Profile
data class ProfileArgs(val durationSeconds: Output<Int>? = null, val enabled: Output<Boolean>? = null, val managedPolicyArns: Output<List<String>>? = null, val name: Output<String>? = null, val requireInstanceProperties: Output<Boolean>? = null, val roleArns: Output<List<String>>? = null, val sessionPolicy: Output<String>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<ProfileArgs>
Resource for managing a Roles Anywhere Profile.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.iam.Role("test", {
name: "test",
path: "/",
assumeRolePolicy: JSON.stringify({
Version: "2012-10-17",
Statement: [{
Action: [
"sts:AssumeRole",
"sts:TagSession",
"sts:SetSourceIdentity",
],
Principal: {
Service: "rolesanywhere.amazonaws.com",
},
Effect: "Allow",
Sid: "",
}],
}),
});
const testProfile = new aws.rolesanywhere.Profile("test", {
name: "example",
roleArns: [test.arn],
});Content copied to clipboard
import pulumi
import json
import pulumi_aws as aws
test = aws.iam.Role("test",
name="test",
path="/",
assume_role_policy=json.dumps({
"Version": "2012-10-17",
"Statement": [{
"Action": [
"sts:AssumeRole",
"sts:TagSession",
"sts:SetSourceIdentity",
],
"Principal": {
"Service": "rolesanywhere.amazonaws.com",
},
"Effect": "Allow",
"Sid": "",
}],
}))
test_profile = aws.rolesanywhere.Profile("test",
name="example",
role_arns=[test.arn])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.Iam.Role("test", new()
{
Name = "test",
Path = "/",
AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["Version"] = "2012-10-17",
["Statement"] = new[]
{
new Dictionary<string, object?>
{
["Action"] = new[]
{
"sts:AssumeRole",
"sts:TagSession",
"sts:SetSourceIdentity",
},
["Principal"] = new Dictionary<string, object?>
{
["Service"] = "rolesanywhere.amazonaws.com",
},
["Effect"] = "Allow",
["Sid"] = "",
},
},
}),
});
var testProfile = new Aws.RolesAnywhere.Profile("test", new()
{
Name = "example",
RoleArns = new[]
{
test.Arn,
},
});
});Content copied to clipboard
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rolesanywhere"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
tmpJSON0, err := json.Marshal(map[string]interface{}{
"Version": "2012-10-17",
"Statement": []map[string]interface{}{
map[string]interface{}{
"Action": []string{
"sts:AssumeRole",
"sts:TagSession",
"sts:SetSourceIdentity",
},
"Principal": map[string]interface{}{
"Service": "rolesanywhere.amazonaws.com",
},
"Effect": "Allow",
"Sid": "",
},
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
test, err := iam.NewRole(ctx, "test", &iam.RoleArgs{
Name: pulumi.String("test"),
Path: pulumi.String("/"),
AssumeRolePolicy: pulumi.String(json0),
})
if err != nil {
return err
}
_, err = rolesanywhere.NewProfile(ctx, "test", &rolesanywhere.ProfileArgs{
Name: pulumi.String("example"),
RoleArns: pulumi.StringArray{
test.Arn,
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.rolesanywhere.Profile;
import com.pulumi.aws.rolesanywhere.ProfileArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Role("test", RoleArgs.builder()
.name("test")
.path("/")
.assumeRolePolicy(serializeJson(
jsonObject(
jsonProperty("Version", "2012-10-17"),
jsonProperty("Statement", jsonArray(jsonObject(
jsonProperty("Action", jsonArray(
"sts:AssumeRole",
"sts:TagSession",
"sts:SetSourceIdentity"
)),
jsonProperty("Principal", jsonObject(
jsonProperty("Service", "rolesanywhere.amazonaws.com")
)),
jsonProperty("Effect", "Allow"),
jsonProperty("Sid", "")
)))
)))
.build());
var testProfile = new Profile("testProfile", ProfileArgs.builder()
.name("example")
.roleArns(test.arn())
.build());
}
}Content copied to clipboard
resources:
test:
type: aws:iam:Role
properties:
name: test
path: /
assumeRolePolicy:
fn::toJSON:
Version: 2012-10-17
Statement:
- Action:
- sts:AssumeRole
- sts:TagSession
- sts:SetSourceIdentity
Principal:
Service: rolesanywhere.amazonaws.com
Effect: Allow
Sid: ""
testProfile:
type: aws:rolesanywhere:Profile
name: test
properties:
name: example
roleArns:
- ${test.arn}Content copied to clipboard
Import
Using pulumi import, import aws_rolesanywhere_profile using its id. For example:
$ pulumi import aws:rolesanywhere/profile:Profile example db138a85-8925-4f9f-a409-08231233cacfContent copied to clipboard
Constructors
Link copied to clipboard
constructor(durationSeconds: Output<Int>? = null, enabled: Output<Boolean>? = null, managedPolicyArns: Output<List<String>>? = null, name: Output<String>? = null, requireInstanceProperties: Output<Boolean>? = null, roleArns: Output<List<String>>? = null, sessionPolicy: Output<String>? = null, tags: Output<Map<String, String>>? = null)
Properties
Link copied to clipboard
The number of seconds the vended session credentials are valid for. Defaults to 3600.
Link copied to clipboard
A list of managed policy ARNs that apply to the vended session credentials.
Link copied to clipboard
Specifies whether instance properties are required in CreateSession requests with this profile.
Link copied to clipboard
A session policy that applies to the trust boundary of the vended session credentials.