iam

package
v0.14.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 3, 2018 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessKey 

type AccessKey struct {
	// contains filtered or unexported fields
}

Provides an IAM access key. This is a set of credentials that allow API requests to be made as an IAM user.

func GetAccessKey 

func GetAccessKey(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AccessKeyState, opts ...pulumi.ResourceOpt) (*AccessKey, error)

GetAccessKey gets an existing AccessKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessKey 

func NewAccessKey(ctx *pulumi.Context,
	name string, args *AccessKeyArgs, opts ...pulumi.ResourceOpt) (*AccessKey, error)

NewAccessKey registers a new resource with the given unique name, arguments, and options.

func (*AccessKey) EncryptedSecret 

func (r *AccessKey) EncryptedSecret() *pulumi.StringOutput

The encrypted secret, base64 encoded. ~> **NOTE:** The encrypted secret may be decrypted using the command line, for example: `terraform output encrypted_secret | base64 --decode | keybase pgp decrypt`.

func (*AccessKey) ID 

func (r *AccessKey) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*AccessKey) KeyFingerprint 

func (r *AccessKey) KeyFingerprint() *pulumi.StringOutput

The fingerprint of the PGP key used to encrypt the secret

func (*AccessKey) PgpKey 

func (r *AccessKey) PgpKey() *pulumi.StringOutput

Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:some_person_that_exists`.

func (*AccessKey) Secret 

func (r *AccessKey) Secret() *pulumi.StringOutput

The secret access key. Note that this will be written to the state file. Please supply a `pgp_key` instead, which will prevent the secret from being stored in plain text

func (*AccessKey) SesSmtpPassword 

func (r *AccessKey) SesSmtpPassword() *pulumi.StringOutput

The secret access key converted into an SES SMTP password by applying [AWS's documented conversion algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert).

func (*AccessKey) Status 

func (r *AccessKey) Status() *pulumi.StringOutput

"Active" or "Inactive". Keys are initially active, but can be made inactive by other means.

func (*AccessKey) URN 

func (r *AccessKey) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*AccessKey) User 

func (r *AccessKey) User() *pulumi.StringOutput

The IAM user to associate with this access key.

type AccessKeyArgs 

type AccessKeyArgs struct {
	// Either a base-64 encoded PGP public key, or a
	// keybase username in the form `keybase:some_person_that_exists`.
	PgpKey interface{}
	// The IAM user to associate with this access key.
	User interface{}
}

The set of arguments for constructing a AccessKey resource.

type AccessKeyState 

type AccessKeyState struct {
	// The encrypted secret, base64 encoded.
	// ~> **NOTE:** The encrypted secret may be decrypted using the command line,
	// for example: `terraform output encrypted_secret | base64 --decode | keybase pgp decrypt`.
	EncryptedSecret interface{}
	// The fingerprint of the PGP key used to encrypt
	// the secret
	KeyFingerprint interface{}
	// Either a base-64 encoded PGP public key, or a
	// keybase username in the form `keybase:some_person_that_exists`.
	PgpKey interface{}
	// The secret access key. Note that this will be written
	// to the state file. Please supply a `pgp_key` instead, which will prevent the
	// secret from being stored in plain text
	Secret interface{}
	// The secret access key converted into an SES SMTP
	// password by applying [AWS's documented conversion
	// algorithm](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html#smtp-credentials-convert).
	SesSmtpPassword interface{}
	// "Active" or "Inactive". Keys are initially active, but can be made
	// inactive by other means.
	Status interface{}
	// The IAM user to associate with this access key.
	User interface{}
}

Input properties used for looking up and filtering AccessKey resources.

type AccountAlias 

type AccountAlias struct {
	// contains filtered or unexported fields
}

-> **Note:** There is only a single account alias per AWS account.

Manages the account alias for the AWS Account.

func GetAccountAlias 

func GetAccountAlias(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AccountAliasState, opts ...pulumi.ResourceOpt) (*AccountAlias, error)

GetAccountAlias gets an existing AccountAlias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountAlias 

func NewAccountAlias(ctx *pulumi.Context,
	name string, args *AccountAliasArgs, opts ...pulumi.ResourceOpt) (*AccountAlias, error)

NewAccountAlias registers a new resource with the given unique name, arguments, and options.

func (*AccountAlias) AccountAlias 

func (r *AccountAlias) AccountAlias() *pulumi.StringOutput

The account alias

func (*AccountAlias) ID 

func (r *AccountAlias) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*AccountAlias) URN 

func (r *AccountAlias) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AccountAliasArgs 

type AccountAliasArgs struct {
	// The account alias
	AccountAlias interface{}
}

The set of arguments for constructing a AccountAlias resource.

type AccountAliasState 

type AccountAliasState struct {
	// The account alias
	AccountAlias interface{}
}

Input properties used for looking up and filtering AccountAlias resources.

type AccountPasswordPolicy 

type AccountPasswordPolicy struct {
	// contains filtered or unexported fields
}

-> **Note:** There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.

Manages Password Policy for the AWS Account. See more about [Account Password Policy](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html) in the official AWS docs.

func GetAccountPasswordPolicy 

func GetAccountPasswordPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AccountPasswordPolicyState, opts ...pulumi.ResourceOpt) (*AccountPasswordPolicy, error)

GetAccountPasswordPolicy gets an existing AccountPasswordPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccountPasswordPolicy 

func NewAccountPasswordPolicy(ctx *pulumi.Context,
	name string, args *AccountPasswordPolicyArgs, opts ...pulumi.ResourceOpt) (*AccountPasswordPolicy, error)

NewAccountPasswordPolicy registers a new resource with the given unique name, arguments, and options.

func (*AccountPasswordPolicy) AllowUsersToChangePassword 

func (r *AccountPasswordPolicy) AllowUsersToChangePassword() *pulumi.BoolOutput

Whether to allow users to change their own password

func (*AccountPasswordPolicy) ExpirePasswords 

func (r *AccountPasswordPolicy) ExpirePasswords() *pulumi.BoolOutput

Indicates whether passwords in the account expire. Returns `true` if `max_password_age` contains a value greater than `0`. Returns `false` if it is `0` or _not present_.

func (*AccountPasswordPolicy) HardExpiry 

func (r *AccountPasswordPolicy) HardExpiry() *pulumi.BoolOutput

Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset)

func (*AccountPasswordPolicy) ID 

func (r *AccountPasswordPolicy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*AccountPasswordPolicy) MaxPasswordAge 

func (r *AccountPasswordPolicy) MaxPasswordAge() *pulumi.IntOutput

The number of days that an user password is valid.

func (*AccountPasswordPolicy) MinimumPasswordLength 

func (r *AccountPasswordPolicy) MinimumPasswordLength() *pulumi.IntOutput

Minimum length to require for user passwords.

func (*AccountPasswordPolicy) PasswordReusePrevention 

func (r *AccountPasswordPolicy) PasswordReusePrevention() *pulumi.IntOutput

The number of previous passwords that users are prevented from reusing.

func (*AccountPasswordPolicy) RequireLowercaseCharacters 

func (r *AccountPasswordPolicy) RequireLowercaseCharacters() *pulumi.BoolOutput

Whether to require lowercase characters for user passwords.

func (*AccountPasswordPolicy) RequireNumbers 

func (r *AccountPasswordPolicy) RequireNumbers() *pulumi.BoolOutput

Whether to require numbers for user passwords.

func (*AccountPasswordPolicy) RequireSymbols 

func (r *AccountPasswordPolicy) RequireSymbols() *pulumi.BoolOutput

Whether to require symbols for user passwords.

func (*AccountPasswordPolicy) RequireUppercaseCharacters 

func (r *AccountPasswordPolicy) RequireUppercaseCharacters() *pulumi.BoolOutput

Whether to require uppercase characters for user passwords.

func (*AccountPasswordPolicy) URN 

func (r *AccountPasswordPolicy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type AccountPasswordPolicyArgs 

type AccountPasswordPolicyArgs struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword interface{}
	// Whether users are prevented from setting a new password after their password has expired
	// (i.e. require administrator reset)
	HardExpiry interface{}
	// The number of days that an user password is valid.
	MaxPasswordAge interface{}
	// Minimum length to require for user passwords.
	MinimumPasswordLength interface{}
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention interface{}
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters interface{}
	// Whether to require numbers for user passwords.
	RequireNumbers interface{}
	// Whether to require symbols for user passwords.
	RequireSymbols interface{}
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters interface{}
}

The set of arguments for constructing a AccountPasswordPolicy resource.

type AccountPasswordPolicyState 

type AccountPasswordPolicyState struct {
	// Whether to allow users to change their own password
	AllowUsersToChangePassword interface{}
	// Indicates whether passwords in the account expire.
	// Returns `true` if `max_password_age` contains a value greater than `0`.
	// Returns `false` if it is `0` or _not present_.
	ExpirePasswords interface{}
	// Whether users are prevented from setting a new password after their password has expired
	// (i.e. require administrator reset)
	HardExpiry interface{}
	// The number of days that an user password is valid.
	MaxPasswordAge interface{}
	// Minimum length to require for user passwords.
	MinimumPasswordLength interface{}
	// The number of previous passwords that users are prevented from reusing.
	PasswordReusePrevention interface{}
	// Whether to require lowercase characters for user passwords.
	RequireLowercaseCharacters interface{}
	// Whether to require numbers for user passwords.
	RequireNumbers interface{}
	// Whether to require symbols for user passwords.
	RequireSymbols interface{}
	// Whether to require uppercase characters for user passwords.
	RequireUppercaseCharacters interface{}
}

Input properties used for looking up and filtering AccountPasswordPolicy resources.

type GetAccountAliasResult 

type GetAccountAliasResult struct {
	// The alias associated with the AWS account.
	AccountAlias interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getAccountAlias.

func LookupAccountAlias 

func LookupAccountAlias(ctx *pulumi.Context) (*GetAccountAliasResult, error)

The IAM Account Alias data source allows access to the account alias for the effective account in which Terraform is working.

type GetGroupArgs 

type GetGroupArgs struct {
	// The friendly IAM group name to match.
	GroupName interface{}
}

A collection of arguments for invoking getGroup.

type GetGroupResult 

type GetGroupResult struct {
	// The Amazon Resource Name (ARN) specifying the group.
	Arn interface{}
	// The stable and unique string identifying the group.
	GroupId interface{}
	// The path to the group.
	Path interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getGroup.

func LookupGroup 

func LookupGroup(ctx *pulumi.Context, args *GetGroupArgs) (*GetGroupResult, error)

This data source can be used to fetch information about a specific IAM group. By using this data source, you can reference IAM group properties without having to hard code ARNs as input.

type GetInstanceProfileArgs 

type GetInstanceProfileArgs struct {
	// The friendly IAM instance profile name to match.
	Name interface{}
}

A collection of arguments for invoking getInstanceProfile.

type GetInstanceProfileResult 

type GetInstanceProfileResult struct {
	// The Amazon Resource Name (ARN) specifying the instance profile.
	Arn interface{}
	// The string representation of the date the instance profile
	// was created.
	CreateDate interface{}
	// The path to the instance profile.
	Path interface{}
	// The role arn associated with this instance profile.
	RoleArn interface{}
	// The role id associated with this instance profile.
	RoleId interface{}
	// The role name associated with this instance profile.
	RoleName interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getInstanceProfile.

func LookupInstanceProfile 

func LookupInstanceProfile(ctx *pulumi.Context, args *GetInstanceProfileArgs) (*GetInstanceProfileResult, error)

This data source can be used to fetch information about a specific IAM instance profile. By using this data source, you can reference IAM instance profile properties without having to hard code ARNs as input.

type GetPolicyArgs 

type GetPolicyArgs struct {
	// ARN of the IAM policy.
	Arn interface{}
}

A collection of arguments for invoking getPolicy.

type GetPolicyDocumentArgs 

type GetPolicyDocumentArgs struct {
	// An IAM policy document to import and override the
	// current policy document.  Statements with non-blank `sid`s in the override
	// document will overwrite statements with the same `sid` in the current document.
	// Statements without an `sid` cannot be overwritten.
	OverrideJson interface{}
	// An ID for the policy document.
	PolicyId interface{}
	// An IAM policy document to import as a base for the
	// current policy document.  Statements with non-blank `sid`s in the current
	// policy document will overwrite statements with the same `sid` in the source
	// json.  Statements without an `sid` cannot be overwritten.
	SourceJson interface{}
	// A nested configuration block (described below)
	// configuring one *statement* to be included in the policy document.
	Statements interface{}
}

A collection of arguments for invoking getPolicyDocument.

type GetPolicyDocumentResult 

type GetPolicyDocumentResult struct {
	// The above arguments serialized as a standard JSON policy document.
	Json interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getPolicyDocument.

func LookupPolicyDocument 

func LookupPolicyDocument(ctx *pulumi.Context, args *GetPolicyDocumentArgs) (*GetPolicyDocumentResult, error)

Generates an IAM policy document in JSON format.

This is a data source which can be used to construct a JSON representation of an IAM policy document, for use with resources which expect policy documents, such as the `aws_iam_policy` resource.

```hcl 

data "aws_iam_policy_document" "example" {
  statement {
    sid = "1"

    actions = [
      "s3:ListAllMyBuckets",
      "s3:GetBucketLocation",
    ]

    resources = [
      "arn:aws:s3:::*",
    ]
  }

  statement {
    actions = [
      "s3:ListBucket",
    ]

    resources = [
      "arn:aws:s3:::${var.s3_bucket_name}",
    ]

    condition {
      test     = "StringLike"
      variable = "s3:prefix"

      values = [
        "",
        "home/",
        "home/&{aws:username}/",
      ]
    }
  }

  statement {
    actions = [
      "s3:*",
    ]

    resources = [
      "arn:aws:s3:::${var.s3_bucket_name}/home/&{aws:username}",
      "arn:aws:s3:::${var.s3_bucket_name}/home/&{aws:username}/*",
    ]
  }
}

resource "aws_iam_policy" "example" {
  name   = "example_policy"
  path   = "/"
  policy = "${data.aws_iam_policy_document.example.json}"
}

```

Using this data source to generate policy documents is *optional*. It is also valid to use literal JSON strings within your configuration, or to use the `file` interpolation function to read a raw JSON policy document from a file.

type GetPolicyResult 

type GetPolicyResult struct {
	// The description of the policy.
	Description interface{}
	// The name of the IAM policy.
	Name interface{}
	// The path to the policy.
	Path interface{}
	// The policy document of the policy.
	Policy interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getPolicy.

func LookupPolicy 

func LookupPolicy(ctx *pulumi.Context, args *GetPolicyArgs) (*GetPolicyResult, error)

This data source can be used to fetch information about a specific IAM policy.

type GetRoleArgs 

type GetRoleArgs struct {
	// The friendly IAM role name to match.
	Name     interface{}
	RoleName interface{}
}

A collection of arguments for invoking getRole.

type GetRoleResult 

type GetRoleResult struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn interface{}
	// The policy document associated with the role.
	AssumeRolePolicy         interface{}
	AssumeRolePolicyDocument interface{}
	CreateDate               interface{}
	Description              interface{}
	MaxSessionDuration       interface{}
	// The path to the role.
	Path   interface{}
	RoleId interface{}
	// The stable and unique string identifying the role.
	UniqueId interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getRole.

func LookupRole 

func LookupRole(ctx *pulumi.Context, args *GetRoleArgs) (*GetRoleResult, error)

This data source can be used to fetch information about a specific IAM role. By using this data source, you can reference IAM role properties without having to hard code ARNs as input.

type GetServerCertificateArgs 

type GetServerCertificateArgs struct {
	// sort results by expiration date. returns the certificate with expiration date in furthest in the future.
	Latest interface{}
	// exact name of the cert to lookup
	Name interface{}
	// prefix of cert to filter by
	NamePrefix interface{}
	// prefix of path to filter by
	PathPrefix interface{}
}

A collection of arguments for invoking getServerCertificate.

type GetServerCertificateResult 

type GetServerCertificateResult struct {
	Arn              interface{}
	CertificateBody  interface{}
	CertificateChain interface{}
	ExpirationDate   interface{}
	Name             interface{}
	Path             interface{}
	UploadDate       interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getServerCertificate.

func LookupServerCertificate 

func LookupServerCertificate(ctx *pulumi.Context, args *GetServerCertificateArgs) (*GetServerCertificateResult, error)

Use this data source to lookup information about IAM Server Certificates.

type GetUserArgs 

type GetUserArgs struct {
	// The friendly IAM user name to match.
	UserName interface{}
}

A collection of arguments for invoking getUser.

type GetUserResult 

type GetUserResult struct {
	// The Amazon Resource Name (ARN) assigned by AWS for this user.
	Arn interface{}
	// Path in which this user was created.
	Path interface{}
	// The unique ID assigned by AWS for this user.
	UserId interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getUser.

func LookupUser 

func LookupUser(ctx *pulumi.Context, args *GetUserArgs) (*GetUserResult, error)

This data source can be used to fetch information about a specific IAM user. By using this data source, you can reference IAM user properties without having to hard code ARNs or unique IDs as input.

type Group 

type Group struct {
	// contains filtered or unexported fields
}

Provides an IAM group.

func GetGroup 

func GetGroup(ctx *pulumi.Context,
	name string, id pulumi.ID, state *GroupState, opts ...pulumi.ResourceOpt) (*Group, error)

GetGroup gets an existing Group resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroup 

func NewGroup(ctx *pulumi.Context,
	name string, args *GroupArgs, opts ...pulumi.ResourceOpt) (*Group, error)

NewGroup registers a new resource with the given unique name, arguments, and options.

func (*Group) Arn 

func (r *Group) Arn() *pulumi.StringOutput

The ARN assigned by AWS for this group.

func (*Group) ID 

func (r *Group) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Group) Name 

func (r *Group) Name() *pulumi.StringOutput

The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".

func (*Group) Path 

func (r *Group) Path() *pulumi.StringOutput

Path in which to create the group.

func (*Group) URN 

func (r *Group) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*Group) UniqueId 

func (r *Group) UniqueId() *pulumi.StringOutput

The [unique ID][1] assigned by AWS.

type GroupArgs 

type GroupArgs struct {
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name interface{}
	// Path in which to create the group.
	Path interface{}
}

The set of arguments for constructing a Group resource.

type GroupMembership 

type GroupMembership struct {
	// contains filtered or unexported fields
}

~> **WARNING:** Multiple aws_iam_group_membership resources with the same group name will produce inconsistent behavior!

Provides a top level resource to manage IAM Group membership for IAM Users. For more information on managing IAM Groups or IAM Users, see [IAM Groups][1] or [IAM Users][2]

~> **Note:** `aws_iam_group_membership` will conflict with itself if used more than once with the same group. To non-exclusively manage the users in a group, see the [`aws_iam_user_group_membership` resource][3].

func GetGroupMembership 

func GetGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.ID, state *GroupMembershipState, opts ...pulumi.ResourceOpt) (*GroupMembership, error)

GetGroupMembership gets an existing GroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupMembership 

func NewGroupMembership(ctx *pulumi.Context,
	name string, args *GroupMembershipArgs, opts ...pulumi.ResourceOpt) (*GroupMembership, error)

NewGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*GroupMembership) Group 

func (r *GroupMembership) Group() *pulumi.StringOutput

The IAM Group name to attach the list of `users` to

func (*GroupMembership) ID 

func (r *GroupMembership) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*GroupMembership) Name 

func (r *GroupMembership) Name() *pulumi.StringOutput

The name to identify the Group Membership

func (*GroupMembership) URN 

func (r *GroupMembership) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*GroupMembership) Users 

func (r *GroupMembership) Users() *pulumi.ArrayOutput

A list of IAM User names to associate with the Group

type GroupMembershipArgs 

type GroupMembershipArgs struct {
	// The IAM Group name to attach the list of `users` to
	Group interface{}
	// The name to identify the Group Membership
	Name interface{}
	// A list of IAM User names to associate with the Group
	Users interface{}
}

The set of arguments for constructing a GroupMembership resource.

type GroupMembershipState 

type GroupMembershipState struct {
	// The IAM Group name to attach the list of `users` to
	Group interface{}
	// The name to identify the Group Membership
	Name interface{}
	// A list of IAM User names to associate with the Group
	Users interface{}
}

Input properties used for looking up and filtering GroupMembership resources.

type GroupPolicy 

type GroupPolicy struct {
	// contains filtered or unexported fields
}

Provides an IAM policy attached to a group.

func GetGroupPolicy 

func GetGroupPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *GroupPolicyState, opts ...pulumi.ResourceOpt) (*GroupPolicy, error)

GetGroupPolicy gets an existing GroupPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicy 

func NewGroupPolicy(ctx *pulumi.Context,
	name string, args *GroupPolicyArgs, opts ...pulumi.ResourceOpt) (*GroupPolicy, error)

NewGroupPolicy registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicy) Group 

func (r *GroupPolicy) Group() *pulumi.StringOutput

The IAM group to attach to the policy.

func (*GroupPolicy) ID 

func (r *GroupPolicy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*GroupPolicy) Name 

func (r *GroupPolicy) Name() *pulumi.StringOutput

The name of the policy. If omitted, Terraform will assign a random, unique name.

func (*GroupPolicy) NamePrefix 

func (r *GroupPolicy) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*GroupPolicy) Policy 

func (r *GroupPolicy) Policy() *pulumi.StringOutput

The policy document. This is a JSON formatted string. The heredoc syntax or `file` function is helpful here.

func (*GroupPolicy) URN 

func (r *GroupPolicy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type GroupPolicyArgs 

type GroupPolicyArgs struct {
	// The IAM group to attach to the policy.
	Group interface{}
	// The name of the policy. If omitted, Terraform will
	// assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax or `file` function is helpful here.
	Policy interface{}
}

The set of arguments for constructing a GroupPolicy resource.

type GroupPolicyAttachment 

type GroupPolicyAttachment struct {
	// contains filtered or unexported fields
}

Attaches a Managed IAM Policy to an IAM group

func GetGroupPolicyAttachment 

func GetGroupPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.ID, state *GroupPolicyAttachmentState, opts ...pulumi.ResourceOpt) (*GroupPolicyAttachment, error)

GetGroupPolicyAttachment gets an existing GroupPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewGroupPolicyAttachment 

func NewGroupPolicyAttachment(ctx *pulumi.Context,
	name string, args *GroupPolicyAttachmentArgs, opts ...pulumi.ResourceOpt) (*GroupPolicyAttachment, error)

NewGroupPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*GroupPolicyAttachment) Group 

func (r *GroupPolicyAttachment) Group() *pulumi.StringOutput

The group the policy should be applied to

func (*GroupPolicyAttachment) ID 

func (r *GroupPolicyAttachment) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*GroupPolicyAttachment) PolicyArn 

func (r *GroupPolicyAttachment) PolicyArn() *pulumi.StringOutput

The ARN of the policy you want to apply

func (*GroupPolicyAttachment) URN 

func (r *GroupPolicyAttachment) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type GroupPolicyAttachmentArgs 

type GroupPolicyAttachmentArgs struct {
	// The group the policy should be applied to
	Group interface{}
	// The ARN of the policy you want to apply
	PolicyArn interface{}
}

The set of arguments for constructing a GroupPolicyAttachment resource.

type GroupPolicyAttachmentState 

type GroupPolicyAttachmentState struct {
	// The group the policy should be applied to
	Group interface{}
	// The ARN of the policy you want to apply
	PolicyArn interface{}
}

Input properties used for looking up and filtering GroupPolicyAttachment resources.

type GroupPolicyState 

type GroupPolicyState struct {
	// The IAM group to attach to the policy.
	Group interface{}
	// The name of the policy. If omitted, Terraform will
	// assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax or `file` function is helpful here.
	Policy interface{}
}

Input properties used for looking up and filtering GroupPolicy resources.

type GroupState 

type GroupState struct {
	// The ARN assigned by AWS for this group.
	Arn interface{}
	// The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins".
	Name interface{}
	// Path in which to create the group.
	Path interface{}
	// The [unique ID][1] assigned by AWS.
	UniqueId interface{}
}

Input properties used for looking up and filtering Group resources.

type InstanceProfile 

type InstanceProfile struct {
	// contains filtered or unexported fields
}

Provides an IAM instance profile.

~> **NOTE:** Either `role` or `roles` (**deprecated**) must be specified.

func GetInstanceProfile 

func GetInstanceProfile(ctx *pulumi.Context,
	name string, id pulumi.ID, state *InstanceProfileState, opts ...pulumi.ResourceOpt) (*InstanceProfile, error)

GetInstanceProfile gets an existing InstanceProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstanceProfile 

func NewInstanceProfile(ctx *pulumi.Context,
	name string, args *InstanceProfileArgs, opts ...pulumi.ResourceOpt) (*InstanceProfile, error)

NewInstanceProfile registers a new resource with the given unique name, arguments, and options.

func (*InstanceProfile) Arn 

func (r *InstanceProfile) Arn() *pulumi.StringOutput

The ARN assigned by AWS to the instance profile.

func (*InstanceProfile) CreateDate 

func (r *InstanceProfile) CreateDate() *pulumi.StringOutput

The creation timestamp of the instance profile.

func (*InstanceProfile) ID 

func (r *InstanceProfile) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*InstanceProfile) Name 

func (r *InstanceProfile) Name() *pulumi.StringOutput

The profile's name. If omitted, Terraform will assign a random, unique name.

func (*InstanceProfile) NamePrefix 

func (r *InstanceProfile) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*InstanceProfile) Path 

func (r *InstanceProfile) Path() *pulumi.StringOutput

Path in which to create the profile.

func (*InstanceProfile) Role 

func (r *InstanceProfile) Role() *pulumi.StringOutput

The role name to include in the profile.

func (*InstanceProfile) Roles 

func (r *InstanceProfile) Roles() *pulumi.ArrayOutput

A list of role names to include in the profile. The current default is 1. If you see an error message similar to `Cannot exceed quota for InstanceSessionsPerInstanceProfile: 1`, then you must contact AWS support and ask for a limit increase. WARNING: This is deprecated since [version 0.9.3 (April 12, 2017)](https://github.com/hashicorp/terraform/blob/master/CHANGELOG.md#093-april-12-2017), as >= 2 roles are not possible. See [issue #11575](https://github.com/hashicorp/terraform/issues/11575).

func (*InstanceProfile) URN 

func (r *InstanceProfile) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*InstanceProfile) UniqueId 

func (r *InstanceProfile) UniqueId() *pulumi.StringOutput

The [unique ID][1] assigned by AWS.

type InstanceProfileArgs 

type InstanceProfileArgs struct {
	// The profile's name. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// Path in which to create the profile.
	Path interface{}
	// The role name to include in the profile.
	Role interface{}
	//
	// A list of role names to include in the profile.  The current default is 1.  If you see an error message similar to `Cannot exceed quota for InstanceSessionsPerInstanceProfile: 1`, then you must contact AWS support and ask for a limit increase.
	// WARNING: This is deprecated since [version 0.9.3 (April 12, 2017)](https://github.com/hashicorp/terraform/blob/master/CHANGELOG.md#093-april-12-2017), as >= 2 roles are not possible. See [issue #11575](https://github.com/hashicorp/terraform/issues/11575).
	Roles interface{}
}

The set of arguments for constructing a InstanceProfile resource.

type InstanceProfileState 

type InstanceProfileState struct {
	// The ARN assigned by AWS to the instance profile.
	Arn interface{}
	// The creation timestamp of the instance profile.
	CreateDate interface{}
	// The profile's name. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// Path in which to create the profile.
	Path interface{}
	// The role name to include in the profile.
	Role interface{}
	//
	// A list of role names to include in the profile.  The current default is 1.  If you see an error message similar to `Cannot exceed quota for InstanceSessionsPerInstanceProfile: 1`, then you must contact AWS support and ask for a limit increase.
	// WARNING: This is deprecated since [version 0.9.3 (April 12, 2017)](https://github.com/hashicorp/terraform/blob/master/CHANGELOG.md#093-april-12-2017), as >= 2 roles are not possible. See [issue #11575](https://github.com/hashicorp/terraform/issues/11575).
	Roles interface{}
	// The [unique ID][1] assigned by AWS.
	UniqueId interface{}
}

Input properties used for looking up and filtering InstanceProfile resources.

type OpenIdConnectProvider 

type OpenIdConnectProvider struct {
	// contains filtered or unexported fields
}

Provides an IAM OpenID Connect provider.

func GetOpenIdConnectProvider 

func GetOpenIdConnectProvider(ctx *pulumi.Context,
	name string, id pulumi.ID, state *OpenIdConnectProviderState, opts ...pulumi.ResourceOpt) (*OpenIdConnectProvider, error)

GetOpenIdConnectProvider gets an existing OpenIdConnectProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewOpenIdConnectProvider 

func NewOpenIdConnectProvider(ctx *pulumi.Context,
	name string, args *OpenIdConnectProviderArgs, opts ...pulumi.ResourceOpt) (*OpenIdConnectProvider, error)

NewOpenIdConnectProvider registers a new resource with the given unique name, arguments, and options.

func (*OpenIdConnectProvider) Arn 

func (r *OpenIdConnectProvider) Arn() *pulumi.StringOutput

The ARN assigned by AWS for this provider.

func (*OpenIdConnectProvider) ClientIdLists 

func (r *OpenIdConnectProvider) ClientIdLists() *pulumi.ArrayOutput

A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)

func (*OpenIdConnectProvider) ID 

func (r *OpenIdConnectProvider) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*OpenIdConnectProvider) ThumbprintLists 

func (r *OpenIdConnectProvider) ThumbprintLists() *pulumi.ArrayOutput

A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).

func (*OpenIdConnectProvider) URN 

func (r *OpenIdConnectProvider) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*OpenIdConnectProvider) Url 

func (r *OpenIdConnectProvider) Url() *pulumi.StringOutput

The URL of the identity provider. Corresponds to the _iss_ claim.

type OpenIdConnectProviderArgs 

type OpenIdConnectProviderArgs struct {
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
	ClientIdLists interface{}
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists interface{}
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url interface{}
}

The set of arguments for constructing a OpenIdConnectProvider resource.

type OpenIdConnectProviderState 

type OpenIdConnectProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn interface{}
	// A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.)
	ClientIdLists interface{}
	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s).
	ThumbprintLists interface{}
	// The URL of the identity provider. Corresponds to the _iss_ claim.
	Url interface{}
}

Input properties used for looking up and filtering OpenIdConnectProvider resources.

type Policy 

type Policy struct {
	// contains filtered or unexported fields
}

Provides an IAM policy.

func GetPolicy 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *PolicyState, opts ...pulumi.ResourceOpt) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOpt) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) Arn 

func (r *Policy) Arn() *pulumi.StringOutput

The ARN assigned by AWS to this policy.

func (*Policy) Description 

func (r *Policy) Description() *pulumi.StringOutput

Description of the IAM policy.

func (*Policy) ID 

func (r *Policy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Policy) Name 

func (r *Policy) Name() *pulumi.StringOutput

The name of the policy. If omitted, Terraform will assign a random, unique name.

func (*Policy) NamePrefix 

func (r *Policy) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*Policy) Path 

func (r *Policy) Path() *pulumi.StringOutput

Path in which to create the policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.

func (*Policy) Policy 

func (r *Policy) Policy() *pulumi.StringOutput

The policy document. This is a JSON formatted string. The heredoc syntax, `file` function, or the [`aws_iam_policy_document` data source](/docs/providers/aws/d/iam_policy_document.html) are all helpful here.

func (*Policy) URN 

func (r *Policy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type PolicyArgs 

type PolicyArgs struct {
	// Description of the IAM policy.
	Description interface{}
	// The name of the policy. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax, `file` function, or the [`aws_iam_policy_document` data
	// source](/docs/providers/aws/d/iam_policy_document.html)
	// are all helpful here.
	Policy interface{}
}

The set of arguments for constructing a Policy resource.

type PolicyAttachment 

type PolicyAttachment struct {
	// contains filtered or unexported fields
}

Attaches a Managed IAM Policy to user(s), role(s), and/or group(s)

!> **WARNING:** The aws_iam_policy_attachment resource creates **exclusive** attachments of IAM policies. Across the entire AWS account, all of the users/roles/groups to which a single policy is attached must be declared by a single aws_iam_policy_attachment resource. This means that even any users/roles/groups that have the attached policy via some mechanism other than Terraform will have that attached policy revoked by Terraform. Consider `aws_iam_role_policy_attachment`, `aws_iam_user_policy_attachment`, or `aws_iam_group_policy_attachment` instead. These resources do not enforce exclusive attachment of an IAM policy.

func GetPolicyAttachment 

func GetPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.ID, state *PolicyAttachmentState, opts ...pulumi.ResourceOpt) (*PolicyAttachment, error)

GetPolicyAttachment gets an existing PolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicyAttachment 

func NewPolicyAttachment(ctx *pulumi.Context,
	name string, args *PolicyAttachmentArgs, opts ...pulumi.ResourceOpt) (*PolicyAttachment, error)

NewPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*PolicyAttachment) Groups 

func (r *PolicyAttachment) Groups() *pulumi.ArrayOutput

The group(s) the policy should be applied to

func (*PolicyAttachment) ID 

func (r *PolicyAttachment) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*PolicyAttachment) Name 

func (r *PolicyAttachment) Name() *pulumi.StringOutput

The name of the attachment. This cannot be an empty string.

func (*PolicyAttachment) PolicyArn 

func (r *PolicyAttachment) PolicyArn() *pulumi.StringOutput

The ARN of the policy you want to apply

func (*PolicyAttachment) Roles 

func (r *PolicyAttachment) Roles() *pulumi.ArrayOutput

The role(s) the policy should be applied to

func (*PolicyAttachment) URN 

func (r *PolicyAttachment) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*PolicyAttachment) Users 

func (r *PolicyAttachment) Users() *pulumi.ArrayOutput

The user(s) the policy should be applied to

type PolicyAttachmentArgs 

type PolicyAttachmentArgs struct {
	// The group(s) the policy should be applied to
	Groups interface{}
	// The name of the attachment. This cannot be an empty string.
	Name interface{}
	// The ARN of the policy you want to apply
	PolicyArn interface{}
	// The role(s) the policy should be applied to
	Roles interface{}
	// The user(s) the policy should be applied to
	Users interface{}
}

The set of arguments for constructing a PolicyAttachment resource.

type PolicyAttachmentState 

type PolicyAttachmentState struct {
	// The group(s) the policy should be applied to
	Groups interface{}
	// The name of the attachment. This cannot be an empty string.
	Name interface{}
	// The ARN of the policy you want to apply
	PolicyArn interface{}
	// The role(s) the policy should be applied to
	Roles interface{}
	// The user(s) the policy should be applied to
	Users interface{}
}

Input properties used for looking up and filtering PolicyAttachment resources.

type PolicyState 

type PolicyState struct {
	// The ARN assigned by AWS to this policy.
	Arn interface{}
	// Description of the IAM policy.
	Description interface{}
	// The name of the policy. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// Path in which to create the policy.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax, `file` function, or the [`aws_iam_policy_document` data
	// source](/docs/providers/aws/d/iam_policy_document.html)
	// are all helpful here.
	Policy interface{}
}

Input properties used for looking up and filtering Policy resources.

type Role 

type Role struct {
	// contains filtered or unexported fields
}

Provides an IAM role.

func GetRole 

func GetRole(ctx *pulumi.Context,
	name string, id pulumi.ID, state *RoleState, opts ...pulumi.ResourceOpt) (*Role, error)

GetRole gets an existing Role resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRole 

func NewRole(ctx *pulumi.Context,
	name string, args *RoleArgs, opts ...pulumi.ResourceOpt) (*Role, error)

NewRole registers a new resource with the given unique name, arguments, and options.

func (*Role) Arn 

func (r *Role) Arn() *pulumi.StringOutput

The Amazon Resource Name (ARN) specifying the role.

func (*Role) AssumeRolePolicy 

func (r *Role) AssumeRolePolicy() *pulumi.StringOutput

The policy that grants an entity permission to assume the role.

func (*Role) CreateDate 

func (r *Role) CreateDate() *pulumi.StringOutput

The creation date of the IAM role.

func (*Role) Description 

func (r *Role) Description() *pulumi.StringOutput

The description of the role.

func (*Role) ForceDetachPolicies 

func (r *Role) ForceDetachPolicies() *pulumi.BoolOutput

Specifies to force detaching any policies the role has before destroying it. Defaults to `false`.

func (*Role) ID 

func (r *Role) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Role) MaxSessionDuration 

func (r *Role) MaxSessionDuration() *pulumi.IntOutput

The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.

func (*Role) Name 

func (r *Role) Name() *pulumi.StringOutput

The name of the role. If omitted, Terraform will assign a random, unique name.

func (*Role) NamePrefix 

func (r *Role) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*Role) Path 

func (r *Role) Path() *pulumi.StringOutput

The path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.

func (*Role) URN 

func (r *Role) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*Role) UniqueId 

func (r *Role) UniqueId() *pulumi.StringOutput

The stable and unique string identifying the role.

type RoleArgs 

type RoleArgs struct {
	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicy interface{}
	// The description of the role.
	Description interface{}
	// Specifies to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies interface{}
	// The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration interface{}
	// The name of the role. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The path to the role.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path interface{}
}

The set of arguments for constructing a Role resource.

type RolePolicy 

type RolePolicy struct {
	// contains filtered or unexported fields
}

Provides an IAM role policy.

func GetRolePolicy 

func GetRolePolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *RolePolicyState, opts ...pulumi.ResourceOpt) (*RolePolicy, error)

GetRolePolicy gets an existing RolePolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicy 

func NewRolePolicy(ctx *pulumi.Context,
	name string, args *RolePolicyArgs, opts ...pulumi.ResourceOpt) (*RolePolicy, error)

NewRolePolicy registers a new resource with the given unique name, arguments, and options.

func (*RolePolicy) ID 

func (r *RolePolicy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*RolePolicy) Name 

func (r *RolePolicy) Name() *pulumi.StringOutput

The name of the role policy. If omitted, Terraform will assign a random, unique name.

func (*RolePolicy) NamePrefix 

func (r *RolePolicy) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*RolePolicy) Policy 

func (r *RolePolicy) Policy() *pulumi.StringOutput

The policy document. This is a JSON formatted string. The heredoc syntax or `file` function is helpful here.

func (*RolePolicy) Role 

func (r *RolePolicy) Role() *pulumi.StringOutput

The IAM role to attach to the policy.

func (*RolePolicy) URN 

func (r *RolePolicy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type RolePolicyArgs 

type RolePolicyArgs struct {
	// The name of the role policy. If omitted, Terraform will
	// assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax or `file` function is helpful here.
	Policy interface{}
	// The IAM role to attach to the policy.
	Role interface{}
}

The set of arguments for constructing a RolePolicy resource.

type RolePolicyAttachment 

type RolePolicyAttachment struct {
	// contains filtered or unexported fields
}

Attaches a Managed IAM Policy to an IAM role

func GetRolePolicyAttachment 

func GetRolePolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.ID, state *RolePolicyAttachmentState, opts ...pulumi.ResourceOpt) (*RolePolicyAttachment, error)

GetRolePolicyAttachment gets an existing RolePolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRolePolicyAttachment 

func NewRolePolicyAttachment(ctx *pulumi.Context,
	name string, args *RolePolicyAttachmentArgs, opts ...pulumi.ResourceOpt) (*RolePolicyAttachment, error)

NewRolePolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*RolePolicyAttachment) ID 

func (r *RolePolicyAttachment) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*RolePolicyAttachment) PolicyArn 

func (r *RolePolicyAttachment) PolicyArn() *pulumi.StringOutput

The ARN of the policy you want to apply

func (*RolePolicyAttachment) Role 

func (r *RolePolicyAttachment) Role() *pulumi.StringOutput

The role the policy should be applied to

func (*RolePolicyAttachment) URN 

func (r *RolePolicyAttachment) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type RolePolicyAttachmentArgs 

type RolePolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn interface{}
	// The role the policy should be applied to
	Role interface{}
}

The set of arguments for constructing a RolePolicyAttachment resource.

type RolePolicyAttachmentState 

type RolePolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn interface{}
	// The role the policy should be applied to
	Role interface{}
}

Input properties used for looking up and filtering RolePolicyAttachment resources.

type RolePolicyState 

type RolePolicyState struct {
	// The name of the role policy. If omitted, Terraform will
	// assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax or `file` function is helpful here.
	Policy interface{}
	// The IAM role to attach to the policy.
	Role interface{}
}

Input properties used for looking up and filtering RolePolicy resources.

type RoleState 

type RoleState struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn interface{}
	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicy interface{}
	// The creation date of the IAM role.
	CreateDate interface{}
	// The description of the role.
	Description interface{}
	// Specifies to force detaching any policies the role has before destroying it. Defaults to `false`.
	ForceDetachPolicies interface{}
	// The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	MaxSessionDuration interface{}
	// The name of the role. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The path to the role.
	// See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
	Path interface{}
	// The stable and unique string identifying the role.
	UniqueId interface{}
}

Input properties used for looking up and filtering Role resources.

type SamlProvider 

type SamlProvider struct {
	// contains filtered or unexported fields
}

Provides an IAM SAML provider.

func GetSamlProvider 

func GetSamlProvider(ctx *pulumi.Context,
	name string, id pulumi.ID, state *SamlProviderState, opts ...pulumi.ResourceOpt) (*SamlProvider, error)

GetSamlProvider gets an existing SamlProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSamlProvider 

func NewSamlProvider(ctx *pulumi.Context,
	name string, args *SamlProviderArgs, opts ...pulumi.ResourceOpt) (*SamlProvider, error)

NewSamlProvider registers a new resource with the given unique name, arguments, and options.

func (*SamlProvider) Arn 

func (r *SamlProvider) Arn() *pulumi.StringOutput

The ARN assigned by AWS for this provider.

func (*SamlProvider) ID 

func (r *SamlProvider) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*SamlProvider) Name 

func (r *SamlProvider) Name() *pulumi.StringOutput

The name of the provider to create.

func (*SamlProvider) SamlMetadataDocument 

func (r *SamlProvider) SamlMetadataDocument() *pulumi.StringOutput

An XML document generated by an identity provider that supports SAML 2.0.

func (*SamlProvider) URN 

func (r *SamlProvider) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*SamlProvider) ValidUntil 

func (r *SamlProvider) ValidUntil() *pulumi.StringOutput

The expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.

type SamlProviderArgs 

type SamlProviderArgs struct {
	// The name of the provider to create.
	Name interface{}
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument interface{}
}

The set of arguments for constructing a SamlProvider resource.

type SamlProviderState 

type SamlProviderState struct {
	// The ARN assigned by AWS for this provider.
	Arn interface{}
	// The name of the provider to create.
	Name interface{}
	// An XML document generated by an identity provider that supports SAML 2.0.
	SamlMetadataDocument interface{}
	// The expiration date and time for the SAML provider in RFC1123 format, e.g. `Mon, 02 Jan 2006 15:04:05 MST`.
	ValidUntil interface{}
}

Input properties used for looking up and filtering SamlProvider resources.

type ServerCertificate 

type ServerCertificate struct {
	// contains filtered or unexported fields
}

Provides an IAM Server Certificate resource to upload Server Certificates. Certs uploaded to IAM can easily work with other AWS services such as:

- AWS Elastic Beanstalk - Elastic Load Balancing - CloudFront - AWS OpsWorks

For information about server certificates in IAM, see [Managing Server Certificates][2] in AWS Documentation.

~> **Note:** All arguments including the private key will be stored in the raw state as plain-text. [Read more about sensitive data in state](/docs/state/sensitive-data.html).

func GetServerCertificate 

func GetServerCertificate(ctx *pulumi.Context,
	name string, id pulumi.ID, state *ServerCertificateState, opts ...pulumi.ResourceOpt) (*ServerCertificate, error)

GetServerCertificate gets an existing ServerCertificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServerCertificate 

func NewServerCertificate(ctx *pulumi.Context,
	name string, args *ServerCertificateArgs, opts ...pulumi.ResourceOpt) (*ServerCertificate, error)

NewServerCertificate registers a new resource with the given unique name, arguments, and options.

func (*ServerCertificate) Arn 

func (r *ServerCertificate) Arn() *pulumi.StringOutput

The Amazon Resource Name (ARN) specifying the server certificate.

func (*ServerCertificate) CertificateBody 

func (r *ServerCertificate) CertificateBody() *pulumi.StringOutput

The contents of the public key certificate in PEM-encoded format.

func (*ServerCertificate) CertificateChain 

func (r *ServerCertificate) CertificateChain() *pulumi.StringOutput

The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.

func (*ServerCertificate) ID 

func (r *ServerCertificate) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*ServerCertificate) Name 

func (r *ServerCertificate) Name() *pulumi.StringOutput

The name of the Server Certificate. Do not include the path in this value. If omitted, Terraform will assign a random, unique name.

func (*ServerCertificate) NamePrefix 

func (r *ServerCertificate) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*ServerCertificate) Path 

func (r *ServerCertificate) Path() *pulumi.StringOutput

The IAM path for the server certificate. If it is not included, it defaults to a slash (/). If this certificate is for use with AWS CloudFront, the path must be in format `/cloudfront/your_path_here`. See [IAM Identifiers][1] for more details on IAM Paths.

func (*ServerCertificate) PrivateKey 

func (r *ServerCertificate) PrivateKey() *pulumi.StringOutput

The contents of the private key in PEM-encoded format.

func (*ServerCertificate) URN 

func (r *ServerCertificate) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type ServerCertificateArgs 

type ServerCertificateArgs struct {
	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn interface{}
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody interface{}
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain interface{}
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers][1] for more details on IAM Paths.
	Path interface{}
	// The contents of the private key in PEM-encoded format.
	PrivateKey interface{}
}

The set of arguments for constructing a ServerCertificate resource.

type ServerCertificateState 

type ServerCertificateState struct {
	// The Amazon Resource Name (ARN) specifying the server certificate.
	Arn interface{}
	// The contents of the public key certificate in
	// PEM-encoded format.
	CertificateBody interface{}
	// The contents of the certificate chain.
	// This is typically a concatenation of the PEM-encoded public key certificates
	// of the chain.
	CertificateChain interface{}
	// The name of the Server Certificate. Do not include the
	// path in this value. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified
	// prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The IAM path for the server certificate.  If it is not
	// included, it defaults to a slash (/). If this certificate is for use with
	// AWS CloudFront, the path must be in format `/cloudfront/your_path_here`.
	// See [IAM Identifiers][1] for more details on IAM Paths.
	Path interface{}
	// The contents of the private key in PEM-encoded format.
	PrivateKey interface{}
}

Input properties used for looking up and filtering ServerCertificate resources.

type ServiceLinkedRole 

type ServiceLinkedRole struct {
	// contains filtered or unexported fields
}

Provides an [IAM service-linked role](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).

func GetServiceLinkedRole 

func GetServiceLinkedRole(ctx *pulumi.Context,
	name string, id pulumi.ID, state *ServiceLinkedRoleState, opts ...pulumi.ResourceOpt) (*ServiceLinkedRole, error)

GetServiceLinkedRole gets an existing ServiceLinkedRole resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewServiceLinkedRole 

func NewServiceLinkedRole(ctx *pulumi.Context,
	name string, args *ServiceLinkedRoleArgs, opts ...pulumi.ResourceOpt) (*ServiceLinkedRole, error)

NewServiceLinkedRole registers a new resource with the given unique name, arguments, and options.

func (*ServiceLinkedRole) Arn 

func (r *ServiceLinkedRole) Arn() *pulumi.StringOutput

The Amazon Resource Name (ARN) specifying the role.

func (*ServiceLinkedRole) AwsServiceName 

func (r *ServiceLinkedRole) AwsServiceName() *pulumi.StringOutput

The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).

func (*ServiceLinkedRole) CreateDate 

func (r *ServiceLinkedRole) CreateDate() *pulumi.StringOutput

The creation date of the IAM role.

func (*ServiceLinkedRole) CustomSuffix 

func (r *ServiceLinkedRole) CustomSuffix() *pulumi.StringOutput

Additional string appended to the role name. Not all AWS services support custom suffixes.

func (*ServiceLinkedRole) Description 

func (r *ServiceLinkedRole) Description() *pulumi.StringOutput

The description of the role.

func (*ServiceLinkedRole) ID 

func (r *ServiceLinkedRole) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*ServiceLinkedRole) Name 

func (r *ServiceLinkedRole) Name() *pulumi.StringOutput

The name of the role.

func (*ServiceLinkedRole) Path 

func (r *ServiceLinkedRole) Path() *pulumi.StringOutput

The path of the role.

func (*ServiceLinkedRole) URN 

func (r *ServiceLinkedRole) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*ServiceLinkedRole) UniqueId 

func (r *ServiceLinkedRole) UniqueId() *pulumi.StringOutput

The stable and unique string identifying the role.

type ServiceLinkedRoleArgs 

type ServiceLinkedRoleArgs struct {
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName interface{}
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix interface{}
	// The description of the role.
	Description interface{}
}

The set of arguments for constructing a ServiceLinkedRole resource.

type ServiceLinkedRoleState 

type ServiceLinkedRoleState struct {
	// The Amazon Resource Name (ARN) specifying the role.
	Arn interface{}
	// The AWS service to which this role is attached. You use a string similar to a URL but without the `http://` in front. For example: `elasticbeanstalk.amazonaws.com`. To find the full list of services that support service-linked roles, check [the docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html).
	AwsServiceName interface{}
	// The creation date of the IAM role.
	CreateDate interface{}
	// Additional string appended to the role name. Not all AWS services support custom suffixes.
	CustomSuffix interface{}
	// The description of the role.
	Description interface{}
	// The name of the role.
	Name interface{}
	// The path of the role.
	Path interface{}
	// The stable and unique string identifying the role.
	UniqueId interface{}
}

Input properties used for looking up and filtering ServiceLinkedRole resources.

type SshKey 

type SshKey struct {
	// contains filtered or unexported fields
}

Uploads an SSH public key and associates it with the specified IAM user.

func GetSshKey 

func GetSshKey(ctx *pulumi.Context,
	name string, id pulumi.ID, state *SshKeyState, opts ...pulumi.ResourceOpt) (*SshKey, error)

GetSshKey gets an existing SshKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSshKey 

func NewSshKey(ctx *pulumi.Context,
	name string, args *SshKeyArgs, opts ...pulumi.ResourceOpt) (*SshKey, error)

NewSshKey registers a new resource with the given unique name, arguments, and options.

func (*SshKey) Encoding 

func (r *SshKey) Encoding() *pulumi.StringOutput

Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.

func (*SshKey) Fingerprint 

func (r *SshKey) Fingerprint() *pulumi.StringOutput

The MD5 message digest of the SSH public key.

func (*SshKey) ID 

func (r *SshKey) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*SshKey) PublicKey 

func (r *SshKey) PublicKey() *pulumi.StringOutput

The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.

func (*SshKey) SshPublicKeyId 

func (r *SshKey) SshPublicKeyId() *pulumi.StringOutput

The unique identifier for the SSH public key.

func (*SshKey) Status 

func (r *SshKey) Status() *pulumi.StringOutput

The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.

func (*SshKey) URN 

func (r *SshKey) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*SshKey) Username 

func (r *SshKey) Username() *pulumi.StringOutput

The name of the IAM user to associate the SSH public key with.

type SshKeyArgs 

type SshKeyArgs struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding interface{}
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey interface{}
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status interface{}
	// The name of the IAM user to associate the SSH public key with.
	Username interface{}
}

The set of arguments for constructing a SshKey resource.

type SshKeyState 

type SshKeyState struct {
	// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use `SSH`. To retrieve the public key in PEM format, use `PEM`.
	Encoding interface{}
	// The MD5 message digest of the SSH public key.
	Fingerprint interface{}
	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
	PublicKey interface{}
	// The unique identifier for the SSH public key.
	SshPublicKeyId interface{}
	// The status to assign to the SSH public key. Active means the key can be used for authentication with an AWS CodeCommit repository. Inactive means the key cannot be used. Default is `active`.
	Status interface{}
	// The name of the IAM user to associate the SSH public key with.
	Username interface{}
}

Input properties used for looking up and filtering SshKey resources.

type User 

type User struct {
	// contains filtered or unexported fields
}

Provides an IAM user.

func GetUser 

func GetUser(ctx *pulumi.Context,
	name string, id pulumi.ID, state *UserState, opts ...pulumi.ResourceOpt) (*User, error)

GetUser gets an existing User resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUser 

func NewUser(ctx *pulumi.Context,
	name string, args *UserArgs, opts ...pulumi.ResourceOpt) (*User, error)

NewUser registers a new resource with the given unique name, arguments, and options.

func (*User) Arn 

func (r *User) Arn() *pulumi.StringOutput

The ARN assigned by AWS for this user.

func (*User) ForceDestroy 

func (r *User) ForceDestroy() *pulumi.BoolOutput

When destroying this user, destroy even if it has non-Terraform-managed IAM access keys, login profile or MFA devices. Without `force_destroy` a user with non-Terraform-managed access keys and login profile will fail to be destroyed.

func (*User) ID 

func (r *User) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*User) Name 

func (r *User) Name() *pulumi.StringOutput

The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".

func (*User) Path 

func (r *User) Path() *pulumi.StringOutput

Path in which to create the user.

func (*User) URN 

func (r *User) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*User) UniqueId 

func (r *User) UniqueId() *pulumi.StringOutput

The [unique ID][1] assigned by AWS.

type UserArgs 

type UserArgs struct {
	// When destroying this user, destroy even if it
	// has non-Terraform-managed IAM access keys, login profile or MFA devices. Without `force_destroy`
	// a user with non-Terraform-managed access keys and login profile will fail to be destroyed.
	ForceDestroy interface{}
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name interface{}
	// Path in which to create the user.
	Path interface{}
}

The set of arguments for constructing a User resource.

type UserGroupMembership 

type UserGroupMembership struct {
	// contains filtered or unexported fields
}

Provides a resource for adding an [IAM User][2] to [IAM Groups][1]. This resource can be used multiple times with the same user for non-overlapping groups.

To exclusively manage the users in a group, see the [`aws_iam_group_membership` resource][3].

func GetUserGroupMembership 

func GetUserGroupMembership(ctx *pulumi.Context,
	name string, id pulumi.ID, state *UserGroupMembershipState, opts ...pulumi.ResourceOpt) (*UserGroupMembership, error)

GetUserGroupMembership gets an existing UserGroupMembership resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserGroupMembership 

func NewUserGroupMembership(ctx *pulumi.Context,
	name string, args *UserGroupMembershipArgs, opts ...pulumi.ResourceOpt) (*UserGroupMembership, error)

NewUserGroupMembership registers a new resource with the given unique name, arguments, and options.

func (*UserGroupMembership) Groups 

func (r *UserGroupMembership) Groups() *pulumi.ArrayOutput

A list of [IAM Groups][1] to add the user to

func (*UserGroupMembership) ID 

func (r *UserGroupMembership) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*UserGroupMembership) URN 

func (r *UserGroupMembership) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*UserGroupMembership) User 

func (r *UserGroupMembership) User() *pulumi.StringOutput

The name of the [IAM User][2] to add to groups

type UserGroupMembershipArgs 

type UserGroupMembershipArgs struct {
	// A list of [IAM Groups][1] to add the user to
	Groups interface{}
	// The name of the [IAM User][2] to add to groups
	User interface{}
}

The set of arguments for constructing a UserGroupMembership resource.

type UserGroupMembershipState 

type UserGroupMembershipState struct {
	// A list of [IAM Groups][1] to add the user to
	Groups interface{}
	// The name of the [IAM User][2] to add to groups
	User interface{}
}

Input properties used for looking up and filtering UserGroupMembership resources.

type UserLoginProfile 

type UserLoginProfile struct {
	// contains filtered or unexported fields
}

Provides one-time creation of a IAM user login profile, and uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.

func GetUserLoginProfile 

func GetUserLoginProfile(ctx *pulumi.Context,
	name string, id pulumi.ID, state *UserLoginProfileState, opts ...pulumi.ResourceOpt) (*UserLoginProfile, error)

GetUserLoginProfile gets an existing UserLoginProfile resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserLoginProfile 

func NewUserLoginProfile(ctx *pulumi.Context,
	name string, args *UserLoginProfileArgs, opts ...pulumi.ResourceOpt) (*UserLoginProfile, error)

NewUserLoginProfile registers a new resource with the given unique name, arguments, and options.

func (*UserLoginProfile) EncryptedPassword 

func (r *UserLoginProfile) EncryptedPassword() *pulumi.StringOutput

The encrypted password, base64 encoded.

func (*UserLoginProfile) ID 

func (r *UserLoginProfile) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*UserLoginProfile) KeyFingerprint 

func (r *UserLoginProfile) KeyFingerprint() *pulumi.StringOutput

The fingerprint of the PGP key used to encrypt the password

func (*UserLoginProfile) PasswordLength 

func (r *UserLoginProfile) PasswordLength() *pulumi.IntOutput

The length of the generated password.

func (*UserLoginProfile) PasswordResetRequired 

func (r *UserLoginProfile) PasswordResetRequired() *pulumi.BoolOutput

Whether the user should be forced to reset the generated password on first login.

func (*UserLoginProfile) PgpKey 

func (r *UserLoginProfile) PgpKey() *pulumi.StringOutput

Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`.

func (*UserLoginProfile) URN 

func (r *UserLoginProfile) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*UserLoginProfile) User 

func (r *UserLoginProfile) User() *pulumi.StringOutput

The IAM user's name.

type UserLoginProfileArgs 

type UserLoginProfileArgs struct {
	// The length of the generated
	// password.
	PasswordLength interface{}
	// Whether the
	// user should be forced to reset the generated password on first login.
	PasswordResetRequired interface{}
	// Either a base-64 encoded PGP public key, or a
	// keybase username in the form `keybase:username`.
	PgpKey interface{}
	// The IAM user's name.
	User interface{}
}

The set of arguments for constructing a UserLoginProfile resource.

type UserLoginProfileState 

type UserLoginProfileState struct {
	// The encrypted password, base64 encoded.
	EncryptedPassword interface{}
	// The fingerprint of the PGP key used to encrypt
	// the password
	KeyFingerprint interface{}
	// The length of the generated
	// password.
	PasswordLength interface{}
	// Whether the
	// user should be forced to reset the generated password on first login.
	PasswordResetRequired interface{}
	// Either a base-64 encoded PGP public key, or a
	// keybase username in the form `keybase:username`.
	PgpKey interface{}
	// The IAM user's name.
	User interface{}
}

Input properties used for looking up and filtering UserLoginProfile resources.

type UserPolicy 

type UserPolicy struct {
	// contains filtered or unexported fields
}

Provides an IAM policy attached to a user.

func GetUserPolicy 

func GetUserPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *UserPolicyState, opts ...pulumi.ResourceOpt) (*UserPolicy, error)

GetUserPolicy gets an existing UserPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicy 

func NewUserPolicy(ctx *pulumi.Context,
	name string, args *UserPolicyArgs, opts ...pulumi.ResourceOpt) (*UserPolicy, error)

NewUserPolicy registers a new resource with the given unique name, arguments, and options.

func (*UserPolicy) ID 

func (r *UserPolicy) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*UserPolicy) Name 

func (r *UserPolicy) Name() *pulumi.StringOutput

The name of the policy. If omitted, Terraform will assign a random, unique name.

func (*UserPolicy) NamePrefix 

func (r *UserPolicy) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*UserPolicy) Policy 

func (r *UserPolicy) Policy() *pulumi.StringOutput

The policy document. This is a JSON formatted string. The heredoc syntax or `file` function is helpful here.

func (*UserPolicy) URN 

func (r *UserPolicy) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*UserPolicy) User 

func (r *UserPolicy) User() *pulumi.StringOutput

IAM user to which to attach this policy.

type UserPolicyArgs 

type UserPolicyArgs struct {
	// The name of the policy. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax or `file` function is helpful here.
	Policy interface{}
	// IAM user to which to attach this policy.
	User interface{}
}

The set of arguments for constructing a UserPolicy resource.

type UserPolicyAttachment 

type UserPolicyAttachment struct {
	// contains filtered or unexported fields
}

Attaches a Managed IAM Policy to an IAM user

func GetUserPolicyAttachment 

func GetUserPolicyAttachment(ctx *pulumi.Context,
	name string, id pulumi.ID, state *UserPolicyAttachmentState, opts ...pulumi.ResourceOpt) (*UserPolicyAttachment, error)

GetUserPolicyAttachment gets an existing UserPolicyAttachment resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPolicyAttachment 

func NewUserPolicyAttachment(ctx *pulumi.Context,
	name string, args *UserPolicyAttachmentArgs, opts ...pulumi.ResourceOpt) (*UserPolicyAttachment, error)

NewUserPolicyAttachment registers a new resource with the given unique name, arguments, and options.

func (*UserPolicyAttachment) ID 

func (r *UserPolicyAttachment) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*UserPolicyAttachment) PolicyArn 

func (r *UserPolicyAttachment) PolicyArn() *pulumi.StringOutput

The ARN of the policy you want to apply

func (*UserPolicyAttachment) URN 

func (r *UserPolicyAttachment) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*UserPolicyAttachment) User 

func (r *UserPolicyAttachment) User() *pulumi.StringOutput

The user the policy should be applied to

type UserPolicyAttachmentArgs 

type UserPolicyAttachmentArgs struct {
	// The ARN of the policy you want to apply
	PolicyArn interface{}
	// The user the policy should be applied to
	User interface{}
}

The set of arguments for constructing a UserPolicyAttachment resource.

type UserPolicyAttachmentState 

type UserPolicyAttachmentState struct {
	// The ARN of the policy you want to apply
	PolicyArn interface{}
	// The user the policy should be applied to
	User interface{}
}

Input properties used for looking up and filtering UserPolicyAttachment resources.

type UserPolicyState 

type UserPolicyState struct {
	// The name of the policy. If omitted, Terraform will assign a random, unique name.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// The policy document. This is a JSON formatted string.
	// The heredoc syntax or `file` function is helpful here.
	Policy interface{}
	// IAM user to which to attach this policy.
	User interface{}
}

Input properties used for looking up and filtering UserPolicy resources.

type UserState 

type UserState struct {
	// The ARN assigned by AWS for this user.
	Arn interface{}
	// When destroying this user, destroy even if it
	// has non-Terraform-managed IAM access keys, login profile or MFA devices. Without `force_destroy`
	// a user with non-Terraform-managed access keys and login profile will fail to be destroyed.
	ForceDestroy interface{}
	// The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser".
	Name interface{}
	// Path in which to create the user.
	Path interface{}
	// The [unique ID][1] assigned by AWS.
	UniqueId interface{}
}

Input properties used for looking up and filtering User resources.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.