1. Packages
  2. AWS IAM
  3. API Docs
  4. GroupWithPolicies
AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi

aws-iam.GroupWithPolicies

Explore with Pulumi AI

aws-iam logo
AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi

    This resources allows you to create an IAM group with specified IAM policies, and then add specified users into your created group.

    Example Usage

    using Pulumi;
    using Pulumi.AwsIam;
    using Pulumi.AwsIam.Inputs;
    
    class MyStack : Stack
    {
        public MyStack()
        {
            var groupWithPolicies = new GroupWithPolicies("group-with-policies", new GroupWithPoliciesArgs
            {
                Name = "superadmins",
                GroupUsers = {"user1", "user2"},
                AttachIamSelfManagementPolicy = true,
                CustomGroupPolicyArns = {"arn:aws:iam::aws:policy/AdministratorAccess"},
                CustomGroupPolicies = new InputList<ImmutableDictionary<string, string>>
                {
                    ImmutableDictionary.Create<string, string>()
                        .Add("name", "AllowS3Listing")
                        .Add("policy", "{}"),
                },
            });
    
            this.GroupWithPolicies = Output.Create<GroupWithPolicies>(groupWithPolicies);
        }
    
        [Output]
        public Output<GroupWithPolicies> GroupWithPolicies { get; set; }
    }
    
    package main
    
    import (
        iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
        "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
        pulumi.Run(func(ctx *pulumi.Context) error {
            groupWithPolicies, err := iam.NewGroupWithPolicies(ctx, "group-with-policies", &iam.GroupWithPoliciesArgs{
                Name:                          pulumi.String("superadmins"),
                GroupUsers:                    pulumi.ToStringArray([]string{"user1", "user2"}),
                AttachIamSelfManagementPolicy: pulumi.BoolPtr(true),
                CustomGroupPolicyArns:         pulumi.ToStringArray([]string{"arn:aws:iam::aws:policy/AdministratorAccess"}),
                CustomGroupPolicies: pulumi.ToStringMapArray([]map[string]string{
                    {
                        "name":   "AllowS3Listing",
                        "policy": "{}",
                    },
                }),
            })
            if err != nil {
                return err
            }
    
            ctx.Export("groupWithPolicies", groupWithPolicies)
    
            return nil
        })
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_iam as iam
    
    group_with_policies = iam.GroupWithPolicies(
        'group_with_policies',
        name='superadmins',
        group_users=['user1','user2'],
        attach_iam_self_management_policy=True,
        custom_group_policy_arns=['arn:aws:iam::aws:policy/AdministratorAccess'],
        custom_group_policies=[{
            'name': 'AllowS3Listing',
            'policy': '{}',
        }],
    )
    
    pulumi.export('group_with_policies', group_with_policies)
    
    import * as iam from "@pulumi/aws-iam";
    
    export const groupWithPolicies = new iam.GroupWithPolicies("aws-iam-example-group-with-policies", {
        name: "superadmins",
        groupUsers: [ "user1", "user2" ],
        attachIamSelfManagementPolicy: true,
        customGroupPolicyArns: [ "arn:aws:iam::aws:policy/AdministratorAccess" ],
        customGroupPolicies: [{
            "name": "AllowS3Listing",
            "policy": "{}",
        }],
    });
    
    name: awsiam-yaml
    runtime: yaml
    resources:
        groupWithPolicies:
            type: "aws-iam:index:GroupWithPolicies"
            properties:
                name: "superadmins"
                groupUsers:
                    - "user1"
                    - "user2"
                attachIamSelfManagementPolicy: true
                customGroupPolicyArns:
                    - "arn:aws:iam::aws:policy/AdministratorAccess"
                customGroupPolicies:
                    - name: "AllowS3Listing"
                    policy: "{}"
                outputs:
                    groupWithPolicies: ${groupWithPolicies}
    

    Create GroupWithPolicies Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new GroupWithPolicies(name: string, args: GroupWithPoliciesArgs, opts?: CustomResourceOptions);
    @overload
    def GroupWithPolicies(resource_name: str,
                          args: GroupWithPoliciesArgs,
                          opts: Optional[ResourceOptions] = None)
    
    @overload
    def GroupWithPolicies(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          group_users: Optional[Sequence[str]] = None,
                          name: Optional[str] = None,
                          attach_iam_self_management_policy: Optional[bool] = None,
                          aws_account_id: Optional[str] = None,
                          custom_group_policies: Optional[Sequence[Mapping[str, str]]] = None,
                          custom_group_policy_arns: Optional[Sequence[str]] = None,
                          iam_self_management_policy_name_prefix: Optional[str] = None,
                          tags: Optional[Mapping[str, str]] = None)
    func NewGroupWithPolicies(ctx *Context, name string, args GroupWithPoliciesArgs, opts ...ResourceOption) (*GroupWithPolicies, error)
    public GroupWithPolicies(string name, GroupWithPoliciesArgs args, CustomResourceOptions? opts = null)
    public GroupWithPolicies(String name, GroupWithPoliciesArgs args)
    public GroupWithPolicies(String name, GroupWithPoliciesArgs args, CustomResourceOptions options)
    
    type: aws-iam:GroupWithPolicies
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args GroupWithPoliciesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args GroupWithPoliciesArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args GroupWithPoliciesArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args GroupWithPoliciesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args GroupWithPoliciesArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var groupWithPoliciesResource = new AwsIam.GroupWithPolicies("groupWithPoliciesResource", new()
    {
        GroupUsers = new[]
        {
            "string",
        },
        Name = "string",
        AttachIamSelfManagementPolicy = false,
        AwsAccountId = "string",
        CustomGroupPolicies = new[]
        {
            
            {
                { "string", "string" },
            },
        },
        CustomGroupPolicyArns = new[]
        {
            "string",
        },
        IamSelfManagementPolicyNamePrefix = "string",
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := awsiam.NewGroupWithPolicies(ctx, "groupWithPoliciesResource", &awsiam.GroupWithPoliciesArgs{
    	GroupUsers: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Name:                          pulumi.String("string"),
    	AttachIamSelfManagementPolicy: pulumi.Bool(false),
    	AwsAccountId:                  pulumi.String("string"),
    	CustomGroupPolicies: pulumi.StringMapArray{
    		pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	CustomGroupPolicyArns: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	IamSelfManagementPolicyNamePrefix: pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var groupWithPoliciesResource = new GroupWithPolicies("groupWithPoliciesResource", GroupWithPoliciesArgs.builder()
        .groupUsers("string")
        .name("string")
        .attachIamSelfManagementPolicy(false)
        .awsAccountId("string")
        .customGroupPolicies(Map.of("string", "string"))
        .customGroupPolicyArns("string")
        .iamSelfManagementPolicyNamePrefix("string")
        .tags(Map.of("string", "string"))
        .build());
    
    group_with_policies_resource = aws_iam.GroupWithPolicies("groupWithPoliciesResource",
        group_users=["string"],
        name="string",
        attach_iam_self_management_policy=False,
        aws_account_id="string",
        custom_group_policies=[{
            "string": "string",
        }],
        custom_group_policy_arns=["string"],
        iam_self_management_policy_name_prefix="string",
        tags={
            "string": "string",
        })
    
    const groupWithPoliciesResource = new aws_iam.GroupWithPolicies("groupWithPoliciesResource", {
        groupUsers: ["string"],
        name: "string",
        attachIamSelfManagementPolicy: false,
        awsAccountId: "string",
        customGroupPolicies: [{
            string: "string",
        }],
        customGroupPolicyArns: ["string"],
        iamSelfManagementPolicyNamePrefix: "string",
        tags: {
            string: "string",
        },
    });
    
    type: aws-iam:GroupWithPolicies
    properties:
        attachIamSelfManagementPolicy: false
        awsAccountId: string
        customGroupPolicies:
            - string: string
        customGroupPolicyArns:
            - string
        groupUsers:
            - string
        iamSelfManagementPolicyNamePrefix: string
        name: string
        tags:
            string: string
    

    GroupWithPolicies Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The GroupWithPolicies resource accepts the following input properties:

    GroupUsers List<string>
    List of IAM users to have in an IAM group which can assume the role.
    Name string
    Name of IAM group.
    AttachIamSelfManagementPolicy bool
    Whether to attach IAM policy which allows IAM users to manage their credentials and MFA.
    AwsAccountId string
    AWS account id to use inside IAM policies. If empty, current AWS account ID will be used.
    CustomGroupPolicies List<ImmutableDictionary<string, string>>
    List of maps of inline IAM policies to attach to IAM group. Should have name and policy keys in each element.
    CustomGroupPolicyArns List<string>
    List of IAM policies ARNs to attach to IAM group.
    IamSelfManagementPolicyNamePrefix string
    Name prefix for IAM policy to create with IAM self-management permissions.
    Tags Dictionary<string, string>
    A map of tags to add.
    GroupUsers []string
    List of IAM users to have in an IAM group which can assume the role.
    Name string
    Name of IAM group.
    AttachIamSelfManagementPolicy bool
    Whether to attach IAM policy which allows IAM users to manage their credentials and MFA.
    AwsAccountId string
    AWS account id to use inside IAM policies. If empty, current AWS account ID will be used.
    CustomGroupPolicies []map[string]string
    List of maps of inline IAM policies to attach to IAM group. Should have name and policy keys in each element.
    CustomGroupPolicyArns []string
    List of IAM policies ARNs to attach to IAM group.
    IamSelfManagementPolicyNamePrefix string
    Name prefix for IAM policy to create with IAM self-management permissions.
    Tags map[string]string
    A map of tags to add.
    groupUsers List<String>
    List of IAM users to have in an IAM group which can assume the role.
    name String
    Name of IAM group.
    attachIamSelfManagementPolicy Boolean
    Whether to attach IAM policy which allows IAM users to manage their credentials and MFA.
    awsAccountId String
    AWS account id to use inside IAM policies. If empty, current AWS account ID will be used.
    customGroupPolicies List<Map<String,String>>
    List of maps of inline IAM policies to attach to IAM group. Should have name and policy keys in each element.
    customGroupPolicyArns List<String>
    List of IAM policies ARNs to attach to IAM group.
    iamSelfManagementPolicyNamePrefix String
    Name prefix for IAM policy to create with IAM self-management permissions.
    tags Map<String,String>
    A map of tags to add.
    groupUsers string[]
    List of IAM users to have in an IAM group which can assume the role.
    name string
    Name of IAM group.
    attachIamSelfManagementPolicy boolean
    Whether to attach IAM policy which allows IAM users to manage their credentials and MFA.
    awsAccountId string
    AWS account id to use inside IAM policies. If empty, current AWS account ID will be used.
    customGroupPolicies {[key: string]: string}[]
    List of maps of inline IAM policies to attach to IAM group. Should have name and policy keys in each element.
    customGroupPolicyArns string[]
    List of IAM policies ARNs to attach to IAM group.
    iamSelfManagementPolicyNamePrefix string
    Name prefix for IAM policy to create with IAM self-management permissions.
    tags {[key: string]: string}
    A map of tags to add.
    group_users Sequence[str]
    List of IAM users to have in an IAM group which can assume the role.
    name str
    Name of IAM group.
    attach_iam_self_management_policy bool
    Whether to attach IAM policy which allows IAM users to manage their credentials and MFA.
    aws_account_id str
    AWS account id to use inside IAM policies. If empty, current AWS account ID will be used.
    custom_group_policies Sequence[Mapping[str, str]]
    List of maps of inline IAM policies to attach to IAM group. Should have name and policy keys in each element.
    custom_group_policy_arns Sequence[str]
    List of IAM policies ARNs to attach to IAM group.
    iam_self_management_policy_name_prefix str
    Name prefix for IAM policy to create with IAM self-management permissions.
    tags Mapping[str, str]
    A map of tags to add.
    groupUsers List<String>
    List of IAM users to have in an IAM group which can assume the role.
    name String
    Name of IAM group.
    attachIamSelfManagementPolicy Boolean
    Whether to attach IAM policy which allows IAM users to manage their credentials and MFA.
    awsAccountId String
    AWS account id to use inside IAM policies. If empty, current AWS account ID will be used.
    customGroupPolicies List<Map<String>>
    List of maps of inline IAM policies to attach to IAM group. Should have name and policy keys in each element.
    customGroupPolicyArns List<String>
    List of IAM policies ARNs to attach to IAM group.
    iamSelfManagementPolicyNamePrefix String
    Name prefix for IAM policy to create with IAM self-management permissions.
    tags Map<String>
    A map of tags to add.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the GroupWithPolicies resource produces the following output properties:

    GroupArn string
    IAM group arn.
    GroupName string
    IAM group name.
    GroupArn string
    IAM group arn.
    GroupName string
    IAM group name.
    groupArn String
    IAM group arn.
    groupName String
    IAM group name.
    groupArn string
    IAM group arn.
    groupName string
    IAM group name.
    group_arn str
    IAM group arn.
    group_name str
    IAM group name.
    groupArn String
    IAM group arn.
    groupName String
    IAM group name.

    Package Details

    Repository
    aws-iam
    License
    aws-iam logo
    AWS IAM v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi