Docs Home
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi
alicloud.servicemesh.UserPermission
Explore with Pulumi AI
Provides a Service Mesh UserPermission resource.
For information about Service Mesh User Permission and how to use it, see What is User Permission.
NOTE: Available since v1.174.0.
Example Usage
Basic Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.integer;
import com.pulumi.random.IntegerArgs;
import com.pulumi.alicloud.servicemesh.ServicemeshFunctions;
import com.pulumi.alicloud.servicemesh.inputs.GetVersionsArgs;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetZonesArgs;
import com.pulumi.alicloud.vpc.VpcFunctions;
import com.pulumi.alicloud.vpc.inputs.GetNetworksArgs;
import com.pulumi.alicloud.vpc.inputs.GetSwitchesArgs;
import com.pulumi.alicloud.ram.User;
import com.pulumi.alicloud.ram.UserArgs;
import com.pulumi.alicloud.servicemesh.ServiceMesh;
import com.pulumi.alicloud.servicemesh.ServiceMeshArgs;
import com.pulumi.alicloud.servicemesh.inputs.ServiceMeshNetworkArgs;
import com.pulumi.alicloud.servicemesh.inputs.ServiceMeshLoadBalancerArgs;
import com.pulumi.alicloud.servicemesh.UserPermission;
import com.pulumi.alicloud.servicemesh.UserPermissionArgs;
import com.pulumi.alicloud.servicemesh.inputs.UserPermissionPermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("tfexample");
var defaultInteger = new Integer("defaultInteger", IntegerArgs.builder()
.min(10000)
.max(99999)
.build());
final var default = ServicemeshFunctions.getVersions(GetVersionsArgs.builder()
.edition("Default")
.build());
final var defaultGetZones = AlicloudFunctions.getZones(GetZonesArgs.builder()
.availableResourceCreation("VSwitch")
.build());
final var defaultGetNetworks = VpcFunctions.getNetworks(GetNetworksArgs.builder()
.nameRegex("^default-NODELETING$")
.build());
final var defaultGetSwitches = VpcFunctions.getSwitches(GetSwitchesArgs.builder()
.vpcId(defaultGetNetworks.applyValue(getNetworksResult -> getNetworksResult.ids()[0]))
.zoneId(defaultGetZones.applyValue(getZonesResult -> getZonesResult.zones()[0].id()))
.build());
var defaultUser = new User("defaultUser", UserArgs.builder()
.name(name)
.build());
var default1 = new ServiceMesh("default1", ServiceMeshArgs.builder()
.serviceMeshName(String.format("%s-%s", name,defaultInteger.result()))
.edition("Default")
.clusterSpec("standard")
.version(default_.versions()[0].version())
.network(ServiceMeshNetworkArgs.builder()
.vpcId(defaultGetNetworks.applyValue(getNetworksResult -> getNetworksResult.ids()[0]))
.vswitcheLists(defaultGetSwitches.applyValue(getSwitchesResult -> getSwitchesResult.ids()[0]))
.build())
.loadBalancer(ServiceMeshLoadBalancerArgs.builder()
.pilotPublicEip(false)
.apiServerPublicEip(false)
.build())
.build());
var defaultUserPermission = new UserPermission("defaultUserPermission", UserPermissionArgs.builder()
.subAccountUserId(defaultUser.id())
.permissions(UserPermissionPermissionArgs.builder()
.roleName("istio-ops")
.serviceMeshId(default1.id())
.roleType("custom")
.isCustom(true)
.build())
.build());
}
}
configuration:
name:
type: string
default: tfexample
resources:
defaultInteger:
type: random:integer
name: default
properties:
min: 10000
max: 99999
defaultUser:
type: alicloud:ram:User
name: default
properties:
name: ${name}
default1:
type: alicloud:servicemesh:ServiceMesh
properties:
serviceMeshName: ${name}-${defaultInteger.result}
edition: Default
clusterSpec: standard
version: ${default.versions[0].version}
network:
vpcId: ${defaultGetNetworks.ids[0]}
vswitcheLists:
- ${defaultGetSwitches.ids[0]}
loadBalancer:
pilotPublicEip: false
apiServerPublicEip: false
defaultUserPermission:
type: alicloud:servicemesh:UserPermission
name: default
properties:
subAccountUserId: ${defaultUser.id}
permissions:
- roleName: istio-ops
serviceMeshId: ${default1.id}
roleType: custom
isCustom: true
variables:
default:
fn::invoke:
Function: alicloud:servicemesh:getVersions
Arguments:
edition: Default
defaultGetZones:
fn::invoke:
Function: alicloud:getZones
Arguments:
availableResourceCreation: VSwitch
defaultGetNetworks:
fn::invoke:
Function: alicloud:vpc:getNetworks
Arguments:
nameRegex: ^default-NODELETING$
defaultGetSwitches:
fn::invoke:
Function: alicloud:vpc:getSwitches
Arguments:
vpcId: ${defaultGetNetworks.ids[0]}
zoneId: ${defaultGetZones.zones[0].id}
Create UserPermission Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new UserPermission(name: string, args: UserPermissionArgs, opts?: CustomResourceOptions);@overload
def UserPermission(resource_name: str,
args: UserPermissionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def UserPermission(resource_name: str,
opts: Optional[ResourceOptions] = None,
sub_account_user_id: Optional[str] = None,
permissions: Optional[Sequence[UserPermissionPermissionArgs]] = None)func NewUserPermission(ctx *Context, name string, args UserPermissionArgs, opts ...ResourceOption) (*UserPermission, error)public UserPermission(string name, UserPermissionArgs args, CustomResourceOptions? opts = null)
public UserPermission(String name, UserPermissionArgs args)
public UserPermission(String name, UserPermissionArgs args, CustomResourceOptions options)
type: alicloud:servicemesh:UserPermission
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args UserPermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args UserPermissionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args UserPermissionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args UserPermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args UserPermissionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var userPermissionResource = new AliCloud.ServiceMesh.UserPermission("userPermissionResource", new()
{
SubAccountUserId = "string",
Permissions = new[]
{
new AliCloud.ServiceMesh.Inputs.UserPermissionPermissionArgs
{
IsCustom = false,
IsRamRole = false,
RoleName = "string",
RoleType = "string",
ServiceMeshId = "string",
},
},
});
example, err := servicemesh.NewUserPermission(ctx, "userPermissionResource", &servicemesh.UserPermissionArgs{
SubAccountUserId: pulumi.String("string"),
Permissions: servicemesh.UserPermissionPermissionArray{
&servicemesh.UserPermissionPermissionArgs{
IsCustom: pulumi.Bool(false),
IsRamRole: pulumi.Bool(false),
RoleName: pulumi.String("string"),
RoleType: pulumi.String("string"),
ServiceMeshId: pulumi.String("string"),
},
},
})
var userPermissionResource = new UserPermission("userPermissionResource", UserPermissionArgs.builder()
.subAccountUserId("string")
.permissions(UserPermissionPermissionArgs.builder()
.isCustom(false)
.isRamRole(false)
.roleName("string")
.roleType("string")
.serviceMeshId("string")
.build())
.build());
user_permission_resource = alicloud.servicemesh.UserPermission("userPermissionResource",
sub_account_user_id="string",
permissions=[{
"is_custom": False,
"is_ram_role": False,
"role_name": "string",
"role_type": "string",
"service_mesh_id": "string",
}])
const userPermissionResource = new alicloud.servicemesh.UserPermission("userPermissionResource", {
subAccountUserId: "string",
permissions: [{
isCustom: false,
isRamRole: false,
roleName: "string",
roleType: "string",
serviceMeshId: "string",
}],
});
type: alicloud:servicemesh:UserPermission
properties:
permissions:
- isCustom: false
isRamRole: false
roleName: string
roleType: string
serviceMeshId: string
subAccountUserId: string
UserPermission Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The UserPermission resource accepts the following input properties:
- Sub
Account stringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer. - Permissions
List<Pulumi.
Ali Cloud. Service Mesh. Inputs. User Permission Permission> - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow.
- Sub
Account stringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer. - Permissions
[]User
Permission Permission Args - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow.
- sub
Account StringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer. - permissions
List<User
Permission Permission> - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow.
- sub
Account stringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer. - permissions
User
Permission Permission[] - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow.
- sub_
account_ struser_ id - The configuration of the Load Balancer. See the following
Block load_balancer. - permissions
Sequence[User
Permission Permission Args] - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow.
- sub
Account StringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer. - permissions List<Property Map>
- List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow.
Outputs
All input properties are implicitly available as output properties. Additionally, the UserPermission resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing UserPermission Resource
Get an existing UserPermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: UserPermissionState, opts?: CustomResourceOptions): UserPermission@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
permissions: Optional[Sequence[UserPermissionPermissionArgs]] = None,
sub_account_user_id: Optional[str] = None) -> UserPermissionfunc GetUserPermission(ctx *Context, name string, id IDInput, state *UserPermissionState, opts ...ResourceOption) (*UserPermission, error)public static UserPermission Get(string name, Input<string> id, UserPermissionState? state, CustomResourceOptions? opts = null)public static UserPermission get(String name, Output<String> id, UserPermissionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Permissions
List<Pulumi.
Ali Cloud. Service Mesh. Inputs. User Permission Permission> - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow. - Sub
Account stringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer.
- Permissions
[]User
Permission Permission Args - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow. - Sub
Account stringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer.
- permissions
List<User
Permission Permission> - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow. - sub
Account StringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer.
- permissions
User
Permission Permission[] - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow. - sub
Account stringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer.
- permissions
Sequence[User
Permission Permission Args] - List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow. - sub_
account_ struser_ id - The configuration of the Load Balancer. See the following
Block load_balancer.
- permissions List<Property Map>
- List of permissions. Warning: The list requires the full amount of permission information to be passed. Adding permissions means adding items to the list, and deleting them or inputting nothing means removing items. See
permissionsbelow. - sub
Account StringUser Id - The configuration of the Load Balancer. See the following
Block load_balancer.
Supporting Types
UserPermissionPermission, UserPermissionPermissionArgs
- Is
Custom bool - Whether the grant object is a RAM role.
- Is
Ram boolRole - Whether the grant object is an entity.
- Role
Name string - The permission name. Valid values:
istio-admin,istio-ops,istio-readonly.istio-admin: The administrator.istio-ops: The administrator of the service mesh resource.istio-readonly: The read only permission.
- Role
Type string - The role type. Valid Value:
custom. - Service
Mesh stringId - The service mesh id.
- Is
Custom bool - Whether the grant object is a RAM role.
- Is
Ram boolRole - Whether the grant object is an entity.
- Role
Name string - The permission name. Valid values:
istio-admin,istio-ops,istio-readonly.istio-admin: The administrator.istio-ops: The administrator of the service mesh resource.istio-readonly: The read only permission.
- Role
Type string - The role type. Valid Value:
custom. - Service
Mesh stringId - The service mesh id.
- is
Custom Boolean - Whether the grant object is a RAM role.
- is
Ram BooleanRole - Whether the grant object is an entity.
- role
Name String - The permission name. Valid values:
istio-admin,istio-ops,istio-readonly.istio-admin: The administrator.istio-ops: The administrator of the service mesh resource.istio-readonly: The read only permission.
- role
Type String - The role type. Valid Value:
custom. - service
Mesh StringId - The service mesh id.
- is
Custom boolean - Whether the grant object is a RAM role.
- is
Ram booleanRole - Whether the grant object is an entity.
- role
Name string - The permission name. Valid values:
istio-admin,istio-ops,istio-readonly.istio-admin: The administrator.istio-ops: The administrator of the service mesh resource.istio-readonly: The read only permission.
- role
Type string - The role type. Valid Value:
custom. - service
Mesh stringId - The service mesh id.
- is_
custom bool - Whether the grant object is a RAM role.
- is_
ram_ boolrole - Whether the grant object is an entity.
- role_
name str - The permission name. Valid values:
istio-admin,istio-ops,istio-readonly.istio-admin: The administrator.istio-ops: The administrator of the service mesh resource.istio-readonly: The read only permission.
- role_
type str - The role type. Valid Value:
custom. - service_
mesh_ strid - The service mesh id.
- is
Custom Boolean - Whether the grant object is a RAM role.
- is
Ram BooleanRole - Whether the grant object is an entity.
- role
Name String - The permission name. Valid values:
istio-admin,istio-ops,istio-readonly.istio-admin: The administrator.istio-ops: The administrator of the service mesh resource.istio-readonly: The read only permission.
- role
Type String - The role type. Valid Value:
custom. - service
Mesh StringId - The service mesh id.
Import
Service Mesh User Permission can be imported using the id, e.g.
$ pulumi import alicloud:servicemesh/userPermission:UserPermission example <id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.