Docs Home
dome9 1.40.3 published on Monday, Apr 14, 2025 by dome9
dome9.IamSafeEntity
Explore with Pulumi AI
Protect cloud accounts that are managed by Dome9. Control access to them with targeted short-term authorizations (involving the Dome9 mobile app).
Example Usage
Basic usage:
import * as pulumi from "@pulumi/pulumi";
import * as dome9 from "@pulumi/dome9";
const dome9IamSafeEntityRe = new dome9.IamSafeEntity("dome9IamSafeEntityRe", {
awsCloudAccountId: "00000000-0000-0000-0000-000000000000",
dome9UsersIdToProtects: [
"000000",
"111111",
],
entityName: "ENTITY_NAME",
entityType: "User",
protectionMode: "ProtectWithElevation",
});
import pulumi
import pulumi_dome9 as dome9
dome9_iam_safe_entity_re = dome9.IamSafeEntity("dome9IamSafeEntityRe",
aws_cloud_account_id="00000000-0000-0000-0000-000000000000",
dome9_users_id_to_protects=[
"000000",
"111111",
],
entity_name="ENTITY_NAME",
entity_type="User",
protection_mode="ProtectWithElevation")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/dome9/dome9"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := dome9.NewIamSafeEntity(ctx, "dome9IamSafeEntityRe", &dome9.IamSafeEntityArgs{
AwsCloudAccountId: pulumi.String("00000000-0000-0000-0000-000000000000"),
Dome9UsersIdToProtects: pulumi.StringArray{
pulumi.String("000000"),
pulumi.String("111111"),
},
EntityName: pulumi.String("ENTITY_NAME"),
EntityType: pulumi.String("User"),
ProtectionMode: pulumi.String("ProtectWithElevation"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Dome9 = Pulumi.Dome9;
return await Deployment.RunAsync(() =>
{
var dome9IamSafeEntityRe = new Dome9.IamSafeEntity("dome9IamSafeEntityRe", new()
{
AwsCloudAccountId = "00000000-0000-0000-0000-000000000000",
Dome9UsersIdToProtects = new[]
{
"000000",
"111111",
},
EntityName = "ENTITY_NAME",
EntityType = "User",
ProtectionMode = "ProtectWithElevation",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.dome9.IamSafeEntity;
import com.pulumi.dome9.IamSafeEntityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var dome9IamSafeEntityRe = new IamSafeEntity("dome9IamSafeEntityRe", IamSafeEntityArgs.builder()
.awsCloudAccountId("00000000-0000-0000-0000-000000000000")
.dome9UsersIdToProtects(
"000000",
"111111")
.entityName("ENTITY_NAME")
.entityType("User")
.protectionMode("ProtectWithElevation")
.build());
}
}
resources:
dome9IamSafeEntityRe:
type: dome9:IamSafeEntity
properties:
awsCloudAccountId: 00000000-0000-0000-0000-000000000000
dome9UsersIdToProtects:
- '000000'
- '111111'
entityName: ENTITY_NAME
entityType: User
protectionMode: ProtectWithElevation
Create IamSafeEntity Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IamSafeEntity(name: string, args: IamSafeEntityArgs, opts?: CustomResourceOptions);@overload
def IamSafeEntity(resource_name: str,
args: IamSafeEntityArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IamSafeEntity(resource_name: str,
opts: Optional[ResourceOptions] = None,
aws_cloud_account_id: Optional[str] = None,
entity_name: Optional[str] = None,
entity_type: Optional[str] = None,
protection_mode: Optional[str] = None,
dome9_users_id_to_protects: Optional[Sequence[str]] = None,
iam_safe_entity_id: Optional[str] = None)func NewIamSafeEntity(ctx *Context, name string, args IamSafeEntityArgs, opts ...ResourceOption) (*IamSafeEntity, error)public IamSafeEntity(string name, IamSafeEntityArgs args, CustomResourceOptions? opts = null)
public IamSafeEntity(String name, IamSafeEntityArgs args)
public IamSafeEntity(String name, IamSafeEntityArgs args, CustomResourceOptions options)
type: dome9:IamSafeEntity
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IamSafeEntityArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IamSafeEntityArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IamSafeEntityArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IamSafeEntityArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IamSafeEntityArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var iamSafeEntityResource = new Dome9.IamSafeEntity("iamSafeEntityResource", new()
{
AwsCloudAccountId = "string",
EntityName = "string",
EntityType = "string",
ProtectionMode = "string",
Dome9UsersIdToProtects = new[]
{
"string",
},
IamSafeEntityId = "string",
});
example, err := dome9.NewIamSafeEntity(ctx, "iamSafeEntityResource", &dome9.IamSafeEntityArgs{
AwsCloudAccountId: pulumi.String("string"),
EntityName: pulumi.String("string"),
EntityType: pulumi.String("string"),
ProtectionMode: pulumi.String("string"),
Dome9UsersIdToProtects: pulumi.StringArray{
pulumi.String("string"),
},
IamSafeEntityId: pulumi.String("string"),
})
var iamSafeEntityResource = new IamSafeEntity("iamSafeEntityResource", IamSafeEntityArgs.builder()
.awsCloudAccountId("string")
.entityName("string")
.entityType("string")
.protectionMode("string")
.dome9UsersIdToProtects("string")
.iamSafeEntityId("string")
.build());
iam_safe_entity_resource = dome9.IamSafeEntity("iamSafeEntityResource",
aws_cloud_account_id="string",
entity_name="string",
entity_type="string",
protection_mode="string",
dome9_users_id_to_protects=["string"],
iam_safe_entity_id="string")
const iamSafeEntityResource = new dome9.IamSafeEntity("iamSafeEntityResource", {
awsCloudAccountId: "string",
entityName: "string",
entityType: "string",
protectionMode: "string",
dome9UsersIdToProtects: ["string"],
iamSafeEntityId: "string",
});
type: dome9:IamSafeEntity
properties:
awsCloudAccountId: string
dome9UsersIdToProtects:
- string
entityName: string
entityType: string
iamSafeEntityId: string
protectionMode: string
IamSafeEntity Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IamSafeEntity resource accepts the following input properties:
- Aws
Cloud stringAccount Id - AWS cloud account id to protect.
- Entity
Name string - AWS IAM user or role name to protect.
- Entity
Type string - Entity type to protect; can be "User", "Role".
- Protection
Mode string - Protection mode; can be "Protect", "ProtectWithElevation".
- Dome9Users
Id List<string>To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- Iam
Safe stringEntity Id
- Aws
Cloud stringAccount Id - AWS cloud account id to protect.
- Entity
Name string - AWS IAM user or role name to protect.
- Entity
Type string - Entity type to protect; can be "User", "Role".
- Protection
Mode string - Protection mode; can be "Protect", "ProtectWithElevation".
- Dome9Users
Id []stringTo Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- Iam
Safe stringEntity Id
- aws
Cloud StringAccount Id - AWS cloud account id to protect.
- entity
Name String - AWS IAM user or role name to protect.
- entity
Type String - Entity type to protect; can be "User", "Role".
- protection
Mode String - Protection mode; can be "Protect", "ProtectWithElevation".
- dome9Users
Id List<String>To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- iam
Safe StringEntity Id
- aws
Cloud stringAccount Id - AWS cloud account id to protect.
- entity
Name string - AWS IAM user or role name to protect.
- entity
Type string - Entity type to protect; can be "User", "Role".
- protection
Mode string - Protection mode; can be "Protect", "ProtectWithElevation".
- dome9Users
Id string[]To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- iam
Safe stringEntity Id
- aws_
cloud_ straccount_ id - AWS cloud account id to protect.
- entity_
name str - AWS IAM user or role name to protect.
- entity_
type str - Entity type to protect; can be "User", "Role".
- protection_
mode str - Protection mode; can be "Protect", "ProtectWithElevation".
- dome9_
users_ Sequence[str]id_ to_ protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- iam_
safe_ strentity_ id
- aws
Cloud StringAccount Id - AWS cloud account id to protect.
- entity
Name String - AWS IAM user or role name to protect.
- entity
Type String - Entity type to protect; can be "User", "Role".
- protection
Mode String - Protection mode; can be "Protect", "ProtectWithElevation".
- dome9Users
Id List<String>To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- iam
Safe StringEntity Id
Outputs
All input properties are implicitly available as output properties. Additionally, the IamSafeEntity resource produces the following output properties:
- Arn string
- Role or User arn.
- Attached
Dome9Users List<string> - List of users in protect with elevation mode.
- Exists
In boolAws - Is exist in aws.
- Id string
- The provider-assigned unique ID for this managed resource.
- State string
- Can be one of the following:
Unattached,AttachedorRestricted.
- Arn string
- Role or User arn.
- Attached
Dome9Users []string - List of users in protect with elevation mode.
- Exists
In boolAws - Is exist in aws.
- Id string
- The provider-assigned unique ID for this managed resource.
- State string
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn String
- Role or User arn.
- attached
Dome9Users List<String> - List of users in protect with elevation mode.
- exists
In BooleanAws - Is exist in aws.
- id String
- The provider-assigned unique ID for this managed resource.
- state String
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn string
- Role or User arn.
- attached
Dome9Users string[] - List of users in protect with elevation mode.
- exists
In booleanAws - Is exist in aws.
- id string
- The provider-assigned unique ID for this managed resource.
- state string
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn str
- Role or User arn.
- attached_
dome9_ Sequence[str]users - List of users in protect with elevation mode.
- exists_
in_ boolaws - Is exist in aws.
- id str
- The provider-assigned unique ID for this managed resource.
- state str
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn String
- Role or User arn.
- attached
Dome9Users List<String> - List of users in protect with elevation mode.
- exists
In BooleanAws - Is exist in aws.
- id String
- The provider-assigned unique ID for this managed resource.
- state String
- Can be one of the following:
Unattached,AttachedorRestricted.
Look up Existing IamSafeEntity Resource
Get an existing IamSafeEntity resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IamSafeEntityState, opts?: CustomResourceOptions): IamSafeEntity@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
attached_dome9_users: Optional[Sequence[str]] = None,
aws_cloud_account_id: Optional[str] = None,
dome9_users_id_to_protects: Optional[Sequence[str]] = None,
entity_name: Optional[str] = None,
entity_type: Optional[str] = None,
exists_in_aws: Optional[bool] = None,
iam_safe_entity_id: Optional[str] = None,
protection_mode: Optional[str] = None,
state: Optional[str] = None) -> IamSafeEntityfunc GetIamSafeEntity(ctx *Context, name string, id IDInput, state *IamSafeEntityState, opts ...ResourceOption) (*IamSafeEntity, error)public static IamSafeEntity Get(string name, Input<string> id, IamSafeEntityState? state, CustomResourceOptions? opts = null)public static IamSafeEntity get(String name, Output<String> id, IamSafeEntityState state, CustomResourceOptions options)resources: _: type: dome9:IamSafeEntity get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
- Role or User arn.
- Attached
Dome9Users List<string> - List of users in protect with elevation mode.
- Aws
Cloud stringAccount Id - AWS cloud account id to protect.
- Dome9Users
Id List<string>To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- Entity
Name string - AWS IAM user or role name to protect.
- Entity
Type string - Entity type to protect; can be "User", "Role".
- Exists
In boolAws - Is exist in aws.
- Iam
Safe stringEntity Id - Protection
Mode string - Protection mode; can be "Protect", "ProtectWithElevation".
- State string
- Can be one of the following:
Unattached,AttachedorRestricted.
- Arn string
- Role or User arn.
- Attached
Dome9Users []string - List of users in protect with elevation mode.
- Aws
Cloud stringAccount Id - AWS cloud account id to protect.
- Dome9Users
Id []stringTo Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- Entity
Name string - AWS IAM user or role name to protect.
- Entity
Type string - Entity type to protect; can be "User", "Role".
- Exists
In boolAws - Is exist in aws.
- Iam
Safe stringEntity Id - Protection
Mode string - Protection mode; can be "Protect", "ProtectWithElevation".
- State string
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn String
- Role or User arn.
- attached
Dome9Users List<String> - List of users in protect with elevation mode.
- aws
Cloud StringAccount Id - AWS cloud account id to protect.
- dome9Users
Id List<String>To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- entity
Name String - AWS IAM user or role name to protect.
- entity
Type String - Entity type to protect; can be "User", "Role".
- exists
In BooleanAws - Is exist in aws.
- iam
Safe StringEntity Id - protection
Mode String - Protection mode; can be "Protect", "ProtectWithElevation".
- state String
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn string
- Role or User arn.
- attached
Dome9Users string[] - List of users in protect with elevation mode.
- aws
Cloud stringAccount Id - AWS cloud account id to protect.
- dome9Users
Id string[]To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- entity
Name string - AWS IAM user or role name to protect.
- entity
Type string - Entity type to protect; can be "User", "Role".
- exists
In booleanAws - Is exist in aws.
- iam
Safe stringEntity Id - protection
Mode string - Protection mode; can be "Protect", "ProtectWithElevation".
- state string
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn str
- Role or User arn.
- attached_
dome9_ Sequence[str]users - List of users in protect with elevation mode.
- aws_
cloud_ straccount_ id - AWS cloud account id to protect.
- dome9_
users_ Sequence[str]id_ to_ protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- entity_
name str - AWS IAM user or role name to protect.
- entity_
type str - Entity type to protect; can be "User", "Role".
- exists_
in_ boolaws - Is exist in aws.
- iam_
safe_ strentity_ id - protection_
mode str - Protection mode; can be "Protect", "ProtectWithElevation".
- state str
- Can be one of the following:
Unattached,AttachedorRestricted.
- arn String
- Role or User arn.
- attached
Dome9Users List<String> - List of users in protect with elevation mode.
- aws
Cloud StringAccount Id - AWS cloud account id to protect.
- dome9Users
Id List<String>To Protects - When ProtectWithElevation mode selected, dome9 users ids must be provided.
- Note: To following filed can be updated:
- entity
Name String - AWS IAM user or role name to protect.
- entity
Type String - Entity type to protect; can be "User", "Role".
- exists
In BooleanAws - Is exist in aws.
- iam
Safe StringEntity Id - protection
Mode String - Protection mode; can be "Protect", "ProtectWithElevation".
- state String
- Can be one of the following:
Unattached,AttachedorRestricted.
Package Details
- Repository
- dome9 dome9/terraform-provider-dome9
- License
- Notes
- This Pulumi package is based on the
dome9Terraform Provider.