1. Packages
  2. AWS IAM
  3. API Docs
  4. GroupWithAssumableRolesPolicy
AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi

aws-iam.GroupWithAssumableRolesPolicy

Explore with Pulumi AI

aws-iam logo
AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi

    This resource helps you create an IAM Group with Users who are allowed to assume specified IAM roles.

    Example Usage

    using Pulumi;
    using Pulumi.AwsIam;
    using Pulumi.AwsIam.Inputs;
    
    class MyStack : Stack
    {
        public MyStack()
        {
            var groupWithAssumableRolePolicy = new GroupWithAssumableRolesPolicy("group-with-assumable-roles-policy", new GroupWithAssumableRolesPolicyArgs
            {
                Name = "production-readonly",
                AssumableRoles = {"arn:aws:iam::835367859855:role/readonly"},
                GroupUsers = {"user1", "user2"},
            });
    
            this.GroupWithAssumableRolesPolicy = Output.Create<GroupWithAssumableRolesPolicy>(groupWithAssumableRolePolicy);
        }
    
        [Output]
        public Output<GroupWithAssumableRolesPolicy> GroupWithAssumableRolesPolicy { get; set; }
    }
    
    package main
    
    import (
        iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
        "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
        pulumi.Run(func(ctx *pulumi.Context) error {
            groupWithAssumableRolesPolicy, err := iam.NewGroupWithAssumableRolesPolicy(ctx, "group-with-assumable-roles-policy", &iam.GroupWithAssumableRolesPolicyArgs{
                Name:           pulumi.String("production-readonly"),
                AssumableRoles: pulumi.ToStringArray([]string{"arn:aws:iam::835367859855:role/readonly"}),
                GroupUsers:     pulumi.ToStringArray([]string{"user1", "user2"}),
            })
            if err != nil {
                return err
            }
    
            ctx.Export("groupWithAssumableRolesPolicy", groupWithAssumableRolesPolicy)
    
            return nil
        })
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_iam as iam
    
    group_with_assume_roles_policy = iam.GroupWithAssumableRolesPolicy(
        'group_with_assume_roles_policy',
        name='production-readonly',
        assumable_roles=['arn:aws:iam::835367859855:role/readonly'],
        group_users=['user1','user2'],
    )
    
    pulumi.export('group_with_assume_roles_policy', group_with_assume_roles_policy)
    
    import * as iam from "@pulumi/aws-iam";
    
    export const groupWithAssumableRolesPolicy = new iam.GroupWithAssumableRolesPolicy("aws-iam-example-group-with-assumable-roles-policy", {
        name: "production-readonly",
        assumableRoles: [ "arn:aws:iam::835367859855:role/readonly" ],
        groupUsers: [ "user1" ],
    });
    
    name: awsiam-yaml
    runtime: yaml
    resources:
        groupWithAssumableRolesPolicy:
            type: "aws-iam:index:GroupWithAssumableRolesPolicy"
            properties:
                name: "production-readonly"
                assumableRoles:
                    - "arn:aws:iam::835367859855:role/readonly"
                groupUsers:
                    - "user1"
                    - "user2"
    outputs:
        groupWithAssumableRolesPolicy: ${groupWithAssumableRolesPolicy}
    

    Create GroupWithAssumableRolesPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new GroupWithAssumableRolesPolicy(name: string, args: GroupWithAssumableRolesPolicyArgs, opts?: ComponentResourceOptions);
    @overload
    def GroupWithAssumableRolesPolicy(resource_name: str,
                                      args: GroupWithAssumableRolesPolicyArgs,
                                      opts: Optional[ResourceOptions] = None)
    
    @overload
    def GroupWithAssumableRolesPolicy(resource_name: str,
                                      opts: Optional[ResourceOptions] = None,
                                      assumable_roles: Optional[Sequence[str]] = None,
                                      group_users: Optional[Sequence[str]] = None,
                                      name: Optional[str] = None,
                                      tags: Optional[Mapping[str, str]] = None)
    func NewGroupWithAssumableRolesPolicy(ctx *Context, name string, args GroupWithAssumableRolesPolicyArgs, opts ...ResourceOption) (*GroupWithAssumableRolesPolicy, error)
    public GroupWithAssumableRolesPolicy(string name, GroupWithAssumableRolesPolicyArgs args, ComponentResourceOptions? opts = null)
    public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args)
    public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args, ComponentResourceOptions options)
    
    type: aws-iam:GroupWithAssumableRolesPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args GroupWithAssumableRolesPolicyArgs
    The arguments to resource properties.
    opts ComponentResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args GroupWithAssumableRolesPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args GroupWithAssumableRolesPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args GroupWithAssumableRolesPolicyArgs
    The arguments to resource properties.
    opts ComponentResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args GroupWithAssumableRolesPolicyArgs
    The arguments to resource properties.
    options ComponentResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var groupWithAssumableRolesPolicyResource = new AwsIam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", new()
    {
        AssumableRoles = new[]
        {
            "string",
        },
        GroupUsers = new[]
        {
            "string",
        },
        Name = "string",
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := awsiam.NewGroupWithAssumableRolesPolicy(ctx, "groupWithAssumableRolesPolicyResource", &awsiam.GroupWithAssumableRolesPolicyArgs{
    	AssumableRoles: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	GroupUsers: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Name: pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var groupWithAssumableRolesPolicyResource = new GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", GroupWithAssumableRolesPolicyArgs.builder()
        .assumableRoles("string")
        .groupUsers("string")
        .name("string")
        .tags(Map.of("string", "string"))
        .build());
    
    group_with_assumable_roles_policy_resource = aws_iam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource",
        assumable_roles=["string"],
        group_users=["string"],
        name="string",
        tags={
            "string": "string",
        })
    
    const groupWithAssumableRolesPolicyResource = new aws_iam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", {
        assumableRoles: ["string"],
        groupUsers: ["string"],
        name: "string",
        tags: {
            string: "string",
        },
    });
    
    type: aws-iam:GroupWithAssumableRolesPolicy
    properties:
        assumableRoles:
            - string
        groupUsers:
            - string
        name: string
        tags:
            string: string
    

    GroupWithAssumableRolesPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The GroupWithAssumableRolesPolicy resource accepts the following input properties:

    AssumableRoles List<string>
    List of IAM roles ARNs which can be assumed by the group
    GroupUsers List<string>
    List of IAM users to have in an IAM group which can assume the role
    Name string
    Name of IAM policy and IAM group.
    Tags Dictionary<string, string>
    A map of tags to add.
    AssumableRoles []string
    List of IAM roles ARNs which can be assumed by the group
    GroupUsers []string
    List of IAM users to have in an IAM group which can assume the role
    Name string
    Name of IAM policy and IAM group.
    Tags map[string]string
    A map of tags to add.
    assumableRoles List<String>
    List of IAM roles ARNs which can be assumed by the group
    groupUsers List<String>
    List of IAM users to have in an IAM group which can assume the role
    name String
    Name of IAM policy and IAM group.
    tags Map<String,String>
    A map of tags to add.
    assumableRoles string[]
    List of IAM roles ARNs which can be assumed by the group
    groupUsers string[]
    List of IAM users to have in an IAM group which can assume the role
    name string
    Name of IAM policy and IAM group.
    tags {[key: string]: string}
    A map of tags to add.
    assumable_roles Sequence[str]
    List of IAM roles ARNs which can be assumed by the group
    group_users Sequence[str]
    List of IAM users to have in an IAM group which can assume the role
    name str
    Name of IAM policy and IAM group.
    tags Mapping[str, str]
    A map of tags to add.
    assumableRoles List<String>
    List of IAM roles ARNs which can be assumed by the group
    groupUsers List<String>
    List of IAM users to have in an IAM group which can assume the role
    name String
    Name of IAM policy and IAM group.
    tags Map<String>
    A map of tags to add.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the GroupWithAssumableRolesPolicy resource produces the following output properties:

    GroupArn string
    IAM group arn.
    GroupName string
    IAM group name.
    PolicyArn string
    Assume role policy ARN of IAM group
    GroupArn string
    IAM group arn.
    GroupName string
    IAM group name.
    PolicyArn string
    Assume role policy ARN of IAM group
    groupArn String
    IAM group arn.
    groupName String
    IAM group name.
    policyArn String
    Assume role policy ARN of IAM group
    groupArn string
    IAM group arn.
    groupName string
    IAM group name.
    policyArn string
    Assume role policy ARN of IAM group
    group_arn str
    IAM group arn.
    group_name str
    IAM group name.
    policy_arn str
    Assume role policy ARN of IAM group
    groupArn String
    IAM group arn.
    groupName String
    IAM group name.
    policyArn String
    Assume role policy ARN of IAM group

    Package Details

    Repository
    aws-iam
    License
    aws-iam logo
    AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi