aws-native.iam.Role
Resource Type definition for AWS::IAM::Role
Example Usage
Example
using System.Collections.Generic;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var amazonGrafanaWorkspaceIAMRole = new AwsNative.IAM.Role("amazonGrafanaWorkspaceIAMRole", new()
{
ManagedPolicyArns = new[]
{
"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess",
},
AssumeRolePolicyDocument =
{
{ "version", "2012-10-17" },
{ "statement", new[]
{
{
{ "effect", "Allow" },
{ "principal",
{
{ "service", new[]
{
"grafana.amazonaws.com",
} },
} },
{ "action", new[]
{
"sts:AssumeRole",
} },
},
} },
},
});
var amazonGrafanaWorkspace = new AwsNative.Grafana.Workspace("amazonGrafanaWorkspace", new()
{
AccountAccessType = AwsNative.Grafana.WorkspaceAccountAccessType.CurrentAccount,
Name = "AmazonGrafanaWorkspace",
Description = "Amazon Grafana Workspace",
AuthenticationProviders = new[]
{
AwsNative.Grafana.WorkspaceAuthenticationProviderTypes.Saml,
},
PermissionType = AwsNative.Grafana.WorkspacePermissionType.CustomerManaged,
RoleArn = amazonGrafanaWorkspaceIAMRole.Arn,
SamlConfiguration = new AwsNative.Grafana.Inputs.WorkspaceSamlConfigurationArgs
{
IdpMetadata = new AwsNative.Grafana.Inputs.WorkspaceIdpMetadataArgs
{
Xml = "<md:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'>DATA</md:EntityDescriptor>",
},
AssertionAttributes = new AwsNative.Grafana.Inputs.WorkspaceAssertionAttributesArgs
{
Name = "displayName",
Login = "login",
Email = "email",
Groups = "group",
Role = "role",
Org = "org",
},
RoleValues = new AwsNative.Grafana.Inputs.WorkspaceRoleValuesArgs
{
Editor = new[]
{
"editor1",
},
Admin = new[]
{
"admin1",
},
},
AllowedOrganizations = new[]
{
"org1",
},
LoginValidityDuration = 60,
},
});
return new Dictionary<string, object?>
{
["workspaceEndpoint"] = amazonGrafanaWorkspace.Endpoint,
["workspaceStatus"] = amazonGrafanaWorkspace.Status,
["workspaceId"] = amazonGrafanaWorkspace.Id,
["grafanaVersion"] = amazonGrafanaWorkspace.Grafana_version,
};
});
Coming soon!
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
amazon_grafana_workspace_iam_role = aws_native.iam.Role("amazonGrafanaWorkspaceIAMRole",
managed_policy_arns=["arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess"],
assume_role_policy_document={
"version": "2012-10-17",
"statement": [{
"effect": "Allow",
"principal": {
"service": ["grafana.amazonaws.com"],
},
"action": ["sts:AssumeRole"],
}],
})
amazon_grafana_workspace = aws_native.grafana.Workspace("amazonGrafanaWorkspace",
account_access_type=aws_native.grafana.WorkspaceAccountAccessType.CURRENT_ACCOUNT,
name="AmazonGrafanaWorkspace",
description="Amazon Grafana Workspace",
authentication_providers=[aws_native.grafana.WorkspaceAuthenticationProviderTypes.SAML],
permission_type=aws_native.grafana.WorkspacePermissionType.CUSTOMER_MANAGED,
role_arn=amazon_grafana_workspace_iam_role.arn,
saml_configuration=aws_native.grafana.WorkspaceSamlConfigurationArgs(
idp_metadata=aws_native.grafana.WorkspaceIdpMetadataArgs(
xml="<md:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'>DATA</md:EntityDescriptor>",
),
assertion_attributes=aws_native.grafana.WorkspaceAssertionAttributesArgs(
name="displayName",
login="login",
email="email",
groups="group",
role="role",
org="org",
),
role_values=aws_native.grafana.WorkspaceRoleValuesArgs(
editor=["editor1"],
admin=["admin1"],
),
allowed_organizations=["org1"],
login_validity_duration=60,
))
pulumi.export("workspaceEndpoint", amazon_grafana_workspace.endpoint)
pulumi.export("workspaceStatus", amazon_grafana_workspace.status)
pulumi.export("workspaceId", amazon_grafana_workspace.id)
pulumi.export("grafanaVersion", amazon_grafana_workspace.grafana_version)
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const amazonGrafanaWorkspaceIAMRole = new aws_native.iam.Role("amazonGrafanaWorkspaceIAMRole", {
managedPolicyArns: ["arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess"],
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: ["grafana.amazonaws.com"],
},
action: ["sts:AssumeRole"],
}],
},
});
const amazonGrafanaWorkspace = new aws_native.grafana.Workspace("amazonGrafanaWorkspace", {
accountAccessType: aws_native.grafana.WorkspaceAccountAccessType.CurrentAccount,
name: "AmazonGrafanaWorkspace",
description: "Amazon Grafana Workspace",
authenticationProviders: [aws_native.grafana.WorkspaceAuthenticationProviderTypes.Saml],
permissionType: aws_native.grafana.WorkspacePermissionType.CustomerManaged,
roleArn: amazonGrafanaWorkspaceIAMRole.arn,
samlConfiguration: {
idpMetadata: {
xml: "<md:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'>DATA</md:EntityDescriptor>",
},
assertionAttributes: {
name: "displayName",
login: "login",
email: "email",
groups: "group",
role: "role",
org: "org",
},
roleValues: {
editor: ["editor1"],
admin: ["admin1"],
},
allowedOrganizations: ["org1"],
loginValidityDuration: 60,
},
});
export const workspaceEndpoint = amazonGrafanaWorkspace.endpoint;
export const workspaceStatus = amazonGrafanaWorkspace.status;
export const workspaceId = amazonGrafanaWorkspace.id;
export const grafanaVersion = amazonGrafanaWorkspace.grafanaVersion;
Coming soon!
Example
using System.Collections.Generic;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var amazonGrafanaWorkspaceIAMRole = new AwsNative.IAM.Role("amazonGrafanaWorkspaceIAMRole", new()
{
ManagedPolicyArns = new[]
{
"arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess",
},
AssumeRolePolicyDocument =
{
{ "version", "2012-10-17" },
{ "statement", new[]
{
{
{ "effect", "Allow" },
{ "principal",
{
{ "service", new[]
{
"grafana.amazonaws.com",
} },
} },
{ "action", new[]
{
"sts:AssumeRole",
} },
},
} },
},
});
var amazonGrafanaWorkspace = new AwsNative.Grafana.Workspace("amazonGrafanaWorkspace", new()
{
AccountAccessType = AwsNative.Grafana.WorkspaceAccountAccessType.CurrentAccount,
Name = "AmazonGrafanaWorkspace",
Description = "Amazon Grafana Workspace",
AuthenticationProviders = new[]
{
AwsNative.Grafana.WorkspaceAuthenticationProviderTypes.Saml,
},
PermissionType = AwsNative.Grafana.WorkspacePermissionType.CustomerManaged,
RoleArn = amazonGrafanaWorkspaceIAMRole.Arn,
SamlConfiguration = new AwsNative.Grafana.Inputs.WorkspaceSamlConfigurationArgs
{
IdpMetadata = new AwsNative.Grafana.Inputs.WorkspaceIdpMetadataArgs
{
Xml = "<md:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'>DATA</md:EntityDescriptor>",
},
AssertionAttributes = new AwsNative.Grafana.Inputs.WorkspaceAssertionAttributesArgs
{
Name = "displayName",
Login = "login",
Email = "email",
Groups = "group",
Role = "role",
Org = "org",
},
RoleValues = new AwsNative.Grafana.Inputs.WorkspaceRoleValuesArgs
{
Editor = new[]
{
"editor1",
},
Admin = new[]
{
"admin1",
},
},
AllowedOrganizations = new[]
{
"org1",
},
LoginValidityDuration = 60,
},
});
return new Dictionary<string, object?>
{
["workspaceEndpoint"] = amazonGrafanaWorkspace.Endpoint,
["workspaceStatus"] = amazonGrafanaWorkspace.Status,
["workspaceId"] = amazonGrafanaWorkspace.Id,
["grafanaVersion"] = amazonGrafanaWorkspace.Grafana_version,
};
});
Coming soon!
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
amazon_grafana_workspace_iam_role = aws_native.iam.Role("amazonGrafanaWorkspaceIAMRole",
managed_policy_arns=["arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess"],
assume_role_policy_document={
"version": "2012-10-17",
"statement": [{
"effect": "Allow",
"principal": {
"service": ["grafana.amazonaws.com"],
},
"action": ["sts:AssumeRole"],
}],
})
amazon_grafana_workspace = aws_native.grafana.Workspace("amazonGrafanaWorkspace",
account_access_type=aws_native.grafana.WorkspaceAccountAccessType.CURRENT_ACCOUNT,
name="AmazonGrafanaWorkspace",
description="Amazon Grafana Workspace",
authentication_providers=[aws_native.grafana.WorkspaceAuthenticationProviderTypes.SAML],
permission_type=aws_native.grafana.WorkspacePermissionType.CUSTOMER_MANAGED,
role_arn=amazon_grafana_workspace_iam_role.arn,
saml_configuration=aws_native.grafana.WorkspaceSamlConfigurationArgs(
idp_metadata=aws_native.grafana.WorkspaceIdpMetadataArgs(
xml="<md:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'>DATA</md:EntityDescriptor>",
),
assertion_attributes=aws_native.grafana.WorkspaceAssertionAttributesArgs(
name="displayName",
login="login",
email="email",
groups="group",
role="role",
org="org",
),
role_values=aws_native.grafana.WorkspaceRoleValuesArgs(
editor=["editor1"],
admin=["admin1"],
),
allowed_organizations=["org1"],
login_validity_duration=60,
))
pulumi.export("workspaceEndpoint", amazon_grafana_workspace.endpoint)
pulumi.export("workspaceStatus", amazon_grafana_workspace.status)
pulumi.export("workspaceId", amazon_grafana_workspace.id)
pulumi.export("grafanaVersion", amazon_grafana_workspace.grafana_version)
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const amazonGrafanaWorkspaceIAMRole = new aws_native.iam.Role("amazonGrafanaWorkspaceIAMRole", {
managedPolicyArns: ["arn:aws:iam::aws:policy/service-role/AmazonGrafanaAthenaAccess"],
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: ["grafana.amazonaws.com"],
},
action: ["sts:AssumeRole"],
}],
},
});
const amazonGrafanaWorkspace = new aws_native.grafana.Workspace("amazonGrafanaWorkspace", {
accountAccessType: aws_native.grafana.WorkspaceAccountAccessType.CurrentAccount,
name: "AmazonGrafanaWorkspace",
description: "Amazon Grafana Workspace",
authenticationProviders: [aws_native.grafana.WorkspaceAuthenticationProviderTypes.Saml],
permissionType: aws_native.grafana.WorkspacePermissionType.CustomerManaged,
roleArn: amazonGrafanaWorkspaceIAMRole.arn,
samlConfiguration: {
idpMetadata: {
xml: "<md:EntityDescriptor xmlns:md='urn:oasis:names:tc:SAML:2.0:metadata' entityID='entityId'>DATA</md:EntityDescriptor>",
},
assertionAttributes: {
name: "displayName",
login: "login",
email: "email",
groups: "group",
role: "role",
org: "org",
},
roleValues: {
editor: ["editor1"],
admin: ["admin1"],
},
allowedOrganizations: ["org1"],
loginValidityDuration: 60,
},
});
export const workspaceEndpoint = amazonGrafanaWorkspace.endpoint;
export const workspaceStatus = amazonGrafanaWorkspace.status;
export const workspaceId = amazonGrafanaWorkspace.id;
export const grafanaVersion = amazonGrafanaWorkspace.grafanaVersion;
Coming soon!
Example
using System.Collections.Generic;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var automationExecutionRole = new AwsNative.IAM.Role("automationExecutionRole", new()
{
AssumeRolePolicyDocument =
{
{ "version", "2012-10-17" },
{ "statement", new[]
{
{
{ "effect", "Allow" },
{ "principal",
{
{ "service", "ssm.amazonaws.com" },
} },
{ "action", new[]
{
"sts:AssumeRole",
} },
},
} },
},
Path = "/",
ManagedPolicyArns = new[]
{
"arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess",
},
});
var automationAssociation = new AwsNative.SSM.Association("automationAssociation", new()
{
Name = "AWS-StopEC2Instance",
Parameters =
{
{ "automationAssumeRole", new[]
{
"AutomationExecutionRole.Arn",
} },
},
Targets = new[]
{
new AwsNative.SSM.Inputs.AssociationTargetArgs
{
Key = "ParameterValues",
Values = new[]
{
"i-1234567890abcdef0",
},
},
},
AutomationTargetParameterName = "InstanceId",
});
});
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/iam"
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.NewRole(ctx, "automationExecutionRole", &iam.RoleArgs{
AssumeRolePolicyDocument: pulumi.Any{
Version: "2012-10-17",
Statement: []map[string]interface{}{
map[string]interface{}{
"effect": "Allow",
"principal": map[string]interface{}{
"service": "ssm.amazonaws.com",
},
"action": []string{
"sts:AssumeRole",
},
},
},
},
Path: pulumi.String("/"),
ManagedPolicyArns: pulumi.StringArray{
pulumi.String(fmt.Sprintf("arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess")),
},
})
if err != nil {
return err
}
_, err = ssm.NewAssociation(ctx, "automationAssociation", &ssm.AssociationArgs{
Name: pulumi.String("AWS-StopEC2Instance"),
Parameters: pulumi.Any{
AutomationAssumeRole: []string{
"AutomationExecutionRole.Arn",
},
},
Targets: []ssm.AssociationTargetArgs{
{
Key: pulumi.String("ParameterValues"),
Values: pulumi.StringArray{
pulumi.String("i-1234567890abcdef0"),
},
},
},
AutomationTargetParameterName: pulumi.String("InstanceId"),
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
automation_execution_role = aws_native.iam.Role("automationExecutionRole",
assume_role_policy_document={
"version": "2012-10-17",
"statement": [{
"effect": "Allow",
"principal": {
"service": "ssm.amazonaws.com",
},
"action": ["sts:AssumeRole"],
}],
},
path="/",
managed_policy_arns=["arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess"])
automation_association = aws_native.ssm.Association("automationAssociation",
name="AWS-StopEC2Instance",
parameters={
"automationAssumeRole": ["AutomationExecutionRole.Arn"],
},
targets=[aws_native.ssm.AssociationTargetArgs(
key="ParameterValues",
values=["i-1234567890abcdef0"],
)],
automation_target_parameter_name="InstanceId")
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const automationExecutionRole = new aws_native.iam.Role("automationExecutionRole", {
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: "ssm.amazonaws.com",
},
action: ["sts:AssumeRole"],
}],
},
path: "/",
managedPolicyArns: [`arn:${AWS::Partition}:iam::aws:policy/AmazonEC2FullAccess`],
});
const automationAssociation = new aws_native.ssm.Association("automationAssociation", {
name: "AWS-StopEC2Instance",
parameters: {
automationAssumeRole: ["AutomationExecutionRole.Arn"],
},
targets: [{
key: "ParameterValues",
values: ["i-1234567890abcdef0"],
}],
automationTargetParameterName: "InstanceId",
});
Coming soon!
Create Role Resource
new Role(name: string, args: RoleArgs, opts?: CustomResourceOptions);
@overload
def Role(resource_name: str,
opts: Optional[ResourceOptions] = None,
assume_role_policy_document: Optional[Any] = None,
description: Optional[str] = None,
managed_policy_arns: Optional[Sequence[str]] = None,
max_session_duration: Optional[int] = None,
path: Optional[str] = None,
permissions_boundary: Optional[str] = None,
policies: Optional[Sequence[RolePolicyArgs]] = None,
role_name: Optional[str] = None,
tags: Optional[Sequence[RoleTagArgs]] = None)
@overload
def Role(resource_name: str,
args: RoleArgs,
opts: Optional[ResourceOptions] = None)
func NewRole(ctx *Context, name string, args RoleArgs, opts ...ResourceOption) (*Role, error)
public Role(string name, RoleArgs args, CustomResourceOptions? opts = null)
type: aws-native:iam:Role
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Role Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Role resource accepts the following input properties:
- Assume
Role objectPolicy Document The trust policy that is associated with this role.
- Description string
A description of the role that you provide.
- Managed
Policy List<string>Arns A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.
- Max
Session intDuration The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
- Path string
The path to the role.
- Permissions
Boundary string The ARN of the policy used to set the permissions boundary for the role.
- Policies
List<Pulumi.
Aws Native. IAM. Inputs. Role Policy Args> Adds or updates an inline policy document that is embedded in the specified IAM role.
- Role
Name string A name for the IAM role, up to 64 characters in length.
- List<Pulumi.
Aws Native. IAM. Inputs. Role Tag Args> A list of tags that are attached to the role.
- Assume
Role interface{}Policy Document The trust policy that is associated with this role.
- Description string
A description of the role that you provide.
- Managed
Policy []stringArns A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.
- Max
Session intDuration The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
- Path string
The path to the role.
- Permissions
Boundary string The ARN of the policy used to set the permissions boundary for the role.
- Policies
[]Role
Policy Args Adds or updates an inline policy document that is embedded in the specified IAM role.
- Role
Name string A name for the IAM role, up to 64 characters in length.
- []Role
Tag Args A list of tags that are attached to the role.
- assume
Role ObjectPolicy Document The trust policy that is associated with this role.
- description String
A description of the role that you provide.
- managed
Policy List<String>Arns A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.
- max
Session IntegerDuration The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
- path String
The path to the role.
- permissions
Boundary String The ARN of the policy used to set the permissions boundary for the role.
- policies
List<Role
Policy Args> Adds or updates an inline policy document that is embedded in the specified IAM role.
- role
Name String A name for the IAM role, up to 64 characters in length.
- List<Role
Tag Args> A list of tags that are attached to the role.
- assume
Role anyPolicy Document The trust policy that is associated with this role.
- description string
A description of the role that you provide.
- managed
Policy string[]Arns A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.
- max
Session numberDuration The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
- path string
The path to the role.
- permissions
Boundary string The ARN of the policy used to set the permissions boundary for the role.
- policies
Role
Policy Args[] Adds or updates an inline policy document that is embedded in the specified IAM role.
- role
Name string A name for the IAM role, up to 64 characters in length.
- Role
Tag Args[] A list of tags that are attached to the role.
- assume_
role_ Anypolicy_ document The trust policy that is associated with this role.
- description str
A description of the role that you provide.
- managed_
policy_ Sequence[str]arns A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.
- max_
session_ intduration The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
- path str
The path to the role.
- permissions_
boundary str The ARN of the policy used to set the permissions boundary for the role.
- policies
Sequence[Role
Policy Args] Adds or updates an inline policy document that is embedded in the specified IAM role.
- role_
name str A name for the IAM role, up to 64 characters in length.
- Sequence[Role
Tag Args] A list of tags that are attached to the role.
- assume
Role AnyPolicy Document The trust policy that is associated with this role.
- description String
A description of the role that you provide.
- managed
Policy List<String>Arns A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.
- max
Session NumberDuration The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
- path String
The path to the role.
- permissions
Boundary String The ARN of the policy used to set the permissions boundary for the role.
- policies List<Property Map>
Adds or updates an inline policy document that is embedded in the specified IAM role.
- role
Name String A name for the IAM role, up to 64 characters in length.
- List<Property Map>
A list of tags that are attached to the role.
Outputs
All input properties are implicitly available as output properties. Additionally, the Role resource produces the following output properties:
Supporting Types
RolePolicy
- Policy
Document string The policy document.
- Policy
Name string The friendly name (not ARN) identifying the policy.
- Policy
Document string The policy document.
- Policy
Name string The friendly name (not ARN) identifying the policy.
- policy
Document String The policy document.
- policy
Name String The friendly name (not ARN) identifying the policy.
- policy
Document string The policy document.
- policy
Name string The friendly name (not ARN) identifying the policy.
- policy_
document str The policy document.
- policy_
name str The friendly name (not ARN) identifying the policy.
- policy
Document String The policy document.
- policy
Name String The friendly name (not ARN) identifying the policy.
RoleTag
- Key string
The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Key string
The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key string
The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value string
The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key str
The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value str
The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0