• Home
• com.ovhcloud.pulumi.ovh
• pulumi-ovh
• 0.49.0
• source code
• Policy.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.ovhcloud.pulumi.ovh.Iam.Policy Maven / Gradle / Ivy

// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***

package com.ovhcloud.pulumi.ovh.Iam;

import com.ovhcloud.pulumi.ovh.Iam.PolicyArgs;
import com.ovhcloud.pulumi.ovh.Iam.inputs.PolicyState;
import com.ovhcloud.pulumi.ovh.Utilities;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Export;
import com.pulumi.core.annotations.ResourceType;
import com.pulumi.core.internal.Codegen;
import java.lang.Boolean;
import java.lang.String;
import java.util.List;
import java.util.Optional;
import javax.annotation.Nullable;

/**
 * Creates an IAM policy.
 * 
 * ## Example Usage
 * 
 * <!--Start PulumiCodeChooser -->
 * 
 * {@code
 * package generated_program;
 * 
 * import com.pulumi.Context;
 * import com.pulumi.Pulumi;
 * import com.pulumi.core.Output;
 * import com.pulumi.ovh.Me.MeFunctions;
 * import com.pulumi.ovh.Me.IdentityGroup;
 * import com.pulumi.ovh.Me.IdentityGroupArgs;
 * import com.pulumi.ovh.Iam.Policy;
 * import com.pulumi.ovh.Iam.PolicyArgs;
 * import java.util.List;
 * import java.util.ArrayList;
 * import java.util.Map;
 * import java.io.File;
 * import java.nio.file.Files;
 * import java.nio.file.Paths;
 * 
 * public class App {
 *     public static void main(String[] args) {
 *         Pulumi.run(App::stack);
 *     }
 * 
 *     public static void stack(Context ctx) {
 *         final var account = MeFunctions.getMe();
 * 
 *         var myGroup = new IdentityGroup("myGroup", IdentityGroupArgs.builder()
 *             .description("my_group created in Terraform")
 *             .build());
 * 
 *         var manager = new Policy("manager", PolicyArgs.builder()
 *             .description("Users are allowed to use the OVH manager")
 *             .identities(myGroup.GroupURN())
 *             .resources(account.applyValue(getMeResult -> getMeResult.AccountURN()))
 *             .allows(            
 *                 "account:apiovh:me/get",
 *                 "account:apiovh:me/supportLevel/get",
 *                 "account:apiovh:me/certificates/get",
 *                 "account:apiovh:me/tag/get",
 *                 "account:apiovh:services/get",
 *                 "account:apiovh:*")
 *             .build());
 * 
 *     }
 * }
 * }
 * 
 * <!--End PulumiCodeChooser -->
 * 
 */
@ResourceType(type="ovh:Iam/policy:Policy")
public class Policy extends com.pulumi.resources.CustomResource {
    /**
     * List of actions allowed on resources by identities
     * 
     */
    @Export(name="allows", refs={List.class,String.class}, tree="[0,1]")
    private Output> allows;

    /**
     * @return List of actions allowed on resources by identities
     * 
     */
    public Output>> allows() {
        return Codegen.optional(this.allows);
    }
    /**
     * Creation date of this group.
     * 
     */
    @Export(name="createdAt", refs={String.class}, tree="[0]")
    private Output createdAt;

    /**
     * @return Creation date of this group.
     * 
     */
    public Output createdAt() {
        return this.createdAt;
    }
    /**
     * List of actions that will always be denied even if also allowed by this policy or another one.
     * 
     */
    @Export(name="denies", refs={List.class,String.class}, tree="[0,1]")
    private Output> denies;

    /**
     * @return List of actions that will always be denied even if also allowed by this policy or another one.
     * 
     */
    public Output>> denies() {
        return Codegen.optional(this.denies);
    }
    /**
     * Description of the policy
     * 
     */
    @Export(name="description", refs={String.class}, tree="[0]")
    private Output description;

    /**
     * @return Description of the policy
     * 
     */
    public Output> description() {
        return Codegen.optional(this.description);
    }
    /**
     * List of overrides of action that must not be allowed even if they are caught by allow. Only makes sens if allow contains wildcards.
     * 
     */
    @Export(name="excepts", refs={List.class,String.class}, tree="[0,1]")
    private Output> excepts;

    /**
     * @return List of overrides of action that must not be allowed even if they are caught by allow. Only makes sens if allow contains wildcards.
     * 
     */
    public Output>> excepts() {
        return Codegen.optional(this.excepts);
    }
    /**
     * List of identities affected by the policy
     * 
     */
    @Export(name="identities", refs={List.class,String.class}, tree="[0,1]")
    private Output> identities;

    /**
     * @return List of identities affected by the policy
     * 
     */
    public Output> identities() {
        return this.identities;
    }
    /**
     * Name of the policy, must be unique
     * 
     */
    @Export(name="name", refs={String.class}, tree="[0]")
    private Output name;

    /**
     * @return Name of the policy, must be unique
     * 
     */
    public Output name() {
        return this.name;
    }
    /**
     * Owner of the policy.
     * 
     */
    @Export(name="owner", refs={String.class}, tree="[0]")
    private Output owner;

    /**
     * @return Owner of the policy.
     * 
     */
    public Output owner() {
        return this.owner;
    }
    /**
     * Set of permissions groups included in the policy. At evaluation, these permissions groups are each evaluated independently (notably, excepts actions only affect actions in the same permission group).
     * 
     */
    @Export(name="permissionsGroups", refs={List.class,String.class}, tree="[0,1]")
    private Output> permissionsGroups;

    /**
     * @return Set of permissions groups included in the policy. At evaluation, these permissions groups are each evaluated independently (notably, excepts actions only affect actions in the same permission group).
     * 
     */
    public Output>> permissionsGroups() {
        return Codegen.optional(this.permissionsGroups);
    }
    /**
     * Indicates that the policy is a default one.
     * 
     */
    @Export(name="readOnly", refs={Boolean.class}, tree="[0]")
    private Output readOnly;

    /**
     * @return Indicates that the policy is a default one.
     * 
     */
    public Output readOnly() {
        return this.readOnly;
    }
    /**
     * List of resources affected by the policy
     * 
     */
    @Export(name="resources", refs={List.class,String.class}, tree="[0,1]")
    private Output> resources;

    /**
     * @return List of resources affected by the policy
     * 
     */
    public Output> resources() {
        return this.resources;
    }
    /**
     * Date of the last update of this group.
     * 
     */
    @Export(name="updatedAt", refs={String.class}, tree="[0]")
    private Output updatedAt;

    /**
     * @return Date of the last update of this group.
     * 
     */
    public Output updatedAt() {
        return this.updatedAt;
    }

    /**
     *
     * @param name The _unique_ name of the resulting resource.
     */
    public Policy(java.lang.String name) {
        this(name, PolicyArgs.Empty);
    }
    /**
     *
     * @param name The _unique_ name of the resulting resource.
     * @param args The arguments to use to populate this resource's properties.
     */
    public Policy(java.lang.String name, PolicyArgs args) {
        this(name, args, null);
    }
    /**
     *
     * @param name The _unique_ name of the resulting resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param options A bag of options that control this resource's behavior.
     */
    public Policy(java.lang.String name, PolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
        super("ovh:Iam/policy:Policy", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
    }

    private Policy(java.lang.String name, Output id, @Nullable PolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
        super("ovh:Iam/policy:Policy", name, state, makeResourceOptions(options, id), false);
    }

    private static PolicyArgs makeArgs(PolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
        if (options != null && options.getUrn().isPresent()) {
            return null;
        }
        return args == null ? PolicyArgs.Empty : args;
    }

    private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
        var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
            .version(Utilities.getVersion())
            .build();
        return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
    }

    /**
     * Get an existing Host resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state
     * @param options Optional settings to control the behavior of the CustomResource.
     */
    public static Policy get(java.lang.String name, Output id, @Nullable PolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
        return new Policy(name, id, state, options);
    }
}