPolicySimulationContextArray and GetPrincipalPolicySimulationContextArrayOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationContextArrayInput` via:

GetPrincipalPolicySimulationContextArray{ GetPrincipalPolicySimulationContextArgs{...} }

type GetPrincipalPolicySimulationContextArrayOutput

type GetPrincipalPolicySimulationContextArrayOutput struct{ *pulumi.OutputState }

func (GetPrincipalPolicySimulationContextArrayOutput) ElementType

func (GetPrincipalPolicySimulationContextArrayOutput) Index

func (GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutput

func (o GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutput() GetPrincipalPolicySimulationContextArrayOutput

func (GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutputWithContext

func (o GetPrincipalPolicySimulationContextArrayOutput) ToGetPrincipalPolicySimulationContextArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextArrayOutput

type GetPrincipalPolicySimulationContextInput

type GetPrincipalPolicySimulationContextInput interface {
	pulumi.Input

	ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput
	ToGetPrincipalPolicySimulationContextOutputWithContext(context.Context) GetPrincipalPolicySimulationContextOutput
}

GetPrincipalPolicySimulationContextInput is an input type that accepts GetPrincipalPolicySimulationContextArgs and GetPrincipalPolicySimulationContextOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationContextInput` via:

GetPrincipalPolicySimulationContextArgs{...}

type GetPrincipalPolicySimulationContextOutput

type GetPrincipalPolicySimulationContextOutput struct{ *pulumi.OutputState }

func (GetPrincipalPolicySimulationContextOutput) ElementType

func (GetPrincipalPolicySimulationContextOutput) Key

The context _condition key_ to set.

If you have policies containing `Condition` elements or using dynamic interpolations then you will need to provide suitable values for each condition key your policies use. See [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to find the various condition keys that are normally provided for real requests to each action of each AWS service.

func (GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutput

func (o GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutput() GetPrincipalPolicySimulationContextOutput

func (GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutputWithContext

func (o GetPrincipalPolicySimulationContextOutput) ToGetPrincipalPolicySimulationContextOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationContextOutput

func (GetPrincipalPolicySimulationContextOutput) Type

An IAM value type that determines how the policy simulator will interpret the strings given in `values`.

For more information, see the `ContextKeyType` field of [`iam.ContextEntry`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ContextEntry.html) in the underlying API.

func (GetPrincipalPolicySimulationContextOutput) Values

A set of one or more values for this context entry.

type GetPrincipalPolicySimulationResult

type GetPrincipalPolicySimulationResult struct {
	// The name of the single IAM action used for this particular request.
	ActionName string `pulumi:"actionName"`
	// `true` if `decision` is "allowed", and `false` otherwise.
	Allowed bool `pulumi:"allowed"`
	// The raw decision determined from all of the policies in scope; either "allowed", "explicitDeny", or "implicitDeny".
	Decision string `pulumi:"decision"`
	// A map of arbitrary metadata entries returned by the policy simulator for this request.
	DecisionDetails map[string]string `pulumi:"decisionDetails"`
	// A nested set of objects describing which policies contained statements that were relevant to this simulation request. Each object has attributes `sourcePolicyId` and `sourcePolicyType` to identify one of the policies.
	MatchedStatements []GetPrincipalPolicySimulationResultMatchedStatement `pulumi:"matchedStatements"`
	// A set of context keys (or condition keys) that were needed by some of the policies contributing to this result but not specified using a `context` block in the configuration. Missing or incorrect context keys will typically cause a simulated request to be disallowed.
	MissingContextKeys []string `pulumi:"missingContextKeys"`
	// ARN of the resource that was used for this particular request. When you specify multiple actions and multiple resource ARNs, that causes a separate policy request for each combination of unique action and resource.
	ResourceArn string `pulumi:"resourceArn"`
}

type GetPrincipalPolicySimulationResultArgs

type GetPrincipalPolicySimulationResultArgs struct {
	// The name of the single IAM action used for this particular request.
	ActionName pulumi.StringInput `pulumi:"actionName"`
	// `true` if `decision` is "allowed", and `false` otherwise.
	Allowed pulumi.BoolInput `pulumi:"allowed"`
	// The raw decision determined from all of the policies in scope; either "allowed", "explicitDeny", or "implicitDeny".
	Decision pulumi.StringInput `pulumi:"decision"`
	// A map of arbitrary metadata entries returned by the policy simulator for this request.
	DecisionDetails pulumi.StringMapInput `pulumi:"decisionDetails"`
	// A nested set of objects describing which policies contained statements that were relevant to this simulation request. Each object has attributes `sourcePolicyId` and `sourcePolicyType` to identify one of the policies.
	MatchedStatements GetPrincipalPolicySimulationResultMatchedStatementArrayInput `pulumi:"matchedStatements"`
	// A set of context keys (or condition keys) that were needed by some of the policies contributing to this result but not specified using a `context` block in the configuration. Missing or incorrect context keys will typically cause a simulated request to be disallowed.
	MissingContextKeys pulumi.StringArrayInput `pulumi:"missingContextKeys"`
	// ARN of the resource that was used for this particular request. When you specify multiple actions and multiple resource ARNs, that causes a separate policy request for each combination of unique action and resource.
	ResourceArn pulumi.StringInput `pulumi:"resourceArn"`
}

func (GetPrincipalPolicySimulationResultArgs) ElementType

func (GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutput

func (i GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput

func (GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutputWithContext

func (i GetPrincipalPolicySimulationResultArgs) ToGetPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultOutput

type GetPrincipalPolicySimulationResultArray

type GetPrincipalPolicySimulationResultArray []GetPrincipalPolicySimulationResultInput

func (GetPrincipalPolicySimulationResultArray) ElementType

func (GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutput

func (i GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput

func (GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutputWithContext

func (i GetPrincipalPolicySimulationResultArray) ToGetPrincipalPolicySimulationResultArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultArrayOutput

type GetPrincipalPolicySimulationResultArrayInput

type GetPrincipalPolicySimulationResultArrayInput interface {
	pulumi.Input

	ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput
	ToGetPrincipalPolicySimulationResultArrayOutputWithContext(context.Context) GetPrincipalPolicySimulationResultArrayOutput
}

GetPrincipalPolicySimulationResultArrayInput is an input type that accepts GetPrincipalPolicySimulationResultArray and GetPrincipalPolicySimulationResultArrayOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultArrayInput` via:

GetPrincipalPolicySimulationResultArray{ GetPrincipalPolicySimulationResultArgs{...} }

type GetPrincipalPolicySimulationResultArrayOutput

type GetPrincipalPolicySimulationResultArrayOutput struct{ *pulumi.OutputState }

func (GetPrincipalPolicySimulationResultArrayOutput) ElementType

func (GetPrincipalPolicySimulationResultArrayOutput) Index

func (GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutput

func (o GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutput() GetPrincipalPolicySimulationResultArrayOutput

func (GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutputWithContext

func (o GetPrincipalPolicySimulationResultArrayOutput) ToGetPrincipalPolicySimulationResultArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultArrayOutput

type GetPrincipalPolicySimulationResultInput

type GetPrincipalPolicySimulationResultInput interface {
	pulumi.Input

	ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput
	ToGetPrincipalPolicySimulationResultOutputWithContext(context.Context) GetPrincipalPolicySimulationResultOutput
}

GetPrincipalPolicySimulationResultInput is an input type that accepts GetPrincipalPolicySimulationResultArgs and GetPrincipalPolicySimulationResultOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultInput` via:

GetPrincipalPolicySimulationResultArgs{...}

type GetPrincipalPolicySimulationResultMatchedStatement

type GetPrincipalPolicySimulationResultMatchedStatement struct {
	SourcePolicyId   string `pulumi:"sourcePolicyId"`
	SourcePolicyType string `pulumi:"sourcePolicyType"`
}

type GetPrincipalPolicySimulationResultMatchedStatementArgs

type GetPrincipalPolicySimulationResultMatchedStatementArgs struct {
	SourcePolicyId   pulumi.StringInput `pulumi:"sourcePolicyId"`
	SourcePolicyType pulumi.StringInput `pulumi:"sourcePolicyType"`
}

func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ElementType

func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutput

func (GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext

func (i GetPrincipalPolicySimulationResultMatchedStatementArgs) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput

type GetPrincipalPolicySimulationResultMatchedStatementArray

type GetPrincipalPolicySimulationResultMatchedStatementArray []GetPrincipalPolicySimulationResultMatchedStatementInput

func (GetPrincipalPolicySimulationResultMatchedStatementArray) ElementType

func (GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput

func (i GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput

func (GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext

func (i GetPrincipalPolicySimulationResultMatchedStatementArray) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput

type GetPrincipalPolicySimulationResultMatchedStatementArrayInput

type GetPrincipalPolicySimulationResultMatchedStatementArrayInput interface {
	pulumi.Input

	ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput() GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
	ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput
}

GetPrincipalPolicySimulationResultMatchedStatementArrayInput is an input type that accepts GetPrincipalPolicySimulationResultMatchedStatementArray and GetPrincipalPolicySimulationResultMatchedStatementArrayOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultMatchedStatementArrayInput` via:

GetPrincipalPolicySimulationResultMatchedStatementArray{ GetPrincipalPolicySimulationResultMatchedStatementArgs{...} }

type GetPrincipalPolicySimulationResultMatchedStatementArrayOutput

type GetPrincipalPolicySimulationResultMatchedStatementArrayOutput struct{ *pulumi.OutputState }

func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ElementType

func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) Index

func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutput

func (GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext

func (o GetPrincipalPolicySimulationResultMatchedStatementArrayOutput) ToGetPrincipalPolicySimulationResultMatchedStatementArrayOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementArrayOutput

type GetPrincipalPolicySimulationResultMatchedStatementInput

type GetPrincipalPolicySimulationResultMatchedStatementInput interface {
	pulumi.Input

	ToGetPrincipalPolicySimulationResultMatchedStatementOutput() GetPrincipalPolicySimulationResultMatchedStatementOutput
	ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput
}

GetPrincipalPolicySimulationResultMatchedStatementInput is an input type that accepts GetPrincipalPolicySimulationResultMatchedStatementArgs and GetPrincipalPolicySimulationResultMatchedStatementOutput values. You can construct a concrete instance of `GetPrincipalPolicySimulationResultMatchedStatementInput` via:

GetPrincipalPolicySimulationResultMatchedStatementArgs{...}

type GetPrincipalPolicySimulationResultMatchedStatementOutput

type GetPrincipalPolicySimulationResultMatchedStatementOutput struct{ *pulumi.OutputState }

func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ElementType

func (GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyId

func (GetPrincipalPolicySimulationResultMatchedStatementOutput) SourcePolicyType

func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutput

func (GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext

func (o GetPrincipalPolicySimulationResultMatchedStatementOutput) ToGetPrincipalPolicySimulationResultMatchedStatementOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultMatchedStatementOutput

type GetPrincipalPolicySimulationResultOutput

type GetPrincipalPolicySimulationResultOutput struct{ *pulumi.OutputState }

func (GetPrincipalPolicySimulationResultOutput) ActionName

The name of the single IAM action used for this particular request.

func (GetPrincipalPolicySimulationResultOutput) Allowed

`true` if `decision` is "allowed", and `false` otherwise.

func (GetPrincipalPolicySimulationResultOutput) Decision

The raw decision determined from all of the policies in scope; either "allowed", "explicitDeny", or "implicitDeny".

func (GetPrincipalPolicySimulationResultOutput) DecisionDetails

A map of arbitrary metadata entries returned by the policy simulator for this request.

func (GetPrincipalPolicySimulationResultOutput) ElementType

func (GetPrincipalPolicySimulationResultOutput) MatchedStatements

A nested set of objects describing which policies contained statements that were relevant to this simulation request. Each object has attributes `sourcePolicyId` and `sourcePolicyType` to identify one of the policies.

func (GetPrincipalPolicySimulationResultOutput) MissingContextKeys

A set of context keys (or condition keys) that were needed by some of the policies contributing to this result but not specified using a `context` block in the configuration. Missing or incorrect context keys will typically cause a simulated request to be disallowed.

func (GetPrincipalPolicySimulationResultOutput) ResourceArn

ARN of the resource that was used for this particular request. When you specify multiple actions and multiple resource ARNs, that causes a separate policy request for each combination of unique action and resource.

func (GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutput

func (o GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutput() GetPrincipalPolicySimulationResultOutput

func (GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutputWithContext

func (o GetPrincipalPolicySimulationResultOutput) ToGetPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) GetPrincipalPolicySimulationResultOutput

type GetRoleRoleLastUsed

type GetRoleRoleLastUsed struct {
	// The date and time, in RFC 3339 format, that the role was last used.
	LastUsedDate string `pulumi:"lastUsedDate"`
	// The name of the AWS Region in which the role was last used.
	Region string `pulumi:"region"`
}

type GetRoleRoleLastUsedArgs

type GetRoleRoleLastUsedArgs struct {
	// The date and time, in RFC 3339 format, that the role was last used.
	LastUsedDate pulumi.StringInput `pulumi:"lastUsedDate"`
	// The name of the AWS Region in which the role was last used.
	Region pulumi.StringInput `pulumi:"region"`
}

func (GetRoleRoleLastUsedArgs) ElementType

func (GetRoleRoleLastUsedArgs) ElementType() reflect.Type

func (GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutput

func (i GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutput() GetRoleRoleLastUsedOutput

func (GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutputWithContext

func (i GetRoleRoleLastUsedArgs) ToGetRoleRoleLastUsedOutputWithContext(ctx context.Context) GetRoleRoleLastUsedOutput

type GetRoleRoleLastUsedArray

type GetRoleRoleLastUsedArray []GetRoleRoleLastUsedInput

func (GetRoleRoleLastUsedArray) ElementType

func (GetRoleRoleLastUsedArray) ElementType() reflect.Type

func (GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutput

func (i GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutput() GetRoleRoleLastUsedArrayOutput

func (GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutputWithContext

func (i GetRoleRoleLastUsedArray) ToGetRoleRoleLastUsedArrayOutputWithContext(ctx context.Context) GetRoleRoleLastUsedArrayOutput

type GetRoleRoleLastUsedArrayInput

type GetRoleRoleLastUsedArrayInput interface {
	pulumi.Input

	ToGetRoleRoleLastUsedArrayOutput() GetRoleRoleLastUsedArrayOutput
	ToGetRoleRoleLastUsedArrayOutputWithContext(context.Context) GetRoleRoleLastUsedArrayOutput
}

GetRoleRoleLastUsedArrayInput is an input type that accepts GetRoleRoleLastUsedArray and GetRoleRoleLastUsedArrayOutput values. You can construct a concrete instance of `GetRoleRoleLastUsedArrayInput` via:

GetRoleRoleLastUsedArray{ GetRoleRoleLastUsedArgs{...} }

type GetRoleRoleLastUsedArrayOutput

type GetRoleRoleLastUsedArrayOutput struct{ *pulumi.OutputState }

func (GetRoleRoleLastUsedArrayOutput) ElementType

func (GetRoleRoleLastUsedArrayOutput) Index

func (GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutput

func (o GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutput() GetRoleRoleLastUsedArrayOutput

func (GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutputWithContext

func (o GetRoleRoleLastUsedArrayOutput) ToGetRoleRoleLastUsedArrayOutputWithContext(ctx context.Context) GetRoleRoleLastUsedArrayOutput

type GetRoleRoleLastUsedInput

type GetRoleRoleLastUsedInput interface {
	pulumi.Input

	ToGetRoleRoleLastUsedOutput() GetRoleRoleLastUsedOutput
	ToGetRoleRoleLastUsedOutputWithContext(context.Context) GetRoleRoleLastUsedOutput
}

GetRoleRoleLastUsedInput is an input type that accepts GetRoleRoleLastUsedArgs and GetRoleRoleLastUsedOutput values. You can construct a concrete instance of `GetRoleRoleLastUsedInput` via:

GetRoleRoleLastUsedArgs{...}

type GetRoleRoleLastUsedOutput

type GetRoleRoleLastUsedOutput struct{ *pulumi.OutputState }

func (GetRoleRoleLastUsedOutput) ElementType

func (GetRoleRoleLastUsedOutput) ElementType() reflect.Type

func (GetRoleRoleLastUsedOutput) LastUsedDate

The date and time, in RFC 3339 format, that the role was last used.

func (GetRoleRoleLastUsedOutput) Region

The name of the AWS Region in which the role was last used.

func (GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutput

func (o GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutput() GetRoleRoleLastUsedOutput

func (GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutputWithContext

func (o GetRoleRoleLastUsedOutput) ToGetRoleRoleLastUsedOutputWithContext(ctx context.Context) GetRoleRoleLastUsedOutput

type GetRolesArgs

type GetRolesArgs struct {
	// Regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns.
	NameRegex *string `pulumi:"nameRegex"`
	// Path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1].
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getRoles.

type GetRolesOutputArgs

type GetRolesOutputArgs struct {
	// Regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// Path prefix for filtering the results. For example, the prefix `/application_abc/component_xyz/` gets all roles whose path starts with `/application_abc/component_xyz/`. If it is not included, it defaults to a slash (`/`), listing all roles. For more details, check out [list-roles in the AWS CLI reference][1].
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getRoles.

func (GetRolesOutputArgs) ElementType

func (GetRolesOutputArgs) ElementType() reflect.Type

type GetRolesResult

type GetRolesResult struct {
	// Set of ARNs of the matched IAM roles.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id        string  `pulumi:"id"`
	NameRegex *string `pulumi:"nameRegex"`
	// Set of Names of the matched IAM roles.
	Names      []string `pulumi:"names"`
	PathPrefix *string  `pulumi:"pathPrefix"`
}

A collection of values returned by getRoles.

func GetRoles

func GetRoles(ctx *pulumi.Context, args *GetRolesArgs, opts ...pulumi.InvokeOption) (*GetRolesResult, error)

Use this data source to get the ARNs and Names of IAM Roles.

## Example Usage ### All roles in an account

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles filtered by name regex

Roles whose role-name contains `project`

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			NameRegex: pulumi.StringRef(".*project.*"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			PathPrefix: pulumi.StringRef("/custom-path"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Roles provisioned by AWS SSO

Roles in the account filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

Specific role in the account filtered by name regex and path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
			NameRegex:  pulumi.StringRef("AWSReservedSSO_permission_set_name_.*"),
			PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetRolesResultOutput

type GetRolesResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRoles.

func (GetRolesResultOutput) Arns

Set of ARNs of the matched IAM roles.

func (GetRolesResultOutput) ElementType

func (GetRolesResultOutput) ElementType() reflect.Type

func (GetRolesResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetRolesResultOutput) NameRegex

func (GetRolesResultOutput) Names

Set of Names of the matched IAM roles.

func (GetRolesResultOutput) PathPrefix

func (GetRolesResultOutput) ToGetRolesResultOutput

func (o GetRolesResultOutput) ToGetRolesResultOutput() GetRolesResultOutput

func (GetRolesResultOutput) ToGetRolesResultOutputWithContext

func (o GetRolesResultOutput) ToGetRolesResultOutputWithContext(ctx context.Context) GetRolesResultOutput

type GetSessionContextArgs

type GetSessionContextArgs struct {
	// ARN for an assumed role.
	//
	// > If `arn` is a non-role ARN, the provider gives no error and `issuerArn` will be equal to the `arn` value. For STS assumed-role ARNs, the provider gives an error if the identified IAM role does not exist.
	Arn string `pulumi:"arn"`
}

A collection of arguments for invoking getSessionContext.

type GetSessionContextOutputArgs

type GetSessionContextOutputArgs struct {
	// ARN for an assumed role.
	//
	// > If `arn` is a non-role ARN, the provider gives no error and `issuerArn` will be equal to the `arn` value. For STS assumed-role ARNs, the provider gives an error if the identified IAM role does not exist.
	Arn pulumi.StringInput `pulumi:"arn"`
}

A collection of arguments for invoking getSessionContext.

func (GetSessionContextOutputArgs) ElementType

type GetSessionContextResult

type GetSessionContextResult struct {
	Arn string `pulumi:"arn"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`.
	IssuerArn string `pulumi:"issuerArn"`
	// Unique identifier of the IAM role that issues the STS assumed role.
	IssuerId string `pulumi:"issuerId"`
	// Name of the source role. Only available if `arn` corresponds to an STS assumed role.
	IssuerName string `pulumi:"issuerName"`
	// Name of the STS session. Only available if `arn` corresponds to an STS assumed role.
	SessionName string `pulumi:"sessionName"`
}

A collection of values returned by getSessionContext.

func GetSessionContext

func GetSessionContext(ctx *pulumi.Context, args *GetSessionContextArgs, opts ...pulumi.InvokeOption) (*GetSessionContextResult, error)

This data source provides information on the IAM source role of an STS assumed role. For non-role ARNs, this data source simply passes the ARN through in `issuerArn`.

For some AWS resources, multiple types of principals are allowed in the same argument (e.g., IAM users and IAM roles). However, these arguments often do not allow assumed-role (i.e., STS, temporary credential) principals. Given an STS ARN, this data source provides the ARN for the source IAM role.

## Example Usage ### Basic Example

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetSessionContext(ctx, &iam.GetSessionContextArgs{
			Arn: "arn:aws:sts::123456789012:assumed-role/Audien-Heaven/MatyNoyes",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Find the Provider's Source Role

Combined with `getCallerIdentity`, you can get the current user's source IAM role ARN (`issuerArn`) if you're using an assumed role. If you're not using an assumed role, the caller's (e.g., an IAM user's) ARN will simply be passed through. In environments where both IAM users and individuals using assumed roles need to apply the same configurations, this data source enables seamless use.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := aws.GetCallerIdentity(ctx, nil, nil)
		if err != nil {
			return err
		}
		_, err = iam.GetSessionContext(ctx, &iam.GetSessionContextArgs{
			Arn: current.Arn,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetSessionContextResultOutput

type GetSessionContextResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSessionContext.

func (GetSessionContextResultOutput) Arn

func (GetSessionContextResultOutput) ElementType

func (GetSessionContextResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetSessionContextResultOutput) IssuerArn

IAM source role ARN if `arn` corresponds to an STS assumed role. Otherwise, `issuerArn` is equal to `arn`.

func (GetSessionContextResultOutput) IssuerId

Unique identifier of the IAM role that issues the STS assumed role.

func (GetSessionContextResultOutput) IssuerName

Name of the source role. Only available if `arn` corresponds to an STS assumed role.

func (GetSessionContextResultOutput) SessionName

Name of the STS session. Only available if `arn` corresponds to an STS assumed role.

func (GetSessionContextResultOutput) ToGetSessionContextResultOutput

func (o GetSessionContextResultOutput) ToGetSessionContextResultOutput() GetSessionContextResultOutput

func (GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext

func (o GetSessionContextResultOutput) ToGetSessionContextResultOutputWithContext(ctx context.Context) GetSessionContextResultOutput

type GetUserSshKeyArgs

type GetUserSshKeyArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding string `pulumi:"encoding"`
	// Unique identifier for the SSH public key.
	SshPublicKeyId string `pulumi:"sshPublicKeyId"`
	// Name of the IAM user associated with the SSH public key.
	Username string `pulumi:"username"`
}

A collection of arguments for invoking getUserSshKey.

type GetUserSshKeyOutputArgs

type GetUserSshKeyOutputArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringInput `pulumi:"encoding"`
	// Unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringInput `pulumi:"sshPublicKeyId"`
	// Name of the IAM user associated with the SSH public key.
	Username pulumi.StringInput `pulumi:"username"`
}

A collection of arguments for invoking getUserSshKey.

func (GetUserSshKeyOutputArgs) ElementType

func (GetUserSshKeyOutputArgs) ElementType() reflect.Type

type GetUserSshKeyResult

type GetUserSshKeyResult struct {
	Encoding string `pulumi:"encoding"`
	// MD5 message digest of the SSH public key.
	Fingerprint string `pulumi:"fingerprint"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// SSH public key.
	PublicKey      string `pulumi:"publicKey"`
	SshPublicKeyId string `pulumi:"sshPublicKeyId"`
	// Status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.
	Status   string `pulumi:"status"`
	Username string `pulumi:"username"`
}

A collection of values returned by getUserSshKey.

func GetUserSshKey

func GetUserSshKey(ctx *pulumi.Context, args *GetUserSshKeyArgs, opts ...pulumi.InvokeOption) (*GetUserSshKeyResult, error)

Use this data source to get information about a SSH public key associated with the specified IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUserSshKey(ctx, &iam.GetUserSshKeyArgs{
			Encoding:       "SSH",
			SshPublicKeyId: "APKARUZ32GUTKIGARLXE",
			Username:       "test-user",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetUserSshKeyResultOutput

type GetUserSshKeyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUserSshKey.

func (GetUserSshKeyResultOutput) ElementType

func (GetUserSshKeyResultOutput) ElementType() reflect.Type

func (GetUserSshKeyResultOutput) Encoding

func (GetUserSshKeyResultOutput) Fingerprint

MD5 message digest of the SSH public key.

func (GetUserSshKeyResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetUserSshKeyResultOutput) PublicKey

SSH public key.

func (GetUserSshKeyResultOutput) SshPublicKeyId

func (o GetUserSshKeyResultOutput) SshPublicKeyId() pulumi.StringOutput

func (GetUserSshKeyResultOutput) Status

Status of the SSH public key. Active means that the key can be used for authentication with an CodeCommit repository. Inactive means that the key cannot be used.

func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput

func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutput() GetUserSshKeyResultOutput

func (GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext

func (o GetUserSshKeyResultOutput) ToGetUserSshKeyResultOutputWithContext(ctx context.Context) GetUserSshKeyResultOutput

func (GetUserSshKeyResultOutput) Username

type GetUsersArgs

type GetUsersArgs struct {
	// Regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns.
	NameRegex *string `pulumi:"nameRegex"`
	// Path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1].
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getUsers.

type GetUsersOutputArgs

type GetUsersOutputArgs struct {
	// Regex string to apply to the IAM users list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// Path prefix for filtering the results. For example, the prefix `/division_abc/subdivision_xyz/` gets all users whose path starts with `/division_abc/subdivision_xyz/`. If it is not included, it defaults to a slash (`/`), listing all users. For more details, check out [list-users in the AWS CLI reference][1].
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getUsers.

func (GetUsersOutputArgs) ElementType

func (GetUsersOutputArgs) ElementType() reflect.Type

type GetUsersResult

type GetUsersResult struct {
	// Set of ARNs of the matched IAM users.
	Arns []string `pulumi:"arns"`
	// The provider-assigned unique ID for this managed resource.
	Id        string  `pulumi:"id"`
	NameRegex *string `pulumi:"nameRegex"`
	// Set of Names of the matched IAM users.
	Names      []string `pulumi:"names"`
	PathPrefix *string  `pulumi:"pathPrefix"`
}

A collection of values returned by getUsers.

func GetUsers

func GetUsers(ctx *pulumi.Context, args *GetUsersArgs, opts ...pulumi.InvokeOption) (*GetUsersResult, error)

Use this data source to get the ARNs and Names of IAM Users.

## Example Usage ### All users in an account

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, nil, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Users filtered by name regex

Users whose username contains `abc`

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, &iam.GetUsersArgs{
			NameRegex: pulumi.StringRef(".*abc.*"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Users filtered by path prefix

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.GetUsers(ctx, &iam.GetUsersArgs{
			PathPrefix: pulumi.StringRef("/custom-path"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetUsersResultOutput

type GetUsersResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUsers.

func (GetUsersResultOutput) Arns

Set of ARNs of the matched IAM users.

func (GetUsersResultOutput) ElementType

func (GetUsersResultOutput) ElementType() reflect.Type

func (GetUsersResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetUsersResultOutput) NameRegex

func (GetUsersResultOutput) Names

Set of Names of the matched IAM users.

func (GetUsersResultOutput) PathPrefix

func (GetUsersResultOutput) ToGetUsersResultOutput

func (o GetUsersResultOutput) ToGetUsersResultOutput() GetUsersResultOutput

func (GetUsersResultOutput) ToGetUsersResultOutputWithContext

func (o GetUsersResultOutput) ToGetUsersResultOutputWithContext(ctx context.Context) GetUsersResultOutput

type Group

type Group struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this group.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringOutput `pulumi:"name"`
	// Path in which to create the group.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM group.

> **NOTE on user management:** Using `iam.GroupMembership` or `iam.UserGroupMembership` resources in addition to manually managing user/group membership using the console may lead to configuration drift or conflicts. For this reason, it's recommended to either manage membership entirely with the provider or entirely within the AWS console.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewGroup(ctx, "developers", &iam.GroupArgs{
			Path: pulumi.String("/users/"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Groups can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/group:Group developers developers

```

func GetGroup

func GetGroup(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupState, opts ...pulumi.ResourceOption) (*Group, error)

GetGroup gets an existing Group resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroup

func NewGroup(ctx *pulumi.Context,
	name string, args *GroupArgs, opts ...pulumi.ResourceOption) (*Group, error)

NewGroup registers a new resource with the given unique name, arguments, and options.

func (*Group) ElementType

func (*Group) ElementType() reflect.Type

func (*Group) ToGroupOutput

func (i *Group) ToGroupOutput() GroupOutput

func (*Group) ToGroupOutputWithContext

func (i *Group) ToGroupOutputWithContext(ctx context.Context) GroupOutput

type GroupArgs

type GroupArgs struct {
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringPtrInput
	// Path in which to create the group.
	Path pulumi.StringPtrInput
}

The set of arguments for constructing a Group resource.

func (GroupArgs) ElementType

func (GroupArgs) ElementType() reflect.Type

type GroupArray

type GroupArray []GroupInput

func (GroupArray) ElementType

func (GroupArray) ElementType() reflect.Type

func (GroupArray) ToGroupArrayOutput

func (i GroupArray) ToGroupArrayOutput() GroupArrayOutput

func (GroupArray) ToGroupArrayOutputWithContext

func (i GroupArray) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupArrayInput

type GroupArrayInput interface {
	pulumi.Input

	ToGroupArrayOutput() GroupArrayOutput
	ToGroupArrayOutputWithContext(context.Context) GroupArrayOutput
}

GroupArrayInput is an input type that accepts GroupArray and GroupArrayOutput values. You can construct a concrete instance of `GroupArrayInput` via:

GroupArray{ GroupArgs{...} }

type GroupArrayOutput

type GroupArrayOutput struct{ *pulumi.OutputState }

func (GroupArrayOutput) ElementType

func (GroupArrayOutput) ElementType() reflect.Type

func (GroupArrayOutput) Index

func (GroupArrayOutput) ToGroupArrayOutput

func (o GroupArrayOutput) ToGroupArrayOutput() GroupArrayOutput

func (GroupArrayOutput) ToGroupArrayOutputWithContext

func (o GroupArrayOutput) ToGroupArrayOutputWithContext(ctx context.Context) GroupArrayOutput

type GroupInput

type GroupInput interface {
	pulumi.Input

	ToGroupOutput() GroupOutput
	ToGroupOutputWithContext(ctx context.Context) GroupOutput
}

type GroupMap

type GroupMap map[string]GroupInput

func (GroupMap) ElementType

func (GroupMap) ElementType() reflect.Type

func (GroupMap) ToGroupMapOutput

func (i GroupMap) ToGroupMapOutput() GroupMapOutput

func (GroupMap) ToGroupMapOutputWithContext

func (i GroupMap) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMapInput

type GroupMapInput interface {
	pulumi.Input

	ToGroupMapOutput() GroupMapOutput
	ToGroupMapOutputWithContext(context.Context) GroupMapOutput
}

GroupMapInput is an input type that accepts GroupMap and GroupMapOutput values. You can construct a concrete instance of `GroupMapInput` via:

GroupMap{ "key": GroupArgs{...} }

type GroupMapOutput

type GroupMapOutput struct{ *pulumi.OutputState }

func (GroupMapOutput) ElementType

func (GroupMapOutput) ElementType() reflect.Type

func (GroupMapOutput) MapIndex

func (GroupMapOutput) ToGroupMapOutput

func (o GroupMapOutput) ToGroupMapOutput() GroupMapOutput

func (GroupMapOutput) ToGroupMapOutputWithContext

func (o GroupMapOutput) ToGroupMapOutputWithContext(ctx context.Context) GroupMapOutput

type GroupMembership

type GroupMembership struct {
	pulumi.CustomResourceState

	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringOutput `pulumi:"group"`
	// The name to identify the Group Membership
	Name pulumi.StringOutput `pulumi:"name"`
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayOutput `pulumi:"users"`
}

> **WARNING:** Multiple iam.GroupMembership resources with the same group name will produce inconsistent behavior!

Provides a top level resource to manage IAM Group membership for IAM Users. For more information on managing IAM Groups or IAM Users, see IAM Groups or IAM Users

> **Note:** `iam.GroupMembership` will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the `iam.UserGroupMembership` resource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		userOne, err := iam.NewUser(ctx, "userOne", nil)
		if err != nil {
			return err
		}
		userTwo, err := iam.NewUser(ctx, "userTwo", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewGroupMembership(ctx, "team", &iam.GroupMembershipArgs{
			Users: pulumi.StringArray{
				userOne.Name,
				userTwo.Name,
			},
			Group: group.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetGroupMembership

func GetGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupMembershipState, opts ...pulumi.ResourceOption) (*GroupMembership, error)

GetGroupMembership gets an existing GroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupMembership

func NewGroupMembership(ctx *pulumi.Context,
	name string, args *GroupMembershipArgs, opts ...pulumi.ResourceOption) (*GroupMembership, error)

NewGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*GroupMembership) ElementType

func (*GroupMembership) ElementType() reflect.Type

func (*GroupMembership) ToGroupMembershipOutput

func (i *GroupMembership) ToGroupMembershipOutput() GroupMembershipOutput

func (*GroupMembership) ToGroupMembershipOutputWithContext

func (i *GroupMembership) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput

type GroupMembershipArgs

type GroupMembershipArgs struct {
	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringInput
	// The name to identify the Group Membership
	Name pulumi.StringPtrInput
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayInput
}

The set of arguments for constructing a GroupMembership resource.

func (GroupMembershipArgs) ElementType

func (GroupMembershipArgs) ElementType() reflect.Type

type GroupMembershipArray

type GroupMembershipArray []GroupMembershipInput

func (GroupMembershipArray) ElementType

func (GroupMembershipArray) ElementType() reflect.Type

func (GroupMembershipArray) ToGroupMembershipArrayOutput

func (i GroupMembershipArray) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput

func (GroupMembershipArray) ToGroupMembershipArrayOutputWithContext

func (i GroupMembershipArray) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput

type GroupMembershipArrayInput

type GroupMembershipArrayInput interface {
	pulumi.Input

	ToGroupMembershipArrayOutput() GroupMembershipArrayOutput
	ToGroupMembershipArrayOutputWithContext(context.Context) GroupMembershipArrayOutput
}

GroupMembershipArrayInput is an input type that accepts GroupMembershipArray and GroupMembershipArrayOutput values. You can construct a concrete instance of `GroupMembershipArrayInput` via:

GroupMembershipArray{ GroupMembershipArgs{...} }

type GroupMembershipArrayOutput

type GroupMembershipArrayOutput struct{ *pulumi.OutputState }

func (GroupMembershipArrayOutput) ElementType

func (GroupMembershipArrayOutput) ElementType() reflect.Type

func (GroupMembershipArrayOutput) Index

func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutput

func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutput() GroupMembershipArrayOutput

func (GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext

func (o GroupMembershipArrayOutput) ToGroupMembershipArrayOutputWithContext(ctx context.Context) GroupMembershipArrayOutput

type GroupMembershipInput

type GroupMembershipInput interface {
	pulumi.Input

	ToGroupMembershipOutput() GroupMembershipOutput
	ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput
}

type GroupMembershipMap

type GroupMembershipMap map[string]GroupMembershipInput

func (GroupMembershipMap) ElementType

func (GroupMembershipMap) ElementType() reflect.Type

func (GroupMembershipMap) ToGroupMembershipMapOutput

func (i GroupMembershipMap) ToGroupMembershipMapOutput() GroupMembershipMapOutput

func (GroupMembershipMap) ToGroupMembershipMapOutputWithContext

func (i GroupMembershipMap) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput

type GroupMembershipMapInput

type GroupMembershipMapInput interface {
	pulumi.Input

	ToGroupMembershipMapOutput() GroupMembershipMapOutput
	ToGroupMembershipMapOutputWithContext(context.Context) GroupMembershipMapOutput
}

GroupMembershipMapInput is an input type that accepts GroupMembershipMap and GroupMembershipMapOutput values. You can construct a concrete instance of `GroupMembershipMapInput` via:

GroupMembershipMap{ "key": GroupMembershipArgs{...} }

type GroupMembershipMapOutput

type GroupMembershipMapOutput struct{ *pulumi.OutputState }

func (GroupMembershipMapOutput) ElementType

func (GroupMembershipMapOutput) ElementType() reflect.Type

func (GroupMembershipMapOutput) MapIndex

func (GroupMembershipMapOutput) ToGroupMembershipMapOutput

func (o GroupMembershipMapOutput) ToGroupMembershipMapOutput() GroupMembershipMapOutput

func (GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext

func (o GroupMembershipMapOutput) ToGroupMembershipMapOutputWithContext(ctx context.Context) GroupMembershipMapOutput

type GroupMembershipOutput

type GroupMembershipOutput struct{ *pulumi.OutputState }

func (GroupMembershipOutput) ElementType

func (GroupMembershipOutput) ElementType() reflect.Type

func (GroupMembershipOutput) Group

The IAM Group name to attach the list of `users` to

func (GroupMembershipOutput) Name

The name to identify the Group Membership

func (GroupMembershipOutput) ToGroupMembershipOutput

func (o GroupMembershipOutput) ToGroupMembershipOutput() GroupMembershipOutput

func (GroupMembershipOutput) ToGroupMembershipOutputWithContext

func (o GroupMembershipOutput) ToGroupMembershipOutputWithContext(ctx context.Context) GroupMembershipOutput

func (GroupMembershipOutput) Users

A list of IAM User names to associate with the Group

type GroupMembershipState

type GroupMembershipState struct {
	// The IAM Group name to attach the list of `users` to
	Group pulumi.StringPtrInput
	// The name to identify the Group Membership
	Name pulumi.StringPtrInput
	// A list of IAM User names to associate with the Group
	Users pulumi.StringArrayInput
}

func (GroupMembershipState) ElementType

func (GroupMembershipState) ElementType() reflect.Type

type GroupOutput

type GroupOutput struct{ *pulumi.OutputState }

func (GroupOutput) Arn

The ARN assigned by AWS for this group.

func (GroupOutput) ElementType

func (GroupOutput) ElementType() reflect.Type

func (GroupOutput) Name

func (o GroupOutput) Name() pulumi.StringOutput

The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".

func (GroupOutput) Path

Path in which to create the group.

func (GroupOutput) ToGroupOutput

func (o GroupOutput) ToGroupOutput() GroupOutput

func (GroupOutput) ToGroupOutputWithContext

func (o GroupOutput) ToGroupOutputWithContext(ctx context.Context) GroupOutput

func (GroupOutput) UniqueId

func (o GroupOutput) UniqueId() pulumi.StringOutput

The [unique ID][1] assigned by AWS.

type GroupPolicy

type GroupPolicy struct {
	pulumi.CustomResourceState

	// The IAM group to attach to the policy.
	Group pulumi.StringOutput `pulumi:"group"`
	// The name of the policy. If omitted, the provider will
	// assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
}

Provides an IAM policy attached to a group.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myDevelopers, err := iam.NewGroup(ctx, "myDevelopers", &iam.GroupArgs{
			Path: pulumi.String("/users/"),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewGroupPolicy(ctx, "myDeveloperPolicy", &iam.GroupPolicyArgs{
			Group:  myDevelopers.Name,
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Group Policies can be imported using the `group_name:group_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/groupPolicy:GroupPolicy mypolicy group_of_mypolicy_name:mypolicy_name

```

func GetGroupPolicy

func GetGroupPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupPolicyState, opts ...pulumi.ResourceOption) (*GroupPolicy, error)

GetGroupPolicy gets an existing GroupPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicy

func NewGroupPolicy(ctx *pulumi.Context,
	name string, args *GroupPolicyArgs, opts ...pulumi.ResourceOption) (*GroupPolicy, error)

NewGroupPolicy registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicy) ElementType

func (*GroupPolicy) ElementType() reflect.Type

func (*GroupPolicy) ToGroupPolicyOutput

func (i *GroupPolicy) ToGroupPolicyOutput() GroupPolicyOutput

func (*GroupPolicy) ToGroupPolicyOutputWithContext

func (i *GroupPolicy) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput

type GroupPolicyArgs

type GroupPolicyArgs struct {
	// The IAM group to attach to the policy.
	Group pulumi.StringInput
	// The name of the policy. If omitted, the provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
}

The set of arguments for constructing a GroupPolicy resource.

func (GroupPolicyArgs) ElementType

func (GroupPolicyArgs) ElementType() reflect.Type

type GroupPolicyArray

type GroupPolicyArray []GroupPolicyInput

func (GroupPolicyArray) ElementType

func (GroupPolicyArray) ElementType() reflect.Type

func (GroupPolicyArray) ToGroupPolicyArrayOutput

func (i GroupPolicyArray) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput

func (GroupPolicyArray) ToGroupPolicyArrayOutputWithContext

func (i GroupPolicyArray) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput

type GroupPolicyArrayInput

type GroupPolicyArrayInput interface {
	pulumi.Input

	ToGroupPolicyArrayOutput() GroupPolicyArrayOutput
	ToGroupPolicyArrayOutputWithContext(context.Context) GroupPolicyArrayOutput
}

GroupPolicyArrayInput is an input type that accepts GroupPolicyArray and GroupPolicyArrayOutput values. You can construct a concrete instance of `GroupPolicyArrayInput` via:

GroupPolicyArray{ GroupPolicyArgs{...} }

type GroupPolicyArrayOutput

type GroupPolicyArrayOutput struct{ *pulumi.OutputState }

func (GroupPolicyArrayOutput) ElementType

func (GroupPolicyArrayOutput) ElementType() reflect.Type

func (GroupPolicyArrayOutput) Index

func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutput

func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutput() GroupPolicyArrayOutput

func (GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext

func (o GroupPolicyArrayOutput) ToGroupPolicyArrayOutputWithContext(ctx context.Context) GroupPolicyArrayOutput

type GroupPolicyAttachment

type GroupPolicyAttachment struct {
	pulumi.CustomResourceState

	// The group the policy should be applied to
	Group pulumi.StringOutput `pulumi:"group"`
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
}

Attaches a Managed IAM Policy to an IAM group

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any("{ ... policy JSON ... }"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewGroupPolicyAttachment(ctx, "test-attach", &iam.GroupPolicyAttachmentArgs{
			Group:     group.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM group policy attachments can be imported using the group name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/groupPolicyAttachment:GroupPolicyAttachment test-attach test-group/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetGroupPolicyAttachment

func GetGroupPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *GroupPolicyAttachmentState, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)

GetGroupPolicyAttachment gets an existing GroupPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicyAttachment

func NewGroupPolicyAttachment(ctx *pulumi.Context,
	name string, args *GroupPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*GroupPolicyAttachment, error)

NewGroupPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicyAttachment) ElementType

func (*GroupPolicyAttachment) ElementType() reflect.Type

func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutput

func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput

func (*GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext

func (i *GroupPolicyAttachment) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput

type GroupPolicyAttachmentArgs

type GroupPolicyAttachmentArgs struct {
	// The group the policy should be applied to
	Group pulumi.Input
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
}

The set of arguments for constructing a GroupPolicyAttachment resource.

func (GroupPolicyAttachmentArgs) ElementType

func (GroupPolicyAttachmentArgs) ElementType() reflect.Type

type GroupPolicyAttachmentArray

type GroupPolicyAttachmentArray []GroupPolicyAttachmentInput

func (GroupPolicyAttachmentArray) ElementType

func (GroupPolicyAttachmentArray) ElementType() reflect.Type

func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput

func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput

func (GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext

func (i GroupPolicyAttachmentArray) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentArrayInput

type GroupPolicyAttachmentArrayInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput
	ToGroupPolicyAttachmentArrayOutputWithContext(context.Context) GroupPolicyAttachmentArrayOutput
}

GroupPolicyAttachmentArrayInput is an input type that accepts GroupPolicyAttachmentArray and GroupPolicyAttachmentArrayOutput values. You can construct a concrete instance of `GroupPolicyAttachmentArrayInput` via:

GroupPolicyAttachmentArray{ GroupPolicyAttachmentArgs{...} }

type GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentArrayOutput) ElementType

func (GroupPolicyAttachmentArrayOutput) Index

func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput

func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutput() GroupPolicyAttachmentArrayOutput

func (GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext

func (o GroupPolicyAttachmentArrayOutput) ToGroupPolicyAttachmentArrayOutputWithContext(ctx context.Context) GroupPolicyAttachmentArrayOutput

type GroupPolicyAttachmentInput

type GroupPolicyAttachmentInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput
	ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput
}

type GroupPolicyAttachmentMap

type GroupPolicyAttachmentMap map[string]GroupPolicyAttachmentInput

func (GroupPolicyAttachmentMap) ElementType

func (GroupPolicyAttachmentMap) ElementType() reflect.Type

func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput

func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput

func (GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext

func (i GroupPolicyAttachmentMap) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentMapInput

type GroupPolicyAttachmentMapInput interface {
	pulumi.Input

	ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput
	ToGroupPolicyAttachmentMapOutputWithContext(context.Context) GroupPolicyAttachmentMapOutput
}

GroupPolicyAttachmentMapInput is an input type that accepts GroupPolicyAttachmentMap and GroupPolicyAttachmentMapOutput values. You can construct a concrete instance of `GroupPolicyAttachmentMapInput` via:

GroupPolicyAttachmentMap{ "key": GroupPolicyAttachmentArgs{...} }

type GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentMapOutput) ElementType

func (GroupPolicyAttachmentMapOutput) MapIndex

func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput

func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutput() GroupPolicyAttachmentMapOutput

func (GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext

func (o GroupPolicyAttachmentMapOutput) ToGroupPolicyAttachmentMapOutputWithContext(ctx context.Context) GroupPolicyAttachmentMapOutput

type GroupPolicyAttachmentOutput

type GroupPolicyAttachmentOutput struct{ *pulumi.OutputState }

func (GroupPolicyAttachmentOutput) ElementType

func (GroupPolicyAttachmentOutput) Group

The group the policy should be applied to

func (GroupPolicyAttachmentOutput) PolicyArn

The ARN of the policy you want to apply

func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput

func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutput() GroupPolicyAttachmentOutput

func (GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext

func (o GroupPolicyAttachmentOutput) ToGroupPolicyAttachmentOutputWithContext(ctx context.Context) GroupPolicyAttachmentOutput

type GroupPolicyAttachmentState

type GroupPolicyAttachmentState struct {
	// The group the policy should be applied to
	Group pulumi.Input
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
}

func (GroupPolicyAttachmentState) ElementType

func (GroupPolicyAttachmentState) ElementType() reflect.Type

type GroupPolicyInput

type GroupPolicyInput interface {
	pulumi.Input

	ToGroupPolicyOutput() GroupPolicyOutput
	ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput
}

type GroupPolicyMap

type GroupPolicyMap map[string]GroupPolicyInput

func (GroupPolicyMap) ElementType

func (GroupPolicyMap) ElementType() reflect.Type

func (GroupPolicyMap) ToGroupPolicyMapOutput

func (i GroupPolicyMap) ToGroupPolicyMapOutput() GroupPolicyMapOutput

func (GroupPolicyMap) ToGroupPolicyMapOutputWithContext

func (i GroupPolicyMap) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput

type GroupPolicyMapInput

type GroupPolicyMapInput interface {
	pulumi.Input

	ToGroupPolicyMapOutput() GroupPolicyMapOutput
	ToGroupPolicyMapOutputWithContext(context.Context) GroupPolicyMapOutput
}

GroupPolicyMapInput is an input type that accepts GroupPolicyMap and GroupPolicyMapOutput values. You can construct a concrete instance of `GroupPolicyMapInput` via:

GroupPolicyMap{ "key": GroupPolicyArgs{...} }

type GroupPolicyMapOutput

type GroupPolicyMapOutput struct{ *pulumi.OutputState }

func (GroupPolicyMapOutput) ElementType

func (GroupPolicyMapOutput) ElementType() reflect.Type

func (GroupPolicyMapOutput) MapIndex

func (GroupPolicyMapOutput) ToGroupPolicyMapOutput

func (o GroupPolicyMapOutput) ToGroupPolicyMapOutput() GroupPolicyMapOutput

func (GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext

func (o GroupPolicyMapOutput) ToGroupPolicyMapOutputWithContext(ctx context.Context) GroupPolicyMapOutput

type GroupPolicyOutput

type GroupPolicyOutput struct{ *pulumi.OutputState }

func (GroupPolicyOutput) ElementType

func (GroupPolicyOutput) ElementType() reflect.Type

func (GroupPolicyOutput) Group

The IAM group to attach to the policy.

func (GroupPolicyOutput) Name

The name of the policy. If omitted, the provider will assign a random, unique name.

func (GroupPolicyOutput) NamePrefix

func (o GroupPolicyOutput) NamePrefix() pulumi.StringPtrOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (GroupPolicyOutput) Policy

The policy document. This is a JSON formatted string.

func (GroupPolicyOutput) ToGroupPolicyOutput

func (o GroupPolicyOutput) ToGroupPolicyOutput() GroupPolicyOutput

func (GroupPolicyOutput) ToGroupPolicyOutputWithContext

func (o GroupPolicyOutput) ToGroupPolicyOutputWithContext(ctx context.Context) GroupPolicyOutput

type GroupPolicyState

type GroupPolicyState struct {
	// The IAM group to attach to the policy.
	Group pulumi.StringPtrInput
	// The name of the policy. If omitted, the provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
}

func (GroupPolicyState) ElementType

func (GroupPolicyState) ElementType() reflect.Type

type GroupState

type GroupState struct {
	// The ARN assigned by AWS for this group.
	Arn pulumi.StringPtrInput
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name pulumi.StringPtrInput
	// Path in which to create the group.
	Path pulumi.StringPtrInput
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (GroupState) ElementType

func (GroupState) ElementType() reflect.Type

type InstanceProfile

type InstanceProfile struct {
	pulumi.CustomResourceState

	// ARN assigned by AWS to the instance profile.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Creation timestamp of the instance profile.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringOutput `pulumi:"namePrefix"`
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// Name of the role to add to the profile.
	Role pulumi.StringPtrOutput `pulumi:"role"`
	// Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// [Unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM instance profile.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"ec2.amazonaws.com",
							},
						},
					},
					Actions: []string{
						"sts:AssumeRole",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			Path:             pulumi.String("/"),
			AssumeRolePolicy: *pulumi.String(assumeRole.Json),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewInstanceProfile(ctx, "testProfile", &iam.InstanceProfileArgs{
			Role: role.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Instance Profiles can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/instanceProfile:InstanceProfile test_profile app-instance-profile-1

```

func GetInstanceProfile

func GetInstanceProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceProfileState, opts ...pulumi.ResourceOption) (*InstanceProfile, error)

GetInstanceProfile gets an existing InstanceProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstanceProfile

func NewInstanceProfile(ctx *pulumi.Context,
	name string, args *InstanceProfileArgs, opts ...pulumi.ResourceOption) (*InstanceProfile, error)

NewInstanceProfile registers a new resource with the given unique name, arguments, and options.

func (*InstanceProfile) ElementType

func (*InstanceProfile) ElementType() reflect.Type

func (*InstanceProfile) ToInstanceProfileOutput

func (i *InstanceProfile) ToInstanceProfileOutput() InstanceProfileOutput

func (*InstanceProfile) ToInstanceProfileOutputWithContext

func (i *InstanceProfile) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput

type InstanceProfileArgs

type InstanceProfileArgs struct {
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrInput
	// Name of the role to add to the profile.
	Role pulumi.Input
	// Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a InstanceProfile resource.

func (InstanceProfileArgs) ElementType

func (InstanceProfileArgs) ElementType() reflect.Type

type InstanceProfileArray

type InstanceProfileArray []InstanceProfileInput

func (InstanceProfileArray) ElementType

func (InstanceProfileArray) ElementType() reflect.Type

func (InstanceProfileArray) ToInstanceProfileArrayOutput

func (i InstanceProfileArray) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput

func (InstanceProfileArray) ToInstanceProfileArrayOutputWithContext

func (i InstanceProfileArray) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput

type InstanceProfileArrayInput

type InstanceProfileArrayInput interface {
	pulumi.Input

	ToInstanceProfileArrayOutput() InstanceProfileArrayOutput
	ToInstanceProfileArrayOutputWithContext(context.Context) InstanceProfileArrayOutput
}

InstanceProfileArrayInput is an input type that accepts InstanceProfileArray and InstanceProfileArrayOutput values. You can construct a concrete instance of `InstanceProfileArrayInput` via:

InstanceProfileArray{ InstanceProfileArgs{...} }

type InstanceProfileArrayOutput

type InstanceProfileArrayOutput struct{ *pulumi.OutputState }

func (InstanceProfileArrayOutput) ElementType

func (InstanceProfileArrayOutput) ElementType() reflect.Type

func (InstanceProfileArrayOutput) Index

func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutput

func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutput() InstanceProfileArrayOutput

func (InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext

func (o InstanceProfileArrayOutput) ToInstanceProfileArrayOutputWithContext(ctx context.Context) InstanceProfileArrayOutput

type InstanceProfileInput

type InstanceProfileInput interface {
	pulumi.Input

	ToInstanceProfileOutput() InstanceProfileOutput
	ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput
}

type InstanceProfileMap

type InstanceProfileMap map[string]InstanceProfileInput

func (InstanceProfileMap) ElementType

func (InstanceProfileMap) ElementType() reflect.Type

func (InstanceProfileMap) ToInstanceProfileMapOutput

func (i InstanceProfileMap) ToInstanceProfileMapOutput() InstanceProfileMapOutput

func (InstanceProfileMap) ToInstanceProfileMapOutputWithContext

func (i InstanceProfileMap) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput

type InstanceProfileMapInput

type InstanceProfileMapInput interface {
	pulumi.Input

	ToInstanceProfileMapOutput() InstanceProfileMapOutput
	ToInstanceProfileMapOutputWithContext(context.Context) InstanceProfileMapOutput
}

InstanceProfileMapInput is an input type that accepts InstanceProfileMap and InstanceProfileMapOutput values. You can construct a concrete instance of `InstanceProfileMapInput` via:

InstanceProfileMap{ "key": InstanceProfileArgs{...} }

type InstanceProfileMapOutput

type InstanceProfileMapOutput struct{ *pulumi.OutputState }

func (InstanceProfileMapOutput) ElementType

func (InstanceProfileMapOutput) ElementType() reflect.Type

func (InstanceProfileMapOutput) MapIndex

func (InstanceProfileMapOutput) ToInstanceProfileMapOutput

func (o InstanceProfileMapOutput) ToInstanceProfileMapOutput() InstanceProfileMapOutput

func (InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext

func (o InstanceProfileMapOutput) ToInstanceProfileMapOutputWithContext(ctx context.Context) InstanceProfileMapOutput

type InstanceProfileOutput

type InstanceProfileOutput struct{ *pulumi.OutputState }

func (InstanceProfileOutput) Arn

ARN assigned by AWS to the instance profile.

func (InstanceProfileOutput) CreateDate

func (o InstanceProfileOutput) CreateDate() pulumi.StringOutput

Creation timestamp of the instance profile.

func (InstanceProfileOutput) ElementType

func (InstanceProfileOutput) ElementType() reflect.Type

func (InstanceProfileOutput) Name

Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.

func (InstanceProfileOutput) NamePrefix

func (o InstanceProfileOutput) NamePrefix() pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (InstanceProfileOutput) Path

Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.

func (InstanceProfileOutput) Role

Name of the role to add to the profile.

func (InstanceProfileOutput) Tags

Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (InstanceProfileOutput) TagsAll

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (InstanceProfileOutput) ToInstanceProfileOutput

func (o InstanceProfileOutput) ToInstanceProfileOutput() InstanceProfileOutput

func (InstanceProfileOutput) ToInstanceProfileOutputWithContext

func (o InstanceProfileOutput) ToInstanceProfileOutputWithContext(ctx context.Context) InstanceProfileOutput

func (InstanceProfileOutput) UniqueId

[Unique ID][1] assigned by AWS.

type InstanceProfileState

type InstanceProfileState struct {
	// ARN assigned by AWS to the instance profile.
	Arn pulumi.StringPtrInput
	// Creation timestamp of the instance profile.
	CreateDate pulumi.StringPtrInput
	// Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `namePrefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
	Path pulumi.StringPtrInput
	// Name of the role to add to the profile.
	Role pulumi.Input
	// Map of resource tags for the IAM Instance Profile. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// [Unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (InstanceProfileState) ElementType

func (InstanceProfileState) ElementType() reflect.Type

type LookupAccountAliasResult

type LookupAccountAliasResult struct {
	// Alias associated with the AWS account.
	AccountAlias string `pulumi:"accountAlias"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
}

A collection of values returned by getAccountAlias.

func LookupAccountAlias

func LookupAccountAlias(ctx *pulumi.Context, opts ...pulumi.InvokeOption) (*LookupAccountAliasResult, error)

The IAM Account Alias data source allows access to the account alias for the effective account in which this provider is working.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := iam.LookupAccountAlias(ctx, nil, nil)
		if err != nil {
			return err
		}
		ctx.Export("accountId", current.AccountAlias)
		return nil
	})
}

```

type LookupGroupArgs

type LookupGroupArgs struct {
	// Friendly IAM group name to match.
	GroupName string `pulumi:"groupName"`
}

A collection of arguments for invoking getGroup.

type LookupGroupOutputArgs

type LookupGroupOutputArgs struct {
	// Friendly IAM group name to match.
	GroupName pulumi.StringInput `pulumi:"groupName"`
}

A collection of arguments for invoking getGroup.

func (LookupGroupOutputArgs) ElementType

func (LookupGroupOutputArgs) ElementType() reflect.Type

type LookupGroupResult

type LookupGroupResult struct {
	// User ARN.
	Arn string `pulumi:"arn"`
	// Stable and unique string identifying the group.
	GroupId   string `pulumi:"groupId"`
	GroupName string `pulumi:"groupName"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Path to the IAM user.
	Path string `pulumi:"path"`
	// List of objects containing group member information. See below.
	Users []GetGroupUser `pulumi:"users"`
}

A collection of values returned by getGroup.

func LookupGroup

func LookupGroup(ctx *pulumi.Context, args *LookupGroupArgs, opts ...pulumi.InvokeOption) (*LookupGroupResult, error)

This data source can be used to fetch information about a specific IAM group. By using this data source, you can reference IAM group properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupGroup(ctx, &iam.LookupGroupArgs{
			GroupName: "an_example_group_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupGroupResultOutput

type LookupGroupResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getGroup.

func (LookupGroupResultOutput) Arn

User ARN.

func (LookupGroupResultOutput) ElementType

func (LookupGroupResultOutput) ElementType() reflect.Type

func (LookupGroupResultOutput) GroupId

Stable and unique string identifying the group.

func (LookupGroupResultOutput) GroupName

func (LookupGroupResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupGroupResultOutput) Path

Path to the IAM user.

func (LookupGroupResultOutput) ToLookupGroupResultOutput

func (o LookupGroupResultOutput) ToLookupGroupResultOutput() LookupGroupResultOutput

func (LookupGroupResultOutput) ToLookupGroupResultOutputWithContext

func (o LookupGroupResultOutput) ToLookupGroupResultOutputWithContext(ctx context.Context) LookupGroupResultOutput

func (LookupGroupResultOutput) Users

List of objects containing group member information. See below.

type LookupInstanceProfileArgs

type LookupInstanceProfileArgs struct {
	// Friendly IAM instance profile name to match.
	Name string `pulumi:"name"`
}

A collection of arguments for invoking getInstanceProfile.

type LookupInstanceProfileOutputArgs

type LookupInstanceProfileOutputArgs struct {
	// Friendly IAM instance profile name to match.
	Name pulumi.StringInput `pulumi:"name"`
}

A collection of arguments for invoking getInstanceProfile.

func (LookupInstanceProfileOutputArgs) ElementType

type LookupInstanceProfileResult

type LookupInstanceProfileResult struct {
	// ARN.
	Arn string `pulumi:"arn"`
	// String representation of the date the instance profile was created.
	CreateDate string `pulumi:"createDate"`
	// The provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// Path to the instance profile.
	Path string `pulumi:"path"`
	// Role ARN associated with this instance profile.
	RoleArn string `pulumi:"roleArn"`
	// Role ID associated with this instance profile.
	RoleId string `pulumi:"roleId"`
	// Role name associated with this instance profile.
	RoleName string `pulumi:"roleName"`
}

A collection of values returned by getInstanceProfile.

func LookupInstanceProfile

func LookupInstanceProfile(ctx *pulumi.Context, args *LookupInstanceProfileArgs, opts ...pulumi.InvokeOption) (*LookupInstanceProfileResult, error)

This data source can be used to fetch information about a specific IAM instance profile. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupInstanceProfile(ctx, &iam.LookupInstanceProfileArgs{
			Name: "an_example_instance_profile_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupInstanceProfileResultOutput

type LookupInstanceProfileResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getInstanceProfile.

func (LookupInstanceProfileResultOutput) Arn

ARN.

func (LookupInstanceProfileResultOutput) CreateDate

String representation of the date the instance profile was created.

func (LookupInstanceProfileResultOutput) ElementType

func (LookupInstanceProfileResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupInstanceProfileResultOutput) Name

func (LookupInstanceProfileResultOutput) Path

Path to the instance profile.

func (LookupInstanceProfileResultOutput) RoleArn

Role ARN associated with this instance profile.

func (LookupInstanceProfileResultOutput) RoleId

Role ID associated with this instance profile.

func (LookupInstanceProfileResultOutput) RoleName

Role name associated with this instance profile.

func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput

func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutput() LookupInstanceProfileResultOutput

func (LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext

func (o LookupInstanceProfileResultOutput) ToLookupInstanceProfileResultOutputWithContext(ctx context.Context) LookupInstanceProfileResultOutput

type LookupOpenIdConnectProviderArgs

type LookupOpenIdConnectProviderArgs struct {
	// ARN of the OpenID Connect provider.
	Arn *string `pulumi:"arn"`
	// Map of resource tags for the IAM OIDC provider.
	Tags map[string]string `pulumi:"tags"`
	// URL of the OpenID Connect provider.
	Url *string `pulumi:"url"`
}

A collection of arguments for invoking getOpenIdConnectProvider.

type LookupOpenIdConnectProviderOutputArgs

type LookupOpenIdConnectProviderOutputArgs struct {
	// ARN of the OpenID Connect provider.
	Arn pulumi.StringPtrInput `pulumi:"arn"`
	// Map of resource tags for the IAM OIDC provider.
	Tags pulumi.StringMapInput `pulumi:"tags"`
	// URL of the OpenID Connect provider.
	Url pulumi.StringPtrInput `pulumi:"url"`
}

A collection of arguments for invoking getOpenIdConnectProvider.

func (LookupOpenIdConnectProviderOutputArgs) ElementType

type LookupOpenIdConnectProviderResult

type LookupOpenIdConnectProviderResult struct {
	Arn string `pulumi:"arn"`
	// List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists []string `pulumi:"clientIdLists"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Map of resource tags for the IAM OIDC provider.
	Tags map[string]string `pulumi:"tags"`
	// List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists []string `pulumi:"thumbprintLists"`
	Url             string   `pulumi:"url"`
}

A collection of values returned by getOpenIdConnectProvider.

func LookupOpenIdConnectProvider

func LookupOpenIdConnectProvider(ctx *pulumi.Context, args *LookupOpenIdConnectProviderArgs, opts ...pulumi.InvokeOption) (*LookupOpenIdConnectProviderResult, error)

This data source can be used to fetch information about a specific IAM OpenID Connect provider. By using this data source, you can retrieve the the resource information by either its `arn` or `url`.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupOpenIdConnectProvider(ctx, &iam.LookupOpenIdConnectProviderArgs{
			Arn: pulumi.StringRef("arn:aws:iam::123456789012:oidc-provider/accounts.google.com"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupOpenIdConnectProvider(ctx, &iam.LookupOpenIdConnectProviderArgs{
			Url: pulumi.StringRef("https://accounts.google.com"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupOpenIdConnectProviderResultOutput

type LookupOpenIdConnectProviderResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getOpenIdConnectProvider.

func (LookupOpenIdConnectProviderResultOutput) Arn

func (LookupOpenIdConnectProviderResultOutput) ClientIdLists

List of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)

func (LookupOpenIdConnectProviderResultOutput) ElementType

func (LookupOpenIdConnectProviderResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupOpenIdConnectProviderResultOutput) Tags

Map of resource tags for the IAM OIDC provider.

func (LookupOpenIdConnectProviderResultOutput) ThumbprintLists

List of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).

func (LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutput

func (o LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutput() LookupOpenIdConnectProviderResultOutput

func (LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutputWithContext

func (o LookupOpenIdConnectProviderResultOutput) ToLookupOpenIdConnectProviderResultOutputWithContext(ctx context.Context) LookupOpenIdConnectProviderResultOutput

func (LookupOpenIdConnectProviderResultOutput) Url

type LookupPolicyArgs

type LookupPolicyArgs struct {
	// ARN of the IAM policy.
	// Conflicts with `name` and `pathPrefix`.
	Arn *string `pulumi:"arn"`
	// Name of the IAM policy.
	// Conflicts with `arn`.
	Name *string `pulumi:"name"`
	// Prefix of the path to the IAM policy.
	// Defaults to a slash (`/`).
	// Conflicts with `arn`.
	PathPrefix *string `pulumi:"pathPrefix"`
	// Key-value mapping of tags for the IAM Policy.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getPolicy.

type LookupPolicyOutputArgs

type LookupPolicyOutputArgs struct {
	// ARN of the IAM policy.
	// Conflicts with `name` and `pathPrefix`.
	Arn pulumi.StringPtrInput `pulumi:"arn"`
	// Name of the IAM policy.
	// Conflicts with `arn`.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// Prefix of the path to the IAM policy.
	// Defaults to a slash (`/`).
	// Conflicts with `arn`.
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
	// Key-value mapping of tags for the IAM Policy.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getPolicy.

func (LookupPolicyOutputArgs) ElementType

func (LookupPolicyOutputArgs) ElementType() reflect.Type

type LookupPolicyResult

type LookupPolicyResult struct {
	// ARN of the policy.
	Arn string `pulumi:"arn"`
	// Description of the policy.
	Description string `pulumi:"description"`
	// The provider-assigned unique ID for this managed resource.
	Id   string `pulumi:"id"`
	Name string `pulumi:"name"`
	// Path to the policy.
	Path       string  `pulumi:"path"`
	PathPrefix *string `pulumi:"pathPrefix"`
	// Policy document of the policy.
	Policy string `pulumi:"policy"`
	// Policy's ID.
	PolicyId string `pulumi:"policyId"`
	// Key-value mapping of tags for the IAM Policy.
	Tags map[string]string `pulumi:"tags"`
}

A collection of values returned by getPolicy.

func LookupPolicy

func LookupPolicy(ctx *pulumi.Context, args *LookupPolicyArgs, opts ...pulumi.InvokeOption) (*LookupPolicyResult, error)

This data source can be used to fetch information about a specific IAM policy.

## Example Usage ### By ARN

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{
			Arn: pulumi.StringRef("arn:aws:iam::123456789012:policy/UsersManageOwnCredentials"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### By Name

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupPolicy(ctx, &iam.LookupPolicyArgs{
			Name: pulumi.StringRef("test_policy"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupPolicyResultOutput

type LookupPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPolicy.

func (LookupPolicyResultOutput) Arn

ARN of the policy.

func (LookupPolicyResultOutput) Description

Description of the policy.

func (LookupPolicyResultOutput) ElementType

func (LookupPolicyResultOutput) ElementType() reflect.Type

func (LookupPolicyResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupPolicyResultOutput) Name

func (LookupPolicyResultOutput) Path

Path to the policy.

func (LookupPolicyResultOutput) PathPrefix

func (LookupPolicyResultOutput) Policy

Policy document of the policy.

func (LookupPolicyResultOutput) PolicyId

Policy's ID.

func (LookupPolicyResultOutput) Tags

Key-value mapping of tags for the IAM Policy.

func (LookupPolicyResultOutput) ToLookupPolicyResultOutput

func (o LookupPolicyResultOutput) ToLookupPolicyResultOutput() LookupPolicyResultOutput

func (LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext

func (o LookupPolicyResultOutput) ToLookupPolicyResultOutputWithContext(ctx context.Context) LookupPolicyResultOutput

type LookupPrincipalPolicySimulationArgs

type LookupPrincipalPolicySimulationArgs struct {
	// A set of IAM action names to run simulations for. Each entry in this set adds an additional hypothetical request to the simulation.
	//
	// Action names consist of a service prefix and an action verb separated by a colon, such as `s3:GetObject`. Refer to [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to see the full set of possible IAM action names across all AWS services.
	ActionNames []string `pulumi:"actionNames"`
	// A set of additional principal policy documents to include in the simulation. The simulator will behave as if each of these policies were associated with the object specified in `policySourceArn`, allowing you to test the effect of hypothetical policies not yet created.
	AdditionalPoliciesJsons []string `pulumi:"additionalPoliciesJsons"`
	// The ARN of an user that will appear as the "caller" of the simulated requests. If you do not specify `callerArn` then the simulation will use the `policySourceArn` instead, if it contains a user ARN.
	CallerArn *string `pulumi:"callerArn"`
	// Each `context` block defines an entry in the table of additional context keys in the simulated request.
	//
	// IAM uses context keys for both custom conditions and for interpolating dynamic request-specific values into policy values. If you use policies that include those features then you will need to provide suitable example values for those keys to achieve a realistic simulation.
	Contexts []GetPrincipalPolicySimulationContext `pulumi:"contexts"`
	// A set of [permissions boundary policy documents](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) to include in the simulation.
	PermissionsBoundaryPoliciesJsons []string `pulumi:"permissionsBoundaryPoliciesJsons"`
	// The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM user, group, or role whose policies will be included in the simulation.
	//
	// You must closely match the form of the real service request you are simulating in order to achieve a realistic result. You can use the following additional arguments to specify other characteristics of the simulated requests:
	PolicySourceArn string `pulumi:"policySourceArn"`
	// A set of ARNs of resources to include in the simulation.
	//
	// This argument is important for actions that have either required or optional resource types listed in [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html), and you must provide ARNs that identify AWS objects of the appropriate types for the chosen actions.
	//
	// The policy simulator only automatically loads policies associated with the `policySourceArn`, so if your given resources have their own resource-level policy then you'll also need to provide that explicitly using the `resourcePolicyJson` argument to achieve a realistic simulation.
	ResourceArns []string `pulumi:"resourceArns"`
	// Specifies a special simulation type to run. Some EC2 actions require special simulation behaviors and a particular set of resource ARNs to achieve a realistic result.
	//
	// For more details, see the `ResourceHandlingOption` request parameter for [the underlying `iam:SimulatePrincipalPolicy` action](https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html).
	ResourceHandlingOption *string `pulumi:"resourceHandlingOption"`
	// An AWS account ID to use for any resource ARN in `resourceArns` that doesn't include its own AWS account ID. If unspecified, the simulator will use the account ID from the `callerArn` argument as a placeholder.
	ResourceOwnerAccountId *string `pulumi:"resourceOwnerAccountId"`
	// An IAM policy document representing the resource-level policy of all of the resources specified in `resourceArns`.
	//
	// The policy simulator cannot automatically load policies that are associated with individual resources, as described in the documentation for `resourceArns` above.
	ResourcePolicyJson *string `pulumi:"resourcePolicyJson"`
}

A collection of arguments for invoking getPrincipalPolicySimulation.

type LookupPrincipalPolicySimulationOutputArgs

type LookupPrincipalPolicySimulationOutputArgs struct {
	// A set of IAM action names to run simulations for. Each entry in this set adds an additional hypothetical request to the simulation.
	//
	// Action names consist of a service prefix and an action verb separated by a colon, such as `s3:GetObject`. Refer to [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) to see the full set of possible IAM action names across all AWS services.
	ActionNames pulumi.StringArrayInput `pulumi:"actionNames"`
	// A set of additional principal policy documents to include in the simulation. The simulator will behave as if each of these policies were associated with the object specified in `policySourceArn`, allowing you to test the effect of hypothetical policies not yet created.
	AdditionalPoliciesJsons pulumi.StringArrayInput `pulumi:"additionalPoliciesJsons"`
	// The ARN of an user that will appear as the "caller" of the simulated requests. If you do not specify `callerArn` then the simulation will use the `policySourceArn` instead, if it contains a user ARN.
	CallerArn pulumi.StringPtrInput `pulumi:"callerArn"`
	// Each `context` block defines an entry in the table of additional context keys in the simulated request.
	//
	// IAM uses context keys for both custom conditions and for interpolating dynamic request-specific values into policy values. If you use policies that include those features then you will need to provide suitable example values for those keys to achieve a realistic simulation.
	Contexts GetPrincipalPolicySimulationContextArrayInput `pulumi:"contexts"`
	// A set of [permissions boundary policy documents](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) to include in the simulation.
	PermissionsBoundaryPoliciesJsons pulumi.StringArrayInput `pulumi:"permissionsBoundaryPoliciesJsons"`
	// The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM user, group, or role whose policies will be included in the simulation.
	//
	// You must closely match the form of the real service request you are simulating in order to achieve a realistic result. You can use the following additional arguments to specify other characteristics of the simulated requests:
	PolicySourceArn pulumi.StringInput `pulumi:"policySourceArn"`
	// A set of ARNs of resources to include in the simulation.
	//
	// This argument is important for actions that have either required or optional resource types listed in [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html), and you must provide ARNs that identify AWS objects of the appropriate types for the chosen actions.
	//
	// The policy simulator only automatically loads policies associated with the `policySourceArn`, so if your given resources have their own resource-level policy then you'll also need to provide that explicitly using the `resourcePolicyJson` argument to achieve a realistic simulation.
	ResourceArns pulumi.StringArrayInput `pulumi:"resourceArns"`
	// Specifies a special simulation type to run. Some EC2 actions require special simulation behaviors and a particular set of resource ARNs to achieve a realistic result.
	//
	// For more details, see the `ResourceHandlingOption` request parameter for [the underlying `iam:SimulatePrincipalPolicy` action](https://docs.aws.amazon.com/IAM/latest/APIReference/API_SimulatePrincipalPolicy.html).
	ResourceHandlingOption pulumi.StringPtrInput `pulumi:"resourceHandlingOption"`
	// An AWS account ID to use for any resource ARN in `resourceArns` that doesn't include its own AWS account ID. If unspecified, the simulator will use the account ID from the `callerArn` argument as a placeholder.
	ResourceOwnerAccountId pulumi.StringPtrInput `pulumi:"resourceOwnerAccountId"`
	// An IAM policy document representing the resource-level policy of all of the resources specified in `resourceArns`.
	//
	// The policy simulator cannot automatically load policies that are associated with individual resources, as described in the documentation for `resourceArns` above.
	ResourcePolicyJson pulumi.StringPtrInput `pulumi:"resourcePolicyJson"`
}

A collection of arguments for invoking getPrincipalPolicySimulation.

func (LookupPrincipalPolicySimulationOutputArgs) ElementType

type LookupPrincipalPolicySimulationResult

type LookupPrincipalPolicySimulationResult struct {
	ActionNames             []string `pulumi:"actionNames"`
	AdditionalPoliciesJsons []string `pulumi:"additionalPoliciesJsons"`
	// `true` if all of the simulation results have decision "allowed", or `false` otherwise.
	AllAllowed                       bool                                  `pulumi:"allAllowed"`
	CallerArn                        *string                               `pulumi:"callerArn"`
	Contexts                         []GetPrincipalPolicySimulationContext `pulumi:"contexts"`
	Id                               string                                `pulumi:"id"`
	PermissionsBoundaryPoliciesJsons []string                              `pulumi:"permissionsBoundaryPoliciesJsons"`
	PolicySourceArn                  string                                `pulumi:"policySourceArn"`
	ResourceArns                     []string                              `pulumi:"resourceArns"`
	ResourceHandlingOption           *string                               `pulumi:"resourceHandlingOption"`
	ResourceOwnerAccountId           *string                               `pulumi:"resourceOwnerAccountId"`
	ResourcePolicyJson               *string                               `pulumi:"resourcePolicyJson"`
	// A set of result objects, one for each of the simulated requests, with the following nested attributes:
	Results []GetPrincipalPolicySimulationResult `pulumi:"results"`
}

A collection of values returned by getPrincipalPolicySimulation.

func LookupPrincipalPolicySimulation

Runs a simulation of the IAM policies of a particular principal against a given hypothetical request.

You can use this data source in conjunction with Preconditions and Postconditions so that your configuration can test either whether it should have sufficient access to do its own work, or whether policies your configuration declares itself are sufficient for their intended use elsewhere.

> **Note:** Correctly using this data source requires familiarity with various details of AWS Identity and Access Management, and how various AWS services integrate with it. For general information on the AWS IAM policy simulator, see [Testing IAM policies with the IAM policy simulator](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html). This data source wraps the `iam:SimulatePrincipalPolicy` API action described on that page.

## Example Usage

type LookupPrincipalPolicySimulationResultOutput

type LookupPrincipalPolicySimulationResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPrincipalPolicySimulation.

func (LookupPrincipalPolicySimulationResultOutput) ActionNames

func (LookupPrincipalPolicySimulationResultOutput) AdditionalPoliciesJsons

func (LookupPrincipalPolicySimulationResultOutput) AllAllowed

`true` if all of the simulation results have decision "allowed", or `false` otherwise.

func (LookupPrincipalPolicySimulationResultOutput) CallerArn

func (LookupPrincipalPolicySimulationResultOutput) Contexts

func (LookupPrincipalPolicySimulationResultOutput) ElementType

func (LookupPrincipalPolicySimulationResultOutput) Id

func (LookupPrincipalPolicySimulationResultOutput) PermissionsBoundaryPoliciesJsons

func (o LookupPrincipalPolicySimulationResultOutput) PermissionsBoundaryPoliciesJsons() pulumi.StringArrayOutput

func (LookupPrincipalPolicySimulationResultOutput) PolicySourceArn

func (LookupPrincipalPolicySimulationResultOutput) ResourceArns

func (LookupPrincipalPolicySimulationResultOutput) ResourceHandlingOption

func (LookupPrincipalPolicySimulationResultOutput) ResourceOwnerAccountId

func (LookupPrincipalPolicySimulationResultOutput) ResourcePolicyJson

func (LookupPrincipalPolicySimulationResultOutput) Results

A set of result objects, one for each of the simulated requests, with the following nested attributes:

func (LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutput

func (o LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutput() LookupPrincipalPolicySimulationResultOutput

func (LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutputWithContext

func (o LookupPrincipalPolicySimulationResultOutput) ToLookupPrincipalPolicySimulationResultOutputWithContext(ctx context.Context) LookupPrincipalPolicySimulationResultOutput

type LookupRoleArgs

type LookupRoleArgs struct {
	// Friendly IAM role name to match.
	Name string `pulumi:"name"`
	// Tags attached to the role.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getRole.

type LookupRoleOutputArgs

type LookupRoleOutputArgs struct {
	// Friendly IAM role name to match.
	Name pulumi.StringInput `pulumi:"name"`
	// Tags attached to the role.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getRole.

func (LookupRoleOutputArgs) ElementType

func (LookupRoleOutputArgs) ElementType() reflect.Type

type LookupRoleResult

type LookupRoleResult struct {
	// ARN of the role.
	Arn string `pulumi:"arn"`
	// Policy document associated with the role.
	AssumeRolePolicy string `pulumi:"assumeRolePolicy"`
	// Creation date of the role in RFC 3339 format.
	CreateDate string `pulumi:"createDate"`
	// Description for the role.
	Description string `pulumi:"description"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Maximum session duration.
	MaxSessionDuration int    `pulumi:"maxSessionDuration"`
	Name               string `pulumi:"name"`
	// Path to the role.
	Path string `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary string `pulumi:"permissionsBoundary"`
	// Contains information about the last time that an IAM role was used. See `roleLastUsed` for details.
	RoleLastUseds []GetRoleRoleLastUsed `pulumi:"roleLastUseds"`
	// Tags attached to the role.
	Tags map[string]string `pulumi:"tags"`
	// Stable and unique string identifying the role.
	UniqueId string `pulumi:"uniqueId"`
}

A collection of values returned by getRole.

func LookupRole

func LookupRole(ctx *pulumi.Context, args *LookupRoleArgs, opts ...pulumi.InvokeOption) (*LookupRoleResult, error)

This data source can be used to fetch information about a specific IAM role. By using this data source, you can reference IAM role properties without having to hard code ARNs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupRole(ctx, &iam.LookupRoleArgs{
			Name: "an_example_role_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupRoleResultOutput

type LookupRoleResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRole.

func (LookupRoleResultOutput) Arn

ARN of the role.

func (LookupRoleResultOutput) AssumeRolePolicy

func (o LookupRoleResultOutput) AssumeRolePolicy() pulumi.StringOutput

Policy document associated with the role.

func (LookupRoleResultOutput) CreateDate

Creation date of the role in RFC 3339 format.

func (LookupRoleResultOutput) Description

func (o LookupRoleResultOutput) Description() pulumi.StringOutput

Description for the role.

func (LookupRoleResultOutput) ElementType

func (LookupRoleResultOutput) ElementType() reflect.Type

func (LookupRoleResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupRoleResultOutput) MaxSessionDuration

func (o LookupRoleResultOutput) MaxSessionDuration() pulumi.IntOutput

Maximum session duration.

func (LookupRoleResultOutput) Name

func (LookupRoleResultOutput) Path

Path to the role.

func (LookupRoleResultOutput) PermissionsBoundary

func (o LookupRoleResultOutput) PermissionsBoundary() pulumi.StringOutput

The ARN of the policy that is used to set the permissions boundary for the role.

func (LookupRoleResultOutput) RoleLastUseds

Contains information about the last time that an IAM role was used. See `roleLastUsed` for details.

func (LookupRoleResultOutput) Tags

Tags attached to the role.

func (LookupRoleResultOutput) ToLookupRoleResultOutput

func (o LookupRoleResultOutput) ToLookupRoleResultOutput() LookupRoleResultOutput

func (LookupRoleResultOutput) ToLookupRoleResultOutputWithContext

func (o LookupRoleResultOutput) ToLookupRoleResultOutputWithContext(ctx context.Context) LookupRoleResultOutput

func (LookupRoleResultOutput) UniqueId

Stable and unique string identifying the role.

type LookupSamlProviderArgs

type LookupSamlProviderArgs struct {
	// ARN assigned by AWS for the provider.
	Arn string `pulumi:"arn"`
	// Tags attached to the SAML provider.
	Tags map[string]string `pulumi:"tags"`
}

A collection of arguments for invoking getSamlProvider.

type LookupSamlProviderOutputArgs

type LookupSamlProviderOutputArgs struct {
	// ARN assigned by AWS for the provider.
	Arn pulumi.StringInput `pulumi:"arn"`
	// Tags attached to the SAML provider.
	Tags pulumi.StringMapInput `pulumi:"tags"`
}

A collection of arguments for invoking getSamlProvider.

func (LookupSamlProviderOutputArgs) ElementType

type LookupSamlProviderResult

type LookupSamlProviderResult struct {
	Arn string `pulumi:"arn"`
	// Creation date of the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.
	CreateDate string `pulumi:"createDate"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Name of the provider.
	Name string `pulumi:"name"`
	// The XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument string `pulumi:"samlMetadataDocument"`
	// Tags attached to the SAML provider.
	Tags map[string]string `pulumi:"tags"`
	// Expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2007 15:04:05 MST`.
	ValidUntil string `pulumi:"validUntil"`
}

A collection of values returned by getSamlProvider.

func LookupSamlProvider

func LookupSamlProvider(ctx *pulumi.Context, args *LookupSamlProviderArgs, opts ...pulumi.InvokeOption) (*LookupSamlProviderResult, error)

This data source can be used to fetch information about a specific IAM SAML provider. This will allow you to easily retrieve the metadata document of an existing SAML provider.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupSamlProvider(ctx, &iam.LookupSamlProviderArgs{
			Arn: "arn:aws:iam::123456789:saml-provider/myprovider",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSamlProviderResultOutput

type LookupSamlProviderResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSamlProvider.

func (LookupSamlProviderResultOutput) Arn

func (LookupSamlProviderResultOutput) CreateDate

Creation date of the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.

func (LookupSamlProviderResultOutput) ElementType

func (LookupSamlProviderResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupSamlProviderResultOutput) Name

Name of the provider.

func (LookupSamlProviderResultOutput) SamlMetadataDocument

func (o LookupSamlProviderResultOutput) SamlMetadataDocument() pulumi.StringOutput

The XML document generated by an identity provider that supports SAML 2.0.

func (LookupSamlProviderResultOutput) Tags

Tags attached to the SAML provider.

func (LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutput

func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutput() LookupSamlProviderResultOutput

func (LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutputWithContext

func (o LookupSamlProviderResultOutput) ToLookupSamlProviderResultOutputWithContext(ctx context.Context) LookupSamlProviderResultOutput

func (LookupSamlProviderResultOutput) ValidUntil

Expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2007 15:04:05 MST`.

type LookupServerCertificateArgs

type LookupServerCertificateArgs struct {
	// sort results by expiration date. returns the certificate with expiration date in furthest in the future.
	Latest *bool `pulumi:"latest"`
	// exact name of the cert to lookup
	Name *string `pulumi:"name"`
	// prefix of cert to filter by
	NamePrefix *string `pulumi:"namePrefix"`
	// prefix of path to filter by
	PathPrefix *string `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getServerCertificate.

type LookupServerCertificateOutputArgs

type LookupServerCertificateOutputArgs struct {
	// sort results by expiration date. returns the certificate with expiration date in furthest in the future.
	Latest pulumi.BoolPtrInput `pulumi:"latest"`
	// exact name of the cert to lookup
	Name pulumi.StringPtrInput `pulumi:"name"`
	// prefix of cert to filter by
	NamePrefix pulumi.StringPtrInput `pulumi:"namePrefix"`
	// prefix of path to filter by
	PathPrefix pulumi.StringPtrInput `pulumi:"pathPrefix"`
}

A collection of arguments for invoking getServerCertificate.

func (LookupServerCertificateOutputArgs) ElementType

type LookupServerCertificateResult

type LookupServerCertificateResult struct {
	// is set to the ARN of the IAM Server Certificate
	Arn string `pulumi:"arn"`
	// is the public key certificate (PEM-encoded). This is useful when [configuring back-end instance authentication](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html) policy for load balancer
	CertificateBody string `pulumi:"certificateBody"`
	// is the public key certificate chain (PEM-encoded) if exists, empty otherwise
	CertificateChain string `pulumi:"certificateChain"`
	// is set to the expiration date of the IAM Server Certificate
	ExpirationDate string `pulumi:"expirationDate"`
	// The provider-assigned unique ID for this managed resource.
	Id         string  `pulumi:"id"`
	Latest     *bool   `pulumi:"latest"`
	Name       string  `pulumi:"name"`
	NamePrefix *string `pulumi:"namePrefix"`
	// is set to the path of the IAM Server Certificate
	Path       string  `pulumi:"path"`
	PathPrefix *string `pulumi:"pathPrefix"`
	// is the date when the server certificate was uploaded
	UploadDate string `pulumi:"uploadDate"`
}

A collection of values returned by getServerCertificate.

func LookupServerCertificate

func LookupServerCertificate(ctx *pulumi.Context, args *LookupServerCertificateArgs, opts ...pulumi.InvokeOption) (*LookupServerCertificateResult, error)

Use this data source to lookup information about IAM Server Certificates.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		my_domain, err := iam.LookupServerCertificate(ctx, &iam.LookupServerCertificateArgs{
			NamePrefix: pulumi.StringRef("my-domain.org"),
			Latest:     pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		_, err = elb.NewLoadBalancer(ctx, "elb", &elb.LoadBalancerArgs{
			Listeners: elb.LoadBalancerListenerArray{
				&elb.LoadBalancerListenerArgs{
					InstancePort:     pulumi.Int(8000),
					InstanceProtocol: pulumi.String("https"),
					LbPort:           pulumi.Int(443),
					LbProtocol:       pulumi.String("https"),
					SslCertificateId: *pulumi.String(my_domain.Arn),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupServerCertificateResultOutput

type LookupServerCertificateResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getServerCertificate.

func (LookupServerCertificateResultOutput) Arn

is set to the ARN of the IAM Server Certificate

func (LookupServerCertificateResultOutput) CertificateBody

is the public key certificate (PEM-encoded). This is useful when [configuring back-end instance authentication](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html) policy for load balancer

func (LookupServerCertificateResultOutput) CertificateChain

is the public key certificate chain (PEM-encoded) if exists, empty otherwise

func (LookupServerCertificateResultOutput) ElementType

func (LookupServerCertificateResultOutput) ExpirationDate

is set to the expiration date of the IAM Server Certificate

func (LookupServerCertificateResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupServerCertificateResultOutput) Latest

func (LookupServerCertificateResultOutput) Name

func (LookupServerCertificateResultOutput) NamePrefix

func (LookupServerCertificateResultOutput) Path

is set to the path of the IAM Server Certificate

func (LookupServerCertificateResultOutput) PathPrefix

func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput

func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutput() LookupServerCertificateResultOutput

func (LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext

func (o LookupServerCertificateResultOutput) ToLookupServerCertificateResultOutputWithContext(ctx context.Context) LookupServerCertificateResultOutput

func (LookupServerCertificateResultOutput) UploadDate

is the date when the server certificate was uploaded

type LookupUserArgs

type LookupUserArgs struct {
	// Map of key-value pairs associated with the user.
	Tags map[string]string `pulumi:"tags"`
	// Friendly IAM user name to match.
	UserName string `pulumi:"userName"`
}

A collection of arguments for invoking getUser.

type LookupUserOutputArgs

type LookupUserOutputArgs struct {
	// Map of key-value pairs associated with the user.
	Tags pulumi.StringMapInput `pulumi:"tags"`
	// Friendly IAM user name to match.
	UserName pulumi.StringInput `pulumi:"userName"`
}

A collection of arguments for invoking getUser.

func (LookupUserOutputArgs) ElementType

func (LookupUserOutputArgs) ElementType() reflect.Type

type LookupUserResult

type LookupUserResult struct {
	// ARN assigned by AWS for this user.
	Arn string `pulumi:"arn"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// Path in which this user was created.
	Path string `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary string `pulumi:"permissionsBoundary"`
	// Map of key-value pairs associated with the user.
	Tags map[string]string `pulumi:"tags"`
	// Unique ID assigned by AWS for this user.
	UserId string `pulumi:"userId"`
	// Name associated to this User
	UserName string `pulumi:"userName"`
}

A collection of values returned by getUser.

func LookupUser

func LookupUser(ctx *pulumi.Context, args *LookupUserArgs, opts ...pulumi.InvokeOption) (*LookupUserResult, error)

This data source can be used to fetch information about a specific IAM user. By using this data source, you can reference IAM user properties without having to hard code ARNs or unique IDs as input.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.LookupUser(ctx, &iam.LookupUserArgs{
			UserName: "an_example_user_name",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupUserResultOutput

type LookupUserResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getUser.

func (LookupUserResultOutput) Arn

ARN assigned by AWS for this user.

func (LookupUserResultOutput) ElementType

func (LookupUserResultOutput) ElementType() reflect.Type

func (LookupUserResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupUserResultOutput) Path

Path in which this user was created.

func (LookupUserResultOutput) PermissionsBoundary

func (o LookupUserResultOutput) PermissionsBoundary() pulumi.StringOutput

The ARN of the policy that is used to set the permissions boundary for the user.

func (LookupUserResultOutput) Tags

Map of key-value pairs associated with the user.

func (LookupUserResultOutput) ToLookupUserResultOutput

func (o LookupUserResultOutput) ToLookupUserResultOutput() LookupUserResultOutput

func (LookupUserResultOutput) ToLookupUserResultOutputWithContext

func (o LookupUserResultOutput) ToLookupUserResultOutputWithContext(ctx context.Context) LookupUserResultOutput

func (LookupUserResultOutput) UserId

Unique ID assigned by AWS for this user.

func (LookupUserResultOutput) UserName

Name associated to this User

type ManagedPolicy

type ManagedPolicy string

func (ManagedPolicy) ElementType

func (ManagedPolicy) ElementType() reflect.Type

func (ManagedPolicy) ToManagedPolicyOutput

func (e ManagedPolicy) ToManagedPolicyOutput() ManagedPolicyOutput

func (ManagedPolicy) ToManagedPolicyOutputWithContext

func (e ManagedPolicy) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput

func (ManagedPolicy) ToManagedPolicyPtrOutput

func (e ManagedPolicy) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicy) ToManagedPolicyPtrOutputWithContext

func (e ManagedPolicy) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicy) ToStringOutput

func (e ManagedPolicy) ToStringOutput() pulumi.StringOutput

func (ManagedPolicy) ToStringOutputWithContext

func (e ManagedPolicy) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ManagedPolicy) ToStringPtrOutput

func (e ManagedPolicy) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicy) ToStringPtrOutputWithContext

func (e ManagedPolicy) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ManagedPolicyInput

type ManagedPolicyInput interface {
	pulumi.Input

	ToManagedPolicyOutput() ManagedPolicyOutput
	ToManagedPolicyOutputWithContext(context.Context) ManagedPolicyOutput
}

ManagedPolicyInput is an input type that accepts ManagedPolicyArgs and ManagedPolicyOutput values. You can construct a concrete instance of `ManagedPolicyInput` via:

ManagedPolicyArgs{...}

type ManagedPolicyOutput

type ManagedPolicyOutput struct{ *pulumi.OutputState }

func (ManagedPolicyOutput) ElementType

func (ManagedPolicyOutput) ElementType() reflect.Type

func (ManagedPolicyOutput) ToManagedPolicyOutput

func (o ManagedPolicyOutput) ToManagedPolicyOutput() ManagedPolicyOutput

func (ManagedPolicyOutput) ToManagedPolicyOutputWithContext

func (o ManagedPolicyOutput) ToManagedPolicyOutputWithContext(ctx context.Context) ManagedPolicyOutput

func (ManagedPolicyOutput) ToManagedPolicyPtrOutput

func (o ManagedPolicyOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext

func (o ManagedPolicyOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicyOutput) ToStringOutput

func (o ManagedPolicyOutput) ToStringOutput() pulumi.StringOutput

func (ManagedPolicyOutput) ToStringOutputWithContext

func (o ManagedPolicyOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (ManagedPolicyOutput) ToStringPtrOutput

func (o ManagedPolicyOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicyOutput) ToStringPtrOutputWithContext

func (o ManagedPolicyOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type ManagedPolicyPtrInput

type ManagedPolicyPtrInput interface {
	pulumi.Input

	ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput
	ToManagedPolicyPtrOutputWithContext(context.Context) ManagedPolicyPtrOutput
}

func ManagedPolicyPtr

func ManagedPolicyPtr(v string) ManagedPolicyPtrInput

type ManagedPolicyPtrOutput

type ManagedPolicyPtrOutput struct{ *pulumi.OutputState }

func (ManagedPolicyPtrOutput) Elem

func (ManagedPolicyPtrOutput) ElementType

func (ManagedPolicyPtrOutput) ElementType() reflect.Type

func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput

func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutput() ManagedPolicyPtrOutput

func (ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext

func (o ManagedPolicyPtrOutput) ToManagedPolicyPtrOutputWithContext(ctx context.Context) ManagedPolicyPtrOutput

func (ManagedPolicyPtrOutput) ToStringPtrOutput

func (o ManagedPolicyPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (ManagedPolicyPtrOutput) ToStringPtrOutputWithContext

func (o ManagedPolicyPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type OpenIdConnectProvider

type OpenIdConnectProvider struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayOutput `pulumi:"clientIdLists"`
	// Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayOutput `pulumi:"thumbprintLists"`
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringOutput `pulumi:"url"`
}

Provides an IAM OpenID Connect provider.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewOpenIdConnectProvider(ctx, "default", &iam.OpenIdConnectProviderArgs{
			ClientIdLists: pulumi.StringArray{
				pulumi.String("266362248691-342342xasdasdasda-apps.googleusercontent.com"),
			},
			ThumbprintLists: pulumi.StringArray{
				pulumi.String("cf23df2207d99a74fbe169e3eba035e633b65d94"),
			},
			Url: pulumi.String("https://accounts.google.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM OpenID Connect Providers can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/openIdConnectProvider:OpenIdConnectProvider default arn:aws:iam::123456789012:oidc-provider/accounts.google.com

```

func GetOpenIdConnectProvider

func GetOpenIdConnectProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *OpenIdConnectProviderState, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)

GetOpenIdConnectProvider gets an existing OpenIdConnectProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOpenIdConnectProvider

func NewOpenIdConnectProvider(ctx *pulumi.Context,
	name string, args *OpenIdConnectProviderArgs, opts ...pulumi.ResourceOption) (*OpenIdConnectProvider, error)

NewOpenIdConnectProvider registers a new resource with the given unique name, arguments, and options.

func (*OpenIdConnectProvider) ElementType

func (*OpenIdConnectProvider) ElementType() reflect.Type

func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutput

func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput

func (*OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext

func (i *OpenIdConnectProvider) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput

type OpenIdConnectProviderArgs

type OpenIdConnectProviderArgs struct {
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayInput
	// Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayInput
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringInput
}

The set of arguments for constructing a OpenIdConnectProvider resource.

func (OpenIdConnectProviderArgs) ElementType

func (OpenIdConnectProviderArgs) ElementType() reflect.Type

type OpenIdConnectProviderArray

type OpenIdConnectProviderArray []OpenIdConnectProviderInput

func (OpenIdConnectProviderArray) ElementType

func (OpenIdConnectProviderArray) ElementType() reflect.Type

func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput

func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput

func (OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext

func (i OpenIdConnectProviderArray) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderArrayInput

type OpenIdConnectProviderArrayInput interface {
	pulumi.Input

	ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput
	ToOpenIdConnectProviderArrayOutputWithContext(context.Context) OpenIdConnectProviderArrayOutput
}

OpenIdConnectProviderArrayInput is an input type that accepts OpenIdConnectProviderArray and OpenIdConnectProviderArrayOutput values. You can construct a concrete instance of `OpenIdConnectProviderArrayInput` via:

OpenIdConnectProviderArray{ OpenIdConnectProviderArgs{...} }

type OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderArrayOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderArrayOutput) ElementType

func (OpenIdConnectProviderArrayOutput) Index

func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput

func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutput() OpenIdConnectProviderArrayOutput

func (OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext

func (o OpenIdConnectProviderArrayOutput) ToOpenIdConnectProviderArrayOutputWithContext(ctx context.Context) OpenIdConnectProviderArrayOutput

type OpenIdConnectProviderInput

type OpenIdConnectProviderInput interface {
	pulumi.Input

	ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput
	ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput
}

type OpenIdConnectProviderMap

type OpenIdConnectProviderMap map[string]OpenIdConnectProviderInput

func (OpenIdConnectProviderMap) ElementType

func (OpenIdConnectProviderMap) ElementType() reflect.Type

func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput

func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput

func (OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext

func (i OpenIdConnectProviderMap) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput

type OpenIdConnectProviderMapInput

type OpenIdConnectProviderMapInput interface {
	pulumi.Input

	ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput
	ToOpenIdConnectProviderMapOutputWithContext(context.Context) OpenIdConnectProviderMapOutput
}

OpenIdConnectProviderMapInput is an input type that accepts OpenIdConnectProviderMap and OpenIdConnectProviderMapOutput values. You can construct a concrete instance of `OpenIdConnectProviderMapInput` via:

OpenIdConnectProviderMap{ "key": OpenIdConnectProviderArgs{...} }

type OpenIdConnectProviderMapOutput

type OpenIdConnectProviderMapOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderMapOutput) ElementType

func (OpenIdConnectProviderMapOutput) MapIndex

func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput

func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutput() OpenIdConnectProviderMapOutput

func (OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext

func (o OpenIdConnectProviderMapOutput) ToOpenIdConnectProviderMapOutputWithContext(ctx context.Context) OpenIdConnectProviderMapOutput

type OpenIdConnectProviderOutput

type OpenIdConnectProviderOutput struct{ *pulumi.OutputState }

func (OpenIdConnectProviderOutput) Arn

The ARN assigned by AWS for this provider.

func (OpenIdConnectProviderOutput) ClientIdLists

A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)

func (OpenIdConnectProviderOutput) ElementType

func (OpenIdConnectProviderOutput) Tags

Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (OpenIdConnectProviderOutput) TagsAll

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (OpenIdConnectProviderOutput) ThumbprintLists

A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).

func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput

func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutput() OpenIdConnectProviderOutput

func (OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext

func (o OpenIdConnectProviderOutput) ToOpenIdConnectProviderOutputWithContext(ctx context.Context) OpenIdConnectProviderOutput

func (OpenIdConnectProviderOutput) Url

The URL of the identity provider. Corresponds to the _iss_ claim.

type OpenIdConnectProviderState

type OpenIdConnectProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringPtrInput
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the clientId parameter on OAuth requests.)
	ClientIdLists pulumi.StringArrayInput
	// Map of resource tags for the IAM OIDC provider. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists pulumi.StringArrayInput
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url pulumi.StringPtrInput
}

func (OpenIdConnectProviderState) ElementType

func (OpenIdConnectProviderState) ElementType() reflect.Type

type Policy

type Policy struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS to this policy.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Description of the IAM policy.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the policy. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringOutput `pulumi:"namePrefix"`
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// The policy's ID.
	PolicyId pulumi.StringOutput `pulumi:"policyId"`
	// Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
}

Provides an IAM policy.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Path:        pulumi.String("/"),
			Description: pulumi.String("My test policy"),
			Policy:      pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Policies can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/policy:Policy administrator arn:aws:iam::123456789012:policy/UsersManageOwnCredentials

```

func GetPolicy

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs

type PolicyArgs struct {
	// Description of the IAM policy.
	Description pulumi.StringPtrInput
	// The name of the policy. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray

type PolicyArray []PolicyInput

func (PolicyArray) ElementType

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via:

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index

func (PolicyArrayOutput) ToPolicyArrayOutput

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyAttachment

type PolicyAttachment struct {
	pulumi.CustomResourceState

	// The group(s) the policy should be applied to
	Groups pulumi.StringArrayOutput `pulumi:"groups"`
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The role(s) the policy should be applied to
	Roles pulumi.StringArrayOutput `pulumi:"roles"`
	// The user(s) the policy should be applied to
	Users pulumi.StringArrayOutput `pulumi:"users"`
}

Attaches a Managed IAM Policy to user(s), role(s), and/or group(s)

!> **WARNING:** The iam.PolicyAttachment resource creates **exclusive** attachments of IAM policies. Across the entire AWS account, all of the users/roles/groups to which a single policy is attached must be declared by a single iam.PolicyAttachment resource. This means that even any users/roles/groups that have the attached policy via any other mechanism (including other resources managed by this provider) will have that attached policy revoked by this resource. Consider `iam.RolePolicyAttachment`, `iam.UserPolicyAttachment`, or `iam.GroupPolicyAttachment` instead. These resources do not enforce exclusive attachment of an IAM policy.

> **NOTE:** The usage of this resource conflicts with the `iam.GroupPolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.UserPolicyAttachment` resources and will permanently show a difference if both are defined.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user, err := iam.NewUser(ctx, "user", nil)
		if err != nil {
			return err
		}
		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"ec2.amazonaws.com",
							},
						},
					},
					Actions: []string{
						"sts:AssumeRole",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			AssumeRolePolicy: *pulumi.String(assumeRole.Json),
		})
		if err != nil {
			return err
		}
		group, err := iam.NewGroup(ctx, "group", nil)
		if err != nil {
			return err
		}
		policyPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Actions: []string{
						"ec2:Describe*",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		policyPolicy, err := iam.NewPolicy(ctx, "policyPolicy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      *pulumi.String(policyPolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewPolicyAttachment(ctx, "test-attach", &iam.PolicyAttachmentArgs{
			Users: pulumi.AnyArray{
				user.Name,
			},
			Roles: pulumi.AnyArray{
				role.Name,
			},
			Groups: pulumi.AnyArray{
				group.Name,
			},
			PolicyArn: policyPolicy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetPolicyAttachment

func GetPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyAttachmentState, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)

GetPolicyAttachment gets an existing PolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicyAttachment

func NewPolicyAttachment(ctx *pulumi.Context,
	name string, args *PolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*PolicyAttachment, error)

NewPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*PolicyAttachment) ElementType

func (*PolicyAttachment) ElementType() reflect.Type

func (*PolicyAttachment) ToPolicyAttachmentOutput

func (i *PolicyAttachment) ToPolicyAttachmentOutput() PolicyAttachmentOutput

func (*PolicyAttachment) ToPolicyAttachmentOutputWithContext

func (i *PolicyAttachment) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput

type PolicyAttachmentArgs

type PolicyAttachmentArgs struct {
	// The group(s) the policy should be applied to
	Groups pulumi.ArrayInput
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringPtrInput
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The role(s) the policy should be applied to
	Roles pulumi.ArrayInput
	// The user(s) the policy should be applied to
	Users pulumi.ArrayInput
}

The set of arguments for constructing a PolicyAttachment resource.

func (PolicyAttachmentArgs) ElementType

func (PolicyAttachmentArgs) ElementType() reflect.Type

type PolicyAttachmentArray

type PolicyAttachmentArray []PolicyAttachmentInput

func (PolicyAttachmentArray) ElementType

func (PolicyAttachmentArray) ElementType() reflect.Type

func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutput

func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput

func (PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext

func (i PolicyAttachmentArray) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput

type PolicyAttachmentArrayInput

type PolicyAttachmentArrayInput interface {
	pulumi.Input

	ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput
	ToPolicyAttachmentArrayOutputWithContext(context.Context) PolicyAttachmentArrayOutput
}

PolicyAttachmentArrayInput is an input type that accepts PolicyAttachmentArray and PolicyAttachmentArrayOutput values. You can construct a concrete instance of `PolicyAttachmentArrayInput` via:

PolicyAttachmentArray{ PolicyAttachmentArgs{...} }

type PolicyAttachmentArrayOutput

type PolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentArrayOutput) ElementType

func (PolicyAttachmentArrayOutput) Index

func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput

func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutput() PolicyAttachmentArrayOutput

func (PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext

func (o PolicyAttachmentArrayOutput) ToPolicyAttachmentArrayOutputWithContext(ctx context.Context) PolicyAttachmentArrayOutput

type PolicyAttachmentInput

type PolicyAttachmentInput interface {
	pulumi.Input

	ToPolicyAttachmentOutput() PolicyAttachmentOutput
	ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput
}

type PolicyAttachmentMap

type PolicyAttachmentMap map[string]PolicyAttachmentInput

func (PolicyAttachmentMap) ElementType

func (PolicyAttachmentMap) ElementType() reflect.Type

func (PolicyAttachmentMap) ToPolicyAttachmentMapOutput

func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput

func (PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext

func (i PolicyAttachmentMap) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput

type PolicyAttachmentMapInput

type PolicyAttachmentMapInput interface {
	pulumi.Input

	ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput
	ToPolicyAttachmentMapOutputWithContext(context.Context) PolicyAttachmentMapOutput
}

PolicyAttachmentMapInput is an input type that accepts PolicyAttachmentMap and PolicyAttachmentMapOutput values. You can construct a concrete instance of `PolicyAttachmentMapInput` via:

PolicyAttachmentMap{ "key": PolicyAttachmentArgs{...} }

type PolicyAttachmentMapOutput

type PolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentMapOutput) ElementType

func (PolicyAttachmentMapOutput) ElementType() reflect.Type

func (PolicyAttachmentMapOutput) MapIndex

func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput

func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutput() PolicyAttachmentMapOutput

func (PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext

func (o PolicyAttachmentMapOutput) ToPolicyAttachmentMapOutputWithContext(ctx context.Context) PolicyAttachmentMapOutput

type PolicyAttachmentOutput

type PolicyAttachmentOutput struct{ *pulumi.OutputState }

func (PolicyAttachmentOutput) ElementType

func (PolicyAttachmentOutput) ElementType() reflect.Type

func (PolicyAttachmentOutput) Groups

The group(s) the policy should be applied to

func (PolicyAttachmentOutput) Name

The name of the attachment. This cannot be an empty string.

func (PolicyAttachmentOutput) PolicyArn

The ARN of the policy you want to apply

func (PolicyAttachmentOutput) Roles

The role(s) the policy should be applied to

func (PolicyAttachmentOutput) ToPolicyAttachmentOutput

func (o PolicyAttachmentOutput) ToPolicyAttachmentOutput() PolicyAttachmentOutput

func (PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext

func (o PolicyAttachmentOutput) ToPolicyAttachmentOutputWithContext(ctx context.Context) PolicyAttachmentOutput

func (PolicyAttachmentOutput) Users

The user(s) the policy should be applied to

type PolicyAttachmentState

type PolicyAttachmentState struct {
	// The group(s) the policy should be applied to
	Groups pulumi.ArrayInput
	// The name of the attachment. This cannot be an empty string.
	Name pulumi.StringPtrInput
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The role(s) the policy should be applied to
	Roles pulumi.ArrayInput
	// The user(s) the policy should be applied to
	Users pulumi.ArrayInput
}

func (PolicyAttachmentState) ElementType

func (PolicyAttachmentState) ElementType() reflect.Type

type PolicyInput

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via:

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex

func (PolicyMapOutput) ToPolicyMapOutput

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) Arn

The ARN assigned by AWS to this policy.

func (PolicyOutput) Description

func (o PolicyOutput) Description() pulumi.StringPtrOutput

Description of the IAM policy.

func (PolicyOutput) ElementType

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) Name

func (o PolicyOutput) Name() pulumi.StringOutput

The name of the policy. If omitted, the provider will assign a random, unique name.

func (PolicyOutput) NamePrefix

func (o PolicyOutput) NamePrefix() pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (PolicyOutput) Path

Path in which to create the policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.

func (PolicyOutput) Policy

func (o PolicyOutput) Policy() pulumi.StringOutput

The policy document. This is a JSON formatted string.

func (PolicyOutput) PolicyId

func (o PolicyOutput) PolicyId() pulumi.StringOutput

The policy's ID.

func (PolicyOutput) Tags

Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (PolicyOutput) TagsAll

func (o PolicyOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (PolicyOutput) ToPolicyOutput

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyState

type PolicyState struct {
	// The ARN assigned by AWS to this policy.
	Arn pulumi.StringPtrInput
	// Description of the IAM policy.
	Description pulumi.StringPtrInput
	// The name of the policy. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// The policy's ID.
	PolicyId pulumi.StringPtrInput
	// Map of resource tags for the IAM Policy. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
}

func (PolicyState) ElementType

func (PolicyState) ElementType() reflect.Type

type Role

type Role struct {
	pulumi.CustomResourceState

	// Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Policy that grants an entity permission to assume the role.
	//
	// > **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource.  However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works.
	//
	// The following arguments are optional:
	AssumeRolePolicy pulumi.StringOutput `pulumi:"assumeRolePolicy"`
	// Creation date of the IAM role.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Description of the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrOutput `pulumi:"forceDetachPolicies"`
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies    RoleInlinePolicyArrayOutput `pulumi:"inlinePolicies"`
	ManagedPolicyArns pulumi.StringArrayOutput    `pulumi:"managedPolicyArns"`
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrOutput `pulumi:"maxSessionDuration"`
	// Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringOutput `pulumi:"namePrefix"`
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"`
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Stable and unique string identifying the role.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM role.

> **NOTE:** If policies are attached to the role via the `iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `forceDetachPolicies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.RolePolicyAttachment` resource (recommended) does not have this requirement.

> **NOTE:** If you use this resource's `managedPolicyArns` argument or `inlinePolicy` configuration blocks, this resource will take over exclusive management of the role's respective policy types (e.g., both policy types if both arguments are used). These arguments are incompatible with other ways of managing a role's policies, such as `iam.PolicyAttachment`, `iam.RolePolicyAttachment`, and `iam.RolePolicy`. If you attempt to manage a role's policies by multiple means, you will get resource cycling and/or errors.

## Example Usage ### Basic Example

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": "sts:AssumeRole",
					"Effect": "Allow",
					"Sid":    "",
					"Principal": map[string]interface{}{
						"Service": "ec2.amazonaws.com",
					},
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewRole(ctx, "testRole", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.String(json0),
			Tags: pulumi.StringMap{
				"tag-key": pulumi.String("tag-value"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Using Data Source for Assume Role Policy

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		instanceAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Actions: []string{
						"sts:AssumeRole",
					},
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"ec2.amazonaws.com",
							},
						},
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewRole(ctx, "instance", &iam.RoleArgs{
			Path:             pulumi.String("/system/"),
			AssumeRolePolicy: *pulumi.String(instanceAssumeRolePolicy.Json),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Exclusive Inline Policies

This example creates an IAM role with two inline IAM policies. If someone adds another inline policy out-of-band, on the next apply, this provider will remove that policy. If someone deletes these policies out-of-band, this provider will recreate them.

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		inlinePolicy, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Actions: []string{
						"ec2:DescribeAccountAttributes",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			InlinePolicies: iam.RoleInlinePolicyArray{
				&iam.RoleInlinePolicyArgs{
					Name:   pulumi.String("my_inline_policy"),
					Policy: pulumi.String(json0),
				},
				&iam.RoleInlinePolicyArgs{
					Name:   pulumi.String("policy-8675309"),
					Policy: *pulumi.String(inlinePolicy.Json),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Removing Inline Policies

This example creates an IAM role with what appears to be empty IAM `inlinePolicy` argument instead of using `inlinePolicy` as a configuration block. The result is that if someone were to add an inline policy out-of-band, on the next apply, this provider will remove that policy.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			InlinePolicies: iam.RoleInlinePolicyArray{
				nil,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Exclusive Managed Policies

This example creates an IAM role and attaches two managed IAM policies. If someone attaches another managed policy out-of-band, on the next apply, this provider will detach that policy. If someone detaches these policies out-of-band, this provider will attach them again.

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		policyOne, err := iam.NewPolicy(ctx, "policyOne", &iam.PolicyArgs{
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		tmpJSON1, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"s3:ListAllMyBuckets",
						"s3:ListBucket",
						"s3:HeadBucket",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json1 := string(tmpJSON1)
		policyTwo, err := iam.NewPolicy(ctx, "policyTwo", &iam.PolicyArgs{
			Policy: pulumi.String(json1),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			ManagedPolicyArns: pulumi.StringArray{
				policyOne.Arn,
				policyTwo.Arn,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Example of Removing Managed Policies

This example creates an IAM role with an empty `managedPolicyArns` argument. If someone attaches a policy out-of-band, on the next apply, this provider will detach that policy.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
			AssumeRolePolicy:  pulumi.Any(data.Aws_iam_policy_document.Instance_assume_role_policy.Json),
			ManagedPolicyArns: pulumi.StringArray{},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Roles can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/role:Role developer developer_name

```

func GetRole

func GetRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RoleState, opts ...pulumi.ResourceOption) (*Role, error)

GetRole gets an existing Role resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRole

func NewRole(ctx *pulumi.Context,
	name string, args *RoleArgs, opts ...pulumi.ResourceOption) (*Role, error)

NewRole registers a new resource with the given unique name, arguments, and options.

func (*Role) ElementType

func (*Role) ElementType() reflect.Type

func (*Role) ToRoleOutput

func (i *Role) ToRoleOutput() RoleOutput

func (*Role) ToRoleOutputWithContext

func (i *Role) ToRoleOutputWithContext(ctx context.Context) RoleOutput

type RoleArgs

type RoleArgs struct {
	// Policy that grants an entity permission to assume the role.
	//
	// > **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource.  However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works.
	//
	// The following arguments are optional:
	AssumeRolePolicy pulumi.Input
	// Description of the role.
	Description pulumi.StringPtrInput
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrInput
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies    RoleInlinePolicyArrayInput
	ManagedPolicyArns pulumi.StringArrayInput
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrInput
	// Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Name pulumi.StringPtrInput
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Role resource.

func (RoleArgs) ElementType

func (RoleArgs) ElementType() reflect.Type

type RoleArray

type RoleArray []RoleInput

func (RoleArray) ElementType

func (RoleArray) ElementType() reflect.Type

func (RoleArray) ToRoleArrayOutput

func (i RoleArray) ToRoleArrayOutput() RoleArrayOutput

func (RoleArray) ToRoleArrayOutputWithContext

func (i RoleArray) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput

type RoleArrayInput

type RoleArrayInput interface {
	pulumi.Input

	ToRoleArrayOutput() RoleArrayOutput
	ToRoleArrayOutputWithContext(context.Context) RoleArrayOutput
}

RoleArrayInput is an input type that accepts RoleArray and RoleArrayOutput values. You can construct a concrete instance of `RoleArrayInput` via:

RoleArray{ RoleArgs{...} }

type RoleArrayOutput

type RoleArrayOutput struct{ *pulumi.OutputState }

func (RoleArrayOutput) ElementType

func (RoleArrayOutput) ElementType() reflect.Type

func (RoleArrayOutput) Index

func (RoleArrayOutput) ToRoleArrayOutput

func (o RoleArrayOutput) ToRoleArrayOutput() RoleArrayOutput

func (RoleArrayOutput) ToRoleArrayOutputWithContext

func (o RoleArrayOutput) ToRoleArrayOutputWithContext(ctx context.Context) RoleArrayOutput

type RoleInlinePolicy

type RoleInlinePolicy struct {
	// Name of the role policy.
	Name *string `pulumi:"name"`
	// Policy document as a JSON formatted string.
	Policy *string `pulumi:"policy"`
}

type RoleInlinePolicyArgs

type RoleInlinePolicyArgs struct {
	// Name of the role policy.
	Name pulumi.StringPtrInput `pulumi:"name"`
	// Policy document as a JSON formatted string.
	Policy pulumi.StringPtrInput `pulumi:"policy"`
}

func (RoleInlinePolicyArgs) ElementType

func (RoleInlinePolicyArgs) ElementType() reflect.Type

func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutput

func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput

func (RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext

func (i RoleInlinePolicyArgs) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput

type RoleInlinePolicyArray

type RoleInlinePolicyArray []RoleInlinePolicyInput

func (RoleInlinePolicyArray) ElementType

func (RoleInlinePolicyArray) ElementType() reflect.Type

func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput

func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput

func (RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext

func (i RoleInlinePolicyArray) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput

type RoleInlinePolicyArrayInput

type RoleInlinePolicyArrayInput interface {
	pulumi.Input

	ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput
	ToRoleInlinePolicyArrayOutputWithContext(context.Context) RoleInlinePolicyArrayOutput
}

RoleInlinePolicyArrayInput is an input type that accepts RoleInlinePolicyArray and RoleInlinePolicyArrayOutput values. You can construct a concrete instance of `RoleInlinePolicyArrayInput` via:

RoleInlinePolicyArray{ RoleInlinePolicyArgs{...} }

type RoleInlinePolicyArrayOutput

type RoleInlinePolicyArrayOutput struct{ *pulumi.OutputState }

func (RoleInlinePolicyArrayOutput) ElementType

func (RoleInlinePolicyArrayOutput) Index

func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput

func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutput() RoleInlinePolicyArrayOutput

func (RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext

func (o RoleInlinePolicyArrayOutput) ToRoleInlinePolicyArrayOutputWithContext(ctx context.Context) RoleInlinePolicyArrayOutput

type RoleInlinePolicyInput

type RoleInlinePolicyInput interface {
	pulumi.Input

	ToRoleInlinePolicyOutput() RoleInlinePolicyOutput
	ToRoleInlinePolicyOutputWithContext(context.Context) RoleInlinePolicyOutput
}

RoleInlinePolicyInput is an input type that accepts RoleInlinePolicyArgs and RoleInlinePolicyOutput values. You can construct a concrete instance of `RoleInlinePolicyInput` via:

RoleInlinePolicyArgs{...}

type RoleInlinePolicyOutput

type RoleInlinePolicyOutput struct{ *pulumi.OutputState }

func (RoleInlinePolicyOutput) ElementType

func (RoleInlinePolicyOutput) ElementType() reflect.Type

func (RoleInlinePolicyOutput) Name

Name of the role policy.

func (RoleInlinePolicyOutput) Policy

Policy document as a JSON formatted string.

func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutput

func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutput() RoleInlinePolicyOutput

func (RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext

func (o RoleInlinePolicyOutput) ToRoleInlinePolicyOutputWithContext(ctx context.Context) RoleInlinePolicyOutput

type RoleInput

type RoleInput interface {
	pulumi.Input

	ToRoleOutput() RoleOutput
	ToRoleOutputWithContext(ctx context.Context) RoleOutput
}

type RoleMap

type RoleMap map[string]RoleInput

func (RoleMap) ElementType

func (RoleMap) ElementType() reflect.Type

func (RoleMap) ToRoleMapOutput

func (i RoleMap) ToRoleMapOutput() RoleMapOutput

func (RoleMap) ToRoleMapOutputWithContext

func (i RoleMap) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput

type RoleMapInput

type RoleMapInput interface {
	pulumi.Input

	ToRoleMapOutput() RoleMapOutput
	ToRoleMapOutputWithContext(context.Context) RoleMapOutput
}

RoleMapInput is an input type that accepts RoleMap and RoleMapOutput values. You can construct a concrete instance of `RoleMapInput` via:

RoleMap{ "key": RoleArgs{...} }

type RoleMapOutput

type RoleMapOutput struct{ *pulumi.OutputState }

func (RoleMapOutput) ElementType

func (RoleMapOutput) ElementType() reflect.Type

func (RoleMapOutput) MapIndex

func (RoleMapOutput) ToRoleMapOutput

func (o RoleMapOutput) ToRoleMapOutput() RoleMapOutput

func (RoleMapOutput) ToRoleMapOutputWithContext

func (o RoleMapOutput) ToRoleMapOutputWithContext(ctx context.Context) RoleMapOutput

type RoleOutput

type RoleOutput struct{ *pulumi.OutputState }

func (RoleOutput) Arn

func (o RoleOutput) Arn() pulumi.StringOutput

Amazon Resource Name (ARN) specifying the role.

func (RoleOutput) AssumeRolePolicy

func (o RoleOutput) AssumeRolePolicy() pulumi.StringOutput

Policy that grants an entity permission to assume the role.

> **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource. However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works.

The following arguments are optional:

func (RoleOutput) CreateDate

func (o RoleOutput) CreateDate() pulumi.StringOutput

Creation date of the IAM role.

func (RoleOutput) Description

func (o RoleOutput) Description() pulumi.StringPtrOutput

Description of the role.

func (RoleOutput) ElementType

func (RoleOutput) ElementType() reflect.Type

func (RoleOutput) ForceDetachPolicies

func (o RoleOutput) ForceDetachPolicies() pulumi.BoolPtrOutput

Whether to force detaching any policies the role has before destroying it. Defaults to `false`.

func (RoleOutput) InlinePolicies

func (o RoleOutput) InlinePolicies() RoleInlinePolicyArrayOutput

Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.

func (RoleOutput) ManagedPolicyArns

func (o RoleOutput) ManagedPolicyArns() pulumi.StringArrayOutput

func (RoleOutput) MaxSessionDuration

func (o RoleOutput) MaxSessionDuration() pulumi.IntPtrOutput

Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.

func (RoleOutput) Name

func (o RoleOutput) Name() pulumi.StringOutput

Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.

func (RoleOutput) NamePrefix

func (o RoleOutput) NamePrefix() pulumi.StringOutput

Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.

func (RoleOutput) Path

Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.

func (RoleOutput) PermissionsBoundary

func (o RoleOutput) PermissionsBoundary() pulumi.StringPtrOutput

ARN of the policy that is used to set the permissions boundary for the role.

func (RoleOutput) Tags

Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (RoleOutput) TagsAll

func (o RoleOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (RoleOutput) ToRoleOutput

func (o RoleOutput) ToRoleOutput() RoleOutput

func (RoleOutput) ToRoleOutputWithContext

func (o RoleOutput) ToRoleOutputWithContext(ctx context.Context) RoleOutput

func (RoleOutput) UniqueId

func (o RoleOutput) UniqueId() pulumi.StringOutput

Stable and unique string identifying the role.

type RolePolicy

type RolePolicy struct {
	pulumi.CustomResourceState

	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide
	Policy pulumi.StringOutput `pulumi:"policy"`
	// The name of the IAM role to attach to the policy.
	Role pulumi.StringOutput `pulumi:"role"`
}

Provides an IAM role inline policy.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `inlinePolicy` argument. When using that argument and this resource, both will attempt to manage the role's inline policies and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": "sts:AssumeRole",
					"Effect": "Allow",
					"Sid":    "",
					"Principal": map[string]interface{}{
						"Service": "ec2.amazonaws.com",
					},
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		testRole, err := iam.NewRole(ctx, "testRole", &iam.RoleArgs{
			AssumeRolePolicy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		tmpJSON1, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json1 := string(tmpJSON1)
		_, err = iam.NewRolePolicy(ctx, "testPolicy", &iam.RolePolicyArgs{
			Role:   testRole.ID(),
			Policy: pulumi.String(json1),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Role Policies can be imported using the `role_name:role_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/rolePolicy:RolePolicy mypolicy role_of_mypolicy_name:mypolicy_name

```

func GetRolePolicy

func GetRolePolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RolePolicyState, opts ...pulumi.ResourceOption) (*RolePolicy, error)

GetRolePolicy gets an existing RolePolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicy

func NewRolePolicy(ctx *pulumi.Context,
	name string, args *RolePolicyArgs, opts ...pulumi.ResourceOption) (*RolePolicy, error)

NewRolePolicy registers a new resource with the given unique name, arguments, and options.

func (*RolePolicy) ElementType

func (*RolePolicy) ElementType() reflect.Type

func (*RolePolicy) ToRolePolicyOutput

func (i *RolePolicy) ToRolePolicyOutput() RolePolicyOutput

func (*RolePolicy) ToRolePolicyOutputWithContext

func (i *RolePolicy) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput

type RolePolicyArgs

type RolePolicyArgs struct {
	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide
	Policy pulumi.Input
	// The name of the IAM role to attach to the policy.
	Role pulumi.Input
}

The set of arguments for constructing a RolePolicy resource.

func (RolePolicyArgs) ElementType

func (RolePolicyArgs) ElementType() reflect.Type

type RolePolicyArray

type RolePolicyArray []RolePolicyInput

func (RolePolicyArray) ElementType

func (RolePolicyArray) ElementType() reflect.Type

func (RolePolicyArray) ToRolePolicyArrayOutput

func (i RolePolicyArray) ToRolePolicyArrayOutput() RolePolicyArrayOutput

func (RolePolicyArray) ToRolePolicyArrayOutputWithContext

func (i RolePolicyArray) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput

type RolePolicyArrayInput

type RolePolicyArrayInput interface {
	pulumi.Input

	ToRolePolicyArrayOutput() RolePolicyArrayOutput
	ToRolePolicyArrayOutputWithContext(context.Context) RolePolicyArrayOutput
}

RolePolicyArrayInput is an input type that accepts RolePolicyArray and RolePolicyArrayOutput values. You can construct a concrete instance of `RolePolicyArrayInput` via:

RolePolicyArray{ RolePolicyArgs{...} }

type RolePolicyArrayOutput

type RolePolicyArrayOutput struct{ *pulumi.OutputState }

func (RolePolicyArrayOutput) ElementType

func (RolePolicyArrayOutput) ElementType() reflect.Type

func (RolePolicyArrayOutput) Index

func (RolePolicyArrayOutput) ToRolePolicyArrayOutput

func (o RolePolicyArrayOutput) ToRolePolicyArrayOutput() RolePolicyArrayOutput

func (RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext

func (o RolePolicyArrayOutput) ToRolePolicyArrayOutputWithContext(ctx context.Context) RolePolicyArrayOutput

type RolePolicyAttachment

type RolePolicyAttachment struct {
	pulumi.CustomResourceState

	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The name of the IAM role to which the policy should be applied
	Role pulumi.StringOutput `pulumi:"role"`
}

Attaches a Managed IAM Policy to an IAM role

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

> **NOTE:** For a given role, this resource is incompatible with using the `iam.Role` resource `managedPolicyArns` argument. When using that argument and this resource, both will attempt to manage the role's managed policy attachments and the provider will show a permanent difference.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"ec2.amazonaws.com",
							},
						},
					},
					Actions: []string{
						"sts:AssumeRole",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
			AssumeRolePolicy: *pulumi.String(assumeRole.Json),
		})
		if err != nil {
			return err
		}
		policyPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Actions: []string{
						"ec2:Describe*",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		policyPolicy, err := iam.NewPolicy(ctx, "policyPolicy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      *pulumi.String(policyPolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRolePolicyAttachment(ctx, "test-attach", &iam.RolePolicyAttachmentArgs{
			Role:      role.Name,
			PolicyArn: policyPolicy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM role policy attachments can be imported using the role name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/rolePolicyAttachment:RolePolicyAttachment test-attach test-role/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetRolePolicyAttachment

func GetRolePolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RolePolicyAttachmentState, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)

GetRolePolicyAttachment gets an existing RolePolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicyAttachment

func NewRolePolicyAttachment(ctx *pulumi.Context,
	name string, args *RolePolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*RolePolicyAttachment, error)

NewRolePolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*RolePolicyAttachment) ElementType

func (*RolePolicyAttachment) ElementType() reflect.Type

func (*RolePolicyAttachment) ToRolePolicyAttachmentOutput

func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput

func (*RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext

func (i *RolePolicyAttachment) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput

type RolePolicyAttachmentArgs

type RolePolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The name of the IAM role to which the policy should be applied
	Role pulumi.Input
}

The set of arguments for constructing a RolePolicyAttachment resource.

func (RolePolicyAttachmentArgs) ElementType

func (RolePolicyAttachmentArgs) ElementType() reflect.Type

type RolePolicyAttachmentArray

type RolePolicyAttachmentArray []RolePolicyAttachmentInput

func (RolePolicyAttachmentArray) ElementType

func (RolePolicyAttachmentArray) ElementType() reflect.Type

func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput

func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput

func (RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext

func (i RolePolicyAttachmentArray) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentArrayInput

type RolePolicyAttachmentArrayInput interface {
	pulumi.Input

	ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput
	ToRolePolicyAttachmentArrayOutputWithContext(context.Context) RolePolicyAttachmentArrayOutput
}

RolePolicyAttachmentArrayInput is an input type that accepts RolePolicyAttachmentArray and RolePolicyAttachmentArrayOutput values. You can construct a concrete instance of `RolePolicyAttachmentArrayInput` via:

RolePolicyAttachmentArray{ RolePolicyAttachmentArgs{...} }

type RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentArrayOutput) ElementType

func (RolePolicyAttachmentArrayOutput) Index

func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput

func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutput() RolePolicyAttachmentArrayOutput

func (RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext

func (o RolePolicyAttachmentArrayOutput) ToRolePolicyAttachmentArrayOutputWithContext(ctx context.Context) RolePolicyAttachmentArrayOutput

type RolePolicyAttachmentInput

type RolePolicyAttachmentInput interface {
	pulumi.Input

	ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput
	ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput
}

type RolePolicyAttachmentMap

type RolePolicyAttachmentMap map[string]RolePolicyAttachmentInput

func (RolePolicyAttachmentMap) ElementType

func (RolePolicyAttachmentMap) ElementType() reflect.Type

func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput

func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput

func (RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext

func (i RolePolicyAttachmentMap) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput

type RolePolicyAttachmentMapInput

type RolePolicyAttachmentMapInput interface {
	pulumi.Input

	ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput
	ToRolePolicyAttachmentMapOutputWithContext(context.Context) RolePolicyAttachmentMapOutput
}

RolePolicyAttachmentMapInput is an input type that accepts RolePolicyAttachmentMap and RolePolicyAttachmentMapOutput values. You can construct a concrete instance of `RolePolicyAttachmentMapInput` via:

RolePolicyAttachmentMap{ "key": RolePolicyAttachmentArgs{...} }

type RolePolicyAttachmentMapOutput

type RolePolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentMapOutput) ElementType

func (RolePolicyAttachmentMapOutput) MapIndex

func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput

func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutput() RolePolicyAttachmentMapOutput

func (RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext

func (o RolePolicyAttachmentMapOutput) ToRolePolicyAttachmentMapOutputWithContext(ctx context.Context) RolePolicyAttachmentMapOutput

type RolePolicyAttachmentOutput

type RolePolicyAttachmentOutput struct{ *pulumi.OutputState }

func (RolePolicyAttachmentOutput) ElementType

func (RolePolicyAttachmentOutput) ElementType() reflect.Type

func (RolePolicyAttachmentOutput) PolicyArn

The ARN of the policy you want to apply

func (RolePolicyAttachmentOutput) Role

The name of the IAM role to which the policy should be applied

func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput

func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutput() RolePolicyAttachmentOutput

func (RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext

func (o RolePolicyAttachmentOutput) ToRolePolicyAttachmentOutputWithContext(ctx context.Context) RolePolicyAttachmentOutput

type RolePolicyAttachmentState

type RolePolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The name of the IAM role to which the policy should be applied
	Role pulumi.Input
}

func (RolePolicyAttachmentState) ElementType

func (RolePolicyAttachmentState) ElementType() reflect.Type

type RolePolicyInput

type RolePolicyInput interface {
	pulumi.Input

	ToRolePolicyOutput() RolePolicyOutput
	ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput
}

type RolePolicyMap

type RolePolicyMap map[string]RolePolicyInput

func (RolePolicyMap) ElementType

func (RolePolicyMap) ElementType() reflect.Type

func (RolePolicyMap) ToRolePolicyMapOutput

func (i RolePolicyMap) ToRolePolicyMapOutput() RolePolicyMapOutput

func (RolePolicyMap) ToRolePolicyMapOutputWithContext

func (i RolePolicyMap) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput

type RolePolicyMapInput

type RolePolicyMapInput interface {
	pulumi.Input

	ToRolePolicyMapOutput() RolePolicyMapOutput
	ToRolePolicyMapOutputWithContext(context.Context) RolePolicyMapOutput
}

RolePolicyMapInput is an input type that accepts RolePolicyMap and RolePolicyMapOutput values. You can construct a concrete instance of `RolePolicyMapInput` via:

RolePolicyMap{ "key": RolePolicyArgs{...} }

type RolePolicyMapOutput

type RolePolicyMapOutput struct{ *pulumi.OutputState }

func (RolePolicyMapOutput) ElementType

func (RolePolicyMapOutput) ElementType() reflect.Type

func (RolePolicyMapOutput) MapIndex

func (RolePolicyMapOutput) ToRolePolicyMapOutput

func (o RolePolicyMapOutput) ToRolePolicyMapOutput() RolePolicyMapOutput

func (RolePolicyMapOutput) ToRolePolicyMapOutputWithContext

func (o RolePolicyMapOutput) ToRolePolicyMapOutputWithContext(ctx context.Context) RolePolicyMapOutput

type RolePolicyOutput

type RolePolicyOutput struct{ *pulumi.OutputState }

func (RolePolicyOutput) ElementType

func (RolePolicyOutput) ElementType() reflect.Type

func (RolePolicyOutput) Name

The name of the role policy. If omitted, this provider will assign a random, unique name.

func (RolePolicyOutput) NamePrefix

func (o RolePolicyOutput) NamePrefix() pulumi.StringPtrOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (RolePolicyOutput) Policy

The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide

func (RolePolicyOutput) Role

The name of the IAM role to attach to the policy.

func (RolePolicyOutput) ToRolePolicyOutput

func (o RolePolicyOutput) ToRolePolicyOutput() RolePolicyOutput

func (RolePolicyOutput) ToRolePolicyOutputWithContext

func (o RolePolicyOutput) ToRolePolicyOutputWithContext(ctx context.Context) RolePolicyOutput

type RolePolicyState

type RolePolicyState struct {
	// The name of the role policy. If omitted, this provider will
	// assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The inline policy document. This is a JSON formatted string. For more information about building IAM policy documents with the provider, see the AWS IAM Policy Document Guide
	Policy pulumi.Input
	// The name of the IAM role to attach to the policy.
	Role pulumi.Input
}

func (RolePolicyState) ElementType

func (RolePolicyState) ElementType() reflect.Type

type RoleState

type RoleState struct {
	// Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringPtrInput
	// Policy that grants an entity permission to assume the role.
	//
	// > **NOTE:** The `assumeRolePolicy` is very similar to but slightly different than a standard IAM policy and cannot use an `iam.Policy` resource.  However, it _can_ use an `iam.getPolicyDocument` data source. See the example above of how this works.
	//
	// The following arguments are optional:
	AssumeRolePolicy pulumi.Input
	// Creation date of the IAM role.
	CreateDate pulumi.StringPtrInput
	// Description of the role.
	Description pulumi.StringPtrInput
	// Whether to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies pulumi.BoolPtrInput
	// Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, the provider will not manage any inline policies in this resource. Configuring one empty block (i.e., `inlinePolicy {}`) will cause the provider to remove _all_ inline policies added out of band on `apply`.
	InlinePolicies    RoleInlinePolicyArrayInput
	ManagedPolicyArns pulumi.StringArrayInput
	// Maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration pulumi.IntPtrInput
	// Friendly name of the role. If omitted, the provider will assign a random, unique name. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Name pulumi.StringPtrInput
	// Creates a unique friendly name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// Path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path pulumi.StringPtrInput
	// ARN of the policy that is used to set the permissions boundary for the role.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// Stable and unique string identifying the role.
	UniqueId pulumi.StringPtrInput
}

func (RoleState) ElementType

func (RoleState) ElementType() reflect.Type

type SamlProvider

type SamlProvider struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The name of the provider to create.
	Name pulumi.StringOutput `pulumi:"name"`
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringOutput `pulumi:"samlMetadataDocument"`
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.
	ValidUntil pulumi.StringOutput `pulumi:"validUntil"`
}

Provides an IAM SAML provider.

## Example Usage

```go package main

import (

"os"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewSamlProvider(ctx, "default", &iam.SamlProviderArgs{
			SamlMetadataDocument: readFileOrPanic("saml-metadata.xml"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM SAML Providers can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/samlProvider:SamlProvider default arn:aws:iam::123456789012:saml-provider/SAMLADFS

```

func GetSamlProvider

func GetSamlProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SamlProviderState, opts ...pulumi.ResourceOption) (*SamlProvider, error)

GetSamlProvider gets an existing SamlProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSamlProvider

func NewSamlProvider(ctx *pulumi.Context,
	name string, args *SamlProviderArgs, opts ...pulumi.ResourceOption) (*SamlProvider, error)

NewSamlProvider registers a new resource with the given unique name, arguments, and options.

func (*SamlProvider) ElementType

func (*SamlProvider) ElementType() reflect.Type

func (*SamlProvider) ToSamlProviderOutput

func (i *SamlProvider) ToSamlProviderOutput() SamlProviderOutput

func (*SamlProvider) ToSamlProviderOutputWithContext

func (i *SamlProvider) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput

type SamlProviderArgs

type SamlProviderArgs struct {
	// The name of the provider to create.
	Name pulumi.StringPtrInput
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringInput
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a SamlProvider resource.

func (SamlProviderArgs) ElementType

func (SamlProviderArgs) ElementType() reflect.Type

type SamlProviderArray

type SamlProviderArray []SamlProviderInput

func (SamlProviderArray) ElementType

func (SamlProviderArray) ElementType() reflect.Type

func (SamlProviderArray) ToSamlProviderArrayOutput

func (i SamlProviderArray) ToSamlProviderArrayOutput() SamlProviderArrayOutput

func (SamlProviderArray) ToSamlProviderArrayOutputWithContext

func (i SamlProviderArray) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput

type SamlProviderArrayInput

type SamlProviderArrayInput interface {
	pulumi.Input

	ToSamlProviderArrayOutput() SamlProviderArrayOutput
	ToSamlProviderArrayOutputWithContext(context.Context) SamlProviderArrayOutput
}

SamlProviderArrayInput is an input type that accepts SamlProviderArray and SamlProviderArrayOutput values. You can construct a concrete instance of `SamlProviderArrayInput` via:

SamlProviderArray{ SamlProviderArgs{...} }

type SamlProviderArrayOutput

type SamlProviderArrayOutput struct{ *pulumi.OutputState }

func (SamlProviderArrayOutput) ElementType

func (SamlProviderArrayOutput) ElementType() reflect.Type

func (SamlProviderArrayOutput) Index

func (SamlProviderArrayOutput) ToSamlProviderArrayOutput

func (o SamlProviderArrayOutput) ToSamlProviderArrayOutput() SamlProviderArrayOutput

func (SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext

func (o SamlProviderArrayOutput) ToSamlProviderArrayOutputWithContext(ctx context.Context) SamlProviderArrayOutput

type SamlProviderInput

type SamlProviderInput interface {
	pulumi.Input

	ToSamlProviderOutput() SamlProviderOutput
	ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput
}

type SamlProviderMap

type SamlProviderMap map[string]SamlProviderInput

func (SamlProviderMap) ElementType

func (SamlProviderMap) ElementType() reflect.Type

func (SamlProviderMap) ToSamlProviderMapOutput

func (i SamlProviderMap) ToSamlProviderMapOutput() SamlProviderMapOutput

func (SamlProviderMap) ToSamlProviderMapOutputWithContext

func (i SamlProviderMap) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput

type SamlProviderMapInput

type SamlProviderMapInput interface {
	pulumi.Input

	ToSamlProviderMapOutput() SamlProviderMapOutput
	ToSamlProviderMapOutputWithContext(context.Context) SamlProviderMapOutput
}

SamlProviderMapInput is an input type that accepts SamlProviderMap and SamlProviderMapOutput values. You can construct a concrete instance of `SamlProviderMapInput` via:

SamlProviderMap{ "key": SamlProviderArgs{...} }

type SamlProviderMapOutput

type SamlProviderMapOutput struct{ *pulumi.OutputState }

func (SamlProviderMapOutput) ElementType

func (SamlProviderMapOutput) ElementType() reflect.Type

func (SamlProviderMapOutput) MapIndex

func (SamlProviderMapOutput) ToSamlProviderMapOutput

func (o SamlProviderMapOutput) ToSamlProviderMapOutput() SamlProviderMapOutput

func (SamlProviderMapOutput) ToSamlProviderMapOutputWithContext

func (o SamlProviderMapOutput) ToSamlProviderMapOutputWithContext(ctx context.Context) SamlProviderMapOutput

type SamlProviderOutput

type SamlProviderOutput struct{ *pulumi.OutputState }

func (SamlProviderOutput) Arn

The ARN assigned by AWS for this provider.

func (SamlProviderOutput) ElementType

func (SamlProviderOutput) ElementType() reflect.Type

func (SamlProviderOutput) Name

The name of the provider to create.

func (SamlProviderOutput) SamlMetadataDocument

func (o SamlProviderOutput) SamlMetadataDocument() pulumi.StringOutput

An XML document generated by an identity provider that supports SAML 2.0.

func (SamlProviderOutput) Tags

Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (SamlProviderOutput) TagsAll

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (SamlProviderOutput) ToSamlProviderOutput

func (o SamlProviderOutput) ToSamlProviderOutput() SamlProviderOutput

func (SamlProviderOutput) ToSamlProviderOutputWithContext

func (o SamlProviderOutput) ToSamlProviderOutputWithContext(ctx context.Context) SamlProviderOutput

func (SamlProviderOutput) ValidUntil

func (o SamlProviderOutput) ValidUntil() pulumi.StringOutput

The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.

type SamlProviderState

type SamlProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn pulumi.StringPtrInput
	// The name of the provider to create.
	Name pulumi.StringPtrInput
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument pulumi.StringPtrInput
	// Map of resource tags for the IAM SAML provider. .If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The expiration date and time for the SAML provider in RFC1123 format, e.g., `Mon, 02 Jan 2006 15:04:05 MST`.
	ValidUntil pulumi.StringPtrInput
}

func (SamlProviderState) ElementType

func (SamlProviderState) ElementType() reflect.Type

type ServerCertificate

type ServerCertificate struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringOutput `pulumi:"certificateBody"`
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrOutput `pulumi:"certificateChain"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.
	Expiration pulumi.StringOutput `pulumi:"expiration"`
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringOutput `pulumi:"namePrefix"`
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringOutput `pulumi:"privateKey"`
	// Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	//
	// > **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.
	UploadDate pulumi.StringOutput `pulumi:"uploadDate"`
}

Provides an IAM Server Certificate resource to upload Server Certificates. Certs uploaded to IAM can easily work with other AWS services such as:

- AWS Elastic Beanstalk - Elastic Load Balancing - CloudFront - AWS OpsWorks

For information about server certificates in IAM, see [Managing Server Certificates][2] in AWS Documentation.

## Example Usage

**Using certs on file:**

```go package main

import (

"os"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{
			CertificateBody: readFileOrPanic("self-ca-cert.pem"),
			PrivateKey:      readFileOrPanic("test-key.pem"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

**Example with cert in-line:**

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServerCertificate(ctx, "testCertAlt", &iam.ServerCertificateArgs{
			CertificateBody: pulumi.String("-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\n"),
			PrivateKey:      pulumi.String("-----BEGIN RSA PRIVATE KEY-----\n[......] # cert contents\n-----END RSA PRIVATE KEY-----\n\n"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

**Use in combination with an AWS ELB resource:**

Some properties of an IAM Server Certificates cannot be updated while they are in use. In order for the provider to effectively manage a Certificate in this situation, it is recommended you utilize the `namePrefix` attribute and enable the `createBeforeDestroy`. This will allow this provider to create a new, updated `iam.ServerCertificate` resource and replace it in dependant resources before attempting to destroy the old version.

```go package main

import (

"os"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elb"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		testCert, err := iam.NewServerCertificate(ctx, "testCert", &iam.ServerCertificateArgs{
			NamePrefix:      pulumi.String("example-cert"),
			CertificateBody: readFileOrPanic("self-ca-cert.pem"),
			PrivateKey:      readFileOrPanic("test-key.pem"),
		})
		if err != nil {
			return err
		}
		_, err = elb.NewLoadBalancer(ctx, "ourapp", &elb.LoadBalancerArgs{
			AvailabilityZones: pulumi.StringArray{
				pulumi.String("us-west-2a"),
			},
			CrossZoneLoadBalancing: pulumi.Bool(true),
			Listeners: elb.LoadBalancerListenerArray{
				&elb.LoadBalancerListenerArgs{
					InstancePort:     pulumi.Int(8000),
					InstanceProtocol: pulumi.String("http"),
					LbPort:           pulumi.Int(443),
					LbProtocol:       pulumi.String("https"),
					SslCertificateId: testCert.Arn,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Server Certificates can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/serverCertificate:ServerCertificate certificate example.com-certificate-until-2018

```

[1]https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html [2]https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html

func GetServerCertificate

func GetServerCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServerCertificateState, opts ...pulumi.ResourceOption) (*ServerCertificate, error)

GetServerCertificate gets an existing ServerCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerCertificate

func NewServerCertificate(ctx *pulumi.Context,
	name string, args *ServerCertificateArgs, opts ...pulumi.ResourceOption) (*ServerCertificate, error)

NewServerCertificate registers a new resource with the given unique name, arguments, and options.

func (*ServerCertificate) ElementType

func (*ServerCertificate) ElementType() reflect.Type

func (*ServerCertificate) ToServerCertificateOutput

func (i *ServerCertificate) ToServerCertificateOutput() ServerCertificateOutput

func (*ServerCertificate) ToServerCertificateOutputWithContext

func (i *ServerCertificate) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput

type ServerCertificateArgs

type ServerCertificateArgs struct {
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringInput
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrInput
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrInput
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringInput
	// Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	//
	// > **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a ServerCertificate resource.

func (ServerCertificateArgs) ElementType

func (ServerCertificateArgs) ElementType() reflect.Type

type ServerCertificateArray

type ServerCertificateArray []ServerCertificateInput

func (ServerCertificateArray) ElementType

func (ServerCertificateArray) ElementType() reflect.Type

func (ServerCertificateArray) ToServerCertificateArrayOutput

func (i ServerCertificateArray) ToServerCertificateArrayOutput() ServerCertificateArrayOutput

func (ServerCertificateArray) ToServerCertificateArrayOutputWithContext

func (i ServerCertificateArray) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput

type ServerCertificateArrayInput

type ServerCertificateArrayInput interface {
	pulumi.Input

	ToServerCertificateArrayOutput() ServerCertificateArrayOutput
	ToServerCertificateArrayOutputWithContext(context.Context) ServerCertificateArrayOutput
}

ServerCertificateArrayInput is an input type that accepts ServerCertificateArray and ServerCertificateArrayOutput values. You can construct a concrete instance of `ServerCertificateArrayInput` via:

ServerCertificateArray{ ServerCertificateArgs{...} }

type ServerCertificateArrayOutput

type ServerCertificateArrayOutput struct{ *pulumi.OutputState }

func (ServerCertificateArrayOutput) ElementType

func (ServerCertificateArrayOutput) Index

func (ServerCertificateArrayOutput) ToServerCertificateArrayOutput

func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutput() ServerCertificateArrayOutput

func (ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext

func (o ServerCertificateArrayOutput) ToServerCertificateArrayOutputWithContext(ctx context.Context) ServerCertificateArrayOutput

type ServerCertificateInput

type ServerCertificateInput interface {
	pulumi.Input

	ToServerCertificateOutput() ServerCertificateOutput
	ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput
}

type ServerCertificateMap

type ServerCertificateMap map[string]ServerCertificateInput

func (ServerCertificateMap) ElementType

func (ServerCertificateMap) ElementType() reflect.Type

func (ServerCertificateMap) ToServerCertificateMapOutput

func (i ServerCertificateMap) ToServerCertificateMapOutput() ServerCertificateMapOutput

func (ServerCertificateMap) ToServerCertificateMapOutputWithContext

func (i ServerCertificateMap) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput

type ServerCertificateMapInput

type ServerCertificateMapInput interface {
	pulumi.Input

	ToServerCertificateMapOutput() ServerCertificateMapOutput
	ToServerCertificateMapOutputWithContext(context.Context) ServerCertificateMapOutput
}

ServerCertificateMapInput is an input type that accepts ServerCertificateMap and ServerCertificateMapOutput values. You can construct a concrete instance of `ServerCertificateMapInput` via:

ServerCertificateMap{ "key": ServerCertificateArgs{...} }

type ServerCertificateMapOutput

type ServerCertificateMapOutput struct{ *pulumi.OutputState }

func (ServerCertificateMapOutput) ElementType

func (ServerCertificateMapOutput) ElementType() reflect.Type

func (ServerCertificateMapOutput) MapIndex

func (ServerCertificateMapOutput) ToServerCertificateMapOutput

func (o ServerCertificateMapOutput) ToServerCertificateMapOutput() ServerCertificateMapOutput

func (ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext

func (o ServerCertificateMapOutput) ToServerCertificateMapOutputWithContext(ctx context.Context) ServerCertificateMapOutput

type ServerCertificateOutput

type ServerCertificateOutput struct{ *pulumi.OutputState }

func (ServerCertificateOutput) Arn

The Amazon Resource Name (ARN) specifying the server certificate.

func (ServerCertificateOutput) CertificateBody

func (o ServerCertificateOutput) CertificateBody() pulumi.StringOutput

The contents of the public key certificate in PEM-encoded format.

func (ServerCertificateOutput) CertificateChain

func (o ServerCertificateOutput) CertificateChain() pulumi.StringPtrOutput

The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.

func (ServerCertificateOutput) ElementType

func (ServerCertificateOutput) ElementType() reflect.Type

func (ServerCertificateOutput) Expiration

Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.

func (ServerCertificateOutput) Name

The name of the Server Certificate. Do not include the path in this value. If omitted, the provider will assign a random, unique name.

func (ServerCertificateOutput) NamePrefix

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (ServerCertificateOutput) Path

The IAM path for the server certificate. If it is not included, it defaults to a slash (/). If this certificate is for use with AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.

func (ServerCertificateOutput) PrivateKey

The contents of the private key in PEM-encoded format.

func (ServerCertificateOutput) Tags

Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

> **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.

func (ServerCertificateOutput) TagsAll

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (ServerCertificateOutput) ToServerCertificateOutput

func (o ServerCertificateOutput) ToServerCertificateOutput() ServerCertificateOutput

func (ServerCertificateOutput) ToServerCertificateOutputWithContext

func (o ServerCertificateOutput) ToServerCertificateOutputWithContext(ctx context.Context) ServerCertificateOutput

func (ServerCertificateOutput) UploadDate

Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.

type ServerCertificateState

type ServerCertificateState struct {
	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn pulumi.StringPtrInput
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody pulumi.StringPtrInput
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain pulumi.StringPtrInput
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) on which the certificate is set to expire.
	Expiration pulumi.StringPtrInput
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more details on IAM Paths.
	Path pulumi.StringPtrInput
	// The contents of the private key in PEM-encoded format.
	PrivateKey pulumi.StringPtrInput
	// Map of resource tags for the server certificate. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	//
	// > **NOTE:** AWS performs behind-the-scenes modifications to some certificate files if they do not adhere to a specific format. These modifications will result in this provider forever believing that it needs to update the resources since the local and AWS file contents will not match after theses modifications occur. In order to prevent this from happening you must ensure that all your PEM-encoded files use UNIX line-breaks and that `certificateBody` contains only one certificate. All other certificates should go in `certificateChain`. It is common for some Certificate Authorities to issue certificate files that have DOS line-breaks and that are actually multiple certificates concatenated together in order to form a full certificate chain.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// Date and time in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8) when the server certificate was uploaded.
	UploadDate pulumi.StringPtrInput
}

func (ServerCertificateState) ElementType

func (ServerCertificateState) ElementType() reflect.Type

type ServiceLinkedRole

type ServiceLinkedRole struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringOutput `pulumi:"awsServiceName"`
	// The creation date of the IAM role.
	CreateDate pulumi.StringOutput `pulumi:"createDate"`
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrOutput `pulumi:"customSuffix"`
	// The description of the role.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The name of the role.
	Name pulumi.StringOutput `pulumi:"name"`
	// The path of the role.
	Path pulumi.StringOutput `pulumi:"path"`
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The stable and unique string identifying the role.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an [IAM service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewServiceLinkedRole(ctx, "elasticbeanstalk", &iam.ServiceLinkedRoleArgs{
			AwsServiceName: pulumi.String("elasticbeanstalk.amazonaws.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM service-linked roles can be imported using role ARN, e.g.,

```sh

$ pulumi import aws:iam/serviceLinkedRole:ServiceLinkedRole elasticbeanstalk arn:aws:iam::123456789012:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk

```

func GetServiceLinkedRole

func GetServiceLinkedRole(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServiceLinkedRoleState, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)

GetServiceLinkedRole gets an existing ServiceLinkedRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServiceLinkedRole

func NewServiceLinkedRole(ctx *pulumi.Context,
	name string, args *ServiceLinkedRoleArgs, opts ...pulumi.ResourceOption) (*ServiceLinkedRole, error)

NewServiceLinkedRole registers a new resource with the given unique name, arguments, and options.

func (*ServiceLinkedRole) ElementType

func (*ServiceLinkedRole) ElementType() reflect.Type

func (*ServiceLinkedRole) ToServiceLinkedRoleOutput

func (i *ServiceLinkedRole) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput

func (*ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext

func (i *ServiceLinkedRole) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput

type ServiceLinkedRoleArgs

type ServiceLinkedRoleArgs struct {
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringInput
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrInput
	// The description of the role.
	Description pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a ServiceLinkedRole resource.

func (ServiceLinkedRoleArgs) ElementType

func (ServiceLinkedRoleArgs) ElementType() reflect.Type

type ServiceLinkedRoleArray

type ServiceLinkedRoleArray []ServiceLinkedRoleInput

func (ServiceLinkedRoleArray) ElementType

func (ServiceLinkedRoleArray) ElementType() reflect.Type

func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput

func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput

func (ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext

func (i ServiceLinkedRoleArray) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleArrayInput

type ServiceLinkedRoleArrayInput interface {
	pulumi.Input

	ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput
	ToServiceLinkedRoleArrayOutputWithContext(context.Context) ServiceLinkedRoleArrayOutput
}

ServiceLinkedRoleArrayInput is an input type that accepts ServiceLinkedRoleArray and ServiceLinkedRoleArrayOutput values. You can construct a concrete instance of `ServiceLinkedRoleArrayInput` via:

ServiceLinkedRoleArray{ ServiceLinkedRoleArgs{...} }

type ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleArrayOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleArrayOutput) ElementType

func (ServiceLinkedRoleArrayOutput) Index

func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput

func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutput() ServiceLinkedRoleArrayOutput

func (ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext

func (o ServiceLinkedRoleArrayOutput) ToServiceLinkedRoleArrayOutputWithContext(ctx context.Context) ServiceLinkedRoleArrayOutput

type ServiceLinkedRoleInput

type ServiceLinkedRoleInput interface {
	pulumi.Input

	ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput
	ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput
}

type ServiceLinkedRoleMap

type ServiceLinkedRoleMap map[string]ServiceLinkedRoleInput

func (ServiceLinkedRoleMap) ElementType

func (ServiceLinkedRoleMap) ElementType() reflect.Type

func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput

func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput

func (ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext

func (i ServiceLinkedRoleMap) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput

type ServiceLinkedRoleMapInput

type ServiceLinkedRoleMapInput interface {
	pulumi.Input

	ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput
	ToServiceLinkedRoleMapOutputWithContext(context.Context) ServiceLinkedRoleMapOutput
}

ServiceLinkedRoleMapInput is an input type that accepts ServiceLinkedRoleMap and ServiceLinkedRoleMapOutput values. You can construct a concrete instance of `ServiceLinkedRoleMapInput` via:

ServiceLinkedRoleMap{ "key": ServiceLinkedRoleArgs{...} }

type ServiceLinkedRoleMapOutput

type ServiceLinkedRoleMapOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleMapOutput) ElementType

func (ServiceLinkedRoleMapOutput) ElementType() reflect.Type

func (ServiceLinkedRoleMapOutput) MapIndex

func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput

func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutput() ServiceLinkedRoleMapOutput

func (ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext

func (o ServiceLinkedRoleMapOutput) ToServiceLinkedRoleMapOutputWithContext(ctx context.Context) ServiceLinkedRoleMapOutput

type ServiceLinkedRoleOutput

type ServiceLinkedRoleOutput struct{ *pulumi.OutputState }

func (ServiceLinkedRoleOutput) Arn

The Amazon Resource Name (ARN) specifying the role.

func (ServiceLinkedRoleOutput) AwsServiceName

func (o ServiceLinkedRoleOutput) AwsServiceName() pulumi.StringOutput

The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).

func (ServiceLinkedRoleOutput) CreateDate

The creation date of the IAM role.

func (ServiceLinkedRoleOutput) CustomSuffix

Additional string appended to the role name. Not all AWS services support custom suffixes.

func (ServiceLinkedRoleOutput) Description

The description of the role.

func (ServiceLinkedRoleOutput) ElementType

func (ServiceLinkedRoleOutput) ElementType() reflect.Type

func (ServiceLinkedRoleOutput) Name

The name of the role.

func (ServiceLinkedRoleOutput) Path

The path of the role.

func (ServiceLinkedRoleOutput) Tags

Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (ServiceLinkedRoleOutput) TagsAll

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput

func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutput() ServiceLinkedRoleOutput

func (ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext

func (o ServiceLinkedRoleOutput) ToServiceLinkedRoleOutputWithContext(ctx context.Context) ServiceLinkedRoleOutput

func (ServiceLinkedRoleOutput) UniqueId

The stable and unique string identifying the role.

type ServiceLinkedRoleState

type ServiceLinkedRoleState struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn pulumi.StringPtrInput
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName pulumi.StringPtrInput
	// The creation date of the IAM role.
	CreateDate pulumi.StringPtrInput
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix pulumi.StringPtrInput
	// The description of the role.
	Description pulumi.StringPtrInput
	// The name of the role.
	Name pulumi.StringPtrInput
	// The path of the role.
	Path pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM role. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The stable and unique string identifying the role.
	UniqueId pulumi.StringPtrInput
}

func (ServiceLinkedRoleState) ElementType

func (ServiceLinkedRoleState) ElementType() reflect.Type

type ServiceSpecificCredential

type ServiceSpecificCredential struct {
	pulumi.CustomResourceState

	// The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.
	ServiceName pulumi.StringOutput `pulumi:"serviceName"`
	// The generated password for the service-specific credential.
	ServicePassword pulumi.StringOutput `pulumi:"servicePassword"`
	// The unique identifier for the service-specific credential.
	ServiceSpecificCredentialId pulumi.StringOutput `pulumi:"serviceSpecificCredentialId"`
	// The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.
	ServiceUserName pulumi.StringOutput `pulumi:"serviceUserName"`
	// The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.
	UserName pulumi.StringOutput `pulumi:"userName"`
}

Provides an IAM Service Specific Credential.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleUser, err := iam.NewUser(ctx, "exampleUser", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewServiceSpecificCredential(ctx, "exampleServiceSpecificCredential", &iam.ServiceSpecificCredentialArgs{
			ServiceName: pulumi.String("codecommit.amazonaws.com"),
			UserName:    exampleUser.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Service Specific Credentials can be imported using the `service_name:user_name:service_specific_credential_id`, e.g.

```sh

$ pulumi import aws:iam/serviceSpecificCredential:ServiceSpecificCredential default `codecommit.amazonaws.com:example:some-id`

```

func GetServiceSpecificCredential

func GetServiceSpecificCredential(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ServiceSpecificCredentialState, opts ...pulumi.ResourceOption) (*ServiceSpecificCredential, error)

GetServiceSpecificCredential gets an existing ServiceSpecificCredential resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServiceSpecificCredential

func NewServiceSpecificCredential(ctx *pulumi.Context,
	name string, args *ServiceSpecificCredentialArgs, opts ...pulumi.ResourceOption) (*ServiceSpecificCredential, error)

NewServiceSpecificCredential registers a new resource with the given unique name, arguments, and options.

func (*ServiceSpecificCredential) ElementType

func (*ServiceSpecificCredential) ElementType() reflect.Type

func (*ServiceSpecificCredential) ToServiceSpecificCredentialOutput

func (i *ServiceSpecificCredential) ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput

func (*ServiceSpecificCredential) ToServiceSpecificCredentialOutputWithContext

func (i *ServiceSpecificCredential) ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput

type ServiceSpecificCredentialArgs

type ServiceSpecificCredentialArgs struct {
	// The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.
	ServiceName pulumi.StringInput
	// The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.
	UserName pulumi.StringInput
}

The set of arguments for constructing a ServiceSpecificCredential resource.

func (ServiceSpecificCredentialArgs) ElementType

type ServiceSpecificCredentialArray

type ServiceSpecificCredentialArray []ServiceSpecificCredentialInput

func (ServiceSpecificCredentialArray) ElementType

func (ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutput

func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput

func (ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutputWithContext

func (i ServiceSpecificCredentialArray) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput

type ServiceSpecificCredentialArrayInput

type ServiceSpecificCredentialArrayInput interface {
	pulumi.Input

	ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput
	ToServiceSpecificCredentialArrayOutputWithContext(context.Context) ServiceSpecificCredentialArrayOutput
}

ServiceSpecificCredentialArrayInput is an input type that accepts ServiceSpecificCredentialArray and ServiceSpecificCredentialArrayOutput values. You can construct a concrete instance of `ServiceSpecificCredentialArrayInput` via:

ServiceSpecificCredentialArray{ ServiceSpecificCredentialArgs{...} }

type ServiceSpecificCredentialArrayOutput

type ServiceSpecificCredentialArrayOutput struct{ *pulumi.OutputState }

func (ServiceSpecificCredentialArrayOutput) ElementType

func (ServiceSpecificCredentialArrayOutput) Index

func (ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutput

func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutput() ServiceSpecificCredentialArrayOutput

func (ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutputWithContext

func (o ServiceSpecificCredentialArrayOutput) ToServiceSpecificCredentialArrayOutputWithContext(ctx context.Context) ServiceSpecificCredentialArrayOutput

type ServiceSpecificCredentialInput

type ServiceSpecificCredentialInput interface {
	pulumi.Input

	ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput
	ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput
}

type ServiceSpecificCredentialMap

type ServiceSpecificCredentialMap map[string]ServiceSpecificCredentialInput

func (ServiceSpecificCredentialMap) ElementType

func (ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutput

func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput

func (ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutputWithContext

func (i ServiceSpecificCredentialMap) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput

type ServiceSpecificCredentialMapInput

type ServiceSpecificCredentialMapInput interface {
	pulumi.Input

	ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput
	ToServiceSpecificCredentialMapOutputWithContext(context.Context) ServiceSpecificCredentialMapOutput
}

ServiceSpecificCredentialMapInput is an input type that accepts ServiceSpecificCredentialMap and ServiceSpecificCredentialMapOutput values. You can construct a concrete instance of `ServiceSpecificCredentialMapInput` via:

ServiceSpecificCredentialMap{ "key": ServiceSpecificCredentialArgs{...} }

type ServiceSpecificCredentialMapOutput

type ServiceSpecificCredentialMapOutput struct{ *pulumi.OutputState }

func (ServiceSpecificCredentialMapOutput) ElementType

func (ServiceSpecificCredentialMapOutput) MapIndex

func (ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutput

func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutput() ServiceSpecificCredentialMapOutput

func (ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutputWithContext

func (o ServiceSpecificCredentialMapOutput) ToServiceSpecificCredentialMapOutputWithContext(ctx context.Context) ServiceSpecificCredentialMapOutput

type ServiceSpecificCredentialOutput

type ServiceSpecificCredentialOutput struct{ *pulumi.OutputState }

func (ServiceSpecificCredentialOutput) ElementType

func (ServiceSpecificCredentialOutput) ServiceName

The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.

func (ServiceSpecificCredentialOutput) ServicePassword

The generated password for the service-specific credential.

func (ServiceSpecificCredentialOutput) ServiceSpecificCredentialId

func (o ServiceSpecificCredentialOutput) ServiceSpecificCredentialId() pulumi.StringOutput

The unique identifier for the service-specific credential.

func (ServiceSpecificCredentialOutput) ServiceUserName

The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.

func (ServiceSpecificCredentialOutput) Status

The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.

func (ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutput

func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutput() ServiceSpecificCredentialOutput

func (ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutputWithContext

func (o ServiceSpecificCredentialOutput) ToServiceSpecificCredentialOutputWithContext(ctx context.Context) ServiceSpecificCredentialOutput

func (ServiceSpecificCredentialOutput) UserName

The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.

type ServiceSpecificCredentialState

type ServiceSpecificCredentialState struct {
	// The name of the AWS service that is to be associated with the credentials. The service you specify here is the only service that can be accessed using these credentials.
	ServiceName pulumi.StringPtrInput
	// The generated password for the service-specific credential.
	ServicePassword pulumi.StringPtrInput
	// The unique identifier for the service-specific credential.
	ServiceSpecificCredentialId pulumi.StringPtrInput
	// The generated user name for the service-specific credential. This value is generated by combining the IAM user's name combined with the ID number of the AWS account, as in `jane-at-123456789012`, for example.
	ServiceUserName pulumi.StringPtrInput
	// The status to be assigned to the service-specific credential. Valid values are `Active` and `Inactive`. Default value is `Active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user that is to be associated with the credentials. The new service-specific credentials have the same permissions as the associated user except that they can be used only to access the specified service.
	UserName pulumi.StringPtrInput
}

func (ServiceSpecificCredentialState) ElementType

type SigningCertificate

type SigningCertificate struct {
	pulumi.CustomResourceState

	// The contents of the signing certificate in PEM-encoded format.
	CertificateBody pulumi.StringOutput `pulumi:"certificateBody"`
	// The ID for the signing certificate.
	CertificateId pulumi.StringOutput `pulumi:"certificateId"`
	// The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.
	Status pulumi.StringPtrOutput `pulumi:"status"`
	// The name of the user the signing certificate is for.
	UserName pulumi.StringOutput `pulumi:"userName"`
}

Provides an IAM Signing Certificate resource to upload Signing Certificates.

> **Note:** All arguments including the certificate body will be stored in the raw state as plain-text. ## Example Usage

**Using certs on file:**

```go package main

import (

"os"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewSigningCertificate(ctx, "testCert", &iam.SigningCertificateArgs{
			Username:        pulumi.String("some_test_cert"),
			CertificateBody: readFileOrPanic("self-ca-cert.pem"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

**Example with cert in-line:**

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewSigningCertificate(ctx, "testCertAlt", &iam.SigningCertificateArgs{
			CertificateBody: pulumi.String("-----BEGIN CERTIFICATE-----\n[......] # cert contents\n-----END CERTIFICATE-----\n\n"),
			Username:        pulumi.String("some_test_cert"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Signing Certificates can be imported using the `id`, e.g.,

```sh

$ pulumi import aws:iam/signingCertificate:SigningCertificate certificate IDIDIDIDID:user-name

```

func GetSigningCertificate

func GetSigningCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SigningCertificateState, opts ...pulumi.ResourceOption) (*SigningCertificate, error)

GetSigningCertificate gets an existing SigningCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSigningCertificate

func NewSigningCertificate(ctx *pulumi.Context,
	name string, args *SigningCertificateArgs, opts ...pulumi.ResourceOption) (*SigningCertificate, error)

NewSigningCertificate registers a new resource with the given unique name, arguments, and options.

func (*SigningCertificate) ElementType

func (*SigningCertificate) ElementType() reflect.Type

func (*SigningCertificate) ToSigningCertificateOutput

func (i *SigningCertificate) ToSigningCertificateOutput() SigningCertificateOutput

func (*SigningCertificate) ToSigningCertificateOutputWithContext

func (i *SigningCertificate) ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput

type SigningCertificateArgs

type SigningCertificateArgs struct {
	// The contents of the signing certificate in PEM-encoded format.
	CertificateBody pulumi.StringInput
	// The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.
	Status pulumi.StringPtrInput
	// The name of the user the signing certificate is for.
	UserName pulumi.StringInput
}

The set of arguments for constructing a SigningCertificate resource.

func (SigningCertificateArgs) ElementType

func (SigningCertificateArgs) ElementType() reflect.Type

type SigningCertificateArray

type SigningCertificateArray []SigningCertificateInput

func (SigningCertificateArray) ElementType

func (SigningCertificateArray) ElementType() reflect.Type

func (SigningCertificateArray) ToSigningCertificateArrayOutput

func (i SigningCertificateArray) ToSigningCertificateArrayOutput() SigningCertificateArrayOutput

func (SigningCertificateArray) ToSigningCertificateArrayOutputWithContext

func (i SigningCertificateArray) ToSigningCertificateArrayOutputWithContext(ctx context.Context) SigningCertificateArrayOutput

type SigningCertificateArrayInput

type SigningCertificateArrayInput interface {
	pulumi.Input

	ToSigningCertificateArrayOutput() SigningCertificateArrayOutput
	ToSigningCertificateArrayOutputWithContext(context.Context) SigningCertificateArrayOutput
}

SigningCertificateArrayInput is an input type that accepts SigningCertificateArray and SigningCertificateArrayOutput values. You can construct a concrete instance of `SigningCertificateArrayInput` via:

SigningCertificateArray{ SigningCertificateArgs{...} }

type SigningCertificateArrayOutput

type SigningCertificateArrayOutput struct{ *pulumi.OutputState }

func (SigningCertificateArrayOutput) ElementType

func (SigningCertificateArrayOutput) Index

func (SigningCertificateArrayOutput) ToSigningCertificateArrayOutput

func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutput() SigningCertificateArrayOutput

func (SigningCertificateArrayOutput) ToSigningCertificateArrayOutputWithContext

func (o SigningCertificateArrayOutput) ToSigningCertificateArrayOutputWithContext(ctx context.Context) SigningCertificateArrayOutput

type SigningCertificateInput

type SigningCertificateInput interface {
	pulumi.Input

	ToSigningCertificateOutput() SigningCertificateOutput
	ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput
}

type SigningCertificateMap

type SigningCertificateMap map[string]SigningCertificateInput

func (SigningCertificateMap) ElementType

func (SigningCertificateMap) ElementType() reflect.Type

func (SigningCertificateMap) ToSigningCertificateMapOutput

func (i SigningCertificateMap) ToSigningCertificateMapOutput() SigningCertificateMapOutput

func (SigningCertificateMap) ToSigningCertificateMapOutputWithContext

func (i SigningCertificateMap) ToSigningCertificateMapOutputWithContext(ctx context.Context) SigningCertificateMapOutput

type SigningCertificateMapInput

type SigningCertificateMapInput interface {
	pulumi.Input

	ToSigningCertificateMapOutput() SigningCertificateMapOutput
	ToSigningCertificateMapOutputWithContext(context.Context) SigningCertificateMapOutput
}

SigningCertificateMapInput is an input type that accepts SigningCertificateMap and SigningCertificateMapOutput values. You can construct a concrete instance of `SigningCertificateMapInput` via:

SigningCertificateMap{ "key": SigningCertificateArgs{...} }

type SigningCertificateMapOutput

type SigningCertificateMapOutput struct{ *pulumi.OutputState }

func (SigningCertificateMapOutput) ElementType

func (SigningCertificateMapOutput) MapIndex

func (SigningCertificateMapOutput) ToSigningCertificateMapOutput

func (o SigningCertificateMapOutput) ToSigningCertificateMapOutput() SigningCertificateMapOutput

func (SigningCertificateMapOutput) ToSigningCertificateMapOutputWithContext

func (o SigningCertificateMapOutput) ToSigningCertificateMapOutputWithContext(ctx context.Context) SigningCertificateMapOutput

type SigningCertificateOutput

type SigningCertificateOutput struct{ *pulumi.OutputState }

func (SigningCertificateOutput) CertificateBody

func (o SigningCertificateOutput) CertificateBody() pulumi.StringOutput

The contents of the signing certificate in PEM-encoded format.

func (SigningCertificateOutput) CertificateId

func (o SigningCertificateOutput) CertificateId() pulumi.StringOutput

The ID for the signing certificate.

func (SigningCertificateOutput) ElementType

func (SigningCertificateOutput) ElementType() reflect.Type

func (SigningCertificateOutput) Status

The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.

func (SigningCertificateOutput) ToSigningCertificateOutput

func (o SigningCertificateOutput) ToSigningCertificateOutput() SigningCertificateOutput

func (SigningCertificateOutput) ToSigningCertificateOutputWithContext

func (o SigningCertificateOutput) ToSigningCertificateOutputWithContext(ctx context.Context) SigningCertificateOutput

func (SigningCertificateOutput) UserName

The name of the user the signing certificate is for.

type SigningCertificateState

type SigningCertificateState struct {
	// The contents of the signing certificate in PEM-encoded format.
	CertificateBody pulumi.StringPtrInput
	// The ID for the signing certificate.
	CertificateId pulumi.StringPtrInput
	// The status you want to assign to the certificate. `Active` means that the certificate can be used for programmatic calls to Amazon Web Services `Inactive` means that the certificate cannot be used.
	Status pulumi.StringPtrInput
	// The name of the user the signing certificate is for.
	UserName pulumi.StringPtrInput
}

func (SigningCertificateState) ElementType

func (SigningCertificateState) ElementType() reflect.Type

type SshKey

type SshKey struct {
	pulumi.CustomResourceState

	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringOutput `pulumi:"encoding"`
	// The MD5 message digest of the SSH public key.
	Fingerprint pulumi.StringOutput `pulumi:"fingerprint"`
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringOutput `pulumi:"publicKey"`
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringOutput `pulumi:"sshPublicKeyId"`
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringOutput `pulumi:"status"`
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringOutput `pulumi:"username"`
}

Uploads an SSH public key and associates it with the specified IAM user.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		userUser, err := iam.NewUser(ctx, "userUser", &iam.UserArgs{
			Path: pulumi.String("/"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewSshKey(ctx, "userSshKey", &iam.SshKeyArgs{
			Username:  userUser.Name,
			Encoding:  pulumi.String("SSH"),
			PublicKey: pulumi.String("ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 mytest@mydomain.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SSH public keys can be imported using the `username`, `ssh_public_key_id`, and `encoding` e.g.,

```sh

$ pulumi import aws:iam/sshKey:SshKey user user:APKAJNCNNJICVN7CFKCA:SSH

```

func GetSshKey

func GetSshKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SshKeyState, opts ...pulumi.ResourceOption) (*SshKey, error)

GetSshKey gets an existing SshKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSshKey

func NewSshKey(ctx *pulumi.Context,
	name string, args *SshKeyArgs, opts ...pulumi.ResourceOption) (*SshKey, error)

NewSshKey registers a new resource with the given unique name, arguments, and options.

func (*SshKey) ElementType

func (*SshKey) ElementType() reflect.Type

func (*SshKey) ToSshKeyOutput

func (i *SshKey) ToSshKeyOutput() SshKeyOutput

func (*SshKey) ToSshKeyOutputWithContext

func (i *SshKey) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput

type SshKeyArgs

type SshKeyArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringInput
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringInput
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringInput
}

The set of arguments for constructing a SshKey resource.

func (SshKeyArgs) ElementType

func (SshKeyArgs) ElementType() reflect.Type

type SshKeyArray

type SshKeyArray []SshKeyInput

func (SshKeyArray) ElementType

func (SshKeyArray) ElementType() reflect.Type

func (SshKeyArray) ToSshKeyArrayOutput

func (i SshKeyArray) ToSshKeyArrayOutput() SshKeyArrayOutput

func (SshKeyArray) ToSshKeyArrayOutputWithContext

func (i SshKeyArray) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput

type SshKeyArrayInput

type SshKeyArrayInput interface {
	pulumi.Input

	ToSshKeyArrayOutput() SshKeyArrayOutput
	ToSshKeyArrayOutputWithContext(context.Context) SshKeyArrayOutput
}

SshKeyArrayInput is an input type that accepts SshKeyArray and SshKeyArrayOutput values. You can construct a concrete instance of `SshKeyArrayInput` via:

SshKeyArray{ SshKeyArgs{...} }

type SshKeyArrayOutput

type SshKeyArrayOutput struct{ *pulumi.OutputState }

func (SshKeyArrayOutput) ElementType

func (SshKeyArrayOutput) ElementType() reflect.Type

func (SshKeyArrayOutput) Index

func (SshKeyArrayOutput) ToSshKeyArrayOutput

func (o SshKeyArrayOutput) ToSshKeyArrayOutput() SshKeyArrayOutput

func (SshKeyArrayOutput) ToSshKeyArrayOutputWithContext

func (o SshKeyArrayOutput) ToSshKeyArrayOutputWithContext(ctx context.Context) SshKeyArrayOutput

type SshKeyInput

type SshKeyInput interface {
	pulumi.Input

	ToSshKeyOutput() SshKeyOutput
	ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput
}

type SshKeyMap

type SshKeyMap map[string]SshKeyInput

func (SshKeyMap) ElementType

func (SshKeyMap) ElementType() reflect.Type

func (SshKeyMap) ToSshKeyMapOutput

func (i SshKeyMap) ToSshKeyMapOutput() SshKeyMapOutput

func (SshKeyMap) ToSshKeyMapOutputWithContext

func (i SshKeyMap) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput

type SshKeyMapInput

type SshKeyMapInput interface {
	pulumi.Input

	ToSshKeyMapOutput() SshKeyMapOutput
	ToSshKeyMapOutputWithContext(context.Context) SshKeyMapOutput
}

SshKeyMapInput is an input type that accepts SshKeyMap and SshKeyMapOutput values. You can construct a concrete instance of `SshKeyMapInput` via:

SshKeyMap{ "key": SshKeyArgs{...} }

type SshKeyMapOutput

type SshKeyMapOutput struct{ *pulumi.OutputState }

func (SshKeyMapOutput) ElementType

func (SshKeyMapOutput) ElementType() reflect.Type

func (SshKeyMapOutput) MapIndex

func (SshKeyMapOutput) ToSshKeyMapOutput

func (o SshKeyMapOutput) ToSshKeyMapOutput() SshKeyMapOutput

func (SshKeyMapOutput) ToSshKeyMapOutputWithContext

func (o SshKeyMapOutput) ToSshKeyMapOutputWithContext(ctx context.Context) SshKeyMapOutput

type SshKeyOutput

type SshKeyOutput struct{ *pulumi.OutputState }

func (SshKeyOutput) ElementType

func (SshKeyOutput) ElementType() reflect.Type

func (SshKeyOutput) Encoding

func (o SshKeyOutput) Encoding() pulumi.StringOutput

Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.

func (SshKeyOutput) Fingerprint

func (o SshKeyOutput) Fingerprint() pulumi.StringOutput

The MD5 message digest of the SSH public key.

func (SshKeyOutput) PublicKey

func (o SshKeyOutput) PublicKey() pulumi.StringOutput

The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.

func (SshKeyOutput) SshPublicKeyId

func (o SshKeyOutput) SshPublicKeyId() pulumi.StringOutput

The unique identifier for the SSH public key.

func (SshKeyOutput) Status

func (o SshKeyOutput) Status() pulumi.StringOutput

The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.

func (SshKeyOutput) ToSshKeyOutput

func (o SshKeyOutput) ToSshKeyOutput() SshKeyOutput

func (SshKeyOutput) ToSshKeyOutputWithContext

func (o SshKeyOutput) ToSshKeyOutputWithContext(ctx context.Context) SshKeyOutput

func (SshKeyOutput) Username

func (o SshKeyOutput) Username() pulumi.StringOutput

The name of the IAM user to associate the SSH public key with.

type SshKeyState

type SshKeyState struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding pulumi.StringPtrInput
	// The MD5 message digest of the SSH public key.
	Fingerprint pulumi.StringPtrInput
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey pulumi.StringPtrInput
	// The unique identifier for the SSH public key.
	SshPublicKeyId pulumi.StringPtrInput
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status pulumi.StringPtrInput
	// The name of the IAM user to associate the SSH public key with.
	Username pulumi.StringPtrInput
}

func (SshKeyState) ElementType

func (SshKeyState) ElementType() reflect.Type

type User

type User struct {
	pulumi.CustomResourceState

	// The ARN assigned by AWS for this user.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrOutput `pulumi:"forceDestroy"`
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringOutput `pulumi:"name"`
	// Path in which to create the user.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrOutput `pulumi:"permissionsBoundary"`
	// Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringOutput `pulumi:"uniqueId"`
}

Provides an IAM user.

> *NOTE:* If policies are attached to the user via the `iam.PolicyAttachment` resource and you are modifying the user `name` or `path`, the `forceDestroy` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `iam.UserPolicyAttachment` resource (recommended) does not have this requirement.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
			Tags: pulumi.StringMap{
				"tag-key": pulumi.String("tag-value"),
			},
		})
		if err != nil {
			return err
		}
		_, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User: lbUser.Name,
		})
		if err != nil {
			return err
		}
		lbRoPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Actions: []string{
						"ec2:Describe*",
					},
					Resources: []string{
						"*",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicy(ctx, "lbRoUserPolicy", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: *pulumi.String(lbRoPolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Users can be imported using the `name`, e.g.,

```sh

$ pulumi import aws:iam/user:User lb loadbalancer

```

func GetUser

func GetUser(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserState, opts ...pulumi.ResourceOption) (*User, error)

GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUser

func NewUser(ctx *pulumi.Context,
	name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error)

NewUser registers a new resource with the given unique name, arguments, and options.

func (*User) ElementType

func (*User) ElementType() reflect.Type

func (*User) ToUserOutput

func (i *User) ToUserOutput() UserOutput

func (*User) ToUserOutputWithContext

func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput

type UserArgs

type UserArgs struct {
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrInput
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringPtrInput
	// Path in which to create the user.
	Path pulumi.StringPtrInput
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a User resource.

func (UserArgs) ElementType

func (UserArgs) ElementType() reflect.Type

type UserArray

type UserArray []UserInput

func (UserArray) ElementType

func (UserArray) ElementType() reflect.Type

func (UserArray) ToUserArrayOutput

func (i UserArray) ToUserArrayOutput() UserArrayOutput

func (UserArray) ToUserArrayOutputWithContext

func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput

type UserArrayInput

type UserArrayInput interface {
	pulumi.Input

	ToUserArrayOutput() UserArrayOutput
	ToUserArrayOutputWithContext(context.Context) UserArrayOutput
}

UserArrayInput is an input type that accepts UserArray and UserArrayOutput values. You can construct a concrete instance of `UserArrayInput` via:

UserArray{ UserArgs{...} }

type UserArrayOutput

type UserArrayOutput struct{ *pulumi.OutputState }

func (UserArrayOutput) ElementType

func (UserArrayOutput) ElementType() reflect.Type

func (UserArrayOutput) Index

func (UserArrayOutput) ToUserArrayOutput

func (o UserArrayOutput) ToUserArrayOutput() UserArrayOutput

func (UserArrayOutput) ToUserArrayOutputWithContext

func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput

type UserGroupMembership

type UserGroupMembership struct {
	pulumi.CustomResourceState

	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayOutput `pulumi:"groups"`
	// The name of the IAM User to add to groups
	User pulumi.StringOutput `pulumi:"user"`
}

Provides a resource for adding an IAM User to IAM Groups. This resource can be used multiple times with the same user for non-overlapping groups.

To exclusively manage the users in a group, see the `iam.GroupMembership` resource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user1, err := iam.NewUser(ctx, "user1", nil)
		if err != nil {
			return err
		}
		group1, err := iam.NewGroup(ctx, "group1", nil)
		if err != nil {
			return err
		}
		group2, err := iam.NewGroup(ctx, "group2", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserGroupMembership(ctx, "example1", &iam.UserGroupMembershipArgs{
			User: user1.Name,
			Groups: pulumi.StringArray{
				group1.Name,
				group2.Name,
			},
		})
		if err != nil {
			return err
		}
		group3, err := iam.NewGroup(ctx, "group3", nil)
		if err != nil {
			return err
		}
		_, err = iam.NewUserGroupMembership(ctx, "example2", &iam.UserGroupMembershipArgs{
			User: user1.Name,
			Groups: pulumi.StringArray{
				group3.Name,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM user group membership can be imported using the user name and group names separated by `/`.

```sh

$ pulumi import aws:iam/userGroupMembership:UserGroupMembership example1 user1/group1/group2

```

func GetUserGroupMembership

func GetUserGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserGroupMembershipState, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)

GetUserGroupMembership gets an existing UserGroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserGroupMembership

func NewUserGroupMembership(ctx *pulumi.Context,
	name string, args *UserGroupMembershipArgs, opts ...pulumi.ResourceOption) (*UserGroupMembership, error)

NewUserGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*UserGroupMembership) ElementType

func (*UserGroupMembership) ElementType() reflect.Type

func (*UserGroupMembership) ToUserGroupMembershipOutput

func (i *UserGroupMembership) ToUserGroupMembershipOutput() UserGroupMembershipOutput

func (*UserGroupMembership) ToUserGroupMembershipOutputWithContext

func (i *UserGroupMembership) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput

type UserGroupMembershipArgs

type UserGroupMembershipArgs struct {
	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayInput
	// The name of the IAM User to add to groups
	User pulumi.StringInput
}

The set of arguments for constructing a UserGroupMembership resource.

func (UserGroupMembershipArgs) ElementType

func (UserGroupMembershipArgs) ElementType() reflect.Type

type UserGroupMembershipArray

type UserGroupMembershipArray []UserGroupMembershipInput

func (UserGroupMembershipArray) ElementType

func (UserGroupMembershipArray) ElementType() reflect.Type

func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutput

func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput

func (UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext

func (i UserGroupMembershipArray) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput

type UserGroupMembershipArrayInput

type UserGroupMembershipArrayInput interface {
	pulumi.Input

	ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput
	ToUserGroupMembershipArrayOutputWithContext(context.Context) UserGroupMembershipArrayOutput
}

UserGroupMembershipArrayInput is an input type that accepts UserGroupMembershipArray and UserGroupMembershipArrayOutput values. You can construct a concrete instance of `UserGroupMembershipArrayInput` via:

UserGroupMembershipArray{ UserGroupMembershipArgs{...} }

type UserGroupMembershipArrayOutput

type UserGroupMembershipArrayOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipArrayOutput) ElementType

func (UserGroupMembershipArrayOutput) Index

func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput

func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutput() UserGroupMembershipArrayOutput

func (UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext

func (o UserGroupMembershipArrayOutput) ToUserGroupMembershipArrayOutputWithContext(ctx context.Context) UserGroupMembershipArrayOutput

type UserGroupMembershipInput

type UserGroupMembershipInput interface {
	pulumi.Input

	ToUserGroupMembershipOutput() UserGroupMembershipOutput
	ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput
}

type UserGroupMembershipMap

type UserGroupMembershipMap map[string]UserGroupMembershipInput

func (UserGroupMembershipMap) ElementType

func (UserGroupMembershipMap) ElementType() reflect.Type

func (UserGroupMembershipMap) ToUserGroupMembershipMapOutput

func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput

func (UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext

func (i UserGroupMembershipMap) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput

type UserGroupMembershipMapInput

type UserGroupMembershipMapInput interface {
	pulumi.Input

	ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput
	ToUserGroupMembershipMapOutputWithContext(context.Context) UserGroupMembershipMapOutput
}

UserGroupMembershipMapInput is an input type that accepts UserGroupMembershipMap and UserGroupMembershipMapOutput values. You can construct a concrete instance of `UserGroupMembershipMapInput` via:

UserGroupMembershipMap{ "key": UserGroupMembershipArgs{...} }

type UserGroupMembershipMapOutput

type UserGroupMembershipMapOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipMapOutput) ElementType

func (UserGroupMembershipMapOutput) MapIndex

func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput

func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutput() UserGroupMembershipMapOutput

func (UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext

func (o UserGroupMembershipMapOutput) ToUserGroupMembershipMapOutputWithContext(ctx context.Context) UserGroupMembershipMapOutput

type UserGroupMembershipOutput

type UserGroupMembershipOutput struct{ *pulumi.OutputState }

func (UserGroupMembershipOutput) ElementType

func (UserGroupMembershipOutput) ElementType() reflect.Type

func (UserGroupMembershipOutput) Groups

A list of IAM Groups to add the user to

func (UserGroupMembershipOutput) ToUserGroupMembershipOutput

func (o UserGroupMembershipOutput) ToUserGroupMembershipOutput() UserGroupMembershipOutput

func (UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext

func (o UserGroupMembershipOutput) ToUserGroupMembershipOutputWithContext(ctx context.Context) UserGroupMembershipOutput

func (UserGroupMembershipOutput) User

The name of the IAM User to add to groups

type UserGroupMembershipState

type UserGroupMembershipState struct {
	// A list of IAM Groups to add the user to
	Groups pulumi.StringArrayInput
	// The name of the IAM User to add to groups
	User pulumi.StringPtrInput
}

func (UserGroupMembershipState) ElementType

func (UserGroupMembershipState) ElementType() reflect.Type

type UserInput

type UserInput interface {
	pulumi.Input

	ToUserOutput() UserOutput
	ToUserOutputWithContext(ctx context.Context) UserOutput
}

type UserLoginProfile

type UserLoginProfile struct {
	pulumi.CustomResourceState

	// The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import.
	EncryptedPassword pulumi.StringOutput `pulumi:"encryptedPassword"`
	// The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.
	KeyFingerprint pulumi.StringOutput `pulumi:"keyFingerprint"`
	// The plain text password, only available when `pgpKey` is not provided.
	Password pulumi.StringOutput `pulumi:"password"`
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.
	PasswordLength pulumi.IntPtrOutput `pulumi:"passwordLength"`
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.
	PasswordResetRequired pulumi.BoolOutput `pulumi:"passwordResetRequired"`
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringPtrOutput `pulumi:"pgpKey"`
	// The IAM user's name.
	User pulumi.StringOutput `pulumi:"user"`
}

Manages an IAM User Login Profile with limited support for password creation during this provider resource creation. Uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.

> To reset an IAM User login password via this provider, you can use delete and recreate this resource or change any of the arguments.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleUser, err := iam.NewUser(ctx, "exampleUser", &iam.UserArgs{
			Path:         pulumi.String("/"),
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		exampleUserLoginProfile, err := iam.NewUserLoginProfile(ctx, "exampleUserLoginProfile", &iam.UserLoginProfileArgs{
			User:   exampleUser.Name,
			PgpKey: pulumi.String("keybase:some_person_that_exists"),
		})
		if err != nil {
			return err
		}
		ctx.Export("password", exampleUserLoginProfile.EncryptedPassword)
		return nil
	})
}

```

## Import

IAM User Login Profiles can be imported without password information support via the IAM User name, e.g.,

```sh

$ pulumi import aws:iam/userLoginProfile:UserLoginProfile example myusername

```

Since this provider has no method to read the PGP or password information during import, use [`ignore_changes` argument](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to ignore them unless password recreation is desired. e.g. terraform resource "aws_iam_user_login_profile" "example" {

... other configuration ...

lifecycle {

ignore_changes = [

password_length,

password_reset_required,

pgp_key,

]

} }

func GetUserLoginProfile

func GetUserLoginProfile(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserLoginProfileState, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)

GetUserLoginProfile gets an existing UserLoginProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserLoginProfile

func NewUserLoginProfile(ctx *pulumi.Context,
	name string, args *UserLoginProfileArgs, opts ...pulumi.ResourceOption) (*UserLoginProfile, error)

NewUserLoginProfile registers a new resource with the given unique name, arguments, and options.

func (*UserLoginProfile) ElementType

func (*UserLoginProfile) ElementType() reflect.Type

func (*UserLoginProfile) ToUserLoginProfileOutput

func (i *UserLoginProfile) ToUserLoginProfileOutput() UserLoginProfileOutput

func (*UserLoginProfile) ToUserLoginProfileOutputWithContext

func (i *UserLoginProfile) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput

type UserLoginProfileArgs

type UserLoginProfileArgs struct {
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.
	PasswordLength pulumi.IntPtrInput
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.
	PasswordResetRequired pulumi.BoolPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringPtrInput
	// The IAM user's name.
	User pulumi.StringInput
}

The set of arguments for constructing a UserLoginProfile resource.

func (UserLoginProfileArgs) ElementType

func (UserLoginProfileArgs) ElementType() reflect.Type

type UserLoginProfileArray

type UserLoginProfileArray []UserLoginProfileInput

func (UserLoginProfileArray) ElementType

func (UserLoginProfileArray) ElementType() reflect.Type

func (UserLoginProfileArray) ToUserLoginProfileArrayOutput

func (i UserLoginProfileArray) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput

func (UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext

func (i UserLoginProfileArray) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput

type UserLoginProfileArrayInput

type UserLoginProfileArrayInput interface {
	pulumi.Input

	ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput
	ToUserLoginProfileArrayOutputWithContext(context.Context) UserLoginProfileArrayOutput
}

UserLoginProfileArrayInput is an input type that accepts UserLoginProfileArray and UserLoginProfileArrayOutput values. You can construct a concrete instance of `UserLoginProfileArrayInput` via:

UserLoginProfileArray{ UserLoginProfileArgs{...} }

type UserLoginProfileArrayOutput

type UserLoginProfileArrayOutput struct{ *pulumi.OutputState }

func (UserLoginProfileArrayOutput) ElementType

func (UserLoginProfileArrayOutput) Index

func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput

func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutput() UserLoginProfileArrayOutput

func (UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext

func (o UserLoginProfileArrayOutput) ToUserLoginProfileArrayOutputWithContext(ctx context.Context) UserLoginProfileArrayOutput

type UserLoginProfileInput

type UserLoginProfileInput interface {
	pulumi.Input

	ToUserLoginProfileOutput() UserLoginProfileOutput
	ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput
}

type UserLoginProfileMap

type UserLoginProfileMap map[string]UserLoginProfileInput

func (UserLoginProfileMap) ElementType

func (UserLoginProfileMap) ElementType() reflect.Type

func (UserLoginProfileMap) ToUserLoginProfileMapOutput

func (i UserLoginProfileMap) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput

func (UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext

func (i UserLoginProfileMap) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput

type UserLoginProfileMapInput

type UserLoginProfileMapInput interface {
	pulumi.Input

	ToUserLoginProfileMapOutput() UserLoginProfileMapOutput
	ToUserLoginProfileMapOutputWithContext(context.Context) UserLoginProfileMapOutput
}

UserLoginProfileMapInput is an input type that accepts UserLoginProfileMap and UserLoginProfileMapOutput values. You can construct a concrete instance of `UserLoginProfileMapInput` via:

UserLoginProfileMap{ "key": UserLoginProfileArgs{...} }

type UserLoginProfileMapOutput

type UserLoginProfileMapOutput struct{ *pulumi.OutputState }

func (UserLoginProfileMapOutput) ElementType

func (UserLoginProfileMapOutput) ElementType() reflect.Type

func (UserLoginProfileMapOutput) MapIndex

func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutput

func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutput() UserLoginProfileMapOutput

func (UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext

func (o UserLoginProfileMapOutput) ToUserLoginProfileMapOutputWithContext(ctx context.Context) UserLoginProfileMapOutput

type UserLoginProfileOutput

type UserLoginProfileOutput struct{ *pulumi.OutputState }

func (UserLoginProfileOutput) ElementType

func (UserLoginProfileOutput) ElementType() reflect.Type

func (UserLoginProfileOutput) EncryptedPassword

func (o UserLoginProfileOutput) EncryptedPassword() pulumi.StringOutput

The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import.

func (UserLoginProfileOutput) KeyFingerprint

func (o UserLoginProfileOutput) KeyFingerprint() pulumi.StringOutput

The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.

func (UserLoginProfileOutput) Password

The plain text password, only available when `pgpKey` is not provided.

func (UserLoginProfileOutput) PasswordLength

func (o UserLoginProfileOutput) PasswordLength() pulumi.IntPtrOutput

The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.

func (UserLoginProfileOutput) PasswordResetRequired

func (o UserLoginProfileOutput) PasswordResetRequired() pulumi.BoolOutput

Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.

func (UserLoginProfileOutput) PgpKey

Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.

func (UserLoginProfileOutput) ToUserLoginProfileOutput

func (o UserLoginProfileOutput) ToUserLoginProfileOutput() UserLoginProfileOutput

func (UserLoginProfileOutput) ToUserLoginProfileOutputWithContext

func (o UserLoginProfileOutput) ToUserLoginProfileOutputWithContext(ctx context.Context) UserLoginProfileOutput

func (UserLoginProfileOutput) User

The IAM user's name.

type UserLoginProfileState

type UserLoginProfileState struct {
	// The encrypted password, base64 encoded. Only available if password was handled on resource creation, not import.
	EncryptedPassword pulumi.StringPtrInput
	// The fingerprint of the PGP key used to encrypt the password. Only available if password was handled on this provider resource creation, not import.
	KeyFingerprint pulumi.StringPtrInput
	// The plain text password, only available when `pgpKey` is not provided.
	Password pulumi.StringPtrInput
	// The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is `20`.
	PasswordLength pulumi.IntPtrInput
	// Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.
	PasswordResetRequired pulumi.BoolPtrInput
	// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Only applies on resource creation. Drift detection is not possible with this argument.
	PgpKey pulumi.StringPtrInput
	// The IAM user's name.
	User pulumi.StringPtrInput
}

func (UserLoginProfileState) ElementType

func (UserLoginProfileState) ElementType() reflect.Type

type UserMap

type UserMap map[string]UserInput

func (UserMap) ElementType

func (UserMap) ElementType() reflect.Type

func (UserMap) ToUserMapOutput

func (i UserMap) ToUserMapOutput() UserMapOutput

func (UserMap) ToUserMapOutputWithContext

func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput

type UserMapInput

type UserMapInput interface {
	pulumi.Input

	ToUserMapOutput() UserMapOutput
	ToUserMapOutputWithContext(context.Context) UserMapOutput
}

UserMapInput is an input type that accepts UserMap and UserMapOutput values. You can construct a concrete instance of `UserMapInput` via:

UserMap{ "key": UserArgs{...} }

type UserMapOutput

type UserMapOutput struct{ *pulumi.OutputState }

func (UserMapOutput) ElementType

func (UserMapOutput) ElementType() reflect.Type

func (UserMapOutput) MapIndex

func (UserMapOutput) ToUserMapOutput

func (o UserMapOutput) ToUserMapOutput() UserMapOutput

func (UserMapOutput) ToUserMapOutputWithContext

func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput

type UserOutput

type UserOutput struct{ *pulumi.OutputState }

func (UserOutput) Arn

func (o UserOutput) Arn() pulumi.StringOutput

The ARN assigned by AWS for this user.

func (UserOutput) ElementType

func (UserOutput) ElementType() reflect.Type

func (UserOutput) ForceDestroy

func (o UserOutput) ForceDestroy() pulumi.BoolPtrOutput

When destroying this user, destroy even if it has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy` a user with non-provider-managed access keys and login profile will fail to be destroyed.

func (UserOutput) Name

func (o UserOutput) Name() pulumi.StringOutput

The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".

func (UserOutput) Path

Path in which to create the user.

func (UserOutput) PermissionsBoundary

func (o UserOutput) PermissionsBoundary() pulumi.StringPtrOutput

The ARN of the policy that is used to set the permissions boundary for the user.

func (UserOutput) Tags

Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (UserOutput) TagsAll

func (o UserOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (UserOutput) ToUserOutput

func (o UserOutput) ToUserOutput() UserOutput

func (UserOutput) ToUserOutputWithContext

func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput

func (UserOutput) UniqueId

func (o UserOutput) UniqueId() pulumi.StringOutput

The [unique ID][1] assigned by AWS.

type UserPolicy

type UserPolicy struct {
	pulumi.CustomResourceState

	// The name of the policy. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrOutput `pulumi:"namePrefix"`
	// The policy document. This is a JSON formatted string.
	Policy pulumi.StringOutput `pulumi:"policy"`
	// IAM user to which to attach this policy.
	User pulumi.StringOutput `pulumi:"user"`
}

Provides an IAM policy attached to a user.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
			Path: pulumi.String("/system/"),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"Version": "2012-10-17",
			"Statement": []map[string]interface{}{
				map[string]interface{}{
					"Action": []string{
						"ec2:Describe*",
					},
					"Effect":   "Allow",
					"Resource": "*",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
			User:   lbUser.Name,
			Policy: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
			User: lbUser.Name,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM User Policies can be imported using the `user_name:user_policy_name`, e.g.,

```sh

$ pulumi import aws:iam/userPolicy:UserPolicy mypolicy user_of_mypolicy_name:mypolicy_name

```

func GetUserPolicy

func GetUserPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserPolicyState, opts ...pulumi.ResourceOption) (*UserPolicy, error)

GetUserPolicy gets an existing UserPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicy

func NewUserPolicy(ctx *pulumi.Context,
	name string, args *UserPolicyArgs, opts ...pulumi.ResourceOption) (*UserPolicy, error)

NewUserPolicy registers a new resource with the given unique name, arguments, and options.

func (*UserPolicy) ElementType

func (*UserPolicy) ElementType() reflect.Type

func (*UserPolicy) ToUserPolicyOutput

func (i *UserPolicy) ToUserPolicyOutput() UserPolicyOutput

func (*UserPolicy) ToUserPolicyOutputWithContext

func (i *UserPolicy) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput

type UserPolicyArgs

type UserPolicyArgs struct {
	// The name of the policy. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// IAM user to which to attach this policy.
	User pulumi.StringInput
}

The set of arguments for constructing a UserPolicy resource.

func (UserPolicyArgs) ElementType

func (UserPolicyArgs) ElementType() reflect.Type

type UserPolicyArray

type UserPolicyArray []UserPolicyInput

func (UserPolicyArray) ElementType

func (UserPolicyArray) ElementType() reflect.Type

func (UserPolicyArray) ToUserPolicyArrayOutput

func (i UserPolicyArray) ToUserPolicyArrayOutput() UserPolicyArrayOutput

func (UserPolicyArray) ToUserPolicyArrayOutputWithContext

func (i UserPolicyArray) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput

type UserPolicyArrayInput

type UserPolicyArrayInput interface {
	pulumi.Input

	ToUserPolicyArrayOutput() UserPolicyArrayOutput
	ToUserPolicyArrayOutputWithContext(context.Context) UserPolicyArrayOutput
}

UserPolicyArrayInput is an input type that accepts UserPolicyArray and UserPolicyArrayOutput values. You can construct a concrete instance of `UserPolicyArrayInput` via:

UserPolicyArray{ UserPolicyArgs{...} }

type UserPolicyArrayOutput

type UserPolicyArrayOutput struct{ *pulumi.OutputState }

func (UserPolicyArrayOutput) ElementType

func (UserPolicyArrayOutput) ElementType() reflect.Type

func (UserPolicyArrayOutput) Index

func (UserPolicyArrayOutput) ToUserPolicyArrayOutput

func (o UserPolicyArrayOutput) ToUserPolicyArrayOutput() UserPolicyArrayOutput

func (UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext

func (o UserPolicyArrayOutput) ToUserPolicyArrayOutputWithContext(ctx context.Context) UserPolicyArrayOutput

type UserPolicyAttachment

type UserPolicyAttachment struct {
	pulumi.CustomResourceState

	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringOutput `pulumi:"policyArn"`
	// The user the policy should be applied to
	User pulumi.StringOutput `pulumi:"user"`
}

Attaches a Managed IAM Policy to an IAM user

> **NOTE:** The usage of this resource conflicts with the `iam.PolicyAttachment` resource and will permanently show a difference if both are defined.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		user, err := iam.NewUser(ctx, "user", nil)
		if err != nil {
			return err
		}
		policy, err := iam.NewPolicy(ctx, "policy", &iam.PolicyArgs{
			Description: pulumi.String("A test policy"),
			Policy:      pulumi.Any("{ ... policy JSON ... }"),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewUserPolicyAttachment(ctx, "test-attach", &iam.UserPolicyAttachmentArgs{
			User:      user.Name,
			PolicyArn: policy.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM user policy attachments can be imported using the user name and policy arn separated by `/`.

```sh

$ pulumi import aws:iam/userPolicyAttachment:UserPolicyAttachment test-attach test-user/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy

```

func GetUserPolicyAttachment

func GetUserPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserPolicyAttachmentState, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)

GetUserPolicyAttachment gets an existing UserPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicyAttachment

func NewUserPolicyAttachment(ctx *pulumi.Context,
	name string, args *UserPolicyAttachmentArgs, opts ...pulumi.ResourceOption) (*UserPolicyAttachment, error)

NewUserPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*UserPolicyAttachment) ElementType

func (*UserPolicyAttachment) ElementType() reflect.Type

func (*UserPolicyAttachment) ToUserPolicyAttachmentOutput

func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput

func (*UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext

func (i *UserPolicyAttachment) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput

type UserPolicyAttachmentArgs

type UserPolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringInput
	// The user the policy should be applied to
	User pulumi.Input
}

The set of arguments for constructing a UserPolicyAttachment resource.

func (UserPolicyAttachmentArgs) ElementType

func (UserPolicyAttachmentArgs) ElementType() reflect.Type

type UserPolicyAttachmentArray

type UserPolicyAttachmentArray []UserPolicyAttachmentInput

func (UserPolicyAttachmentArray) ElementType

func (UserPolicyAttachmentArray) ElementType() reflect.Type

func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput

func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput

func (UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext

func (i UserPolicyAttachmentArray) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentArrayInput

type UserPolicyAttachmentArrayInput interface {
	pulumi.Input

	ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput
	ToUserPolicyAttachmentArrayOutputWithContext(context.Context) UserPolicyAttachmentArrayOutput
}

UserPolicyAttachmentArrayInput is an input type that accepts UserPolicyAttachmentArray and UserPolicyAttachmentArrayOutput values. You can construct a concrete instance of `UserPolicyAttachmentArrayInput` via:

UserPolicyAttachmentArray{ UserPolicyAttachmentArgs{...} }

type UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentArrayOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentArrayOutput) ElementType

func (UserPolicyAttachmentArrayOutput) Index

func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput

func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutput() UserPolicyAttachmentArrayOutput

func (UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext

func (o UserPolicyAttachmentArrayOutput) ToUserPolicyAttachmentArrayOutputWithContext(ctx context.Context) UserPolicyAttachmentArrayOutput

type UserPolicyAttachmentInput

type UserPolicyAttachmentInput interface {
	pulumi.Input

	ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput
	ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput
}

type UserPolicyAttachmentMap

type UserPolicyAttachmentMap map[string]UserPolicyAttachmentInput

func (UserPolicyAttachmentMap) ElementType

func (UserPolicyAttachmentMap) ElementType() reflect.Type

func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput

func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput

func (UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext

func (i UserPolicyAttachmentMap) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput

type UserPolicyAttachmentMapInput

type UserPolicyAttachmentMapInput interface {
	pulumi.Input

	ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput
	ToUserPolicyAttachmentMapOutputWithContext(context.Context) UserPolicyAttachmentMapOutput
}

UserPolicyAttachmentMapInput is an input type that accepts UserPolicyAttachmentMap and UserPolicyAttachmentMapOutput values. You can construct a concrete instance of `UserPolicyAttachmentMapInput` via:

UserPolicyAttachmentMap{ "key": UserPolicyAttachmentArgs{...} }

type UserPolicyAttachmentMapOutput

type UserPolicyAttachmentMapOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentMapOutput) ElementType

func (UserPolicyAttachmentMapOutput) MapIndex

func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput

func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutput() UserPolicyAttachmentMapOutput

func (UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext

func (o UserPolicyAttachmentMapOutput) ToUserPolicyAttachmentMapOutputWithContext(ctx context.Context) UserPolicyAttachmentMapOutput

type UserPolicyAttachmentOutput

type UserPolicyAttachmentOutput struct{ *pulumi.OutputState }

func (UserPolicyAttachmentOutput) ElementType

func (UserPolicyAttachmentOutput) ElementType() reflect.Type

func (UserPolicyAttachmentOutput) PolicyArn

The ARN of the policy you want to apply

func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput

func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutput() UserPolicyAttachmentOutput

func (UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext

func (o UserPolicyAttachmentOutput) ToUserPolicyAttachmentOutputWithContext(ctx context.Context) UserPolicyAttachmentOutput

func (UserPolicyAttachmentOutput) User

The user the policy should be applied to

type UserPolicyAttachmentState

type UserPolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn pulumi.StringPtrInput
	// The user the policy should be applied to
	User pulumi.Input
}

func (UserPolicyAttachmentState) ElementType

func (UserPolicyAttachmentState) ElementType() reflect.Type

type UserPolicyInput

type UserPolicyInput interface {
	pulumi.Input

	ToUserPolicyOutput() UserPolicyOutput
	ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput
}

type UserPolicyMap

type UserPolicyMap map[string]UserPolicyInput

func (UserPolicyMap) ElementType

func (UserPolicyMap) ElementType() reflect.Type

func (UserPolicyMap) ToUserPolicyMapOutput

func (i UserPolicyMap) ToUserPolicyMapOutput() UserPolicyMapOutput

func (UserPolicyMap) ToUserPolicyMapOutputWithContext

func (i UserPolicyMap) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput

type UserPolicyMapInput

type UserPolicyMapInput interface {
	pulumi.Input

	ToUserPolicyMapOutput() UserPolicyMapOutput
	ToUserPolicyMapOutputWithContext(context.Context) UserPolicyMapOutput
}

UserPolicyMapInput is an input type that accepts UserPolicyMap and UserPolicyMapOutput values. You can construct a concrete instance of `UserPolicyMapInput` via:

UserPolicyMap{ "key": UserPolicyArgs{...} }

type UserPolicyMapOutput

type UserPolicyMapOutput struct{ *pulumi.OutputState }

func (UserPolicyMapOutput) ElementType

func (UserPolicyMapOutput) ElementType() reflect.Type

func (UserPolicyMapOutput) MapIndex

func (UserPolicyMapOutput) ToUserPolicyMapOutput

func (o UserPolicyMapOutput) ToUserPolicyMapOutput() UserPolicyMapOutput

func (UserPolicyMapOutput) ToUserPolicyMapOutputWithContext

func (o UserPolicyMapOutput) ToUserPolicyMapOutputWithContext(ctx context.Context) UserPolicyMapOutput

type UserPolicyOutput

type UserPolicyOutput struct{ *pulumi.OutputState }

func (UserPolicyOutput) ElementType

func (UserPolicyOutput) ElementType() reflect.Type

func (UserPolicyOutput) Name

The name of the policy. If omitted, the provider will assign a random, unique name.

func (UserPolicyOutput) NamePrefix

func (o UserPolicyOutput) NamePrefix() pulumi.StringPtrOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (UserPolicyOutput) Policy

The policy document. This is a JSON formatted string.

func (UserPolicyOutput) ToUserPolicyOutput

func (o UserPolicyOutput) ToUserPolicyOutput() UserPolicyOutput

func (UserPolicyOutput) ToUserPolicyOutputWithContext

func (o UserPolicyOutput) ToUserPolicyOutputWithContext(ctx context.Context) UserPolicyOutput

func (UserPolicyOutput) User

IAM user to which to attach this policy.

type UserPolicyState

type UserPolicyState struct {
	// The name of the policy. If omitted, the provider will assign a random, unique name.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// The policy document. This is a JSON formatted string.
	Policy pulumi.Input
	// IAM user to which to attach this policy.
	User pulumi.StringPtrInput
}

func (UserPolicyState) ElementType

func (UserPolicyState) ElementType() reflect.Type

type UserState

type UserState struct {
	// The ARN assigned by AWS for this user.
	Arn pulumi.StringPtrInput
	// When destroying this user, destroy even if it
	// has non-provider-managed IAM access keys, login profile or MFA devices. Without `forceDestroy`
	// a user with non-provider-managed access keys and login profile will fail to be destroyed.
	ForceDestroy pulumi.BoolPtrInput
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name pulumi.StringPtrInput
	// Path in which to create the user.
	Path pulumi.StringPtrInput
	// The ARN of the policy that is used to set the permissions boundary for the user.
	PermissionsBoundary pulumi.StringPtrInput
	// Key-value mapping of tags for the IAM user. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The [unique ID][1] assigned by AWS.
	UniqueId pulumi.StringPtrInput
}

func (UserState) ElementType

func (UserState) ElementType() reflect.Type

type VirtualMfaDevice

type VirtualMfaDevice struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name (ARN) specifying the virtual mfa device.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded.
	Base32StringSeed pulumi.StringOutput `pulumi:"base32StringSeed"`
	// The date and time when the virtual MFA device was enabled.
	EnableDate pulumi.StringOutput `pulumi:"enableDate"`
	// The path for the virtual MFA device.
	Path pulumi.StringPtrOutput `pulumi:"path"`
	// A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format.
	QrCodePng pulumi.StringOutput `pulumi:"qrCodePng"`
	// Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
	// The associated IAM User name if the virtual MFA device is enabled.
	UserName pulumi.StringOutput `pulumi:"userName"`
	// The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
	VirtualMfaDeviceName pulumi.StringOutput `pulumi:"virtualMfaDeviceName"`
}

Provides an IAM Virtual MFA Device.

> **Note:** All attributes will be stored in the raw state as plain-text. **Note:** A virtual MFA device cannot be directly associated with an IAM User from the provider.

To associate the virtual MFA device with a user and enable it, use the code returned in either `base32StringSeed` or `qrCodePng` to generate TOTP authentication codes.
The authentication codes can then be used with the AWS CLI command [`aws iam enable-mfa-device`](https://docs.aws.amazon.com/cli/latest/reference/iam/enable-mfa-device.html) or the AWS API call [`EnableMFADevice`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html).

## Example Usage

**Using certs on file:**

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := iam.NewVirtualMfaDevice(ctx, "example", &iam.VirtualMfaDeviceArgs{
			VirtualMfaDeviceName: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

IAM Virtual MFA Devices can be imported using the `arn`, e.g.,

```sh

$ pulumi import aws:iam/virtualMfaDevice:VirtualMfaDevice example arn:aws:iam::123456789012:mfa/example

```

func GetVirtualMfaDevice

func GetVirtualMfaDevice(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *VirtualMfaDeviceState, opts ...pulumi.ResourceOption) (*VirtualMfaDevice, error)

GetVirtualMfaDevice gets an existing VirtualMfaDevice resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewVirtualMfaDevice

func NewVirtualMfaDevice(ctx *pulumi.Context,
	name string, args *VirtualMfaDeviceArgs, opts ...pulumi.ResourceOption) (*VirtualMfaDevice, error)

NewVirtualMfaDevice registers a new resource with the given unique name, arguments, and options.

func (*VirtualMfaDevice) ElementType

func (*VirtualMfaDevice) ElementType() reflect.Type

func (*VirtualMfaDevice) ToVirtualMfaDeviceOutput

func (i *VirtualMfaDevice) ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput

func (*VirtualMfaDevice) ToVirtualMfaDeviceOutputWithContext

func (i *VirtualMfaDevice) ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput

type VirtualMfaDeviceArgs

type VirtualMfaDeviceArgs struct {
	// The path for the virtual MFA device.
	Path pulumi.StringPtrInput
	// Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
	VirtualMfaDeviceName pulumi.StringInput
}

The set of arguments for constructing a VirtualMfaDevice resource.

func (VirtualMfaDeviceArgs) ElementType

func (VirtualMfaDeviceArgs) ElementType() reflect.Type

type VirtualMfaDeviceArray

type VirtualMfaDeviceArray []VirtualMfaDeviceInput

func (VirtualMfaDeviceArray) ElementType

func (VirtualMfaDeviceArray) ElementType() reflect.Type

func (VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutput

func (i VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput

func (VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutputWithContext

func (i VirtualMfaDeviceArray) ToVirtualMfaDeviceArrayOutputWithContext(ctx context.Context) VirtualMfaDeviceArrayOutput

type VirtualMfaDeviceArrayInput

type VirtualMfaDeviceArrayInput interface {
	pulumi.Input

	ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput
	ToVirtualMfaDeviceArrayOutputWithContext(context.Context) VirtualMfaDeviceArrayOutput
}

VirtualMfaDeviceArrayInput is an input type that accepts VirtualMfaDeviceArray and VirtualMfaDeviceArrayOutput values. You can construct a concrete instance of `VirtualMfaDeviceArrayInput` via:

VirtualMfaDeviceArray{ VirtualMfaDeviceArgs{...} }

type VirtualMfaDeviceArrayOutput

type VirtualMfaDeviceArrayOutput struct{ *pulumi.OutputState }

func (VirtualMfaDeviceArrayOutput) ElementType

func (VirtualMfaDeviceArrayOutput) Index

func (VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutput

func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutput() VirtualMfaDeviceArrayOutput

func (VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutputWithContext

func (o VirtualMfaDeviceArrayOutput) ToVirtualMfaDeviceArrayOutputWithContext(ctx context.Context) VirtualMfaDeviceArrayOutput

type VirtualMfaDeviceInput

type VirtualMfaDeviceInput interface {
	pulumi.Input

	ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput
	ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput
}

type VirtualMfaDeviceMap

type VirtualMfaDeviceMap map[string]VirtualMfaDeviceInput

func (VirtualMfaDeviceMap) ElementType

func (VirtualMfaDeviceMap) ElementType() reflect.Type

func (VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutput

func (i VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput

func (VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutputWithContext

func (i VirtualMfaDeviceMap) ToVirtualMfaDeviceMapOutputWithContext(ctx context.Context) VirtualMfaDeviceMapOutput

type VirtualMfaDeviceMapInput

type VirtualMfaDeviceMapInput interface {
	pulumi.Input

	ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput
	ToVirtualMfaDeviceMapOutputWithContext(context.Context) VirtualMfaDeviceMapOutput
}

VirtualMfaDeviceMapInput is an input type that accepts VirtualMfaDeviceMap and VirtualMfaDeviceMapOutput values. You can construct a concrete instance of `VirtualMfaDeviceMapInput` via:

VirtualMfaDeviceMap{ "key": VirtualMfaDeviceArgs{...} }

type VirtualMfaDeviceMapOutput

type VirtualMfaDeviceMapOutput struct{ *pulumi.OutputState }

func (VirtualMfaDeviceMapOutput) ElementType

func (VirtualMfaDeviceMapOutput) ElementType() reflect.Type

func (VirtualMfaDeviceMapOutput) MapIndex

func (VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutput

func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutput() VirtualMfaDeviceMapOutput

func (VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutputWithContext

func (o VirtualMfaDeviceMapOutput) ToVirtualMfaDeviceMapOutputWithContext(ctx context.Context) VirtualMfaDeviceMapOutput

type VirtualMfaDeviceOutput

type VirtualMfaDeviceOutput struct{ *pulumi.OutputState }

func (VirtualMfaDeviceOutput) Arn

The Amazon Resource Name (ARN) specifying the virtual mfa device.

func (VirtualMfaDeviceOutput) Base32StringSeed

func (o VirtualMfaDeviceOutput) Base32StringSeed() pulumi.StringOutput

The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded.

func (VirtualMfaDeviceOutput) ElementType

func (VirtualMfaDeviceOutput) ElementType() reflect.Type

func (VirtualMfaDeviceOutput) EnableDate

The date and time when the virtual MFA device was enabled.

func (VirtualMfaDeviceOutput) Path

The path for the virtual MFA device.

func (VirtualMfaDeviceOutput) QrCodePng

A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format.

func (VirtualMfaDeviceOutput) Tags

Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

func (VirtualMfaDeviceOutput) TagsAll

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutput

func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutput() VirtualMfaDeviceOutput

func (VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutputWithContext

func (o VirtualMfaDeviceOutput) ToVirtualMfaDeviceOutputWithContext(ctx context.Context) VirtualMfaDeviceOutput

func (VirtualMfaDeviceOutput) UserName

The associated IAM User name if the virtual MFA device is enabled.

func (VirtualMfaDeviceOutput) VirtualMfaDeviceName

func (o VirtualMfaDeviceOutput) VirtualMfaDeviceName() pulumi.StringOutput

The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.

type VirtualMfaDeviceState

type VirtualMfaDeviceState struct {
	// The Amazon Resource Name (ARN) specifying the virtual mfa device.
	Arn pulumi.StringPtrInput
	// The base32 seed defined as specified in [RFC3548](https://tools.ietf.org/html/rfc3548.txt). The `base32StringSeed` is base64-encoded.
	Base32StringSeed pulumi.StringPtrInput
	// The date and time when the virtual MFA device was enabled.
	EnableDate pulumi.StringPtrInput
	// The path for the virtual MFA device.
	Path pulumi.StringPtrInput
	// A QR code PNG image that encodes `otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String` where `$virtualMFADeviceName` is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID), and Base32String is the seed in base32 format.
	QrCodePng pulumi.StringPtrInput
	// Map of resource tags for the virtual mfa device. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
	// The associated IAM User name if the virtual MFA device is enabled.
	UserName pulumi.StringPtrInput
	// The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
	VirtualMfaDeviceName pulumi.StringPtrInput
}

func (VirtualMfaDeviceState) ElementType

func (VirtualMfaDeviceState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL