Docs
Packagesaws-iam.GroupWithAssumableRolesPolicy
Explore with Pulumi AI
This resource helps you create an IAM Group with Users who are allowed to assume specified IAM roles.
Example Usage
using Pulumi;
using Pulumi.AwsIam;
using Pulumi.AwsIam.Inputs;
class MyStack : Stack
{
public MyStack()
{
var groupWithAssumableRolePolicy = new GroupWithAssumableRolesPolicy("group-with-assumable-roles-policy", new GroupWithAssumableRolesPolicyArgs
{
Name = "production-readonly",
AssumableRoles = {"arn:aws:iam::835367859855:role/readonly"},
GroupUsers = {"user1", "user2"},
});
this.GroupWithAssumableRolesPolicy = Output.Create<GroupWithAssumableRolesPolicy>(groupWithAssumableRolePolicy);
}
[Output]
public Output<GroupWithAssumableRolesPolicy> GroupWithAssumableRolesPolicy { get; set; }
}
package main
import (
iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
groupWithAssumableRolesPolicy, err := iam.NewGroupWithAssumableRolesPolicy(ctx, "group-with-assumable-roles-policy", &iam.GroupWithAssumableRolesPolicyArgs{
Name: pulumi.String("production-readonly"),
AssumableRoles: pulumi.ToStringArray([]string{"arn:aws:iam::835367859855:role/readonly"}),
GroupUsers: pulumi.ToStringArray([]string{"user1", "user2"}),
})
if err != nil {
return err
}
ctx.Export("groupWithAssumableRolesPolicy", groupWithAssumableRolesPolicy)
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_iam as iam
group_with_assume_roles_policy = iam.GroupWithAssumableRolesPolicy(
'group_with_assume_roles_policy',
name='production-readonly',
assumable_roles=['arn:aws:iam::835367859855:role/readonly'],
group_users=['user1','user2'],
)
pulumi.export('group_with_assume_roles_policy', group_with_assume_roles_policy)
import * as iam from "@pulumi/aws-iam";
export const groupWithAssumableRolesPolicy = new iam.GroupWithAssumableRolesPolicy("aws-iam-example-group-with-assumable-roles-policy", {
name: "production-readonly",
assumableRoles: [ "arn:aws:iam::835367859855:role/readonly" ],
groupUsers: [ "user1" ],
});
name: awsiam-yaml
runtime: yaml
resources:
groupWithAssumableRolesPolicy:
type: "aws-iam:index:GroupWithAssumableRolesPolicy"
properties:
name: "production-readonly"
assumableRoles:
- "arn:aws:iam::835367859855:role/readonly"
groupUsers:
- "user1"
- "user2"
outputs:
groupWithAssumableRolesPolicy: ${groupWithAssumableRolesPolicy}
Create GroupWithAssumableRolesPolicy Resource
new GroupWithAssumableRolesPolicy(name: string, args: GroupWithAssumableRolesPolicyArgs, opts?: CustomResourceOptions);@overload
def GroupWithAssumableRolesPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
assumable_roles: Optional[Sequence[str]] = None,
group_users: Optional[Sequence[str]] = None,
name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
@overload
def GroupWithAssumableRolesPolicy(resource_name: str,
args: GroupWithAssumableRolesPolicyArgs,
opts: Optional[ResourceOptions] = None)func NewGroupWithAssumableRolesPolicy(ctx *Context, name string, args GroupWithAssumableRolesPolicyArgs, opts ...ResourceOption) (*GroupWithAssumableRolesPolicy, error)public GroupWithAssumableRolesPolicy(string name, GroupWithAssumableRolesPolicyArgs args, CustomResourceOptions? opts = null)
public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args)
public GroupWithAssumableRolesPolicy(String name, GroupWithAssumableRolesPolicyArgs args, CustomResourceOptions options)
type: aws-iam:GroupWithAssumableRolesPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GroupWithAssumableRolesPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
GroupWithAssumableRolesPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The GroupWithAssumableRolesPolicy resource accepts the following input properties:
- Assumable
Roles List<string> List of IAM roles ARNs which can be assumed by the group
- Group
Users List<string> List of IAM users to have in an IAM group which can assume the role
- Name string
Name of IAM policy and IAM group.
- Dictionary<string, string>
A map of tags to add.
- Assumable
Roles []string List of IAM roles ARNs which can be assumed by the group
- Group
Users []string List of IAM users to have in an IAM group which can assume the role
- Name string
Name of IAM policy and IAM group.
- map[string]string
A map of tags to add.
- assumable
Roles List<String> List of IAM roles ARNs which can be assumed by the group
- group
Users List<String> List of IAM users to have in an IAM group which can assume the role
- name String
Name of IAM policy and IAM group.
- Map<String,String>
A map of tags to add.
- assumable
Roles string[] List of IAM roles ARNs which can be assumed by the group
- group
Users string[] List of IAM users to have in an IAM group which can assume the role
- name string
Name of IAM policy and IAM group.
- {[key: string]: string}
A map of tags to add.
- assumable_
roles Sequence[str] List of IAM roles ARNs which can be assumed by the group
- group_
users Sequence[str] List of IAM users to have in an IAM group which can assume the role
- name str
Name of IAM policy and IAM group.
- Mapping[str, str]
A map of tags to add.
- assumable
Roles List<String> List of IAM roles ARNs which can be assumed by the group
- group
Users List<String> List of IAM users to have in an IAM group which can assume the role
- name String
Name of IAM policy and IAM group.
- Map<String>
A map of tags to add.
Outputs
All input properties are implicitly available as output properties. Additionally, the GroupWithAssumableRolesPolicy resource produces the following output properties:
- group_
arn str IAM group arn.
- group_
name str IAM group name.
- policy_
arn str Assume role policy ARN of IAM group
Package Details
- Repository
- aws-iam
- License