Docs Home
alks 2.8.2 published on Monday, Apr 14, 2025 by cox-automotive
alks.Iamtrustrole
Explore with Pulumi AI
alks 2.8.2 published on Monday, Apr 14, 2025 by cox-automotive
# Resource: alks.Iamtrustrole
Creates an IAM trust role on AWS.
Example Usage
ALKS IAM Role Creation
import * as pulumi from "@pulumi/pulumi";
import * as alks from "@pulumi/alks";
const testTrustRole = new alks.Iamtrustrole("testTrustRole", {
enableAlksAccess: false,
trustArn: "arn:aws:iam::123456789123:role/acct-managed/TestTrustRole",
type: "Cross Account",
});
import pulumi
import pulumi_alks as alks
test_trust_role = alks.Iamtrustrole("testTrustRole",
enable_alks_access=False,
trust_arn="arn:aws:iam::123456789123:role/acct-managed/TestTrustRole",
type="Cross Account")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/alks/v2/alks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := alks.NewIamtrustrole(ctx, "testTrustRole", &alks.IamtrustroleArgs{
EnableAlksAccess: pulumi.Bool(false),
TrustArn: pulumi.String("arn:aws:iam::123456789123:role/acct-managed/TestTrustRole"),
Type: pulumi.String("Cross Account"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Alks = Pulumi.Alks;
return await Deployment.RunAsync(() =>
{
var testTrustRole = new Alks.Iamtrustrole("testTrustRole", new()
{
EnableAlksAccess = false,
TrustArn = "arn:aws:iam::123456789123:role/acct-managed/TestTrustRole",
Type = "Cross Account",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alks.Iamtrustrole;
import com.pulumi.alks.IamtrustroleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testTrustRole = new Iamtrustrole("testTrustRole", IamtrustroleArgs.builder()
.enableAlksAccess(false)
.trustArn("arn:aws:iam::123456789123:role/acct-managed/TestTrustRole")
.type("Cross Account")
.build());
}
}
resources:
testTrustRole:
type: alks:Iamtrustrole
properties:
enableAlksAccess: false
# type = "Inner Account"
trustArn: arn:aws:iam::123456789123:role/acct-managed/TestTrustRole
type: Cross Account
ALKS IAM Role Creation With Tags
import * as pulumi from "@pulumi/pulumi";
import * as alks from "@pulumi/alks";
const testRole = new alks.Iamrole("testRole", {
enableAlksAccess: false,
includeDefaultPolicies: false,
tags: {
tagKey: "tagValue",
},
type: "Amazon EC2",
});
import pulumi
import pulumi_alks as alks
test_role = alks.Iamrole("testRole",
enable_alks_access=False,
include_default_policies=False,
tags={
"tagKey": "tagValue",
},
type="Amazon EC2")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/alks/v2/alks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := alks.NewIamrole(ctx, "testRole", &alks.IamroleArgs{
EnableAlksAccess: pulumi.Bool(false),
IncludeDefaultPolicies: pulumi.Bool(false),
Tags: pulumi.StringMap{
"tagKey": pulumi.String("tagValue"),
},
Type: pulumi.String("Amazon EC2"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Alks = Pulumi.Alks;
return await Deployment.RunAsync(() =>
{
var testRole = new Alks.Iamrole("testRole", new()
{
EnableAlksAccess = false,
IncludeDefaultPolicies = false,
Tags =
{
{ "tagKey", "tagValue" },
},
Type = "Amazon EC2",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alks.Iamrole;
import com.pulumi.alks.IamroleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testRole = new Iamrole("testRole", IamroleArgs.builder()
.enableAlksAccess(false)
.includeDefaultPolicies(false)
.tags(Map.of("tagKey", "tagValue"))
.type("Amazon EC2")
.build());
}
}
resources:
testRole:
type: alks:Iamrole
properties:
enableAlksAccess: false
includeDefaultPolicies: false
tags:
tagKey: tagValue
type: Amazon EC2
Create Iamtrustrole Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Iamtrustrole(name: string, args: IamtrustroleArgs, opts?: CustomResourceOptions);@overload
def Iamtrustrole(resource_name: str,
args: IamtrustroleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Iamtrustrole(resource_name: str,
opts: Optional[ResourceOptions] = None,
trust_arn: Optional[str] = None,
type: Optional[str] = None,
enable_alks_access: Optional[bool] = None,
iamtrustrole_id: Optional[str] = None,
max_session_duration_in_seconds: Optional[float] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None)func NewIamtrustrole(ctx *Context, name string, args IamtrustroleArgs, opts ...ResourceOption) (*Iamtrustrole, error)public Iamtrustrole(string name, IamtrustroleArgs args, CustomResourceOptions? opts = null)
public Iamtrustrole(String name, IamtrustroleArgs args)
public Iamtrustrole(String name, IamtrustroleArgs args, CustomResourceOptions options)
type: alks:Iamtrustrole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IamtrustroleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IamtrustroleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IamtrustroleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IamtrustroleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IamtrustroleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var iamtrustroleResource = new Alks.Iamtrustrole("iamtrustroleResource", new()
{
TrustArn = "string",
Type = "string",
EnableAlksAccess = false,
IamtrustroleId = "string",
MaxSessionDurationInSeconds = 0,
Name = "string",
NamePrefix = "string",
Tags =
{
{ "string", "string" },
},
TagsAll =
{
{ "string", "string" },
},
});
example, err := alks.NewIamtrustrole(ctx, "iamtrustroleResource", &alks.IamtrustroleArgs{
TrustArn: pulumi.String("string"),
Type: pulumi.String("string"),
EnableAlksAccess: pulumi.Bool(false),
IamtrustroleId: pulumi.String("string"),
MaxSessionDurationInSeconds: pulumi.Float64(0),
Name: pulumi.String("string"),
NamePrefix: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
TagsAll: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var iamtrustroleResource = new Iamtrustrole("iamtrustroleResource", IamtrustroleArgs.builder()
.trustArn("string")
.type("string")
.enableAlksAccess(false)
.iamtrustroleId("string")
.maxSessionDurationInSeconds(0)
.name("string")
.namePrefix("string")
.tags(Map.of("string", "string"))
.tagsAll(Map.of("string", "string"))
.build());
iamtrustrole_resource = alks.Iamtrustrole("iamtrustroleResource",
trust_arn="string",
type="string",
enable_alks_access=False,
iamtrustrole_id="string",
max_session_duration_in_seconds=0,
name="string",
name_prefix="string",
tags={
"string": "string",
},
tags_all={
"string": "string",
})
const iamtrustroleResource = new alks.Iamtrustrole("iamtrustroleResource", {
trustArn: "string",
type: "string",
enableAlksAccess: false,
iamtrustroleId: "string",
maxSessionDurationInSeconds: 0,
name: "string",
namePrefix: "string",
tags: {
string: "string",
},
tagsAll: {
string: "string",
},
});
type: alks:Iamtrustrole
properties:
enableAlksAccess: false
iamtrustroleId: string
maxSessionDurationInSeconds: 0
name: string
namePrefix: string
tags:
string: string
tagsAll:
string: string
trustArn: string
type: string
Iamtrustrole Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Iamtrustrole resource accepts the following input properties:
- Trust
Arn string - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- Type string
- The role type to use
Cross AccountorInner Account. - Enable
Alks boolAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - Iamtrustrole
Id string - Max
Session doubleDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- Name string
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Name
Prefix string - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Dictionary<string, string>
- If present, will add specified tags onto role.
- Dictionary<string, string>
- Trust
Arn string - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- Type string
- The role type to use
Cross AccountorInner Account. - Enable
Alks boolAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - Iamtrustrole
Id string - Max
Session float64Duration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- Name string
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Name
Prefix string - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- map[string]string
- If present, will add specified tags onto role.
- map[string]string
- trust
Arn String - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type String
- The role type to use
Cross AccountorInner Account. - enable
Alks BooleanAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole
Id String - max
Session DoubleDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name String
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name
Prefix String - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Map<String,String>
- If present, will add specified tags onto role.
- Map<String,String>
- trust
Arn string - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type string
- The role type to use
Cross AccountorInner Account. - enable
Alks booleanAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole
Id string - max
Session numberDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name string
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name
Prefix string - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- {[key: string]: string}
- If present, will add specified tags onto role.
- {[key: string]: string}
- trust_
arn str - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type str
- The role type to use
Cross AccountorInner Account. - enable_
alks_ boolaccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole_
id str - max_
session_ floatduration_ in_ seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name str
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name_
prefix str - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Mapping[str, str]
- If present, will add specified tags onto role.
- Mapping[str, str]
- trust
Arn String - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type String
- The role type to use
Cross AccountorInner Account. - enable
Alks BooleanAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole
Id String - max
Session NumberDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name String
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name
Prefix String - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Map<String>
- If present, will add specified tags onto role.
- Map<String>
Outputs
All input properties are implicitly available as output properties. Additionally, the Iamtrustrole resource produces the following output properties:
- Arn string
- Provides the ARN of the role that was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Ip
Arn string - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - Role
Added boolTo Ip - Indicates whether or not an instance profile role was created.
- Arn string
- Provides the ARN of the role that was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Ip
Arn string - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - Role
Added boolTo Ip - Indicates whether or not an instance profile role was created.
- arn String
- Provides the ARN of the role that was created.
- id String
- The provider-assigned unique ID for this managed resource.
- ip
Arn String - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - role
Added BooleanTo Ip - Indicates whether or not an instance profile role was created.
- arn string
- Provides the ARN of the role that was created.
- id string
- The provider-assigned unique ID for this managed resource.
- ip
Arn string - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - role
Added booleanTo Ip - Indicates whether or not an instance profile role was created.
- arn str
- Provides the ARN of the role that was created.
- id str
- The provider-assigned unique ID for this managed resource.
- ip_
arn str - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - role_
added_ boolto_ ip - Indicates whether or not an instance profile role was created.
- arn String
- Provides the ARN of the role that was created.
- id String
- The provider-assigned unique ID for this managed resource.
- ip
Arn String - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - role
Added BooleanTo Ip - Indicates whether or not an instance profile role was created.
Look up Existing Iamtrustrole Resource
Get an existing Iamtrustrole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IamtrustroleState, opts?: CustomResourceOptions): Iamtrustrole@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
enable_alks_access: Optional[bool] = None,
iamtrustrole_id: Optional[str] = None,
ip_arn: Optional[str] = None,
max_session_duration_in_seconds: Optional[float] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
role_added_to_ip: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
trust_arn: Optional[str] = None,
type: Optional[str] = None) -> Iamtrustrolefunc GetIamtrustrole(ctx *Context, name string, id IDInput, state *IamtrustroleState, opts ...ResourceOption) (*Iamtrustrole, error)public static Iamtrustrole Get(string name, Input<string> id, IamtrustroleState? state, CustomResourceOptions? opts = null)public static Iamtrustrole get(String name, Output<String> id, IamtrustroleState state, CustomResourceOptions options)resources: _: type: alks:Iamtrustrole get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
- Provides the ARN of the role that was created.
- Enable
Alks boolAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - Iamtrustrole
Id string - Ip
Arn string - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - Max
Session doubleDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- Name string
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Name
Prefix string - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Role
Added boolTo Ip - Indicates whether or not an instance profile role was created.
- Dictionary<string, string>
- If present, will add specified tags onto role.
- Dictionary<string, string>
- Trust
Arn string - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- Type string
- The role type to use
Cross AccountorInner Account.
- Arn string
- Provides the ARN of the role that was created.
- Enable
Alks boolAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - Iamtrustrole
Id string - Ip
Arn string - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - Max
Session float64Duration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- Name string
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Name
Prefix string - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- Role
Added boolTo Ip - Indicates whether or not an instance profile role was created.
- map[string]string
- If present, will add specified tags onto role.
- map[string]string
- Trust
Arn string - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- Type string
- The role type to use
Cross AccountorInner Account.
- arn String
- Provides the ARN of the role that was created.
- enable
Alks BooleanAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole
Id String - ip
Arn String - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - max
Session DoubleDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name String
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name
Prefix String - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- role
Added BooleanTo Ip - Indicates whether or not an instance profile role was created.
- Map<String,String>
- If present, will add specified tags onto role.
- Map<String,String>
- trust
Arn String - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type String
- The role type to use
Cross AccountorInner Account.
- arn string
- Provides the ARN of the role that was created.
- enable
Alks booleanAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole
Id string - ip
Arn string - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - max
Session numberDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name string
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name
Prefix string - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- role
Added booleanTo Ip - Indicates whether or not an instance profile role was created.
- {[key: string]: string}
- If present, will add specified tags onto role.
- {[key: string]: string}
- trust
Arn string - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type string
- The role type to use
Cross AccountorInner Account.
- arn str
- Provides the ARN of the role that was created.
- enable_
alks_ boolaccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole_
id str - ip_
arn str - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - max_
session_ floatduration_ in_ seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name str
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name_
prefix str - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- role_
added_ boolto_ ip - Indicates whether or not an instance profile role was created.
- Mapping[str, str]
- If present, will add specified tags onto role.
- Mapping[str, str]
- trust_
arn str - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type str
- The role type to use
Cross AccountorInner Account.
- arn String
- Provides the ARN of the role that was created.
- enable
Alks BooleanAccess - If
true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability. - iamtrustrole
Id String - ip
Arn String - If
role_added_to_ipwastruethis will provide the ARN of the instance profile role. - max
Session NumberDuration In Seconds - If present, will set maximum duration for role. Change forces re-creation of resource.
- name String
- The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- name
Prefix String - A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
- role
Added BooleanTo Ip - Indicates whether or not an instance profile role was created.
- Map<String>
- If present, will add specified tags onto role.
- Map<String>
- trust
Arn String - Account role ARN to trust.
- Note: This only allows ONE account role ARN. This is an intended security control by CAI.
- type String
- The role type to use
Cross AccountorInner Account.
Import
!> Warning: This will force-replace the resource.
ALKS IAM trust roles can be imported using the name, e.g.
$ pulumi import alks:index/iamtrustrole:Iamtrustrole test_trust_role My_Cross_Test_Role
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- alks cox-automotive/terraform-provider-alks
- License
- Notes
- This Pulumi package is based on the
alksTerraform Provider.
alks 2.8.2 published on Monday, Apr 14, 2025 by cox-automotive