1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. rolesanywhere
  5. Profile

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

aws-native.rolesanywhere.Profile

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

    Definition of AWS::RolesAnywhere::Profile Resource Type

    Create Profile Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Profile(name: string, args: ProfileArgs, opts?: CustomResourceOptions);
    @overload
    def Profile(resource_name: str,
                args: ProfileArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Profile(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                role_arns: Optional[Sequence[str]] = None,
                accept_role_session_name: Optional[bool] = None,
                attribute_mappings: Optional[Sequence[ProfileAttributeMappingArgs]] = None,
                duration_seconds: Optional[float] = None,
                enabled: Optional[bool] = None,
                managed_policy_arns: Optional[Sequence[str]] = None,
                name: Optional[str] = None,
                require_instance_properties: Optional[bool] = None,
                session_policy: Optional[str] = None,
                tags: Optional[Sequence[_root_inputs.TagArgs]] = None)
    func NewProfile(ctx *Context, name string, args ProfileArgs, opts ...ResourceOption) (*Profile, error)
    public Profile(string name, ProfileArgs args, CustomResourceOptions? opts = null)
    public Profile(String name, ProfileArgs args)
    public Profile(String name, ProfileArgs args, CustomResourceOptions options)
    
    type: aws-native:rolesanywhere:Profile
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Profile Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Profile resource accepts the following input properties:

    RoleArns List<string>
    A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
    AcceptRoleSessionName bool
    Used to determine if a custom role session name will be accepted in a temporary credential request.
    AttributeMappings List<Pulumi.AwsNative.RolesAnywhere.Inputs.ProfileAttributeMapping>
    A mapping applied to the authenticating end-entity certificate.
    DurationSeconds double
    The number of seconds vended session credentials will be valid for
    Enabled bool
    The enabled status of the resource.
    ManagedPolicyArns List<string>
    A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
    Name string
    The customer specified name of the resource.
    RequireInstanceProperties bool
    Specifies whether instance properties are required in CreateSession requests with this profile.
    SessionPolicy string
    A session policy that will applied to the trust boundary of the vended session credentials.
    Tags List<Pulumi.AwsNative.Inputs.Tag>
    A list of Tags.
    RoleArns []string
    A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
    AcceptRoleSessionName bool
    Used to determine if a custom role session name will be accepted in a temporary credential request.
    AttributeMappings []ProfileAttributeMappingArgs
    A mapping applied to the authenticating end-entity certificate.
    DurationSeconds float64
    The number of seconds vended session credentials will be valid for
    Enabled bool
    The enabled status of the resource.
    ManagedPolicyArns []string
    A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
    Name string
    The customer specified name of the resource.
    RequireInstanceProperties bool
    Specifies whether instance properties are required in CreateSession requests with this profile.
    SessionPolicy string
    A session policy that will applied to the trust boundary of the vended session credentials.
    Tags TagArgs
    A list of Tags.
    roleArns List<String>
    A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
    acceptRoleSessionName Boolean
    Used to determine if a custom role session name will be accepted in a temporary credential request.
    attributeMappings List<ProfileAttributeMapping>
    A mapping applied to the authenticating end-entity certificate.
    durationSeconds Double
    The number of seconds vended session credentials will be valid for
    enabled Boolean
    The enabled status of the resource.
    managedPolicyArns List<String>
    A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
    name String
    The customer specified name of the resource.
    requireInstanceProperties Boolean
    Specifies whether instance properties are required in CreateSession requests with this profile.
    sessionPolicy String
    A session policy that will applied to the trust boundary of the vended session credentials.
    tags List<Tag>
    A list of Tags.
    roleArns string[]
    A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
    acceptRoleSessionName boolean
    Used to determine if a custom role session name will be accepted in a temporary credential request.
    attributeMappings ProfileAttributeMapping[]
    A mapping applied to the authenticating end-entity certificate.
    durationSeconds number
    The number of seconds vended session credentials will be valid for
    enabled boolean
    The enabled status of the resource.
    managedPolicyArns string[]
    A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
    name string
    The customer specified name of the resource.
    requireInstanceProperties boolean
    Specifies whether instance properties are required in CreateSession requests with this profile.
    sessionPolicy string
    A session policy that will applied to the trust boundary of the vended session credentials.
    tags Tag[]
    A list of Tags.
    role_arns Sequence[str]
    A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
    accept_role_session_name bool
    Used to determine if a custom role session name will be accepted in a temporary credential request.
    attribute_mappings Sequence[ProfileAttributeMappingArgs]
    A mapping applied to the authenticating end-entity certificate.
    duration_seconds float
    The number of seconds vended session credentials will be valid for
    enabled bool
    The enabled status of the resource.
    managed_policy_arns Sequence[str]
    A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
    name str
    The customer specified name of the resource.
    require_instance_properties bool
    Specifies whether instance properties are required in CreateSession requests with this profile.
    session_policy str
    A session policy that will applied to the trust boundary of the vended session credentials.
    tags Sequence[TagArgs]
    A list of Tags.
    roleArns List<String>
    A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
    acceptRoleSessionName Boolean
    Used to determine if a custom role session name will be accepted in a temporary credential request.
    attributeMappings List<Property Map>
    A mapping applied to the authenticating end-entity certificate.
    durationSeconds Number
    The number of seconds vended session credentials will be valid for
    enabled Boolean
    The enabled status of the resource.
    managedPolicyArns List<String>
    A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
    name String
    The customer specified name of the resource.
    requireInstanceProperties Boolean
    Specifies whether instance properties are required in CreateSession requests with this profile.
    sessionPolicy String
    A session policy that will applied to the trust boundary of the vended session credentials.
    tags List<Property Map>
    A list of Tags.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Profile resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    ProfileArn string
    The ARN of the profile.
    ProfileId string
    The unique primary identifier of the Profile
    Id string
    The provider-assigned unique ID for this managed resource.
    ProfileArn string
    The ARN of the profile.
    ProfileId string
    The unique primary identifier of the Profile
    id String
    The provider-assigned unique ID for this managed resource.
    profileArn String
    The ARN of the profile.
    profileId String
    The unique primary identifier of the Profile
    id string
    The provider-assigned unique ID for this managed resource.
    profileArn string
    The ARN of the profile.
    profileId string
    The unique primary identifier of the Profile
    id str
    The provider-assigned unique ID for this managed resource.
    profile_arn str
    The ARN of the profile.
    profile_id str
    The unique primary identifier of the Profile
    id String
    The provider-assigned unique ID for this managed resource.
    profileArn String
    The ARN of the profile.
    profileId String
    The unique primary identifier of the Profile

    Supporting Types

    ProfileAttributeMapping, ProfileAttributeMappingArgs

    CertificateField Pulumi.AwsNative.RolesAnywhere.ProfileCertificateField
    Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
    MappingRules List<Pulumi.AwsNative.RolesAnywhere.Inputs.ProfileMappingRule>
    A list of mapping entries for every supported specifier or sub-field.
    CertificateField ProfileCertificateField
    Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
    MappingRules []ProfileMappingRule
    A list of mapping entries for every supported specifier or sub-field.
    certificateField ProfileCertificateField
    Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
    mappingRules List<ProfileMappingRule>
    A list of mapping entries for every supported specifier or sub-field.
    certificateField ProfileCertificateField
    Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
    mappingRules ProfileMappingRule[]
    A list of mapping entries for every supported specifier or sub-field.
    certificate_field ProfileCertificateField
    Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
    mapping_rules Sequence[ProfileMappingRule]
    A list of mapping entries for every supported specifier or sub-field.
    certificateField "x509Subject" | "x509Issuer" | "x509SAN"
    Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
    mappingRules List<Property Map>
    A list of mapping entries for every supported specifier or sub-field.

    ProfileCertificateField, ProfileCertificateFieldArgs

    X509Subject
    x509Subject
    X509Issuer
    x509Issuer
    X509san
    x509SAN
    ProfileCertificateFieldX509Subject
    x509Subject
    ProfileCertificateFieldX509Issuer
    x509Issuer
    ProfileCertificateFieldX509san
    x509SAN
    X509Subject
    x509Subject
    X509Issuer
    x509Issuer
    X509san
    x509SAN
    X509Subject
    x509Subject
    X509Issuer
    x509Issuer
    X509san
    x509SAN
    X509_SUBJECT
    x509Subject
    X509_ISSUER
    x509Issuer
    X509SAN
    x509SAN
    "x509Subject"
    x509Subject
    "x509Issuer"
    x509Issuer
    "x509SAN"
    x509SAN

    ProfileMappingRule, ProfileMappingRuleArgs

    Specifier string
    Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
    Specifier string
    Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
    specifier String
    Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
    specifier string
    Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
    specifier str
    Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
    specifier String
    Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

    Tag, TagArgs

    Key string
    The key name of the tag
    Value string
    The value of the tag
    Key string
    The key name of the tag
    Value string
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag
    key string
    The key name of the tag
    value string
    The value of the tag
    key str
    The key name of the tag
    value str
    The value of the tag
    key String
    The key name of the tag
    value String
    The value of the tag

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi