We recommend new projects start with resources from the AWS provider.
aws-native.rolesanywhere.Profile
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
Definition of AWS::RolesAnywhere::Profile Resource Type
Create Profile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Profile(name: string, args: ProfileArgs, opts?: CustomResourceOptions);
@overload
def Profile(resource_name: str,
args: ProfileArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Profile(resource_name: str,
opts: Optional[ResourceOptions] = None,
role_arns: Optional[Sequence[str]] = None,
accept_role_session_name: Optional[bool] = None,
attribute_mappings: Optional[Sequence[ProfileAttributeMappingArgs]] = None,
duration_seconds: Optional[float] = None,
enabled: Optional[bool] = None,
managed_policy_arns: Optional[Sequence[str]] = None,
name: Optional[str] = None,
require_instance_properties: Optional[bool] = None,
session_policy: Optional[str] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None)
func NewProfile(ctx *Context, name string, args ProfileArgs, opts ...ResourceOption) (*Profile, error)
public Profile(string name, ProfileArgs args, CustomResourceOptions? opts = null)
public Profile(String name, ProfileArgs args)
public Profile(String name, ProfileArgs args, CustomResourceOptions options)
type: aws-native:rolesanywhere:Profile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Profile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Profile resource accepts the following input properties:
- Role
Arns List<string> - A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
- Accept
Role boolSession Name - Used to determine if a custom role session name will be accepted in a temporary credential request.
- Attribute
Mappings List<Pulumi.Aws Native. Roles Anywhere. Inputs. Profile Attribute Mapping> - A mapping applied to the authenticating end-entity certificate.
- Duration
Seconds double - The number of seconds vended session credentials will be valid for
- Enabled bool
- The enabled status of the resource.
- Managed
Policy List<string>Arns - A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
- Name string
- The customer specified name of the resource.
- Require
Instance boolProperties - Specifies whether instance properties are required in CreateSession requests with this profile.
- Session
Policy string - A session policy that will applied to the trust boundary of the vended session credentials.
- List<Pulumi.
Aws Native. Inputs. Tag> - A list of Tags.
- Role
Arns []string - A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
- Accept
Role boolSession Name - Used to determine if a custom role session name will be accepted in a temporary credential request.
- Attribute
Mappings []ProfileAttribute Mapping Args - A mapping applied to the authenticating end-entity certificate.
- Duration
Seconds float64 - The number of seconds vended session credentials will be valid for
- Enabled bool
- The enabled status of the resource.
- Managed
Policy []stringArns - A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
- Name string
- The customer specified name of the resource.
- Require
Instance boolProperties - Specifies whether instance properties are required in CreateSession requests with this profile.
- Session
Policy string - A session policy that will applied to the trust boundary of the vended session credentials.
- Tag
Args - A list of Tags.
- role
Arns List<String> - A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
- accept
Role BooleanSession Name - Used to determine if a custom role session name will be accepted in a temporary credential request.
- attribute
Mappings List<ProfileAttribute Mapping> - A mapping applied to the authenticating end-entity certificate.
- duration
Seconds Double - The number of seconds vended session credentials will be valid for
- enabled Boolean
- The enabled status of the resource.
- managed
Policy List<String>Arns - A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
- name String
- The customer specified name of the resource.
- require
Instance BooleanProperties - Specifies whether instance properties are required in CreateSession requests with this profile.
- session
Policy String - A session policy that will applied to the trust boundary of the vended session credentials.
- List<Tag>
- A list of Tags.
- role
Arns string[] - A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
- accept
Role booleanSession Name - Used to determine if a custom role session name will be accepted in a temporary credential request.
- attribute
Mappings ProfileAttribute Mapping[] - A mapping applied to the authenticating end-entity certificate.
- duration
Seconds number - The number of seconds vended session credentials will be valid for
- enabled boolean
- The enabled status of the resource.
- managed
Policy string[]Arns - A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
- name string
- The customer specified name of the resource.
- require
Instance booleanProperties - Specifies whether instance properties are required in CreateSession requests with this profile.
- session
Policy string - A session policy that will applied to the trust boundary of the vended session credentials.
- Tag[]
- A list of Tags.
- role_
arns Sequence[str] - A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
- accept_
role_ boolsession_ name - Used to determine if a custom role session name will be accepted in a temporary credential request.
- attribute_
mappings Sequence[ProfileAttribute Mapping Args] - A mapping applied to the authenticating end-entity certificate.
- duration_
seconds float - The number of seconds vended session credentials will be valid for
- enabled bool
- The enabled status of the resource.
- managed_
policy_ Sequence[str]arns - A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
- name str
- The customer specified name of the resource.
- require_
instance_ boolproperties - Specifies whether instance properties are required in CreateSession requests with this profile.
- session_
policy str - A session policy that will applied to the trust boundary of the vended session credentials.
- Sequence[Tag
Args] - A list of Tags.
- role
Arns List<String> - A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
- accept
Role BooleanSession Name - Used to determine if a custom role session name will be accepted in a temporary credential request.
- attribute
Mappings List<Property Map> - A mapping applied to the authenticating end-entity certificate.
- duration
Seconds Number - The number of seconds vended session credentials will be valid for
- enabled Boolean
- The enabled status of the resource.
- managed
Policy List<String>Arns - A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
- name String
- The customer specified name of the resource.
- require
Instance BooleanProperties - Specifies whether instance properties are required in CreateSession requests with this profile.
- session
Policy String - A session policy that will applied to the trust boundary of the vended session credentials.
- List<Property Map>
- A list of Tags.
Outputs
All input properties are implicitly available as output properties. Additionally, the Profile resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Profile
Arn string - The ARN of the profile.
- Profile
Id string - The unique primary identifier of the Profile
- Id string
- The provider-assigned unique ID for this managed resource.
- Profile
Arn string - The ARN of the profile.
- Profile
Id string - The unique primary identifier of the Profile
- id String
- The provider-assigned unique ID for this managed resource.
- profile
Arn String - The ARN of the profile.
- profile
Id String - The unique primary identifier of the Profile
- id string
- The provider-assigned unique ID for this managed resource.
- profile
Arn string - The ARN of the profile.
- profile
Id string - The unique primary identifier of the Profile
- id str
- The provider-assigned unique ID for this managed resource.
- profile_
arn str - The ARN of the profile.
- profile_
id str - The unique primary identifier of the Profile
- id String
- The provider-assigned unique ID for this managed resource.
- profile
Arn String - The ARN of the profile.
- profile
Id String - The unique primary identifier of the Profile
Supporting Types
ProfileAttributeMapping, ProfileAttributeMappingArgs
- Certificate
Field Pulumi.Aws Native. Roles Anywhere. Profile Certificate Field - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
- Mapping
Rules List<Pulumi.Aws Native. Roles Anywhere. Inputs. Profile Mapping Rule> - A list of mapping entries for every supported specifier or sub-field.
- Certificate
Field ProfileCertificate Field - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
- Mapping
Rules []ProfileMapping Rule - A list of mapping entries for every supported specifier or sub-field.
- certificate
Field ProfileCertificate Field - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
- mapping
Rules List<ProfileMapping Rule> - A list of mapping entries for every supported specifier or sub-field.
- certificate
Field ProfileCertificate Field - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
- mapping
Rules ProfileMapping Rule[] - A list of mapping entries for every supported specifier or sub-field.
- certificate_
field ProfileCertificate Field - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
- mapping_
rules Sequence[ProfileMapping Rule] - A list of mapping entries for every supported specifier or sub-field.
- certificate
Field "x509Subject" | "x509Issuer" | "x509SAN" - Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
- mapping
Rules List<Property Map> - A list of mapping entries for every supported specifier or sub-field.
ProfileCertificateField, ProfileCertificateFieldArgs
- X509Subject
- x509Subject
- X509Issuer
- x509Issuer
- X509san
- x509SAN
- Profile
Certificate Field X509Subject - x509Subject
- Profile
Certificate Field X509Issuer - x509Issuer
- Profile
Certificate Field X509san - x509SAN
- X509Subject
- x509Subject
- X509Issuer
- x509Issuer
- X509san
- x509SAN
- X509Subject
- x509Subject
- X509Issuer
- x509Issuer
- X509san
- x509SAN
- X509_SUBJECT
- x509Subject
- X509_ISSUER
- x509Issuer
- X509SAN
- x509SAN
- "x509Subject"
- x509Subject
- "x509Issuer"
- x509Issuer
- "x509SAN"
- x509SAN
ProfileMappingRule, ProfileMappingRuleArgs
- Specifier string
- Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
- Specifier string
- Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
- specifier String
- Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
- specifier string
- Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
- specifier str
- Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
- specifier String
- Specifier within a certificate field, such as CN, OU, or UID from the Subject field.
Tag, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.