Docs Home
AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi
aws-iam.GroupWithAssumableRolesPolicy
Explore with Pulumi AI
This resource helps you create an IAM Group with Users who are allowed to assume specified IAM roles.
Example Usage
using Pulumi;
using Pulumi.AwsIam;
using Pulumi.AwsIam.Inputs;
class MyStack : Stack
{
public MyStack()
{
var groupWithAssumableRolePolicy = new GroupWithAssumableRolesPolicy("group-with-assumable-roles-policy", new GroupWithAssumableRolesPolicyArgs
{
Name = "production-readonly",
AssumableRoles = {"arn:aws:iam::835367859855:role/readonly"},
GroupUsers = {"user1", "user2"},
});
this.GroupWithAssumableRolesPolicy = Output.Create<GroupWithAssumableRolesPolicy>(groupWithAssumableRolePolicy);
}
[Output]
public Output<GroupWithAssumableRolesPolicy> GroupWithAssumableRolesPolicy { get; set; }
}
package main
import (
iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
groupWithAssumableRolesPolicy, err := iam.NewGroupWithAssumableRolesPolicy(ctx, "group-with-assumable-roles-policy", &iam.GroupWithAssumableRolesPolicyArgs{
Name: pulumi.String("production-readonly"),
AssumableRoles: pulumi.ToStringArray([]string{"arn:aws:iam::835367859855:role/readonly"}),
GroupUsers: pulumi.ToStringArray([]string{"user1", "user2"}),
})
if err != nil {
return err
}
ctx.Export("groupWithAssumableRolesPolicy", groupWithAssumableRolesPolicy)
return nil
})
}
Coming soon!
import * as iam from "@pulumi/aws-iam";
export const groupWithAssumableRolesPolicy = new iam.GroupWithAssumableRolesPolicy("aws-iam-example-group-with-assumable-roles-policy", {
name: "production-readonly",
assumableRoles: [ "arn:aws:iam::835367859855:role/readonly" ],
groupUsers: [ "user1" ],
});
import pulumi
import pulumi_aws_iam as iam
group_with_assume_roles_policy = iam.GroupWithAssumableRolesPolicy(
'group_with_assume_roles_policy',
name='production-readonly',
assumable_roles=['arn:aws:iam::835367859855:role/readonly'],
group_users=['user1','user2'],
)
pulumi.export('group_with_assume_roles_policy', group_with_assume_roles_policy)
name: awsiam-yaml
runtime: yaml
resources:
groupWithAssumableRolesPolicy:
type: "aws-iam:index:GroupWithAssumableRolesPolicy"
properties:
name: "production-readonly"
assumableRoles:
- "arn:aws:iam::835367859855:role/readonly"
groupUsers:
- "user1"
- "user2"
outputs:
groupWithAssumableRolesPolicy: ${groupWithAssumableRolesPolicy}
Create GroupWithAssumableRolesPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GroupWithAssumableRolesPolicy(name: string, args: GroupWithAssumableRolesPolicyArgs, opts?: ComponentResourceOptions);@overload
def GroupWithAssumableRolesPolicy(resource_name: str,
args: GroupWithAssumableRolesPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GroupWithAssumableRolesPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
assumable_roles: Optional[Sequence[str]] = None,
group_users: Optional[Sequence[str]] = None,
name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)func NewGroupWithAssumableRolesPolicy(ctx *Context, name string, args GroupWithAssumableRolesPolicyArgs, opts ...ResourceOption) (*GroupWithAssumableRolesPolicy, error)public GroupWithAssumableRolesPolicy(string name, GroupWithAssumableRolesPolicyArgs args, ComponentResourceOptions? opts = null)public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args)
public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args, ComponentResourceOptions options)
type: aws-iam:GroupWithAssumableRolesPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. GroupWithAssumableRolesPolicyArgs - The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. GroupWithAssumableRolesPolicyArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. GroupWithAssumableRolesPolicyArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. GroupWithAssumableRolesPolicyArgs - The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. GroupWithAssumableRolesPolicyArgs - The arguments to resource properties.
- options ComponentResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var groupWithAssumableRolesPolicyResource = new AwsIam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", new()
{
AssumableRoles = new[]
{
"string",
},
GroupUsers = new[]
{
"string",
},
Name = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := awsiam.NewGroupWithAssumableRolesPolicy(ctx, "groupWithAssumableRolesPolicyResource", &awsiam.GroupWithAssumableRolesPolicyArgs{
AssumableRoles: pulumi.StringArray{
pulumi.String("string"),
},
GroupUsers: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var groupWithAssumableRolesPolicyResource = new GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", GroupWithAssumableRolesPolicyArgs.builder()
.assumableRoles("string")
.groupUsers("string")
.name("string")
.tags(Map.of("string", "string"))
.build());
group_with_assumable_roles_policy_resource = aws_iam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource",
assumable_roles=["string"],
group_users=["string"],
name="string",
tags={
"string": "string",
})
const groupWithAssumableRolesPolicyResource = new aws_iam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", {
assumableRoles: ["string"],
groupUsers: ["string"],
name: "string",
tags: {
string: "string",
},
});
type: aws-iam:GroupWithAssumableRolesPolicy
properties:
assumableRoles:
- string
groupUsers:
- string
name: string
tags:
string: string
GroupWithAssumableRolesPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The GroupWithAssumableRolesPolicy resource accepts the following input properties:
- Assumable
Roles This property is required. List<string> - List of IAM roles ARNs which can be assumed by the group
- Group
Users This property is required. List<string> - List of IAM users to have in an IAM group which can assume the role
- Name
This property is required. string - Name of IAM policy and IAM group.
- Dictionary<string, string>
- A map of tags to add.
- Assumable
Roles This property is required. []string - List of IAM roles ARNs which can be assumed by the group
- Group
Users This property is required. []string - List of IAM users to have in an IAM group which can assume the role
- Name
This property is required. string - Name of IAM policy and IAM group.
- map[string]string
- A map of tags to add.
- assumable
Roles This property is required. List<String> - List of IAM roles ARNs which can be assumed by the group
- group
Users This property is required. List<String> - List of IAM users to have in an IAM group which can assume the role
- name
This property is required. String - Name of IAM policy and IAM group.
- Map<String,String>
- A map of tags to add.
- assumable
Roles This property is required. string[] - List of IAM roles ARNs which can be assumed by the group
- group
Users This property is required. string[] - List of IAM users to have in an IAM group which can assume the role
- name
This property is required. string - Name of IAM policy and IAM group.
- {[key: string]: string}
- A map of tags to add.
- assumable_
roles This property is required. Sequence[str] - List of IAM roles ARNs which can be assumed by the group
- group_
users This property is required. Sequence[str] - List of IAM users to have in an IAM group which can assume the role
- name
This property is required. str - Name of IAM policy and IAM group.
- Mapping[str, str]
- A map of tags to add.
- assumable
Roles This property is required. List<String> - List of IAM roles ARNs which can be assumed by the group
- group
Users This property is required. List<String> - List of IAM users to have in an IAM group which can assume the role
- name
This property is required. String - Name of IAM policy and IAM group.
- Map<String>
- A map of tags to add.
Outputs
All input properties are implicitly available as output properties. Additionally, the GroupWithAssumableRolesPolicy resource produces the following output properties:
- group_
arn str - IAM group arn.
- group_
name str - IAM group name.
- policy_
arn str - Assume role policy ARN of IAM group
Package Details
- Repository
- aws-iam
- License