aws-iam.GroupWithAssumableRolesPolicy
Explore with Pulumi AI
This resource helps you create an IAM Group with Users who are allowed to assume specified IAM roles.
Example Usage
using Pulumi;
using Pulumi.AwsIam;
using Pulumi.AwsIam.Inputs;
class MyStack : Stack
{
public MyStack()
{
var groupWithAssumableRolePolicy = new GroupWithAssumableRolesPolicy("group-with-assumable-roles-policy", new GroupWithAssumableRolesPolicyArgs
{
Name = "production-readonly",
AssumableRoles = {"arn:aws:iam::835367859855:role/readonly"},
GroupUsers = {"user1", "user2"},
});
this.GroupWithAssumableRolesPolicy = Output.Create<GroupWithAssumableRolesPolicy>(groupWithAssumableRolePolicy);
}
[Output]
public Output<GroupWithAssumableRolesPolicy> GroupWithAssumableRolesPolicy { get; set; }
}
package main
import (
iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
groupWithAssumableRolesPolicy, err := iam.NewGroupWithAssumableRolesPolicy(ctx, "group-with-assumable-roles-policy", &iam.GroupWithAssumableRolesPolicyArgs{
Name: pulumi.String("production-readonly"),
AssumableRoles: pulumi.ToStringArray([]string{"arn:aws:iam::835367859855:role/readonly"}),
GroupUsers: pulumi.ToStringArray([]string{"user1", "user2"}),
})
if err != nil {
return err
}
ctx.Export("groupWithAssumableRolesPolicy", groupWithAssumableRolesPolicy)
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_iam as iam
group_with_assume_roles_policy = iam.GroupWithAssumableRolesPolicy(
'group_with_assume_roles_policy',
name='production-readonly',
assumable_roles=['arn:aws:iam::835367859855:role/readonly'],
group_users=['user1','user2'],
)
pulumi.export('group_with_assume_roles_policy', group_with_assume_roles_policy)
import * as iam from "@pulumi/aws-iam";
export const groupWithAssumableRolesPolicy = new iam.GroupWithAssumableRolesPolicy("aws-iam-example-group-with-assumable-roles-policy", {
name: "production-readonly",
assumableRoles: [ "arn:aws:iam::835367859855:role/readonly" ],
groupUsers: [ "user1" ],
});
name: awsiam-yaml
runtime: yaml
resources:
groupWithAssumableRolesPolicy:
type: "aws-iam:index:GroupWithAssumableRolesPolicy"
properties:
name: "production-readonly"
assumableRoles:
- "arn:aws:iam::835367859855:role/readonly"
groupUsers:
- "user1"
- "user2"
outputs:
groupWithAssumableRolesPolicy: ${groupWithAssumableRolesPolicy}
Create GroupWithAssumableRolesPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GroupWithAssumableRolesPolicy(name: string, args: GroupWithAssumableRolesPolicyArgs, opts?: ComponentResourceOptions);
@overload
def GroupWithAssumableRolesPolicy(resource_name: str,
args: GroupWithAssumableRolesPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GroupWithAssumableRolesPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
assumable_roles: Optional[Sequence[str]] = None,
group_users: Optional[Sequence[str]] = None,
name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
func NewGroupWithAssumableRolesPolicy(ctx *Context, name string, args GroupWithAssumableRolesPolicyArgs, opts ...ResourceOption) (*GroupWithAssumableRolesPolicy, error)
public GroupWithAssumableRolesPolicy(string name, GroupWithAssumableRolesPolicyArgs args, ComponentResourceOptions? opts = null)
public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args)
public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args, ComponentResourceOptions options)
type: aws-iam:GroupWithAssumableRolesPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts ComponentResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- options ComponentResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var groupWithAssumableRolesPolicyResource = new AwsIam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", new()
{
AssumableRoles = new[]
{
"string",
},
GroupUsers = new[]
{
"string",
},
Name = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := awsiam.NewGroupWithAssumableRolesPolicy(ctx, "groupWithAssumableRolesPolicyResource", &awsiam.GroupWithAssumableRolesPolicyArgs{
AssumableRoles: pulumi.StringArray{
pulumi.String("string"),
},
GroupUsers: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var groupWithAssumableRolesPolicyResource = new GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", GroupWithAssumableRolesPolicyArgs.builder()
.assumableRoles("string")
.groupUsers("string")
.name("string")
.tags(Map.of("string", "string"))
.build());
group_with_assumable_roles_policy_resource = aws_iam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource",
assumable_roles=["string"],
group_users=["string"],
name="string",
tags={
"string": "string",
})
const groupWithAssumableRolesPolicyResource = new aws_iam.GroupWithAssumableRolesPolicy("groupWithAssumableRolesPolicyResource", {
assumableRoles: ["string"],
groupUsers: ["string"],
name: "string",
tags: {
string: "string",
},
});
type: aws-iam:GroupWithAssumableRolesPolicy
properties:
assumableRoles:
- string
groupUsers:
- string
name: string
tags:
string: string
GroupWithAssumableRolesPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The GroupWithAssumableRolesPolicy resource accepts the following input properties:
- Assumable
Roles List<string> - List of IAM roles ARNs which can be assumed by the group
- Group
Users List<string> - List of IAM users to have in an IAM group which can assume the role
- Name string
- Name of IAM policy and IAM group.
- Dictionary<string, string>
- A map of tags to add.
- Assumable
Roles []string - List of IAM roles ARNs which can be assumed by the group
- Group
Users []string - List of IAM users to have in an IAM group which can assume the role
- Name string
- Name of IAM policy and IAM group.
- map[string]string
- A map of tags to add.
- assumable
Roles List<String> - List of IAM roles ARNs which can be assumed by the group
- group
Users List<String> - List of IAM users to have in an IAM group which can assume the role
- name String
- Name of IAM policy and IAM group.
- Map<String,String>
- A map of tags to add.
- assumable
Roles string[] - List of IAM roles ARNs which can be assumed by the group
- group
Users string[] - List of IAM users to have in an IAM group which can assume the role
- name string
- Name of IAM policy and IAM group.
- {[key: string]: string}
- A map of tags to add.
- assumable_
roles Sequence[str] - List of IAM roles ARNs which can be assumed by the group
- group_
users Sequence[str] - List of IAM users to have in an IAM group which can assume the role
- name str
- Name of IAM policy and IAM group.
- Mapping[str, str]
- A map of tags to add.
- assumable
Roles List<String> - List of IAM roles ARNs which can be assumed by the group
- group
Users List<String> - List of IAM users to have in an IAM group which can assume the role
- name String
- Name of IAM policy and IAM group.
- Map<String>
- A map of tags to add.
Outputs
All input properties are implicitly available as output properties. Additionally, the GroupWithAssumableRolesPolicy resource produces the following output properties:
- group_
arn str - IAM group arn.
- group_
name str - IAM group name.
- policy_
arn str - Assume role policy ARN of IAM group
Package Details
- Repository
- aws-iam
- License