1. Packages
  2. StrongDM
  3. API Docs
  4. Role
StrongDM v1.21.0 published on Monday, Nov 4, 2024 by Piers Karsenbarg

sdm.Role

Explore with Pulumi AI

sdm logo
StrongDM v1.21.0 published on Monday, Nov 4, 2024 by Piers Karsenbarg

    A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as sdm from "@pierskarsenbarg/sdm";
    
    const engineers = new sdm.Role("engineers", {tags: {
        foo: "bar",
    }});
    const example_role = new sdm.Role("example-role", {accessRules: JSON.stringify([
        {
            tags: {
                env: "staging",
            },
        },
        {
            type: "postgres",
            tags: {
                region: "us-west",
                env: "dev",
            },
        },
        {
            ids: ["rs-093e6f3061eb4dad"],
        },
    ])});
    
    import pulumi
    import json
    import pierskarsenbarg_pulumi_sdm as sdm
    
    engineers = sdm.Role("engineers", tags={
        "foo": "bar",
    })
    example_role = sdm.Role("example-role", access_rules=json.dumps([
        {
            "tags": {
                "env": "staging",
            },
        },
        {
            "type": "postgres",
            "tags": {
                "region": "us-west",
                "env": "dev",
            },
        },
        {
            "ids": ["rs-093e6f3061eb4dad"],
        },
    ]))
    
    package main
    
    import (
    	"encoding/json"
    
    	"github.com/pierskarsenbarg/pulumi-sdm/sdk/go/sdm"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := sdm.NewRole(ctx, "engineers", &sdm.RoleArgs{
    			Tags: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		tmpJSON0, err := json.Marshal([]interface{}{
    			map[string]interface{}{
    				"tags": map[string]interface{}{
    					"env": "staging",
    				},
    			},
    			map[string]interface{}{
    				"type": "postgres",
    				"tags": map[string]interface{}{
    					"region": "us-west",
    					"env":    "dev",
    				},
    			},
    			map[string]interface{}{
    				"ids": []string{
    					"rs-093e6f3061eb4dad",
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		json0 := string(tmpJSON0)
    		_, err = sdm.NewRole(ctx, "example-role", &sdm.RoleArgs{
    			AccessRules: pulumi.String(json0),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using System.Text.Json;
    using Pulumi;
    using Sdm = PiersKarsenbarg.Sdm;
    
    return await Deployment.RunAsync(() => 
    {
        var engineers = new Sdm.Role("engineers", new()
        {
            Tags = 
            {
                { "foo", "bar" },
            },
        });
    
        var example_role = new Sdm.Role("example-role", new()
        {
            AccessRules = JsonSerializer.Serialize(new[]
            {
                new Dictionary<string, object?>
                {
                    ["tags"] = new Dictionary<string, object?>
                    {
                        ["env"] = "staging",
                    },
                },
                new Dictionary<string, object?>
                {
                    ["type"] = "postgres",
                    ["tags"] = new Dictionary<string, object?>
                    {
                        ["region"] = "us-west",
                        ["env"] = "dev",
                    },
                },
                new Dictionary<string, object?>
                {
                    ["ids"] = new[]
                    {
                        "rs-093e6f3061eb4dad",
                    },
                },
            }),
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.sdm.Role;
    import com.pulumi.sdm.RoleArgs;
    import static com.pulumi.codegen.internal.Serialization.*;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var engineers = new Role("engineers", RoleArgs.builder()
                .tags(Map.of("foo", "bar"))
                .build());
    
            var example_role = new Role("example-role", RoleArgs.builder()
                .accessRules(serializeJson(
                    jsonArray(
                        jsonObject(
                            jsonProperty("tags", jsonObject(
                                jsonProperty("env", "staging")
                            ))
                        ), 
                        jsonObject(
                            jsonProperty("type", "postgres"),
                            jsonProperty("tags", jsonObject(
                                jsonProperty("region", "us-west"),
                                jsonProperty("env", "dev")
                            ))
                        ), 
                        jsonObject(
                            jsonProperty("ids", jsonArray("rs-093e6f3061eb4dad"))
                        )
                    )))
                .build());
    
        }
    }
    
    resources:
      engineers:
        type: sdm:Role
        properties:
          tags:
            foo: bar
      example-role:
        type: sdm:Role
        properties:
          accessRules:
            fn::toJSON:
              - tags:
                  env: staging
              - type: postgres
                tags:
                  region: us-west
                  env: dev
              - ids:
                  - rs-093e6f3061eb4dad
    

    This resource can be imported using the import command.

    Create Role Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Role(name: string, args?: RoleArgs, opts?: CustomResourceOptions);
    @overload
    def Role(resource_name: str,
             args: Optional[RoleArgs] = None,
             opts: Optional[ResourceOptions] = None)
    
    @overload
    def Role(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             access_rules: Optional[str] = None,
             name: Optional[str] = None,
             tags: Optional[Mapping[str, str]] = None)
    func NewRole(ctx *Context, name string, args *RoleArgs, opts ...ResourceOption) (*Role, error)
    public Role(string name, RoleArgs? args = null, CustomResourceOptions? opts = null)
    public Role(String name, RoleArgs args)
    public Role(String name, RoleArgs args, CustomResourceOptions options)
    
    type: sdm:Role
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args RoleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args RoleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args RoleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args RoleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args RoleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var roleResource = new Sdm.Role("roleResource", new()
    {
        AccessRules = "string",
        Name = "string",
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := sdm.NewRole(ctx, "roleResource", &sdm.RoleArgs{
    	AccessRules: pulumi.String("string"),
    	Name:        pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var roleResource = new Role("roleResource", RoleArgs.builder()
        .accessRules("string")
        .name("string")
        .tags(Map.of("string", "string"))
        .build());
    
    role_resource = sdm.Role("roleResource",
        access_rules="string",
        name="string",
        tags={
            "string": "string",
        })
    
    const roleResource = new sdm.Role("roleResource", {
        accessRules: "string",
        name: "string",
        tags: {
            string: "string",
        },
    });
    
    type: sdm:Role
    properties:
        accessRules: string
        name: string
        tags:
            string: string
    

    Role Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Role resource accepts the following input properties:

    AccessRules string
    AccessRules is a list of access rules defining the resources this Role has access to.
    Name string
    Unique human-readable name of the Role.
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    AccessRules string
    AccessRules is a list of access rules defining the resources this Role has access to.
    Name string
    Unique human-readable name of the Role.
    Tags map[string]string
    Tags is a map of key, value pairs.
    accessRules String
    AccessRules is a list of access rules defining the resources this Role has access to.
    name String
    Unique human-readable name of the Role.
    tags Map<String,String>
    Tags is a map of key, value pairs.
    accessRules string
    AccessRules is a list of access rules defining the resources this Role has access to.
    name string
    Unique human-readable name of the Role.
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    access_rules str
    AccessRules is a list of access rules defining the resources this Role has access to.
    name str
    Unique human-readable name of the Role.
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    accessRules String
    AccessRules is a list of access rules defining the resources this Role has access to.
    name String
    Unique human-readable name of the Role.
    tags Map<String>
    Tags is a map of key, value pairs.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Role resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    ManagedBy string
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    Id string
    The provider-assigned unique ID for this managed resource.
    ManagedBy string
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    id String
    The provider-assigned unique ID for this managed resource.
    managedBy String
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    id string
    The provider-assigned unique ID for this managed resource.
    managedBy string
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    id str
    The provider-assigned unique ID for this managed resource.
    managed_by str
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    id String
    The provider-assigned unique ID for this managed resource.
    managedBy String
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.

    Look up Existing Role Resource

    Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: RoleState, opts?: CustomResourceOptions): Role
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_rules: Optional[str] = None,
            managed_by: Optional[str] = None,
            name: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None) -> Role
    func GetRole(ctx *Context, name string, id IDInput, state *RoleState, opts ...ResourceOption) (*Role, error)
    public static Role Get(string name, Input<string> id, RoleState? state, CustomResourceOptions? opts = null)
    public static Role get(String name, Output<String> id, RoleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessRules string
    AccessRules is a list of access rules defining the resources this Role has access to.
    ManagedBy string
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    Name string
    Unique human-readable name of the Role.
    Tags Dictionary<string, string>
    Tags is a map of key, value pairs.
    AccessRules string
    AccessRules is a list of access rules defining the resources this Role has access to.
    ManagedBy string
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    Name string
    Unique human-readable name of the Role.
    Tags map[string]string
    Tags is a map of key, value pairs.
    accessRules String
    AccessRules is a list of access rules defining the resources this Role has access to.
    managedBy String
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    name String
    Unique human-readable name of the Role.
    tags Map<String,String>
    Tags is a map of key, value pairs.
    accessRules string
    AccessRules is a list of access rules defining the resources this Role has access to.
    managedBy string
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    name string
    Unique human-readable name of the Role.
    tags {[key: string]: string}
    Tags is a map of key, value pairs.
    access_rules str
    AccessRules is a list of access rules defining the resources this Role has access to.
    managed_by str
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    name str
    Unique human-readable name of the Role.
    tags Mapping[str, str]
    Tags is a map of key, value pairs.
    accessRules String
    AccessRules is a list of access rules defining the resources this Role has access to.
    managedBy String
    Managed By is a read only field for what service manages this role, e.g. StrongDM, Okta, Azure.
    name String
    Unique human-readable name of the Role.
    tags Map<String>
    Tags is a map of key, value pairs.

    Import

    A Role can be imported using the id, e.g.,

    $ pulumi import sdm:index/role:Role example r-12345678
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    sdm pierskarsenbarg/pulumi-sdm
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the sdm Terraform Provider.
    sdm logo
    StrongDM v1.21.0 published on Monday, Nov 4, 2024 by Piers Karsenbarg