get
Use this data source to get the ARNs and Names of IAM Roles.
Example Usage
All roles in an account
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const roles = aws.iam.getRoles({});Content copied to clipboard
import pulumi
import pulumi_aws as aws
roles = aws.iam.get_roles()Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var roles = Aws.Iam.GetRoles.Invoke();
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{}, nil)
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetRolesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var roles = IamFunctions.getRoles();
}
}Content copied to clipboard
variables:
roles:
fn::invoke:
function: aws:iam:getRoles
arguments: {}Content copied to clipboard
Roles filtered by name regex
Roles whose role-name contains project
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const roles = aws.iam.getRoles({
nameRegex: ".*project.*",
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
roles = aws.iam.get_roles(name_regex=".*project.*")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var roles = Aws.Iam.GetRoles.Invoke(new()
{
NameRegex = ".*project.*",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
NameRegex: pulumi.StringRef(".*project.*"),
}, nil)
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetRolesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var roles = IamFunctions.getRoles(GetRolesArgs.builder()
.nameRegex(".*project.*")
.build());
}
}Content copied to clipboard
variables:
roles:
fn::invoke:
function: aws:iam:getRoles
arguments:
nameRegex: .*project.*Content copied to clipboard
Roles filtered by path prefix
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const roles = aws.iam.getRoles({
pathPrefix: "/custom-path",
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
roles = aws.iam.get_roles(path_prefix="/custom-path")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var roles = Aws.Iam.GetRoles.Invoke(new()
{
PathPrefix = "/custom-path",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
PathPrefix: pulumi.StringRef("/custom-path"),
}, nil)
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetRolesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var roles = IamFunctions.getRoles(GetRolesArgs.builder()
.pathPrefix("/custom-path")
.build());
}
}Content copied to clipboard
variables:
roles:
fn::invoke:
function: aws:iam:getRoles
arguments:
pathPrefix: /custom-pathContent copied to clipboard
Roles provisioned by AWS SSO
Roles in the account filtered by path prefix
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const roles = aws.iam.getRoles({
pathPrefix: "/aws-reserved/sso.amazonaws.com/",
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
roles = aws.iam.get_roles(path_prefix="/aws-reserved/sso.amazonaws.com/")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var roles = Aws.Iam.GetRoles.Invoke(new()
{
PathPrefix = "/aws-reserved/sso.amazonaws.com/",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
}, nil)
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetRolesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var roles = IamFunctions.getRoles(GetRolesArgs.builder()
.pathPrefix("/aws-reserved/sso.amazonaws.com/")
.build());
}
}Content copied to clipboard
variables:
roles:
fn::invoke:
function: aws:iam:getRoles
arguments:
pathPrefix: /aws-reserved/sso.amazonaws.com/Content copied to clipboard
Specific role in the account filtered by name regex and path prefix
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const roles = aws.iam.getRoles({
nameRegex: "AWSReservedSSO_permission_set_name_.*",
pathPrefix: "/aws-reserved/sso.amazonaws.com/",
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
roles = aws.iam.get_roles(name_regex="AWSReservedSSO_permission_set_name_.*",
path_prefix="/aws-reserved/sso.amazonaws.com/")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var roles = Aws.Iam.GetRoles.Invoke(new()
{
NameRegex = "AWSReservedSSO_permission_set_name_.*",
PathPrefix = "/aws-reserved/sso.amazonaws.com/",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.GetRoles(ctx, &iam.GetRolesArgs{
NameRegex: pulumi.StringRef("AWSReservedSSO_permission_set_name_.*"),
PathPrefix: pulumi.StringRef("/aws-reserved/sso.amazonaws.com/"),
}, nil)
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetRolesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var roles = IamFunctions.getRoles(GetRolesArgs.builder()
.nameRegex("AWSReservedSSO_permission_set_name_.*")
.pathPrefix("/aws-reserved/sso.amazonaws.com/")
.build());
}
}Content copied to clipboard
variables:
roles:
fn::invoke:
function: aws:iam:getRoles
arguments:
nameRegex: AWSReservedSSO_permission_set_name_.*
pathPrefix: /aws-reserved/sso.amazonaws.com/Content copied to clipboard
Return
A collection of values returned by getRoles.
Parameters
argument
A collection of arguments for invoking getRoles.
Return
A collection of values returned by getRoles.
Parameters
name
Regex string to apply to the IAM roles list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. Combine this with other options to narrow down the list AWS returns.
path
Path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/ gets all roles whose path starts with /application_abc/component_xyz/. If it is not included, it defaults to a slash (/), listing all roles. For more details, check out 1.
See also
Return
A collection of values returned by getRoles.
Parameters
argument
Builder for com.pulumi.aws.iam.kotlin.inputs.GetRolesPlainArgs.