com.pulumi.aws.shield.kotlin.DrtAccessRoleArnAssociationArgs.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.aws.shield.kotlin
import com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs.builder
import com.pulumi.aws.shield.kotlin.inputs.DrtAccessRoleArnAssociationTimeoutsArgs
import com.pulumi.aws.shield.kotlin.inputs.DrtAccessRoleArnAssociationTimeoutsArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.jvm.JvmName
/**
* Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks.
* For more information see [Configure AWS SRT Support](https://docs.aws.amazon.com/waf/latest/developerguide/authorize-srt.html)
* ## Example Usage
* ### Basic Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
* const exampleRole = new aws.iam.Role("example", {
* name: "example-role",
* assumeRolePolicy: JSON.stringify({
* Version: "2012-10-17",
* Statement: [{
* Sid: "",
* Effect: "Allow",
* Principal: {
* Service: "drt.shield.amazonaws.com",
* },
* Action: "sts:AssumeRole",
* }],
* }),
* });
* const example = new aws.shield.DrtAccessRoleArnAssociation("example", {roleArn: exampleRole.arn});
* const exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment("example", {
* role: exampleRole.name,
* policyArn: "arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy",
* });
* ```
* ```python
* import pulumi
* import json
* import pulumi_aws as aws
* example_role = aws.iam.Role("example",
* name="example-role",
* assume_role_policy=json.dumps({
* "Version": "2012-10-17",
* "Statement": [{
* "Sid": "",
* "Effect": "Allow",
* "Principal": {
* "Service": "drt.shield.amazonaws.com",
* },
* "Action": "sts:AssumeRole",
* }],
* }))
* example = aws.shield.DrtAccessRoleArnAssociation("example", role_arn=example_role.arn)
* example_role_policy_attachment = aws.iam.RolePolicyAttachment("example",
* role=example_role.name,
* policy_arn="arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using System.Text.Json;
* using Pulumi;
* using Aws = Pulumi.Aws;
* return await Deployment.RunAsync(() =>
* {
* var exampleRole = new Aws.Iam.Role("example", new()
* {
* Name = "example-role",
* AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary
* {
* ["Version"] = "2012-10-17",
* ["Statement"] = new[]
* {
* new Dictionary
* {
* ["Sid"] = "",
* ["Effect"] = "Allow",
* ["Principal"] = new Dictionary
* {
* ["Service"] = "drt.shield.amazonaws.com",
* },
* ["Action"] = "sts:AssumeRole",
* },
* },
* }),
* });
* var example = new Aws.Shield.DrtAccessRoleArnAssociation("example", new()
* {
* RoleArn = exampleRole.Arn,
* });
* var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("example", new()
* {
* Role = exampleRole.Name,
* PolicyArn = "arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy",
* });
* });
* ```
* ```go
* package main
* import (
* "encoding/json"
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* tmpJSON0, err := json.Marshal(map[string]interface{}{
* "Version": "2012-10-17",
* "Statement": []map[string]interface{}{
* map[string]interface{}{
* "Sid": "",
* "Effect": "Allow",
* "Principal": map[string]interface{}{
* "Service": "drt.shield.amazonaws.com",
* },
* "Action": "sts:AssumeRole",
* },
* },
* })
* if err != nil {
* return err
* }
* json0 := string(tmpJSON0)
* exampleRole, err := iam.NewRole(ctx, "example", &iam.RoleArgs{
* Name: pulumi.String("example-role"),
* AssumeRolePolicy: pulumi.String(json0),
* })
* if err != nil {
* return err
* }
* _, err = shield.NewDrtAccessRoleArnAssociation(ctx, "example", &shield.DrtAccessRoleArnAssociationArgs{
* RoleArn: exampleRole.Arn,
* })
* if err != nil {
* return err
* }
* _, err = iam.NewRolePolicyAttachment(ctx, "example", &iam.RolePolicyAttachmentArgs{
* Role: exampleRole.Name,
* PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.iam.Role;
* import com.pulumi.aws.iam.RoleArgs;
* import com.pulumi.aws.shield.DrtAccessRoleArnAssociation;
* import com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;
* import com.pulumi.aws.iam.RolePolicyAttachment;
* import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
* import static com.pulumi.codegen.internal.Serialization.*;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var exampleRole = new Role("exampleRole", RoleArgs.builder()
* .name("example-role")
* .assumeRolePolicy(serializeJson(
* jsonObject(
* jsonProperty("Version", "2012-10-17"),
* jsonProperty("Statement", jsonArray(jsonObject(
* jsonProperty("Sid", ""),
* jsonProperty("Effect", "Allow"),
* jsonProperty("Principal", jsonObject(
* jsonProperty("Service", "drt.shield.amazonaws.com")
* )),
* jsonProperty("Action", "sts:AssumeRole")
* )))
* )))
* .build());
* var example = new DrtAccessRoleArnAssociation("example", DrtAccessRoleArnAssociationArgs.builder()
* .roleArn(exampleRole.arn())
* .build());
* var exampleRolePolicyAttachment = new RolePolicyAttachment("exampleRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
* .role(exampleRole.name())
* .policyArn("arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: aws:shield:DrtAccessRoleArnAssociation
* properties:
* roleArn: ${exampleRole.arn}
* exampleRole:
* type: aws:iam:Role
* name: example
* properties:
* name: example-role
* assumeRolePolicy:
* fn::toJSON:
* Version: 2012-10-17
* Statement:
* - Sid:
* Effect: Allow
* Principal:
* Service: drt.shield.amazonaws.com
* Action: sts:AssumeRole
* exampleRolePolicyAttachment:
* type: aws:iam:RolePolicyAttachment
* name: example
* properties:
* role: ${exampleRole.name}
* policyArn: arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy
* ```
*
* ## Import
* Using `pulumi import`, import Shield DRT access role ARN association using the AWS account ID. For example:
* ```sh
* $ pulumi import aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation example 123456789012
* ```
* @property roleArn The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role.
* @property timeouts
*/
public data class DrtAccessRoleArnAssociationArgs(
public val roleArn: Output? = null,
public val timeouts: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs =
com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs.builder()
.roleArn(roleArn?.applyValue({ args0 -> args0 }))
.timeouts(timeouts?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) })).build()
}
/**
* Builder for [DrtAccessRoleArnAssociationArgs].
*/
@PulumiTagMarker
public class DrtAccessRoleArnAssociationArgsBuilder internal constructor() {
private var roleArn: Output? = null
private var timeouts: Output? = null
/**
* @param value The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role.
*/
@JvmName("wcxmphnrefigxmsj")
public suspend fun roleArn(`value`: Output) {
this.roleArn = value
}
/**
* @param value
*/
@JvmName("spvgfbubxvphaebe")
public suspend fun timeouts(`value`: Output) {
this.timeouts = value
}
/**
* @param value The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role.
*/
@JvmName("jpkxsveqgojiiiwg")
public suspend fun roleArn(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.roleArn = mapped
}
/**
* @param value
*/
@JvmName("iyixyrwrddafnvwl")
public suspend fun timeouts(`value`: DrtAccessRoleArnAssociationTimeoutsArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.timeouts = mapped
}
/**
* @param argument
*/
@JvmName("ojajotfruiklxffr")
public suspend fun timeouts(argument: suspend DrtAccessRoleArnAssociationTimeoutsArgsBuilder.() -> Unit) {
val toBeMapped = DrtAccessRoleArnAssociationTimeoutsArgsBuilder().applySuspend {
argument()
}.build()
val mapped = of(toBeMapped)
this.timeouts = mapped
}
internal fun build(): DrtAccessRoleArnAssociationArgs = DrtAccessRoleArnAssociationArgs(
roleArn = roleArn,
timeouts = timeouts,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy