1. Packages
  2. AWS IAM
  3. API Docs
  4. AssumableRoleWithSAML
AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi

aws-iam.AssumableRoleWithSAML

Explore with Pulumi AI

aws-iam logo
AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi

    This resource helps you create a single IAM Role which can be assumed by trusted resources using SAML Federated Users.

    Example Usage

    using Pulumi;
    using Pulumi.AwsIam;
    using Pulumi.AwsIam.Inputs;
    
    class MyStack : Stack
    {
        public MyStack()
        {
            var assumableRoleWithSaml = new AssumableRoleWithSAML("assumable-role-with-saml", new AssumableRoleWithSAMLArgs
            {
                Role = new RoleArgs
                {
                    Name = "saml-role",
                    PolicyArns = {"arn:aws:iam::aws:policy/ReadOnlyAccess"},
                },
                Tags = new InputMap<string>
                {
                    {"Role", "saml-role"},
                },
                ProviderIds = {"arn:aws:iam::235367859851:saml-provider/idp_saml"},
            });
    
            this.AssumableRoleWithSaml = Output.Create<AssumableRoleWithSAML>(assumableRoleWithSaml);
        }
    
        [Output]
        public Output<AssumableRoleWithSAML> AssumableRoleWithSaml { get; set; }
    }
    
    package main
    
    import (
        iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
        "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
        pulumi.Run(func(ctx *pulumi.Context) error {
            assumableRoleWithSAML, err := iam.NewAssumableRoleWithSAML(ctx, "assumable-role-with-saml", &iam.AssumableRoleWithSAMLArgs{
                Role: iam.RoleArgs{
                    Name:       pulumi.String("saml-role"),
                    PolicyArns: pulumi.ToStringArray([]string{"arn:aws:iam::aws:policy/ReadOnlyAccess"}),
                },
                Tags: pulumi.ToStringMap(map[string]string{
                    "Role": "saml-role",
                }),
                ProviderIds: pulumi.ToStringArray([]string{"arn:aws:iam::235367859851:saml-provider/idp_saml"}),
            })
            if err != nil {
                return err
            }
    
            ctx.Export("assumableRoleWithSAML", assumableRoleWithSAML)
    
            return nil
        })
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_iam as iam
    
    assumable_role_with_saml = iam.AssumableRoleWithSAML(
        'assumable_role_with_saml',
        role=iam.RoleArgs(
            name='saml-role',
            policy_arns=['arn:aws:iam::aws:policy/ReadOnlyAccess'],
        ),
        tags={
            'Role': 'saml-role',
        },
        provider_ids=['arn:aws:iam::235367859851:saml-provider/idp_saml']
    )
    
    pulumi.export('assumable_role_with_saml', assumable_role_with_saml)
    
    import * as iam from "@pulumi/aws-iam";
    
    export const assumableRoleWithSaml = new iam.AssumableRoleWithSAML("aws-iam-example-assumable-role-with-saml", {
        providerIds: [ "arn:aws:iam::235367859851:saml-provider/idp_saml" ],
        role: {
            name: "saml-role",
            policyArns: [ "arn:aws:iam::aws:policy/ReadOnlyAccess" ],
        },
        tags: {
            Role: "saml-role",
        },
    });
    
    name: awsiam-yaml
    runtime: yaml
    resources:
        assumableRoleWithSaml:
            type: "aws-iam:index:AssumableRoleWithSAML"
            properties:
                role:
                    name: "saml-role"
                    policyArns:
                        - "arn:aws:iam::aws:policy/ReadOnlyAccess"
                tags:
                    Role: "saml-role"
                providerIds:
                    - "arn:aws:iam::235367859851:saml-provider/idp_saml"
    outputs:
        assumableRoleWithSaml: ${assumableRoleWithSaml}
    

    Create AssumableRoleWithSAML Resource

    new AssumableRoleWithSAML(name: string, args?: AssumableRoleWithSAMLArgs, opts?: CustomResourceOptions);
    @overload
    def AssumableRoleWithSAML(resource_name: str,
                              opts: Optional[ResourceOptions] = None,
                              aws_saml_endpoint: Optional[str] = None,
                              force_detach_policies: Optional[bool] = None,
                              max_session_duration: Optional[int] = None,
                              provider_ids: Optional[Sequence[str]] = None,
                              role: Optional[RoleArgs] = None,
                              tags: Optional[Mapping[str, str]] = None)
    @overload
    def AssumableRoleWithSAML(resource_name: str,
                              args: Optional[AssumableRoleWithSAMLArgs] = None,
                              opts: Optional[ResourceOptions] = None)
    func NewAssumableRoleWithSAML(ctx *Context, name string, args *AssumableRoleWithSAMLArgs, opts ...ResourceOption) (*AssumableRoleWithSAML, error)
    public AssumableRoleWithSAML(string name, AssumableRoleWithSAMLArgs? args = null, CustomResourceOptions? opts = null)
    public AssumableRoleWithSAML(String name, AssumableRoleWithSAMLArgs args)
    public AssumableRoleWithSAML(String name, AssumableRoleWithSAMLArgs args, CustomResourceOptions options)
    
    type: aws-iam:AssumableRoleWithSAML
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AssumableRoleWithSAMLArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AssumableRoleWithSAMLArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AssumableRoleWithSAMLArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AssumableRoleWithSAMLArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AssumableRoleWithSAMLArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AssumableRoleWithSAML Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AssumableRoleWithSAML resource accepts the following input properties:

    AwsSamlEndpoint string

    AWS SAML Endpoint.

    ForceDetachPolicies bool

    Whether policies should be detached from this role when destroying.

    MaxSessionDuration int

    Maximum CLI/API session duration in seconds between 3600 and 43200.

    ProviderIds List<string>

    List of SAML Provider IDs.

    Role Pulumi.AwsIam.Inputs.Role
    Tags Dictionary<string, string>

    A map of tags to add.

    AwsSamlEndpoint string

    AWS SAML Endpoint.

    ForceDetachPolicies bool

    Whether policies should be detached from this role when destroying.

    MaxSessionDuration int

    Maximum CLI/API session duration in seconds between 3600 and 43200.

    ProviderIds []string

    List of SAML Provider IDs.

    Role RoleArgs
    Tags map[string]string

    A map of tags to add.

    awsSamlEndpoint String

    AWS SAML Endpoint.

    forceDetachPolicies Boolean

    Whether policies should be detached from this role when destroying.

    maxSessionDuration Integer

    Maximum CLI/API session duration in seconds between 3600 and 43200.

    providerIds List<String>

    List of SAML Provider IDs.

    role Role
    tags Map<String,String>

    A map of tags to add.

    awsSamlEndpoint string

    AWS SAML Endpoint.

    forceDetachPolicies boolean

    Whether policies should be detached from this role when destroying.

    maxSessionDuration number

    Maximum CLI/API session duration in seconds between 3600 and 43200.

    providerIds string[]

    List of SAML Provider IDs.

    role Role
    tags {[key: string]: string}

    A map of tags to add.

    aws_saml_endpoint str

    AWS SAML Endpoint.

    force_detach_policies bool

    Whether policies should be detached from this role when destroying.

    max_session_duration int

    Maximum CLI/API session duration in seconds between 3600 and 43200.

    provider_ids Sequence[str]

    List of SAML Provider IDs.

    role RoleArgs
    tags Mapping[str, str]

    A map of tags to add.

    awsSamlEndpoint String

    AWS SAML Endpoint.

    forceDetachPolicies Boolean

    Whether policies should be detached from this role when destroying.

    maxSessionDuration Number

    Maximum CLI/API session duration in seconds between 3600 and 43200.

    providerIds List<String>

    List of SAML Provider IDs.

    role Property Map
    tags Map<String>

    A map of tags to add.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AssumableRoleWithSAML resource produces the following output properties:

    RoleArn string

    ARN of IAM role.

    RoleName string

    Name of IAM role.

    RolePath string

    Path of IAM role.

    RoleUniqueId string

    Unique ID of IAM role.

    RoleArn string

    ARN of IAM role.

    RoleName string

    Name of IAM role.

    RolePath string

    Path of IAM role.

    RoleUniqueId string

    Unique ID of IAM role.

    roleArn String

    ARN of IAM role.

    roleName String

    Name of IAM role.

    rolePath String

    Path of IAM role.

    roleUniqueId String

    Unique ID of IAM role.

    roleArn string

    ARN of IAM role.

    roleName string

    Name of IAM role.

    rolePath string

    Path of IAM role.

    roleUniqueId string

    Unique ID of IAM role.

    role_arn str

    ARN of IAM role.

    role_name str

    Name of IAM role.

    role_path str

    Path of IAM role.

    role_unique_id str

    Unique ID of IAM role.

    roleArn String

    ARN of IAM role.

    roleName String

    Name of IAM role.

    rolePath String

    Path of IAM role.

    roleUniqueId String

    Unique ID of IAM role.

    Supporting Types

    Role, RoleArgs

    Name string

    IAM role name.

    NamePrefix string

    IAM role name prefix.

    Path string

    Path of admin IAM role.

    PermissionsBoundaryArn string

    Permissions boundary ARN to use for the role.

    PolicyArns List<string>

    List of policy ARNs to use for the role.

    Name string

    IAM role name.

    NamePrefix string

    IAM role name prefix.

    Path string

    Path of admin IAM role.

    PermissionsBoundaryArn string

    Permissions boundary ARN to use for the role.

    PolicyArns []string

    List of policy ARNs to use for the role.

    name String

    IAM role name.

    namePrefix String

    IAM role name prefix.

    path String

    Path of admin IAM role.

    permissionsBoundaryArn String

    Permissions boundary ARN to use for the role.

    policyArns List<String>

    List of policy ARNs to use for the role.

    name string

    IAM role name.

    namePrefix string

    IAM role name prefix.

    path string

    Path of admin IAM role.

    permissionsBoundaryArn string

    Permissions boundary ARN to use for the role.

    policyArns string[]

    List of policy ARNs to use for the role.

    name str

    IAM role name.

    name_prefix str

    IAM role name prefix.

    path str

    Path of admin IAM role.

    permissions_boundary_arn str

    Permissions boundary ARN to use for the role.

    policy_arns Sequence[str]

    List of policy ARNs to use for the role.

    name String

    IAM role name.

    namePrefix String

    IAM role name prefix.

    path String

    Path of admin IAM role.

    permissionsBoundaryArn String

    Permissions boundary ARN to use for the role.

    policyArns List<String>

    List of policy ARNs to use for the role.

    Package Details

    Repository
    aws-iam
    License
    aws-iam logo
    AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi