Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine
published on Thursday, Apr 23, 2026 by Volcengine
Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine
published on Thursday, Apr 23, 2026 by Volcengine
A role is a virtual identity in the IAM system that grants certain access permissions within an account to various identity entities. Trusted identity entities can assume this role to access cloud resources within the account.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as volcenginecc from "@volcengine/pulumi-volcenginecc";
const roleDemo = new volcenginecc.iam.Role("RoleDemo", {
roleName: "RoleDemo",
description: "role attach policies",
maxSessionDuration: 3600,
trustPolicyDocument: `{
"Statement": [
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Principal": {
"IAM": [
"trn:iam::20000000xx:root"
]
}
}
]
}`,
tags: [{
key: "env",
value: "test",
}],
});
import pulumi
import pulumi_volcenginecc as volcenginecc
role_demo = volcenginecc.iam.Role("RoleDemo",
role_name="RoleDemo",
description="role attach policies",
max_session_duration=3600,
trust_policy_document="""{
"Statement": [
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Principal": {
"IAM": [
"trn:iam::20000000xx:root"
]
}
}
]
}""",
tags=[{
"key": "env",
"value": "test",
}])
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/volcengine/pulumi-volcenginecc/sdk/go/volcenginecc/iam"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.NewRole(ctx, "RoleDemo", &iam.RoleArgs{
RoleName: pulumi.String("RoleDemo"),
Description: pulumi.String("role attach policies"),
MaxSessionDuration: pulumi.Int(3600),
TrustPolicyDocument: pulumi.String(`{
"Statement": [
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Principal": {
"IAM": [
"trn:iam::20000000xx:root"
]
}
}
]
}`),
Tags: iam.RoleTagArray{
&iam.RoleTagArgs{
Key: pulumi.String("env"),
Value: pulumi.String("test"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Volcenginecc = Volcengine.Pulumi.Volcenginecc;
return await Deployment.RunAsync(() =>
{
var roleDemo = new Volcenginecc.Iam.Role("RoleDemo", new()
{
RoleName = "RoleDemo",
Description = "role attach policies",
MaxSessionDuration = 3600,
TrustPolicyDocument = @"{
""Statement"": [
{
""Effect"": ""Allow"",
""Action"": [
""sts:AssumeRole""
],
""Principal"": {
""IAM"": [
""trn:iam::20000000xx:root""
]
}
}
]
}",
Tags = new[]
{
new Volcenginecc.Iam.Inputs.RoleTagArgs
{
Key = "env",
Value = "test",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.volcengine.volcenginecc.iam.Role;
import com.volcengine.volcenginecc.iam.RoleArgs;
import com.pulumi.volcenginecc.iam.inputs.RoleTagArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var roleDemo = new Role("roleDemo", RoleArgs.builder()
.roleName("RoleDemo")
.description("role attach policies")
.maxSessionDuration(3600)
.trustPolicyDocument("""
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Principal": {
"IAM": [
"trn:iam::20000000xx:root"
]
}
}
]
} """)
.tags(RoleTagArgs.builder()
.key("env")
.value("test")
.build())
.build());
}
}
resources:
roleDemo:
type: volcenginecc:iam:Role
name: RoleDemo
properties:
roleName: RoleDemo
description: role attach policies
maxSessionDuration: 3600
trustPolicyDocument: |-
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Principal": {
"IAM": [
"trn:iam::20000000xx:root"
]
}
}
]
}
tags:
- key: env
value: test
Create Role Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Role(name: string, args: RoleArgs, opts?: CustomResourceOptions);@overload
def Role(resource_name: str,
args: RoleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Role(resource_name: str,
opts: Optional[ResourceOptions] = None,
role_name: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
max_session_duration: Optional[int] = None,
policies: Optional[Sequence[RolePolicyArgs]] = None,
tags: Optional[Sequence[RoleTagArgs]] = None,
trust_policy_document: Optional[str] = None)func NewRole(ctx *Context, name string, args RoleArgs, opts ...ResourceOption) (*Role, error)public Role(string name, RoleArgs args, CustomResourceOptions? opts = null)type: volcenginecc:iam:Role
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Role Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Role resource accepts the following input properties:
- Role
Name string - Role name, length 1–64, supports English letters, numbers, and .-_ characters
- Description string
- Role description, maximum length 128
- Display
Name string - Role display name, maximum length 64
- Max
Session intDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- Policies
List<Volcengine.
Role Policy> -
List<Volcengine.
Role Tag> - Trust
Policy stringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- Role
Name string - Role name, length 1–64, supports English letters, numbers, and .-_ characters
- Description string
- Role description, maximum length 128
- Display
Name string - Role display name, maximum length 64
- Max
Session intDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- Policies
[]Role
Policy Args -
[]Role
Tag Args - Trust
Policy stringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- role
Name String - Role name, length 1–64, supports English letters, numbers, and .-_ characters
- description String
- Role description, maximum length 128
- display
Name String - Role display name, maximum length 64
- max
Session IntegerDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies
List<Role
Policy> -
List<Role
Tag> - trust
Policy StringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- role
Name string - Role name, length 1–64, supports English letters, numbers, and .-_ characters
- description string
- Role description, maximum length 128
- display
Name string - Role display name, maximum length 64
- max
Session numberDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies
Role
Policy[] -
Role
Tag[] - trust
Policy stringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- role_
name str - Role name, length 1–64, supports English letters, numbers, and .-_ characters
- description str
- Role description, maximum length 128
- display_
name str - Role display name, maximum length 64
- max_
session_ intduration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies
Sequence[Role
Policy Args] -
Sequence[Role
Tag Args] - trust_
policy_ strdocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- role
Name String - Role name, length 1–64, supports English letters, numbers, and .-_ characters
- description String
- Role description, maximum length 128
- display
Name String - Role display name, maximum length 64
- max
Session NumberDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies List<Property Map>
- List<Property Map>
- trust
Policy StringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
Outputs
All input properties are implicitly available as output properties. Additionally, the Role resource produces the following output properties:
- Create
Date string - Role creation time
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
Service intLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- Role
Id int - Role ID
- Trn string
- Role TRN
- Update
Date string - Role update time
- Create
Date string - Role creation time
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
Service intLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- Role
Id int - Role ID
- Trn string
- Role TRN
- Update
Date string - Role update time
- create
Date String - Role creation time
- id String
- The provider-assigned unique ID for this managed resource.
- is
Service IntegerLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- role
Id Integer - Role ID
- trn String
- Role TRN
- update
Date String - Role update time
- create
Date string - Role creation time
- id string
- The provider-assigned unique ID for this managed resource.
- is
Service numberLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- role
Id number - Role ID
- trn string
- Role TRN
- update
Date string - Role update time
- create_
date str - Role creation time
- id str
- The provider-assigned unique ID for this managed resource.
- is_
service_ intlinked_ role - Service-linked role or not: 0 for No, 1 for Yes
- role_
id int - Role ID
- trn str
- Role TRN
- update_
date str - Role update time
- create
Date String - Role creation time
- id String
- The provider-assigned unique ID for this managed resource.
- is
Service NumberLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- role
Id Number - Role ID
- trn String
- Role TRN
- update
Date String - Role update time
Look up Existing Role Resource
Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RoleState, opts?: CustomResourceOptions): Role@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
create_date: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
is_service_linked_role: Optional[int] = None,
max_session_duration: Optional[int] = None,
policies: Optional[Sequence[RolePolicyArgs]] = None,
role_id: Optional[int] = None,
role_name: Optional[str] = None,
tags: Optional[Sequence[RoleTagArgs]] = None,
trn: Optional[str] = None,
trust_policy_document: Optional[str] = None,
update_date: Optional[str] = None) -> Rolefunc GetRole(ctx *Context, name string, id IDInput, state *RoleState, opts ...ResourceOption) (*Role, error)public static Role Get(string name, Input<string> id, RoleState? state, CustomResourceOptions? opts = null)public static Role get(String name, Output<String> id, RoleState state, CustomResourceOptions options)resources: _: type: volcenginecc:iam:Role get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Create
Date string - Role creation time
- Description string
- Role description, maximum length 128
- Display
Name string - Role display name, maximum length 64
- Is
Service intLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- Max
Session intDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- Policies
List<Volcengine.
Role Policy> - Role
Id int - Role ID
- Role
Name string - Role name, length 1–64, supports English letters, numbers, and .-_ characters
-
List<Volcengine.
Role Tag> - Trn string
- Role TRN
- Trust
Policy stringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- Update
Date string - Role update time
- Create
Date string - Role creation time
- Description string
- Role description, maximum length 128
- Display
Name string - Role display name, maximum length 64
- Is
Service intLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- Max
Session intDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- Policies
[]Role
Policy Args - Role
Id int - Role ID
- Role
Name string - Role name, length 1–64, supports English letters, numbers, and .-_ characters
-
[]Role
Tag Args - Trn string
- Role TRN
- Trust
Policy stringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- Update
Date string - Role update time
- create
Date String - Role creation time
- description String
- Role description, maximum length 128
- display
Name String - Role display name, maximum length 64
- is
Service IntegerLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- max
Session IntegerDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies
List<Role
Policy> - role
Id Integer - Role ID
- role
Name String - Role name, length 1–64, supports English letters, numbers, and .-_ characters
-
List<Role
Tag> - trn String
- Role TRN
- trust
Policy StringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- update
Date String - Role update time
- create
Date string - Role creation time
- description string
- Role description, maximum length 128
- display
Name string - Role display name, maximum length 64
- is
Service numberLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- max
Session numberDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies
Role
Policy[] - role
Id number - Role ID
- role
Name string - Role name, length 1–64, supports English letters, numbers, and .-_ characters
-
Role
Tag[] - trn string
- Role TRN
- trust
Policy stringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- update
Date string - Role update time
- create_
date str - Role creation time
- description str
- Role description, maximum length 128
- display_
name str - Role display name, maximum length 64
- is_
service_ intlinked_ role - Service-linked role or not: 0 for No, 1 for Yes
- max_
session_ intduration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies
Sequence[Role
Policy Args] - role_
id int - Role ID
- role_
name str - Role name, length 1–64, supports English letters, numbers, and .-_ characters
-
Sequence[Role
Tag Args] - trn str
- Role TRN
- trust_
policy_ strdocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- update_
date str - Role update time
- create
Date String - Role creation time
- description String
- Role description, maximum length 128
- display
Name String - Role display name, maximum length 64
- is
Service NumberLinked Role - Service-linked role or not: 0 for No, 1 for Yes
- max
Session NumberDuration - Maximum session duration for the role. Maximum session duration for the role. Limits the maximum validity period of temporary security credentials generated by role assumption. Value range: 3600–43200, unit: seconds, default is 43200
- policies List<Property Map>
- role
Id Number - Role ID
- role
Name String - Role name, length 1–64, supports English letters, numbers, and .-_ characters
- List<Property Map>
- trn String
- Role TRN
- trust
Policy StringDocument - Role trust policy. The trust policy follows resource-based policy rules in IAM policy syntax.
- update
Date String - Role update time
Supporting Types
RolePolicy, RolePolicyArgs
- Policy
Name string - Policy name
- Policy
Type string - Policy type. Policy type. System indicates a system preset policy; Custom indicates a custom policy.
- Policy
Name string - Policy name
- Policy
Type string - Policy type. Policy type. System indicates a system preset policy; Custom indicates a custom policy.
- policy
Name String - Policy name
- policy
Type String - Policy type. Policy type. System indicates a system preset policy; Custom indicates a custom policy.
- policy
Name string - Policy name
- policy
Type string - Policy type. Policy type. System indicates a system preset policy; Custom indicates a custom policy.
- policy_
name str - Policy name
- policy_
type str - Policy type. Policy type. System indicates a system preset policy; Custom indicates a custom policy.
- policy
Name String - Policy name
- policy
Type String - Policy type. Policy type. System indicates a system preset policy; Custom indicates a custom policy.
RoleTag, RoleTagArgs
Import
$ pulumi import volcenginecc:iam/role:Role example "role_name"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- volcenginecc volcengine/pulumi-volcenginecc
- License
- MPL-2.0
- Notes
- This Pulumi package is based on the
volcengineccTerraform Provider.
Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine
published on Thursday, Apr 23, 2026 by Volcengine
