Docs Home
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm.IamPolicyTemplate
Explore with Pulumi AI
Create, update, and delete a policy_template with this resource.
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IamPolicyTemplate;
import com.pulumi.ibm.IamPolicyTemplateArgs;
import com.pulumi.ibm.inputs.IamPolicyTemplatePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyTemplateInstance = new IamPolicyTemplate("policyTemplateInstance", IamPolicyTemplateArgs.builder()
.committed("true")
.policy(IamPolicyTemplatePolicyArgs.builder()
.description("description")
.pattern("pattern")
.resources(IamPolicyTemplatePolicyResourceArgs.builder()
.attributes(IamPolicyTemplatePolicyResourceAttributeArgs.builder()
.key("key")
.operator("stringEquals")
.value("anything as a string")
.build())
.tags(IamPolicyTemplatePolicyResourceTagArgs.builder()
.key("key")
.operator("stringEquals")
.value("value")
.build())
.build())
.roles("Viewer")
.rule(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.type("access")
.build())
.build());
}
}
resources:
policyTemplateInstance:
type: ibm:IamPolicyTemplate
properties:
committed: 'true'
policy:
description: description
pattern: pattern
resources:
- attributes:
- key: key
operator: stringEquals
value: anything as a string
tags:
- key: key
operator: stringEquals
value: value
roles:
- Viewer
rule:
- key: key
operator: timeLessThan
value: anything as a string
type: access
Create IamPolicyTemplate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IamPolicyTemplate(name: string, args: IamPolicyTemplateArgs, opts?: CustomResourceOptions);@overload
def IamPolicyTemplate(resource_name: str,
args: IamPolicyTemplateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IamPolicyTemplate(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy: Optional[IamPolicyTemplatePolicyArgs] = None,
committed: Optional[bool] = None,
description: Optional[str] = None,
iam_policy_template_id: Optional[str] = None,
name: Optional[str] = None)func NewIamPolicyTemplate(ctx *Context, name string, args IamPolicyTemplateArgs, opts ...ResourceOption) (*IamPolicyTemplate, error)public IamPolicyTemplate(string name, IamPolicyTemplateArgs args, CustomResourceOptions? opts = null)
public IamPolicyTemplate(String name, IamPolicyTemplateArgs args)
public IamPolicyTemplate(String name, IamPolicyTemplateArgs args, CustomResourceOptions options)
type: ibm:IamPolicyTemplate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IamPolicyTemplateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IamPolicyTemplateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IamPolicyTemplateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IamPolicyTemplateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IamPolicyTemplateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var iamPolicyTemplateResource = new Ibm.IamPolicyTemplate("iamPolicyTemplateResource", new()
{
Policy = new Ibm.Inputs.IamPolicyTemplatePolicyArgs
{
Type = "string",
Description = "string",
Pattern = "string",
Resources = new[]
{
new Ibm.Inputs.IamPolicyTemplatePolicyResourceArgs
{
Attributes = new[]
{
new Ibm.Inputs.IamPolicyTemplatePolicyResourceAttributeArgs
{
Key = "string",
Operator = "string",
Value = "string",
},
},
Tags = new[]
{
new Ibm.Inputs.IamPolicyTemplatePolicyResourceTagArgs
{
Key = "string",
Operator = "string",
Value = "string",
},
},
},
},
Roles = new[]
{
"string",
},
RuleConditions = new[]
{
new Ibm.Inputs.IamPolicyTemplatePolicyRuleConditionArgs
{
Operator = "string",
Conditions = new[]
{
new Ibm.Inputs.IamPolicyTemplatePolicyRuleConditionConditionArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
Key = "string",
Values = new[]
{
"string",
},
},
},
RuleOperator = "string",
Subjects = new[]
{
new Ibm.Inputs.IamPolicyTemplatePolicySubjectArgs
{
Attributes = new[]
{
new Ibm.Inputs.IamPolicyTemplatePolicySubjectAttributeArgs
{
Key = "string",
Operator = "string",
Value = "string",
},
},
},
},
},
Committed = false,
Description = "string",
IamPolicyTemplateId = "string",
Name = "string",
});
example, err := ibm.NewIamPolicyTemplate(ctx, "iamPolicyTemplateResource", &ibm.IamPolicyTemplateArgs{
Policy: &ibm.IamPolicyTemplatePolicyArgs{
Type: pulumi.String("string"),
Description: pulumi.String("string"),
Pattern: pulumi.String("string"),
Resources: ibm.IamPolicyTemplatePolicyResourceArray{
&ibm.IamPolicyTemplatePolicyResourceArgs{
Attributes: ibm.IamPolicyTemplatePolicyResourceAttributeArray{
&ibm.IamPolicyTemplatePolicyResourceAttributeArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Tags: ibm.IamPolicyTemplatePolicyResourceTagArray{
&ibm.IamPolicyTemplatePolicyResourceTagArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
},
Roles: pulumi.StringArray{
pulumi.String("string"),
},
RuleConditions: ibm.IamPolicyTemplatePolicyRuleConditionArray{
&ibm.IamPolicyTemplatePolicyRuleConditionArgs{
Operator: pulumi.String("string"),
Conditions: ibm.IamPolicyTemplatePolicyRuleConditionConditionArray{
&ibm.IamPolicyTemplatePolicyRuleConditionConditionArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Key: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
RuleOperator: pulumi.String("string"),
Subjects: ibm.IamPolicyTemplatePolicySubjectArray{
&ibm.IamPolicyTemplatePolicySubjectArgs{
Attributes: ibm.IamPolicyTemplatePolicySubjectAttributeArray{
&ibm.IamPolicyTemplatePolicySubjectAttributeArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
},
},
Committed: pulumi.Bool(false),
Description: pulumi.String("string"),
IamPolicyTemplateId: pulumi.String("string"),
Name: pulumi.String("string"),
})
var iamPolicyTemplateResource = new IamPolicyTemplate("iamPolicyTemplateResource", IamPolicyTemplateArgs.builder()
.policy(IamPolicyTemplatePolicyArgs.builder()
.type("string")
.description("string")
.pattern("string")
.resources(IamPolicyTemplatePolicyResourceArgs.builder()
.attributes(IamPolicyTemplatePolicyResourceAttributeArgs.builder()
.key("string")
.operator("string")
.value("string")
.build())
.tags(IamPolicyTemplatePolicyResourceTagArgs.builder()
.key("string")
.operator("string")
.value("string")
.build())
.build())
.roles("string")
.ruleConditions(IamPolicyTemplatePolicyRuleConditionArgs.builder()
.operator("string")
.conditions(IamPolicyTemplatePolicyRuleConditionConditionArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.key("string")
.values("string")
.build())
.ruleOperator("string")
.subjects(IamPolicyTemplatePolicySubjectArgs.builder()
.attributes(IamPolicyTemplatePolicySubjectAttributeArgs.builder()
.key("string")
.operator("string")
.value("string")
.build())
.build())
.build())
.committed(false)
.description("string")
.iamPolicyTemplateId("string")
.name("string")
.build());
iam_policy_template_resource = ibm.IamPolicyTemplate("iamPolicyTemplateResource",
policy={
"type": "string",
"description": "string",
"pattern": "string",
"resources": [{
"attributes": [{
"key": "string",
"operator": "string",
"value": "string",
}],
"tags": [{
"key": "string",
"operator": "string",
"value": "string",
}],
}],
"roles": ["string"],
"rule_conditions": [{
"operator": "string",
"conditions": [{
"key": "string",
"operator": "string",
"values": ["string"],
}],
"key": "string",
"values": ["string"],
}],
"rule_operator": "string",
"subjects": [{
"attributes": [{
"key": "string",
"operator": "string",
"value": "string",
}],
}],
},
committed=False,
description="string",
iam_policy_template_id="string",
name="string")
const iamPolicyTemplateResource = new ibm.IamPolicyTemplate("iamPolicyTemplateResource", {
policy: {
type: "string",
description: "string",
pattern: "string",
resources: [{
attributes: [{
key: "string",
operator: "string",
value: "string",
}],
tags: [{
key: "string",
operator: "string",
value: "string",
}],
}],
roles: ["string"],
ruleConditions: [{
operator: "string",
conditions: [{
key: "string",
operator: "string",
values: ["string"],
}],
key: "string",
values: ["string"],
}],
ruleOperator: "string",
subjects: [{
attributes: [{
key: "string",
operator: "string",
value: "string",
}],
}],
},
committed: false,
description: "string",
iamPolicyTemplateId: "string",
name: "string",
});
type: ibm:IamPolicyTemplate
properties:
committed: false
description: string
iamPolicyTemplateId: string
name: string
policy:
description: string
pattern: string
resources:
- attributes:
- key: string
operator: string
value: string
tags:
- key: string
operator: string
value: string
roles:
- string
ruleConditions:
- conditions:
- key: string
operator: string
values:
- string
key: string
operator: string
values:
- string
ruleOperator: string
subjects:
- attributes:
- key: string
operator: string
value: string
type: string
IamPolicyTemplate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IamPolicyTemplate resource accepts the following input properties:
- Policy
Iam
Policy Template Policy - The core set of properties associated with the template's policy objet. Nested schema for policy:
- Committed bool
- Committed status of the template version.
- Description string
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- Iam
Policy stringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - Name string
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- Policy
Iam
Policy Template Policy Args - The core set of properties associated with the template's policy objet. Nested schema for policy:
- Committed bool
- Committed status of the template version.
- Description string
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- Iam
Policy stringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - Name string
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy
Iam
Policy Template Policy - The core set of properties associated with the template's policy objet. Nested schema for policy:
- committed Boolean
- Committed status of the template version.
- description String
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam
Policy StringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name String
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy
Iam
Policy Template Policy - The core set of properties associated with the template's policy objet. Nested schema for policy:
- committed boolean
- Committed status of the template version.
- description string
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam
Policy stringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name string
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy
Iam
Policy Template Policy Args - The core set of properties associated with the template's policy objet. Nested schema for policy:
- committed bool
- Committed status of the template version.
- description str
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam_
policy_ strtemplate_ id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name str
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy Property Map
- The core set of properties associated with the template's policy objet. Nested schema for policy:
- committed Boolean
- Committed status of the template version.
- description String
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam
Policy StringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name String
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
Outputs
All input properties are implicitly available as output properties. Additionally, the IamPolicyTemplate resource produces the following output properties:
- Account
Id string - (String) Enterprise account ID where this template will be created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Template
Id string - (String) The policy template ID.
- Version string
- Template Version.
- Account
Id string - (String) Enterprise account ID where this template will be created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Template
Id string - (String) The policy template ID.
- Version string
- Template Version.
- account
Id String - (String) Enterprise account ID where this template will be created.
- id String
- The provider-assigned unique ID for this managed resource.
- template
Id String - (String) The policy template ID.
- version String
- Template Version.
- account
Id string - (String) Enterprise account ID where this template will be created.
- id string
- The provider-assigned unique ID for this managed resource.
- template
Id string - (String) The policy template ID.
- version string
- Template Version.
- account_
id str - (String) Enterprise account ID where this template will be created.
- id str
- The provider-assigned unique ID for this managed resource.
- template_
id str - (String) The policy template ID.
- version str
- Template Version.
- account
Id String - (String) Enterprise account ID where this template will be created.
- id String
- The provider-assigned unique ID for this managed resource.
- template
Id String - (String) The policy template ID.
- version String
- Template Version.
Look up Existing IamPolicyTemplate Resource
Get an existing IamPolicyTemplate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IamPolicyTemplateState, opts?: CustomResourceOptions): IamPolicyTemplate@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
committed: Optional[bool] = None,
description: Optional[str] = None,
iam_policy_template_id: Optional[str] = None,
name: Optional[str] = None,
policy: Optional[IamPolicyTemplatePolicyArgs] = None,
template_id: Optional[str] = None,
version: Optional[str] = None) -> IamPolicyTemplatefunc GetIamPolicyTemplate(ctx *Context, name string, id IDInput, state *IamPolicyTemplateState, opts ...ResourceOption) (*IamPolicyTemplate, error)public static IamPolicyTemplate Get(string name, Input<string> id, IamPolicyTemplateState? state, CustomResourceOptions? opts = null)public static IamPolicyTemplate get(String name, Output<String> id, IamPolicyTemplateState state, CustomResourceOptions options)resources: _: type: ibm:IamPolicyTemplate get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - (String) Enterprise account ID where this template will be created.
- Committed bool
- Committed status of the template version.
- Description string
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- Iam
Policy stringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - Name string
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- Policy
Iam
Policy Template Policy - The core set of properties associated with the template's policy objet. Nested schema for policy:
- Template
Id string - (String) The policy template ID.
- Version string
- Template Version.
- Account
Id string - (String) Enterprise account ID where this template will be created.
- Committed bool
- Committed status of the template version.
- Description string
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- Iam
Policy stringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - Name string
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- Policy
Iam
Policy Template Policy Args - The core set of properties associated with the template's policy objet. Nested schema for policy:
- Template
Id string - (String) The policy template ID.
- Version string
- Template Version.
- account
Id String - (String) Enterprise account ID where this template will be created.
- committed Boolean
- Committed status of the template version.
- description String
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam
Policy StringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name String
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy
Iam
Policy Template Policy - The core set of properties associated with the template's policy objet. Nested schema for policy:
- template
Id String - (String) The policy template ID.
- version String
- Template Version.
- account
Id string - (String) Enterprise account ID where this template will be created.
- committed boolean
- Committed status of the template version.
- description string
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam
Policy stringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name string
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy
Iam
Policy Template Policy - The core set of properties associated with the template's policy objet. Nested schema for policy:
- template
Id string - (String) The policy template ID.
- version string
- Template Version.
- account_
id str - (String) Enterprise account ID where this template will be created.
- committed bool
- Committed status of the template version.
- description str
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam_
policy_ strtemplate_ id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name str
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy
Iam
Policy Template Policy Args - The core set of properties associated with the template's policy objet. Nested schema for policy:
- template_
id str - (String) The policy template ID.
- version str
- Template Version.
- account
Id String - (String) Enterprise account ID where this template will be created.
- committed Boolean
- Committed status of the template version.
- description String
- Description of the policy template. This is shown to users in the enterprise account. Use this to describe the purpose or context of the policy for enterprise users managing IAM templates.
- iam
Policy StringTemplate Id - The unique identifier of the policy_template. The ID is composed of
<template_id>/<template_version>. - name String
Required field when creating a new template. Otherwise this field is optional. If the field is included it will change the name value for all existing versions of the template.
Note "Name" will be out of sync when anyone of the version resource updates this parameter. Please update this parameter with the latest version name
- policy Property Map
- The core set of properties associated with the template's policy objet. Nested schema for policy:
- template
Id String - (String) The policy template ID.
- version String
- Template Version.
Supporting Types
IamPolicyTemplatePolicy, IamPolicyTemplatePolicyArgs
- Type string
- The policy type: 'access'.
- Description string
- Description of the policy. This is shown in child accounts when an access group or trusted profile template uses the policy template to assign access.
- Pattern string
- Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or 'time-based-conditions:weekly:custom-hours'.
- Resources
List<Iam
Policy Template Policy Resource> - The resource attributes to which the policy grants access. Nested schema for resource:
- Roles List<string>
- A set of displayNames.
- Rule
Conditions List<IamPolicy Template Policy Rule Condition> - Rule conditions enforced by the policy
- Rule
Operator string - Operator that multiple rule conditions are evaluated over
- Subjects
List<Iam
Policy Template Policy Subject> - The subject attributes for authorization type templates
- Type string
- The policy type: 'access'.
- Description string
- Description of the policy. This is shown in child accounts when an access group or trusted profile template uses the policy template to assign access.
- Pattern string
- Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or 'time-based-conditions:weekly:custom-hours'.
- Resources
[]Iam
Policy Template Policy Resource - The resource attributes to which the policy grants access. Nested schema for resource:
- Roles []string
- A set of displayNames.
- Rule
Conditions []IamPolicy Template Policy Rule Condition - Rule conditions enforced by the policy
- Rule
Operator string - Operator that multiple rule conditions are evaluated over
- Subjects
[]Iam
Policy Template Policy Subject - The subject attributes for authorization type templates
- type String
- The policy type: 'access'.
- description String
- Description of the policy. This is shown in child accounts when an access group or trusted profile template uses the policy template to assign access.
- pattern String
- Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or 'time-based-conditions:weekly:custom-hours'.
- resources
List<Iam
Policy Template Policy Resource> - The resource attributes to which the policy grants access. Nested schema for resource:
- roles List<String>
- A set of displayNames.
- rule
Conditions List<IamPolicy Template Policy Rule Condition> - Rule conditions enforced by the policy
- rule
Operator String - Operator that multiple rule conditions are evaluated over
- subjects
List<Iam
Policy Template Policy Subject> - The subject attributes for authorization type templates
- type string
- The policy type: 'access'.
- description string
- Description of the policy. This is shown in child accounts when an access group or trusted profile template uses the policy template to assign access.
- pattern string
- Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or 'time-based-conditions:weekly:custom-hours'.
- resources
Iam
Policy Template Policy Resource[] - The resource attributes to which the policy grants access. Nested schema for resource:
- roles string[]
- A set of displayNames.
- rule
Conditions IamPolicy Template Policy Rule Condition[] - Rule conditions enforced by the policy
- rule
Operator string - Operator that multiple rule conditions are evaluated over
- subjects
Iam
Policy Template Policy Subject[] - The subject attributes for authorization type templates
- type str
- The policy type: 'access'.
- description str
- Description of the policy. This is shown in child accounts when an access group or trusted profile template uses the policy template to assign access.
- pattern str
- Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or 'time-based-conditions:weekly:custom-hours'.
- resources
Sequence[Iam
Policy Template Policy Resource] - The resource attributes to which the policy grants access. Nested schema for resource:
- roles Sequence[str]
- A set of displayNames.
- rule_
conditions Sequence[IamPolicy Template Policy Rule Condition] - Rule conditions enforced by the policy
- rule_
operator str - Operator that multiple rule conditions are evaluated over
- subjects
Sequence[Iam
Policy Template Policy Subject] - The subject attributes for authorization type templates
- type String
- The policy type: 'access'.
- description String
- Description of the policy. This is shown in child accounts when an access group or trusted profile template uses the policy template to assign access.
- pattern String
- Indicates pattern of rule, either 'time-based-conditions:once', 'time-based-conditions:weekly:all-day', or 'time-based-conditions:weekly:custom-hours'.
- resources List<Property Map>
- The resource attributes to which the policy grants access. Nested schema for resource:
- roles List<String>
- A set of displayNames.
- rule
Conditions List<Property Map> - Rule conditions enforced by the policy
- rule
Operator String - Operator that multiple rule conditions are evaluated over
- subjects List<Property Map>
- The subject attributes for authorization type templates
IamPolicyTemplatePolicyResource, IamPolicyTemplatePolicyResourceArgs
- Attributes
List<Iam
Policy Template Policy Resource Attribute> - List of resource attributes to which the policy grants access. Nested schema for attributes:
-
List<Iam
Policy Template Policy Resource Tag> - Optional list of resource tags to which the policy grants access. Nested schema for tags:
- Attributes
[]Iam
Policy Template Policy Resource Attribute - List of resource attributes to which the policy grants access. Nested schema for attributes:
-
[]Iam
Policy Template Policy Resource Tag - Optional list of resource tags to which the policy grants access. Nested schema for tags:
- attributes
List<Iam
Policy Template Policy Resource Attribute> - List of resource attributes to which the policy grants access. Nested schema for attributes:
-
List<Iam
Policy Template Policy Resource Tag> - Optional list of resource tags to which the policy grants access. Nested schema for tags:
- attributes
Iam
Policy Template Policy Resource Attribute[] - List of resource attributes to which the policy grants access. Nested schema for attributes:
-
Iam
Policy Template Policy Resource Tag[] - Optional list of resource tags to which the policy grants access. Nested schema for tags:
- attributes
Sequence[Iam
Policy Template Policy Resource Attribute] - List of resource attributes to which the policy grants access. Nested schema for attributes:
-
Sequence[Iam
Policy Template Policy Resource Tag] - Optional list of resource tags to which the policy grants access. Nested schema for tags:
- attributes List<Property Map>
- List of resource attributes to which the policy grants access. Nested schema for attributes:
- List<Property Map>
- Optional list of resource tags to which the policy grants access. Nested schema for tags:
IamPolicyTemplatePolicyResourceAttribute, IamPolicyTemplatePolicyResourceAttributeArgs
IamPolicyTemplatePolicyResourceTag, IamPolicyTemplatePolicyResourceTagArgs
IamPolicyTemplatePolicyRuleCondition, IamPolicyTemplatePolicyRuleConditionArgs
- Operator string
- Operator of the condition
- Conditions
List<Iam
Policy Template Policy Rule Condition Condition> - Additional Rule conditions enforced by the policy
- Key string
- Key of the condition
- Values List<string>
- Value of the condition
- Operator string
- Operator of the condition
- Conditions
[]Iam
Policy Template Policy Rule Condition Condition - Additional Rule conditions enforced by the policy
- Key string
- Key of the condition
- Values []string
- Value of the condition
- operator String
- Operator of the condition
- conditions
List<Iam
Policy Template Policy Rule Condition Condition> - Additional Rule conditions enforced by the policy
- key String
- Key of the condition
- values List<String>
- Value of the condition
- operator string
- Operator of the condition
- conditions
Iam
Policy Template Policy Rule Condition Condition[] - Additional Rule conditions enforced by the policy
- key string
- Key of the condition
- values string[]
- Value of the condition
- operator str
- Operator of the condition
- conditions
Sequence[Iam
Policy Template Policy Rule Condition Condition] - Additional Rule conditions enforced by the policy
- key str
- Key of the condition
- values Sequence[str]
- Value of the condition
- operator String
- Operator of the condition
- conditions List<Property Map>
- Additional Rule conditions enforced by the policy
- key String
- Key of the condition
- values List<String>
- Value of the condition
IamPolicyTemplatePolicyRuleConditionCondition, IamPolicyTemplatePolicyRuleConditionConditionArgs
IamPolicyTemplatePolicySubject, IamPolicyTemplatePolicySubjectArgs
- Attributes
List<Iam
Policy Template Policy Subject Attribute> - List of resource attributes to which the policy grants access.
- Attributes
[]Iam
Policy Template Policy Subject Attribute - List of resource attributes to which the policy grants access.
- attributes
List<Iam
Policy Template Policy Subject Attribute> - List of resource attributes to which the policy grants access.
- attributes
Iam
Policy Template Policy Subject Attribute[] - List of resource attributes to which the policy grants access.
- attributes
Sequence[Iam
Policy Template Policy Subject Attribute] - List of resource attributes to which the policy grants access.
- attributes List<Property Map>
- List of resource attributes to which the policy grants access.
IamPolicyTemplatePolicySubjectAttribute, IamPolicyTemplatePolicySubjectAttributeArgs
Import
Syntax
bash
$ pulumi import ibm:index/iamPolicyTemplate:IamPolicyTemplate policy_template $template_id/$version
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.