Role
Provides a RAM Role attachment resource.
NOTE: Available since v1.0.0+.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.ram.Role;
import com.pulumi.alicloud.ram.RoleArgs;
import com.pulumi.alicloud.ram.Policy;
import com.pulumi.alicloud.ram.PolicyArgs;
import com.pulumi.alicloud.ram.RolePolicyAttachment;
import com.pulumi.alicloud.ram.RolePolicyAttachmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var role = new Role("role", RoleArgs.builder()
.document("""
{
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"apigateway.aliyuncs.com",
"ecs.aliyuncs.com"
]
}
}
],
"Version": "1"
}
""")
.description("this is a role test.")
.build());
var policy = new Policy("policy", PolicyArgs.builder()
.document("""
{
"Statement": [
{
"Action": [
"oss:ListObjects",
"oss:GetObject"
],
"Effect": "Allow",
"Resource": [
"acs:oss:*:*:mybucket",
"acs:oss:*:*:mybucket/*"
]
}
],
"Version": "1"
}
""")
.description("this is a policy test")
.build());
var attach = new RolePolicyAttachment("attach", RolePolicyAttachmentArgs.builder()
.policyName(policy.name())
.policyType(policy.type())
.roleName(role.name())
.build());
}
}Content copied to clipboard
Import
RAM Role Policy attachment can be imported using the id, e.g.
$ pulumi import alicloud:ram/rolePolicyAttachment:RolePolicyAttachment example role:my-policy:Custom:my-roleContent copied to clipboard
*/