pulumi-aws-kotlin/com.pulumi.aws.efs.kotlin/FileSystemPolicyArgs

FileSystemPolicyArgs

data class FileSystemPolicyArgs(val bypassPolicyLockoutSafetyCheck: Output<Boolean>? = null, val fileSystemId: Output<String>? = null, val policy: Output<String>? = null) : ConvertibleToJava<FileSystemPolicyArgs>

Provides an Elastic File System (EFS) File System Policy resource.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.efs.FileSystem;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.efs.FileSystemPolicy;
import com.pulumi.aws.efs.FileSystemPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var fs = new FileSystem("fs");
        final var policyPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .sid("ExampleStatement01")
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("AWS")
                    .identifiers("*")
                    .build())
                .actions(
                    "elasticfilesystem:ClientMount",
                    "elasticfilesystem:ClientWrite")
                .resources(fs.arn())
                .conditions(GetPolicyDocumentStatementConditionArgs.builder()
                    .test("Bool")
                    .variable("aws:SecureTransport")
                    .values("true")
                    .build())
                .build())
            .build());
        var policyFileSystemPolicy = new FileSystemPolicy("policyFileSystemPolicy", FileSystemPolicyArgs.builder()
            .fileSystemId(fs.id())
            .policy(policyPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(policyPolicyDocument -> policyPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
            .build());
    }
}

Import

The EFS file system policies can be imported using the id, e.g.,

$ pulumi import aws:efs/fileSystemPolicy:FileSystemPolicy foo fs-6fa144c6

Constructors

FileSystemPolicyArgs

constructor(bypassPolicyLockoutSafetyCheck: Output<Boolean>? = null, fileSystemId: Output<String>? = null, policy: Output<String>? = null)

Properties

bypassPolicyLockoutSafetyCheck

val bypassPolicyLockoutSafetyCheck: Output<Boolean>? = null

A flag to indicate whether to bypass the aws.efs.FileSystemPolicy lockout safety check. The policy lockout safety check determines whether the policy in the request will prevent the principal making the request will be locked out from making future PutFileSystemPolicy requests on the file system. Set bypass_policy_lockout_safety_check to true only when you intend to prevent the principal that is making the request from making a subsequent PutFileSystemPolicy request on the file system. The default value is false.

fileSystemId

val fileSystemId: Output<String>? = null

The ID of the EFS file system.

policy

val policy: Output<String>? = null

The JSON formatted file system policy for the EFS file system. see Docs for more info. The following arguments are optional:

Functions

toJava

open override fun toJava(): FileSystemPolicyArgs