1. Packages
  2. Scaleway
  3. API Docs
  4. IamPolicy
Scaleway v1.20.0 published on Monday, Nov 4, 2024 by pulumiverse

scaleway.IamPolicy

Explore with Pulumi AI

scaleway logo
Scaleway v1.20.0 published on Monday, Nov 4, 2024 by pulumiverse

    Creates and manages Scaleway IAM Policies. For more information refer to the IAM API documentation.

    You can find a detailed list of all permission sets available at Scaleway in the permission sets reference page.

    Example Usage

    Create a policy for an organization’s project

    import * as pulumi from "@pulumi/pulumi";
    import * as scaleway from "@pulumi/scaleway";
    import * as scaleway from "@pulumiverse/scaleway";
    
    const default = scaleway.getAccountProject({
        name: "default",
    });
    const app = new scaleway.IamApplication("app", {name: "my app"});
    const objectReadOnly = new scaleway.IamPolicy("object_read_only", {
        name: "my policy",
        description: "gives app readonly access to object storage in project",
        applicationId: app.id,
        rules: [{
            projectIds: [_default.then(_default => _default.id)],
            permissionSetNames: ["ObjectStorageReadOnly"],
        }],
    });
    
    import pulumi
    import pulumi_scaleway as scaleway
    import pulumiverse_scaleway as scaleway
    
    default = scaleway.get_account_project(name="default")
    app = scaleway.IamApplication("app", name="my app")
    object_read_only = scaleway.IamPolicy("object_read_only",
        name="my policy",
        description="gives app readonly access to object storage in project",
        application_id=app.id,
        rules=[{
            "project_ids": [default.id],
            "permission_set_names": ["ObjectStorageReadOnly"],
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-scaleway/sdk/go/scaleway"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_default, err := scaleway.LookupAccountProject(ctx, &scaleway.LookupAccountProjectArgs{
    			Name: pulumi.StringRef("default"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		app, err := scaleway.NewIamApplication(ctx, "app", &scaleway.IamApplicationArgs{
    			Name: pulumi.String("my app"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = scaleway.NewIamPolicy(ctx, "object_read_only", &scaleway.IamPolicyArgs{
    			Name:          pulumi.String("my policy"),
    			Description:   pulumi.String("gives app readonly access to object storage in project"),
    			ApplicationId: app.ID(),
    			Rules: scaleway.IamPolicyRuleArray{
    				&scaleway.IamPolicyRuleArgs{
    					ProjectIds: pulumi.StringArray{
    						pulumi.String(_default.Id),
    					},
    					PermissionSetNames: pulumi.StringArray{
    						pulumi.String("ObjectStorageReadOnly"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Scaleway = Pulumi.Scaleway;
    using Scaleway = Pulumiverse.Scaleway;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = Scaleway.GetAccountProject.Invoke(new()
        {
            Name = "default",
        });
    
        var app = new Scaleway.IamApplication("app", new()
        {
            Name = "my app",
        });
    
        var objectReadOnly = new Scaleway.IamPolicy("object_read_only", new()
        {
            Name = "my policy",
            Description = "gives app readonly access to object storage in project",
            ApplicationId = app.Id,
            Rules = new[]
            {
                new Scaleway.Inputs.IamPolicyRuleArgs
                {
                    ProjectIds = new[]
                    {
                        @default.Apply(@default => @default.Apply(getAccountProjectResult => getAccountProjectResult.Id)),
                    },
                    PermissionSetNames = new[]
                    {
                        "ObjectStorageReadOnly",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.scaleway.ScalewayFunctions;
    import com.pulumi.scaleway.inputs.GetAccountProjectArgs;
    import com.pulumi.scaleway.IamApplication;
    import com.pulumi.scaleway.IamApplicationArgs;
    import com.pulumi.scaleway.IamPolicy;
    import com.pulumi.scaleway.IamPolicyArgs;
    import com.pulumi.scaleway.inputs.IamPolicyRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var default = ScalewayFunctions.getAccountProject(GetAccountProjectArgs.builder()
                .name("default")
                .build());
    
            var app = new IamApplication("app", IamApplicationArgs.builder()
                .name("my app")
                .build());
    
            var objectReadOnly = new IamPolicy("objectReadOnly", IamPolicyArgs.builder()
                .name("my policy")
                .description("gives app readonly access to object storage in project")
                .applicationId(app.id())
                .rules(IamPolicyRuleArgs.builder()
                    .projectIds(default_.id())
                    .permissionSetNames("ObjectStorageReadOnly")
                    .build())
                .build());
    
        }
    }
    
    resources:
      app:
        type: scaleway:IamApplication
        properties:
          name: my app
      objectReadOnly:
        type: scaleway:IamPolicy
        name: object_read_only
        properties:
          name: my policy
          description: gives app readonly access to object storage in project
          applicationId: ${app.id}
          rules:
            - projectIds:
                - ${default.id}
              permissionSetNames:
                - ObjectStorageReadOnly
    variables:
      default:
        fn::invoke:
          Function: scaleway:getAccountProject
          Arguments:
            name: default
    

    Create a policy for all current and future projects in an organization

    import * as pulumi from "@pulumi/pulumi";
    import * as scaleway from "@pulumiverse/scaleway";
    
    const app = new scaleway.IamApplication("app", {name: "my app"});
    const objectReadOnly = new scaleway.IamPolicy("object_read_only", {
        name: "my policy",
        description: "gives app readonly access to object storage in project",
        applicationId: app.id,
        rules: [{
            organizationId: app.organizationId,
            permissionSetNames: ["ObjectStorageReadOnly"],
        }],
    });
    
    import pulumi
    import pulumiverse_scaleway as scaleway
    
    app = scaleway.IamApplication("app", name="my app")
    object_read_only = scaleway.IamPolicy("object_read_only",
        name="my policy",
        description="gives app readonly access to object storage in project",
        application_id=app.id,
        rules=[{
            "organization_id": app.organization_id,
            "permission_set_names": ["ObjectStorageReadOnly"],
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-scaleway/sdk/go/scaleway"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		app, err := scaleway.NewIamApplication(ctx, "app", &scaleway.IamApplicationArgs{
    			Name: pulumi.String("my app"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = scaleway.NewIamPolicy(ctx, "object_read_only", &scaleway.IamPolicyArgs{
    			Name:          pulumi.String("my policy"),
    			Description:   pulumi.String("gives app readonly access to object storage in project"),
    			ApplicationId: app.ID(),
    			Rules: scaleway.IamPolicyRuleArray{
    				&scaleway.IamPolicyRuleArgs{
    					OrganizationId: app.OrganizationId,
    					PermissionSetNames: pulumi.StringArray{
    						pulumi.String("ObjectStorageReadOnly"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Scaleway = Pulumiverse.Scaleway;
    
    return await Deployment.RunAsync(() => 
    {
        var app = new Scaleway.IamApplication("app", new()
        {
            Name = "my app",
        });
    
        var objectReadOnly = new Scaleway.IamPolicy("object_read_only", new()
        {
            Name = "my policy",
            Description = "gives app readonly access to object storage in project",
            ApplicationId = app.Id,
            Rules = new[]
            {
                new Scaleway.Inputs.IamPolicyRuleArgs
                {
                    OrganizationId = app.OrganizationId,
                    PermissionSetNames = new[]
                    {
                        "ObjectStorageReadOnly",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.scaleway.IamApplication;
    import com.pulumi.scaleway.IamApplicationArgs;
    import com.pulumi.scaleway.IamPolicy;
    import com.pulumi.scaleway.IamPolicyArgs;
    import com.pulumi.scaleway.inputs.IamPolicyRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var app = new IamApplication("app", IamApplicationArgs.builder()
                .name("my app")
                .build());
    
            var objectReadOnly = new IamPolicy("objectReadOnly", IamPolicyArgs.builder()
                .name("my policy")
                .description("gives app readonly access to object storage in project")
                .applicationId(app.id())
                .rules(IamPolicyRuleArgs.builder()
                    .organizationId(app.organizationId())
                    .permissionSetNames("ObjectStorageReadOnly")
                    .build())
                .build());
    
        }
    }
    
    resources:
      app:
        type: scaleway:IamApplication
        properties:
          name: my app
      objectReadOnly:
        type: scaleway:IamPolicy
        name: object_read_only
        properties:
          name: my policy
          description: gives app readonly access to object storage in project
          applicationId: ${app.id}
          rules:
            - organizationId: ${app.organizationId}
              permissionSetNames:
                - ObjectStorageReadOnly
    

    Create a policy with a particular condition

    IAM policy rule can use a condition to be applied. The following variables are available:

    • request.ip
    • request.user_agent
    • request.time
    import * as pulumi from "@pulumi/pulumi";
    import * as scaleway from "@pulumiverse/scaleway";
    
    const main = new scaleway.IamPolicy("main", {
        name: "tf_tests_policy_condition",
        noPrincipal: true,
        rules: [{
            organizationId: "%s",
            permissionSetNames: ["AllProductsFullAccess"],
            condition: "request.user_agent == 'My User Agent'",
        }],
    });
    
    import pulumi
    import pulumiverse_scaleway as scaleway
    
    main = scaleway.IamPolicy("main",
        name="tf_tests_policy_condition",
        no_principal=True,
        rules=[{
            "organization_id": "%s",
            "permission_set_names": ["AllProductsFullAccess"],
            "condition": "request.user_agent == 'My User Agent'",
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-scaleway/sdk/go/scaleway"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := scaleway.NewIamPolicy(ctx, "main", &scaleway.IamPolicyArgs{
    			Name:        pulumi.String("tf_tests_policy_condition"),
    			NoPrincipal: pulumi.Bool(true),
    			Rules: scaleway.IamPolicyRuleArray{
    				&scaleway.IamPolicyRuleArgs{
    					OrganizationId: pulumi.String("%s"),
    					PermissionSetNames: pulumi.StringArray{
    						pulumi.String("AllProductsFullAccess"),
    					},
    					Condition: pulumi.String("request.user_agent == 'My User Agent'"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Scaleway = Pulumiverse.Scaleway;
    
    return await Deployment.RunAsync(() => 
    {
        var main = new Scaleway.IamPolicy("main", new()
        {
            Name = "tf_tests_policy_condition",
            NoPrincipal = true,
            Rules = new[]
            {
                new Scaleway.Inputs.IamPolicyRuleArgs
                {
                    OrganizationId = "%s",
                    PermissionSetNames = new[]
                    {
                        "AllProductsFullAccess",
                    },
                    Condition = "request.user_agent == 'My User Agent'",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.scaleway.IamPolicy;
    import com.pulumi.scaleway.IamPolicyArgs;
    import com.pulumi.scaleway.inputs.IamPolicyRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var main = new IamPolicy("main", IamPolicyArgs.builder()
                .name("tf_tests_policy_condition")
                .noPrincipal(true)
                .rules(IamPolicyRuleArgs.builder()
                    .organizationId("%s")
                    .permissionSetNames("AllProductsFullAccess")
                    .condition("request.user_agent == 'My User Agent'")
                    .build())
                .build());
    
        }
    }
    
    resources:
      main:
        type: scaleway:IamPolicy
        properties:
          name: tf_tests_policy_condition
          noPrincipal: true
          rules:
            - organizationId: '%s'
              permissionSetNames:
                - AllProductsFullAccess
              condition: request.user_agent == 'My User Agent'
    

    Create IamPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new IamPolicy(name: string, args: IamPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def IamPolicy(resource_name: str,
                  args: IamPolicyArgs,
                  opts: Optional[ResourceOptions] = None)
    
    @overload
    def IamPolicy(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  rules: Optional[Sequence[IamPolicyRuleArgs]] = None,
                  application_id: Optional[str] = None,
                  description: Optional[str] = None,
                  group_id: Optional[str] = None,
                  name: Optional[str] = None,
                  no_principal: Optional[bool] = None,
                  organization_id: Optional[str] = None,
                  tags: Optional[Sequence[str]] = None,
                  user_id: Optional[str] = None)
    func NewIamPolicy(ctx *Context, name string, args IamPolicyArgs, opts ...ResourceOption) (*IamPolicy, error)
    public IamPolicy(string name, IamPolicyArgs args, CustomResourceOptions? opts = null)
    public IamPolicy(String name, IamPolicyArgs args)
    public IamPolicy(String name, IamPolicyArgs args, CustomResourceOptions options)
    
    type: scaleway:IamPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args IamPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args IamPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args IamPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args IamPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args IamPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var iamPolicyResource = new Scaleway.IamPolicy("iamPolicyResource", new()
    {
        Rules = new[]
        {
            new Scaleway.Inputs.IamPolicyRuleArgs
            {
                PermissionSetNames = new[]
                {
                    "string",
                },
                Condition = "string",
                OrganizationId = "string",
                ProjectIds = new[]
                {
                    "string",
                },
            },
        },
        ApplicationId = "string",
        Description = "string",
        GroupId = "string",
        Name = "string",
        NoPrincipal = false,
        OrganizationId = "string",
        Tags = new[]
        {
            "string",
        },
        UserId = "string",
    });
    
    example, err := scaleway.NewIamPolicy(ctx, "iamPolicyResource", &scaleway.IamPolicyArgs{
    	Rules: scaleway.IamPolicyRuleArray{
    		&scaleway.IamPolicyRuleArgs{
    			PermissionSetNames: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Condition:      pulumi.String("string"),
    			OrganizationId: pulumi.String("string"),
    			ProjectIds: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	ApplicationId:  pulumi.String("string"),
    	Description:    pulumi.String("string"),
    	GroupId:        pulumi.String("string"),
    	Name:           pulumi.String("string"),
    	NoPrincipal:    pulumi.Bool(false),
    	OrganizationId: pulumi.String("string"),
    	Tags: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	UserId: pulumi.String("string"),
    })
    
    var iamPolicyResource = new IamPolicy("iamPolicyResource", IamPolicyArgs.builder()
        .rules(IamPolicyRuleArgs.builder()
            .permissionSetNames("string")
            .condition("string")
            .organizationId("string")
            .projectIds("string")
            .build())
        .applicationId("string")
        .description("string")
        .groupId("string")
        .name("string")
        .noPrincipal(false)
        .organizationId("string")
        .tags("string")
        .userId("string")
        .build());
    
    iam_policy_resource = scaleway.IamPolicy("iamPolicyResource",
        rules=[{
            "permission_set_names": ["string"],
            "condition": "string",
            "organization_id": "string",
            "project_ids": ["string"],
        }],
        application_id="string",
        description="string",
        group_id="string",
        name="string",
        no_principal=False,
        organization_id="string",
        tags=["string"],
        user_id="string")
    
    const iamPolicyResource = new scaleway.IamPolicy("iamPolicyResource", {
        rules: [{
            permissionSetNames: ["string"],
            condition: "string",
            organizationId: "string",
            projectIds: ["string"],
        }],
        applicationId: "string",
        description: "string",
        groupId: "string",
        name: "string",
        noPrincipal: false,
        organizationId: "string",
        tags: ["string"],
        userId: "string",
    });
    
    type: scaleway:IamPolicy
    properties:
        applicationId: string
        description: string
        groupId: string
        name: string
        noPrincipal: false
        organizationId: string
        rules:
            - condition: string
              organizationId: string
              permissionSetNames:
                - string
              projectIds:
                - string
        tags:
            - string
        userId: string
    

    IamPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The IamPolicy resource accepts the following input properties:

    Rules List<Pulumiverse.Scaleway.Inputs.IamPolicyRule>
    List of rules in the policy.
    ApplicationId string
    ID of the application the policy will be linked to
    Description string
    The description of the IAM policy.
    GroupId string
    ID of the group the policy will be linked to
    Name string
    The name of the IAM policy.
    NoPrincipal bool

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    OrganizationId string
    organization_id) The ID of the organization the policy is associated with.
    Tags List<string>
    The tags associated with the IAM policy.
    UserId string
    ID of the user the policy will be linked to
    Rules []IamPolicyRuleArgs
    List of rules in the policy.
    ApplicationId string
    ID of the application the policy will be linked to
    Description string
    The description of the IAM policy.
    GroupId string
    ID of the group the policy will be linked to
    Name string
    The name of the IAM policy.
    NoPrincipal bool

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    OrganizationId string
    organization_id) The ID of the organization the policy is associated with.
    Tags []string
    The tags associated with the IAM policy.
    UserId string
    ID of the user the policy will be linked to
    rules List<IamPolicyRule>
    List of rules in the policy.
    applicationId String
    ID of the application the policy will be linked to
    description String
    The description of the IAM policy.
    groupId String
    ID of the group the policy will be linked to
    name String
    The name of the IAM policy.
    noPrincipal Boolean

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organizationId String
    organization_id) The ID of the organization the policy is associated with.
    tags List<String>
    The tags associated with the IAM policy.
    userId String
    ID of the user the policy will be linked to
    rules IamPolicyRule[]
    List of rules in the policy.
    applicationId string
    ID of the application the policy will be linked to
    description string
    The description of the IAM policy.
    groupId string
    ID of the group the policy will be linked to
    name string
    The name of the IAM policy.
    noPrincipal boolean

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organizationId string
    organization_id) The ID of the organization the policy is associated with.
    tags string[]
    The tags associated with the IAM policy.
    userId string
    ID of the user the policy will be linked to
    rules Sequence[IamPolicyRuleArgs]
    List of rules in the policy.
    application_id str
    ID of the application the policy will be linked to
    description str
    The description of the IAM policy.
    group_id str
    ID of the group the policy will be linked to
    name str
    The name of the IAM policy.
    no_principal bool

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organization_id str
    organization_id) The ID of the organization the policy is associated with.
    tags Sequence[str]
    The tags associated with the IAM policy.
    user_id str
    ID of the user the policy will be linked to
    rules List<Property Map>
    List of rules in the policy.
    applicationId String
    ID of the application the policy will be linked to
    description String
    The description of the IAM policy.
    groupId String
    ID of the group the policy will be linked to
    name String
    The name of the IAM policy.
    noPrincipal Boolean

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organizationId String
    organization_id) The ID of the organization the policy is associated with.
    tags List<String>
    The tags associated with the IAM policy.
    userId String
    ID of the user the policy will be linked to

    Outputs

    All input properties are implicitly available as output properties. Additionally, the IamPolicy resource produces the following output properties:

    CreatedAt string
    The date and time of the creation of the policy.
    Editable bool
    Whether the policy is editable.
    Id string
    The provider-assigned unique ID for this managed resource.
    UpdatedAt string
    The date and time of the last update of the policy.
    CreatedAt string
    The date and time of the creation of the policy.
    Editable bool
    Whether the policy is editable.
    Id string
    The provider-assigned unique ID for this managed resource.
    UpdatedAt string
    The date and time of the last update of the policy.
    createdAt String
    The date and time of the creation of the policy.
    editable Boolean
    Whether the policy is editable.
    id String
    The provider-assigned unique ID for this managed resource.
    updatedAt String
    The date and time of the last update of the policy.
    createdAt string
    The date and time of the creation of the policy.
    editable boolean
    Whether the policy is editable.
    id string
    The provider-assigned unique ID for this managed resource.
    updatedAt string
    The date and time of the last update of the policy.
    created_at str
    The date and time of the creation of the policy.
    editable bool
    Whether the policy is editable.
    id str
    The provider-assigned unique ID for this managed resource.
    updated_at str
    The date and time of the last update of the policy.
    createdAt String
    The date and time of the creation of the policy.
    editable Boolean
    Whether the policy is editable.
    id String
    The provider-assigned unique ID for this managed resource.
    updatedAt String
    The date and time of the last update of the policy.

    Look up Existing IamPolicy Resource

    Get an existing IamPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: IamPolicyState, opts?: CustomResourceOptions): IamPolicy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            application_id: Optional[str] = None,
            created_at: Optional[str] = None,
            description: Optional[str] = None,
            editable: Optional[bool] = None,
            group_id: Optional[str] = None,
            name: Optional[str] = None,
            no_principal: Optional[bool] = None,
            organization_id: Optional[str] = None,
            rules: Optional[Sequence[IamPolicyRuleArgs]] = None,
            tags: Optional[Sequence[str]] = None,
            updated_at: Optional[str] = None,
            user_id: Optional[str] = None) -> IamPolicy
    func GetIamPolicy(ctx *Context, name string, id IDInput, state *IamPolicyState, opts ...ResourceOption) (*IamPolicy, error)
    public static IamPolicy Get(string name, Input<string> id, IamPolicyState? state, CustomResourceOptions? opts = null)
    public static IamPolicy get(String name, Output<String> id, IamPolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ApplicationId string
    ID of the application the policy will be linked to
    CreatedAt string
    The date and time of the creation of the policy.
    Description string
    The description of the IAM policy.
    Editable bool
    Whether the policy is editable.
    GroupId string
    ID of the group the policy will be linked to
    Name string
    The name of the IAM policy.
    NoPrincipal bool

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    OrganizationId string
    organization_id) The ID of the organization the policy is associated with.
    Rules List<Pulumiverse.Scaleway.Inputs.IamPolicyRule>
    List of rules in the policy.
    Tags List<string>
    The tags associated with the IAM policy.
    UpdatedAt string
    The date and time of the last update of the policy.
    UserId string
    ID of the user the policy will be linked to
    ApplicationId string
    ID of the application the policy will be linked to
    CreatedAt string
    The date and time of the creation of the policy.
    Description string
    The description of the IAM policy.
    Editable bool
    Whether the policy is editable.
    GroupId string
    ID of the group the policy will be linked to
    Name string
    The name of the IAM policy.
    NoPrincipal bool

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    OrganizationId string
    organization_id) The ID of the organization the policy is associated with.
    Rules []IamPolicyRuleArgs
    List of rules in the policy.
    Tags []string
    The tags associated with the IAM policy.
    UpdatedAt string
    The date and time of the last update of the policy.
    UserId string
    ID of the user the policy will be linked to
    applicationId String
    ID of the application the policy will be linked to
    createdAt String
    The date and time of the creation of the policy.
    description String
    The description of the IAM policy.
    editable Boolean
    Whether the policy is editable.
    groupId String
    ID of the group the policy will be linked to
    name String
    The name of the IAM policy.
    noPrincipal Boolean

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organizationId String
    organization_id) The ID of the organization the policy is associated with.
    rules List<IamPolicyRule>
    List of rules in the policy.
    tags List<String>
    The tags associated with the IAM policy.
    updatedAt String
    The date and time of the last update of the policy.
    userId String
    ID of the user the policy will be linked to
    applicationId string
    ID of the application the policy will be linked to
    createdAt string
    The date and time of the creation of the policy.
    description string
    The description of the IAM policy.
    editable boolean
    Whether the policy is editable.
    groupId string
    ID of the group the policy will be linked to
    name string
    The name of the IAM policy.
    noPrincipal boolean

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organizationId string
    organization_id) The ID of the organization the policy is associated with.
    rules IamPolicyRule[]
    List of rules in the policy.
    tags string[]
    The tags associated with the IAM policy.
    updatedAt string
    The date and time of the last update of the policy.
    userId string
    ID of the user the policy will be linked to
    application_id str
    ID of the application the policy will be linked to
    created_at str
    The date and time of the creation of the policy.
    description str
    The description of the IAM policy.
    editable bool
    Whether the policy is editable.
    group_id str
    ID of the group the policy will be linked to
    name str
    The name of the IAM policy.
    no_principal bool

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organization_id str
    organization_id) The ID of the organization the policy is associated with.
    rules Sequence[IamPolicyRuleArgs]
    List of rules in the policy.
    tags Sequence[str]
    The tags associated with the IAM policy.
    updated_at str
    The date and time of the last update of the policy.
    user_id str
    ID of the user the policy will be linked to
    applicationId String
    ID of the application the policy will be linked to
    createdAt String
    The date and time of the creation of the policy.
    description String
    The description of the IAM policy.
    editable Boolean
    Whether the policy is editable.
    groupId String
    ID of the group the policy will be linked to
    name String
    The name of the IAM policy.
    noPrincipal Boolean

    If the policy doesn't apply to a principal.

    Important Only one of user_id, group_id, application_id and no_principal may be set.

    organizationId String
    organization_id) The ID of the organization the policy is associated with.
    rules List<Property Map>
    List of rules in the policy.
    tags List<String>
    The tags associated with the IAM policy.
    updatedAt String
    The date and time of the last update of the policy.
    userId String
    ID of the user the policy will be linked to

    Supporting Types

    IamPolicyRule, IamPolicyRuleArgs

    PermissionSetNames List<string>

    Names of permission sets bind to the rule.

    TIP: You can use the Scaleway CLI to list the permissions details. e.g:

    scw IAM permission-set list
    
    Condition string
    The condition of the IAM policy.
    OrganizationId string
    ID of organization scoped to the rule, this can be used to create a rule for all projects in an organization.
    ProjectIds List<string>

    List of project IDs scoped to the rule.

    Important One organization_id or project_ids must be set per rule.

    PermissionSetNames []string

    Names of permission sets bind to the rule.

    TIP: You can use the Scaleway CLI to list the permissions details. e.g:

    scw IAM permission-set list
    
    Condition string
    The condition of the IAM policy.
    OrganizationId string
    ID of organization scoped to the rule, this can be used to create a rule for all projects in an organization.
    ProjectIds []string

    List of project IDs scoped to the rule.

    Important One organization_id or project_ids must be set per rule.

    permissionSetNames List<String>

    Names of permission sets bind to the rule.

    TIP: You can use the Scaleway CLI to list the permissions details. e.g:

    scw IAM permission-set list
    
    condition String
    The condition of the IAM policy.
    organizationId String
    ID of organization scoped to the rule, this can be used to create a rule for all projects in an organization.
    projectIds List<String>

    List of project IDs scoped to the rule.

    Important One organization_id or project_ids must be set per rule.

    permissionSetNames string[]

    Names of permission sets bind to the rule.

    TIP: You can use the Scaleway CLI to list the permissions details. e.g:

    scw IAM permission-set list
    
    condition string
    The condition of the IAM policy.
    organizationId string
    ID of organization scoped to the rule, this can be used to create a rule for all projects in an organization.
    projectIds string[]

    List of project IDs scoped to the rule.

    Important One organization_id or project_ids must be set per rule.

    permission_set_names Sequence[str]

    Names of permission sets bind to the rule.

    TIP: You can use the Scaleway CLI to list the permissions details. e.g:

    scw IAM permission-set list
    
    condition str
    The condition of the IAM policy.
    organization_id str
    ID of organization scoped to the rule, this can be used to create a rule for all projects in an organization.
    project_ids Sequence[str]

    List of project IDs scoped to the rule.

    Important One organization_id or project_ids must be set per rule.

    permissionSetNames List<String>

    Names of permission sets bind to the rule.

    TIP: You can use the Scaleway CLI to list the permissions details. e.g:

    scw IAM permission-set list
    
    condition String
    The condition of the IAM policy.
    organizationId String
    ID of organization scoped to the rule, this can be used to create a rule for all projects in an organization.
    projectIds List<String>

    List of project IDs scoped to the rule.

    Important One organization_id or project_ids must be set per rule.

    Import

    Policies can be imported using the {id}, e.g.

    bash

    $ pulumi import scaleway:index/iamPolicy:IamPolicy main 11111111-1111-1111-1111-111111111111
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    scaleway pulumiverse/pulumi-scaleway
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the scaleway Terraform Provider.
    scaleway logo
    Scaleway v1.20.0 published on Monday, Nov 4, 2024 by pulumiverse