com.pulumi.aws.iam.kotlin.InstanceProfileArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-aws-kotlin Show documentation
Show all versions of pulumi-aws-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.aws.iam.kotlin
import com.pulumi.aws.iam.InstanceProfileArgs.builder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* Provides an IAM instance profile.
* > **NOTE:** When managing instance profiles, remember that the `name` attribute must always be unique. This means that even if you have different `role` or `path` values, duplicating an existing instance profile `name` will lead to an `EntityAlreadyExists` error.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
* const assumeRole = aws.iam.getPolicyDocument({
* statements: [{
* effect: "Allow",
* principals: [{
* type: "Service",
* identifiers: ["ec2.amazonaws.com"],
* }],
* actions: ["sts:AssumeRole"],
* }],
* });
* const role = new aws.iam.Role("role", {
* name: "test_role",
* path: "/",
* assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json),
* });
* const testProfile = new aws.iam.InstanceProfile("test_profile", {
* name: "test_profile",
* role: role.name,
* });
* ```
* ```python
* import pulumi
* import pulumi_aws as aws
* assume_role = aws.iam.get_policy_document(statements=[{
* "effect": "Allow",
* "principals": [{
* "type": "Service",
* "identifiers": ["ec2.amazonaws.com"],
* }],
* "actions": ["sts:AssumeRole"],
* }])
* role = aws.iam.Role("role",
* name="test_role",
* path="/",
* assume_role_policy=assume_role.json)
* test_profile = aws.iam.InstanceProfile("test_profile",
* name="test_profile",
* role=role.name)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Aws = Pulumi.Aws;
* return await Deployment.RunAsync(() =>
* {
* var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
* {
* Statements = new[]
* {
* new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
* {
* Effect = "Allow",
* Principals = new[]
* {
* new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
* {
* Type = "Service",
* Identifiers = new[]
* {
* "ec2.amazonaws.com",
* },
* },
* },
* Actions = new[]
* {
* "sts:AssumeRole",
* },
* },
* },
* });
* var role = new Aws.Iam.Role("role", new()
* {
* Name = "test_role",
* Path = "/",
* AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
* });
* var testProfile = new Aws.Iam.InstanceProfile("test_profile", new()
* {
* Name = "test_profile",
* Role = role.Name,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
* Statements: []iam.GetPolicyDocumentStatement{
* {
* Effect: pulumi.StringRef("Allow"),
* Principals: []iam.GetPolicyDocumentStatementPrincipal{
* {
* Type: "Service",
* Identifiers: []string{
* "ec2.amazonaws.com",
* },
* },
* },
* Actions: []string{
* "sts:AssumeRole",
* },
* },
* },
* }, nil)
* if err != nil {
* return err
* }
* role, err := iam.NewRole(ctx, "role", &iam.RoleArgs{
* Name: pulumi.String("test_role"),
* Path: pulumi.String("/"),
* AssumeRolePolicy: pulumi.String(assumeRole.Json),
* })
* if err != nil {
* return err
* }
* _, err = iam.NewInstanceProfile(ctx, "test_profile", &iam.InstanceProfileArgs{
* Name: pulumi.String("test_profile"),
* Role: role.Name,
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.iam.IamFunctions;
* import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
* import com.pulumi.aws.iam.Role;
* import com.pulumi.aws.iam.RoleArgs;
* import com.pulumi.aws.iam.InstanceProfile;
* import com.pulumi.aws.iam.InstanceProfileArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
* .statements(GetPolicyDocumentStatementArgs.builder()
* .effect("Allow")
* .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
* .type("Service")
* .identifiers("ec2.amazonaws.com")
* .build())
* .actions("sts:AssumeRole")
* .build())
* .build());
* var role = new Role("role", RoleArgs.builder()
* .name("test_role")
* .path("/")
* .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
* .build());
* var testProfile = new InstanceProfile("testProfile", InstanceProfileArgs.builder()
* .name("test_profile")
* .role(role.name())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* testProfile:
* type: aws:iam:InstanceProfile
* name: test_profile
* properties:
* name: test_profile
* role: ${role.name}
* role:
* type: aws:iam:Role
* properties:
* name: test_role
* path: /
* assumeRolePolicy: ${assumeRole.json}
* variables:
* assumeRole:
* fn::invoke:
* Function: aws:iam:getPolicyDocument
* Arguments:
* statements:
* - effect: Allow
* principals:
* - type: Service
* identifiers:
* - ec2.amazonaws.com
* actions:
* - sts:AssumeRole
* ```
*
* ## Import
* Using `pulumi import`, import Instance Profiles using the `name`. For example:
* ```sh
* $ pulumi import aws:iam/instanceProfile:InstanceProfile test_profile app-instance-profile-1
* ```
* @property name Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. The `name` must be unique, regardless of the `path` or `role`. In other words, if there are different `role` or `path` values but the same `name` as an existing instance profile, it will still cause an `EntityAlreadyExists` error.
* @property namePrefix Creates a unique name beginning with the specified prefix. Conflicts with `name`.
* @property path Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
* @property role Name of the role to add to the profile.
* @property tags Map of resource tags for the IAM Instance Profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
public data class InstanceProfileArgs(
public val name: Output? = null,
public val namePrefix: Output? = null,
public val path: Output? = null,
public val role: Output? = null,
public val tags: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.aws.iam.InstanceProfileArgs =
com.pulumi.aws.iam.InstanceProfileArgs.builder()
.name(name?.applyValue({ args0 -> args0 }))
.namePrefix(namePrefix?.applyValue({ args0 -> args0 }))
.path(path?.applyValue({ args0 -> args0 }))
.role(role?.applyValue({ args0 -> args0 }))
.tags(
tags?.applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}),
).build()
}
/**
* Builder for [InstanceProfileArgs].
*/
@PulumiTagMarker
public class InstanceProfileArgsBuilder internal constructor() {
private var name: Output? = null
private var namePrefix: Output? = null
private var path: Output? = null
private var role: Output? = null
private var tags: Output>? = null
/**
* @param value Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. The `name` must be unique, regardless of the `path` or `role`. In other words, if there are different `role` or `path` values but the same `name` as an existing instance profile, it will still cause an `EntityAlreadyExists` error.
*/
@JvmName("ugxababvbtblmjys")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*/
@JvmName("qlukfprcxsjksnpi")
public suspend fun namePrefix(`value`: Output) {
this.namePrefix = value
}
/**
* @param value Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
*/
@JvmName("urcjhqhbiojheqgx")
public suspend fun path(`value`: Output) {
this.path = value
}
/**
* @param value Name of the role to add to the profile.
*/
@JvmName("ldwjuetrxvxpnqjn")
public suspend fun role(`value`: Output) {
this.role = value
}
/**
* @param value Map of resource tags for the IAM Instance Profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
@JvmName("rxusnewqkfhgesvc")
public suspend fun tags(`value`: Output>) {
this.tags = value
}
/**
* @param value Name of the instance profile. If omitted, this provider will assign a random, unique name. Conflicts with `name_prefix`. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: `_`, `+`, `=`, `,`, `.`, `@`, `-`. Spaces are not allowed. The `name` must be unique, regardless of the `path` or `role`. In other words, if there are different `role` or `path` values but the same `name` as an existing instance profile, it will still cause an `EntityAlreadyExists` error.
*/
@JvmName("dhlslrchwpvkjkau")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*/
@JvmName("bmrdxvabqlfmldxy")
public suspend fun namePrefix(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.namePrefix = mapped
}
/**
* @param value Path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the IAM User Guide. Can be a string of characters consisting of either a forward slash (`/`) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
*/
@JvmName("sramvyefxqxtmcdx")
public suspend fun path(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.path = mapped
}
/**
* @param value Name of the role to add to the profile.
*/
@JvmName("uwffkkofnpbudfuu")
public suspend fun role(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.role = mapped
}
/**
* @param value Map of resource tags for the IAM Instance Profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
@JvmName("smbpxvplkdmjumsn")
public suspend fun tags(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tags = mapped
}
/**
* @param values Map of resource tags for the IAM Instance Profile. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
@JvmName("xrggueltypurmeuy")
public fun tags(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.tags = mapped
}
internal fun build(): InstanceProfileArgs = InstanceProfileArgs(
name = name,
namePrefix = namePrefix,
path = path,
role = role,
tags = tags,
)
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy