1. Packages
  2. Harness
  3. API Docs
  4. cloudprovider
  5. Aws
Harness v0.0.6 published on Saturday, Jul 1, 2023 by lbrlabs

harness.cloudprovider.Aws

Explore with Pulumi AI

harness logo
Harness v0.0.6 published on Saturday, Jul 1, 2023 by lbrlabs

    Resource for creating an AWS cloud provider. This resource uses the config-as-code API’s. When updating the name or path of this resource you should typically also set the create_before_destroy = true lifecycle setting.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Harness = Lbrlabs.PulumiPackage.Harness;
    using Harness = Pulumi.Harness;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = Harness.GetSecretManager.Invoke(new()
        {
            Default = true,
        });
    
        var awsAccessKey = new Harness.EncryptedText("awsAccessKey", new()
        {
            Value = "<ACCESS_KEY_ID>",
            SecretManagerId = @default.Apply(@default => @default.Apply(getSecretManagerResult => getSecretManagerResult.Id)),
        });
    
        var awsSecretKey = new Harness.EncryptedText("awsSecretKey", new()
        {
            Value = "<SECRET_KEY_ID>",
            SecretManagerId = @default.Apply(@default => @default.Apply(getSecretManagerResult => getSecretManagerResult.Id)),
        });
    
        var aws = new Harness.Cloudprovider.Aws("aws", new()
        {
            AccessKeyIdSecretName = awsAccessKey.Name,
            SecretAccessKeySecretName = awsSecretKey.Name,
        });
    
    });
    
    package main
    
    import (
    	"github.com/lbrlabs/pulumi-harness/sdk/go/harness"
    	"github.com/lbrlabs/pulumi-harness/sdk/go/harness/cloudprovider"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_default, err := harness.GetSecretManager(ctx, &harness.GetSecretManagerArgs{
    			Default: pulumi.BoolRef(true),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		awsAccessKey, err := harness.NewEncryptedText(ctx, "awsAccessKey", &harness.EncryptedTextArgs{
    			Value:           pulumi.String("<ACCESS_KEY_ID>"),
    			SecretManagerId: *pulumi.String(_default.Id),
    		})
    		if err != nil {
    			return err
    		}
    		awsSecretKey, err := harness.NewEncryptedText(ctx, "awsSecretKey", &harness.EncryptedTextArgs{
    			Value:           pulumi.String("<SECRET_KEY_ID>"),
    			SecretManagerId: *pulumi.String(_default.Id),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = cloudprovider.NewAws(ctx, "aws", &cloudprovider.AwsArgs{
    			AccessKeyIdSecretName:     awsAccessKey.Name,
    			SecretAccessKeySecretName: awsSecretKey.Name,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.harness.HarnessFunctions;
    import com.pulumi.harness.inputs.GetSecretManagerArgs;
    import com.pulumi.harness.EncryptedText;
    import com.pulumi.harness.EncryptedTextArgs;
    import com.pulumi.harness.cloudprovider.Aws;
    import com.pulumi.harness.cloudprovider.AwsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var default = HarnessFunctions.getSecretManager(GetSecretManagerArgs.builder()
                .default_(true)
                .build());
    
            var awsAccessKey = new EncryptedText("awsAccessKey", EncryptedTextArgs.builder()        
                .value("<ACCESS_KEY_ID>")
                .secretManagerId(default_.id())
                .build());
    
            var awsSecretKey = new EncryptedText("awsSecretKey", EncryptedTextArgs.builder()        
                .value("<SECRET_KEY_ID>")
                .secretManagerId(default_.id())
                .build());
    
            var aws = new Aws("aws", AwsArgs.builder()        
                .accessKeyIdSecretName(awsAccessKey.name())
                .secretAccessKeySecretName(awsSecretKey.name())
                .build());
    
        }
    }
    
    import pulumi
    import lbrlabs_pulumi_harness as harness
    import pulumi_harness as harness
    
    default = harness.get_secret_manager(default=True)
    aws_access_key = harness.EncryptedText("awsAccessKey",
        value="<ACCESS_KEY_ID>",
        secret_manager_id=default.id)
    aws_secret_key = harness.EncryptedText("awsSecretKey",
        value="<SECRET_KEY_ID>",
        secret_manager_id=default.id)
    aws = harness.cloudprovider.Aws("aws",
        access_key_id_secret_name=aws_access_key.name,
        secret_access_key_secret_name=aws_secret_key.name)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as harness from "@lbrlabs/pulumi-harness";
    import * as harness from "@pulumi/harness";
    
    const default = harness.getSecretManager({
        "default": true,
    });
    const awsAccessKey = new harness.EncryptedText("awsAccessKey", {
        value: "<ACCESS_KEY_ID>",
        secretManagerId: _default.then(_default => _default.id),
    });
    const awsSecretKey = new harness.EncryptedText("awsSecretKey", {
        value: "<SECRET_KEY_ID>",
        secretManagerId: _default.then(_default => _default.id),
    });
    const aws = new harness.cloudprovider.Aws("aws", {
        accessKeyIdSecretName: awsAccessKey.name,
        secretAccessKeySecretName: awsSecretKey.name,
    });
    
    resources:
      awsAccessKey:
        type: harness:EncryptedText
        properties:
          value: <ACCESS_KEY_ID>
          secretManagerId: ${default.id}
      awsSecretKey:
        type: harness:EncryptedText
        properties:
          value: <SECRET_KEY_ID>
          secretManagerId: ${default.id}
      aws:
        type: harness:cloudprovider:Aws
        properties:
          accessKeyIdSecretName: ${awsAccessKey.name}
          secretAccessKeySecretName: ${awsSecretKey.name}
    variables:
      default:
        fn::invoke:
          Function: harness:getSecretManager
          Arguments:
            default: true
    

    Create Aws Resource

    new Aws(name: string, args?: AwsArgs, opts?: CustomResourceOptions);
    @overload
    def Aws(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            access_key_id: Optional[str] = None,
            access_key_id_secret_name: Optional[str] = None,
            assume_cross_account_role: Optional[AwsAssumeCrossAccountRoleArgs] = None,
            delegate_selector: Optional[str] = None,
            name: Optional[str] = None,
            secret_access_key_secret_name: Optional[str] = None,
            usage_scopes: Optional[Sequence[AwsUsageScopeArgs]] = None,
            use_ec2_iam_credentials: Optional[bool] = None,
            use_irsa: Optional[bool] = None)
    @overload
    def Aws(resource_name: str,
            args: Optional[AwsArgs] = None,
            opts: Optional[ResourceOptions] = None)
    func NewAws(ctx *Context, name string, args *AwsArgs, opts ...ResourceOption) (*Aws, error)
    public Aws(string name, AwsArgs? args = null, CustomResourceOptions? opts = null)
    public Aws(String name, AwsArgs args)
    public Aws(String name, AwsArgs args, CustomResourceOptions options)
    
    type: harness:cloudprovider:Aws
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AwsArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AwsArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AwsArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AwsArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AwsArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Aws Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Aws resource accepts the following input properties:

    AccessKeyId string
    The plain text AWS access key id.
    AccessKeyIdSecretName string
    The name of the Harness secret containing the AWS access key id
    AssumeCrossAccountRole Lbrlabs.PulumiPackage.Harness.Cloudprovider.Inputs.AwsAssumeCrossAccountRole
    Configuration for assuming a cross account role.
    DelegateSelector string
    Select the Delegate to use via one of its Selectors.
    Name string
    The name of the cloud provider.
    SecretAccessKeySecretName string
    The name of the Harness secret containing the AWS secret access key.
    UsageScopes List<Lbrlabs.PulumiPackage.Harness.Cloudprovider.Inputs.AwsUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    UseEc2IamCredentials bool
    Use the EC2 Instance Profile for Service Accounts.
    UseIrsa bool
    Use the AWS IAM Role for Service Accounts.
    AccessKeyId string
    The plain text AWS access key id.
    AccessKeyIdSecretName string
    The name of the Harness secret containing the AWS access key id
    AssumeCrossAccountRole AwsAssumeCrossAccountRoleArgs
    Configuration for assuming a cross account role.
    DelegateSelector string
    Select the Delegate to use via one of its Selectors.
    Name string
    The name of the cloud provider.
    SecretAccessKeySecretName string
    The name of the Harness secret containing the AWS secret access key.
    UsageScopes []AwsUsageScopeArgs
    This block is used for scoping the resource to a specific set of applications or environments.
    UseEc2IamCredentials bool
    Use the EC2 Instance Profile for Service Accounts.
    UseIrsa bool
    Use the AWS IAM Role for Service Accounts.
    accessKeyId String
    The plain text AWS access key id.
    accessKeyIdSecretName String
    The name of the Harness secret containing the AWS access key id
    assumeCrossAccountRole AwsAssumeCrossAccountRole
    Configuration for assuming a cross account role.
    delegateSelector String
    Select the Delegate to use via one of its Selectors.
    name String
    The name of the cloud provider.
    secretAccessKeySecretName String
    The name of the Harness secret containing the AWS secret access key.
    usageScopes List<AwsUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    useEc2IamCredentials Boolean
    Use the EC2 Instance Profile for Service Accounts.
    useIrsa Boolean
    Use the AWS IAM Role for Service Accounts.
    accessKeyId string
    The plain text AWS access key id.
    accessKeyIdSecretName string
    The name of the Harness secret containing the AWS access key id
    assumeCrossAccountRole AwsAssumeCrossAccountRole
    Configuration for assuming a cross account role.
    delegateSelector string
    Select the Delegate to use via one of its Selectors.
    name string
    The name of the cloud provider.
    secretAccessKeySecretName string
    The name of the Harness secret containing the AWS secret access key.
    usageScopes AwsUsageScope[]
    This block is used for scoping the resource to a specific set of applications or environments.
    useEc2IamCredentials boolean
    Use the EC2 Instance Profile for Service Accounts.
    useIrsa boolean
    Use the AWS IAM Role for Service Accounts.
    access_key_id str
    The plain text AWS access key id.
    access_key_id_secret_name str
    The name of the Harness secret containing the AWS access key id
    assume_cross_account_role AwsAssumeCrossAccountRoleArgs
    Configuration for assuming a cross account role.
    delegate_selector str
    Select the Delegate to use via one of its Selectors.
    name str
    The name of the cloud provider.
    secret_access_key_secret_name str
    The name of the Harness secret containing the AWS secret access key.
    usage_scopes Sequence[AwsUsageScopeArgs]
    This block is used for scoping the resource to a specific set of applications or environments.
    use_ec2_iam_credentials bool
    Use the EC2 Instance Profile for Service Accounts.
    use_irsa bool
    Use the AWS IAM Role for Service Accounts.
    accessKeyId String
    The plain text AWS access key id.
    accessKeyIdSecretName String
    The name of the Harness secret containing the AWS access key id
    assumeCrossAccountRole Property Map
    Configuration for assuming a cross account role.
    delegateSelector String
    Select the Delegate to use via one of its Selectors.
    name String
    The name of the cloud provider.
    secretAccessKeySecretName String
    The name of the Harness secret containing the AWS secret access key.
    usageScopes List<Property Map>
    This block is used for scoping the resource to a specific set of applications or environments.
    useEc2IamCredentials Boolean
    Use the EC2 Instance Profile for Service Accounts.
    useIrsa Boolean
    Use the AWS IAM Role for Service Accounts.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Aws resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Aws Resource

    Get an existing Aws resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AwsState, opts?: CustomResourceOptions): Aws
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_key_id: Optional[str] = None,
            access_key_id_secret_name: Optional[str] = None,
            assume_cross_account_role: Optional[AwsAssumeCrossAccountRoleArgs] = None,
            delegate_selector: Optional[str] = None,
            name: Optional[str] = None,
            secret_access_key_secret_name: Optional[str] = None,
            usage_scopes: Optional[Sequence[AwsUsageScopeArgs]] = None,
            use_ec2_iam_credentials: Optional[bool] = None,
            use_irsa: Optional[bool] = None) -> Aws
    func GetAws(ctx *Context, name string, id IDInput, state *AwsState, opts ...ResourceOption) (*Aws, error)
    public static Aws Get(string name, Input<string> id, AwsState? state, CustomResourceOptions? opts = null)
    public static Aws get(String name, Output<String> id, AwsState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessKeyId string
    The plain text AWS access key id.
    AccessKeyIdSecretName string
    The name of the Harness secret containing the AWS access key id
    AssumeCrossAccountRole Lbrlabs.PulumiPackage.Harness.Cloudprovider.Inputs.AwsAssumeCrossAccountRole
    Configuration for assuming a cross account role.
    DelegateSelector string
    Select the Delegate to use via one of its Selectors.
    Name string
    The name of the cloud provider.
    SecretAccessKeySecretName string
    The name of the Harness secret containing the AWS secret access key.
    UsageScopes List<Lbrlabs.PulumiPackage.Harness.Cloudprovider.Inputs.AwsUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    UseEc2IamCredentials bool
    Use the EC2 Instance Profile for Service Accounts.
    UseIrsa bool
    Use the AWS IAM Role for Service Accounts.
    AccessKeyId string
    The plain text AWS access key id.
    AccessKeyIdSecretName string
    The name of the Harness secret containing the AWS access key id
    AssumeCrossAccountRole AwsAssumeCrossAccountRoleArgs
    Configuration for assuming a cross account role.
    DelegateSelector string
    Select the Delegate to use via one of its Selectors.
    Name string
    The name of the cloud provider.
    SecretAccessKeySecretName string
    The name of the Harness secret containing the AWS secret access key.
    UsageScopes []AwsUsageScopeArgs
    This block is used for scoping the resource to a specific set of applications or environments.
    UseEc2IamCredentials bool
    Use the EC2 Instance Profile for Service Accounts.
    UseIrsa bool
    Use the AWS IAM Role for Service Accounts.
    accessKeyId String
    The plain text AWS access key id.
    accessKeyIdSecretName String
    The name of the Harness secret containing the AWS access key id
    assumeCrossAccountRole AwsAssumeCrossAccountRole
    Configuration for assuming a cross account role.
    delegateSelector String
    Select the Delegate to use via one of its Selectors.
    name String
    The name of the cloud provider.
    secretAccessKeySecretName String
    The name of the Harness secret containing the AWS secret access key.
    usageScopes List<AwsUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    useEc2IamCredentials Boolean
    Use the EC2 Instance Profile for Service Accounts.
    useIrsa Boolean
    Use the AWS IAM Role for Service Accounts.
    accessKeyId string
    The plain text AWS access key id.
    accessKeyIdSecretName string
    The name of the Harness secret containing the AWS access key id
    assumeCrossAccountRole AwsAssumeCrossAccountRole
    Configuration for assuming a cross account role.
    delegateSelector string
    Select the Delegate to use via one of its Selectors.
    name string
    The name of the cloud provider.
    secretAccessKeySecretName string
    The name of the Harness secret containing the AWS secret access key.
    usageScopes AwsUsageScope[]
    This block is used for scoping the resource to a specific set of applications or environments.
    useEc2IamCredentials boolean
    Use the EC2 Instance Profile for Service Accounts.
    useIrsa boolean
    Use the AWS IAM Role for Service Accounts.
    access_key_id str
    The plain text AWS access key id.
    access_key_id_secret_name str
    The name of the Harness secret containing the AWS access key id
    assume_cross_account_role AwsAssumeCrossAccountRoleArgs
    Configuration for assuming a cross account role.
    delegate_selector str
    Select the Delegate to use via one of its Selectors.
    name str
    The name of the cloud provider.
    secret_access_key_secret_name str
    The name of the Harness secret containing the AWS secret access key.
    usage_scopes Sequence[AwsUsageScopeArgs]
    This block is used for scoping the resource to a specific set of applications or environments.
    use_ec2_iam_credentials bool
    Use the EC2 Instance Profile for Service Accounts.
    use_irsa bool
    Use the AWS IAM Role for Service Accounts.
    accessKeyId String
    The plain text AWS access key id.
    accessKeyIdSecretName String
    The name of the Harness secret containing the AWS access key id
    assumeCrossAccountRole Property Map
    Configuration for assuming a cross account role.
    delegateSelector String
    Select the Delegate to use via one of its Selectors.
    name String
    The name of the cloud provider.
    secretAccessKeySecretName String
    The name of the Harness secret containing the AWS secret access key.
    usageScopes List<Property Map>
    This block is used for scoping the resource to a specific set of applications or environments.
    useEc2IamCredentials Boolean
    Use the EC2 Instance Profile for Service Accounts.
    useIrsa Boolean
    Use the AWS IAM Role for Service Accounts.

    Supporting Types

    AwsAssumeCrossAccountRole, AwsAssumeCrossAccountRoleArgs

    RoleArn string
    This is an IAM role in the target deployment AWS account.
    ExternalId string
    If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.
    RoleArn string
    This is an IAM role in the target deployment AWS account.
    ExternalId string
    If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.
    roleArn String
    This is an IAM role in the target deployment AWS account.
    externalId String
    If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.
    roleArn string
    This is an IAM role in the target deployment AWS account.
    externalId string
    If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.
    role_arn str
    This is an IAM role in the target deployment AWS account.
    external_id str
    If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.
    roleArn String
    This is an IAM role in the target deployment AWS account.
    externalId String
    If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

    AwsUsageScope, AwsUsageScopeArgs

    ApplicationId string
    Id of the application to scope to. If empty then this scope applies to all applications.
    EnvironmentFilterType string
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    EnvironmentId string
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    ApplicationId string
    Id of the application to scope to. If empty then this scope applies to all applications.
    EnvironmentFilterType string
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    EnvironmentId string
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    applicationId String
    Id of the application to scope to. If empty then this scope applies to all applications.
    environmentFilterType String
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environmentId String
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    applicationId string
    Id of the application to scope to. If empty then this scope applies to all applications.
    environmentFilterType string
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environmentId string
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    application_id str
    Id of the application to scope to. If empty then this scope applies to all applications.
    environment_filter_type str
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environment_id str
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    applicationId String
    Id of the application to scope to. If empty then this scope applies to all applications.
    environmentFilterType String
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environmentId String
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.

    Import

    Import using the Harness aws cloud provider id.

     $ pulumi import harness:cloudprovider/aws:Aws example <provider_id>
    

    Package Details

    Repository
    harness lbrlabs/pulumi-harness
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the harness Terraform Provider.
    harness logo
    Harness v0.0.6 published on Saturday, Jul 1, 2023 by lbrlabs