Instance
Provides a CEN child instance grant resource, which allow you to authorize a VPC or VBR to a CEN of a different account. For more information about how to use it, see Attach a network in a different account.
NOTE: Available since v1.37.0.
Example Usage
Basic Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.Provider;
import com.pulumi.alicloud.ProviderArgs;
import com.pulumi.alicloud.inputs.ProviderAssumeRoleArgs;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetRegionsArgs;
import com.pulumi.alicloud.cen.Instance;
import com.pulumi.alicloud.cen.InstanceArgs;
import com.pulumi.alicloud.vpc.Network;
import com.pulumi.alicloud.vpc.NetworkArgs;
import com.pulumi.alicloud.cen.InstanceGrant;
import com.pulumi.alicloud.cen.InstanceGrantArgs;
import com.pulumi.alicloud.cen.InstanceAttachment;
import com.pulumi.alicloud.cen.InstanceAttachmentArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var anotherUid = config.get("anotherUid").orElse("xxxx");
var childAccount = new Provider("childAccount", ProviderArgs.builder()
.region("cn-hangzhou")
.assumeRole(ProviderAssumeRoleArgs.builder()
.roleArn(String.format("acs:ram::%s:role/terraform-example-assume-role", anotherUid))
.build())
.build());
var yourAccount = new Provider("yourAccount");
final var yourAccountAccount = AlicloudFunctions.getAccount();
final var childAccountAccount = AlicloudFunctions.getAccount();
final var default = AlicloudFunctions.getRegions(GetRegionsArgs.builder()
.current(true)
.build());
var exampleInstance = new Instance("exampleInstance", InstanceArgs.builder()
.cenInstanceName("tf_example")
.description("an example for cen")
.build(), CustomResourceOptions.builder()
.provider(alicloud.your_account())
.build());
var childAccountNetwork = new Network("childAccountNetwork", NetworkArgs.builder()
.vpcName("terraform-example")
.cidrBlock("172.17.3.0/24")
.build(), CustomResourceOptions.builder()
.provider(alicloud.child_account())
.build());
var childAccountInstanceGrant = new InstanceGrant("childAccountInstanceGrant", InstanceGrantArgs.builder()
.cenId(exampleInstance.id())
.childInstanceId(childAccountNetwork.id())
.cenOwnerId(yourAccountAccount.applyValue(getAccountResult -> getAccountResult.id()))
.build(), CustomResourceOptions.builder()
.provider(alicloud.child_account())
.build());
var exampleInstanceAttachment = new InstanceAttachment("exampleInstanceAttachment", InstanceAttachmentArgs.builder()
.instanceId(exampleInstance.id())
.childInstanceId(childAccountInstanceGrant.childInstanceId())
.childInstanceType("VPC")
.childInstanceRegionId(default_.regions()[0].id())
.childInstanceOwnerId(childAccountAccount.applyValue(getAccountResult -> getAccountResult.id()))
.build(), CustomResourceOptions.builder()
.provider(alicloud.your_account())
.build());
}
}Content copied to clipboard
Import
CEN instance can be imported using the id, e.g.
$ pulumi import alicloud:cen/instanceGrant:InstanceGrant example cen-abc123456:vpc-abc123456:uid123456Content copied to clipboard