com.pulumi.digitalocean.kotlin.SpacesBucketPolicyArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-digitalocean-kotlin Show documentation
Show all versions of pulumi-digitalocean-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.digitalocean.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.digitalocean.SpacesBucketPolicyArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName
/**
* ## Example Usage
* ### Limiting access to specific IP addresses
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as digitalocean from "@pulumi/digitalocean";
* const foobar = new digitalocean.SpacesBucket("foobar", {
* name: "foobar",
* region: digitalocean.Region.NYC3,
* });
* const foobarSpacesBucketPolicy = new digitalocean.SpacesBucketPolicy("foobar", {
* region: foobar.region,
* bucket: foobar.name,
* policy: pulumi.jsonStringify({
* Version: "2012-10-17",
* Statement: [{
* Sid: "IPAllow",
* Effect: "Deny",
* Principal: "*",
* Action: "s3:*",
* Resource: [
* pulumi.interpolate`arn:aws:s3:::${foobar.name}`,
* pulumi.interpolate`arn:aws:s3:::${foobar.name}/*`,
* ],
* Condition: {
* NotIpAddress: {
* "aws:SourceIp": "54.240.143.0/24",
* },
* },
* }],
* }),
* });
* ```
* ```python
* import pulumi
* import json
* import pulumi_digitalocean as digitalocean
* foobar = digitalocean.SpacesBucket("foobar",
* name="foobar",
* region=digitalocean.Region.NYC3)
* foobar_spaces_bucket_policy = digitalocean.SpacesBucketPolicy("foobar",
* region=foobar.region,
* bucket=foobar.name,
* policy=pulumi.Output.json_dumps({
* "Version": "2012-10-17",
* "Statement": [{
* "Sid": "IPAllow",
* "Effect": "Deny",
* "Principal": "*",
* "Action": "s3:*",
* "Resource": [
* foobar.name.apply(lambda name: f"arn:aws:s3:::{name}"),
* foobar.name.apply(lambda name: f"arn:aws:s3:::{name}/*"),
* ],
* "Condition": {
* "NotIpAddress": {
* "aws:SourceIp": "54.240.143.0/24",
* },
* },
* }],
* }))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using System.Text.Json;
* using Pulumi;
* using DigitalOcean = Pulumi.DigitalOcean;
* return await Deployment.RunAsync(() =>
* {
* var foobar = new DigitalOcean.SpacesBucket("foobar", new()
* {
* Name = "foobar",
* Region = DigitalOcean.Region.NYC3,
* });
* var foobarSpacesBucketPolicy = new DigitalOcean.SpacesBucketPolicy("foobar", new()
* {
* Region = foobar.Region,
* Bucket = foobar.Name,
* Policy = Output.JsonSerialize(Output.Create(new Dictionary
* {
* ["Version"] = "2012-10-17",
* ["Statement"] = new[]
* {
* new Dictionary
* {
* ["Sid"] = "IPAllow",
* ["Effect"] = "Deny",
* ["Principal"] = "*",
* ["Action"] = "s3:*",
* ["Resource"] = new[]
* {
* foobar.Name.Apply(name => $"arn:aws:s3:::{name}"),
* foobar.Name.Apply(name => $"arn:aws:s3:::{name}/*"),
* },
* ["Condition"] = new Dictionary
* {
* ["NotIpAddress"] = new Dictionary
* {
* ["aws:SourceIp"] = "54.240.143.0/24",
* },
* },
* },
* },
* })),
* });
* });
* ```
* ```go
* package main
* import (
* "encoding/json"
* "fmt"
* "github.com/pulumi/pulumi-digitalocean/sdk/v4/go/digitalocean"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* foobar, err := digitalocean.NewSpacesBucket(ctx, "foobar", &digitalocean.SpacesBucketArgs{
* Name: pulumi.String("foobar"),
* Region: pulumi.String(digitalocean.RegionNYC3),
* })
* if err != nil {
* return err
* }
* _, err = digitalocean.NewSpacesBucketPolicy(ctx, "foobar", &digitalocean.SpacesBucketPolicyArgs{
* Region: foobar.Region,
* Bucket: foobar.Name,
* Policy: pulumi.All(foobar.Name, foobar.Name).ApplyT(func(_args []interface{}) (string, error) {
* foobarName := _args[0].(string)
* foobarName1 := _args[1].(string)
* var _zero string
* tmpJSON0, err := json.Marshal(map[string]interface{}{
* "Version": "2012-10-17",
* "Statement": []map[string]interface{}{
* map[string]interface{}{
* "Sid": "IPAllow",
* "Effect": "Deny",
* "Principal": "*",
* "Action": "s3:*",
* "Resource": []string{
* fmt.Sprintf("arn:aws:s3:::%v", foobarName),
* fmt.Sprintf("arn:aws:s3:::%v/*", foobarName1),
* },
* "Condition": map[string]interface{}{
* "NotIpAddress": map[string]interface{}{
* "aws:SourceIp": "54.240.143.0/24",
* },
* },
* },
* },
* })
* if err != nil {
* return _zero, err
* }
* json0 := string(tmpJSON0)
* return json0, nil
* }).(pulumi.StringOutput),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.digitalocean.SpacesBucket;
* import com.pulumi.digitalocean.SpacesBucketArgs;
* import com.pulumi.digitalocean.SpacesBucketPolicy;
* import com.pulumi.digitalocean.SpacesBucketPolicyArgs;
* import static com.pulumi.codegen.internal.Serialization.*;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var foobar = new SpacesBucket("foobar", SpacesBucketArgs.builder()
* .name("foobar")
* .region("nyc3")
* .build());
* var foobarSpacesBucketPolicy = new SpacesBucketPolicy("foobarSpacesBucketPolicy", SpacesBucketPolicyArgs.builder()
* .region(foobar.region())
* .bucket(foobar.name())
* .policy(Output.tuple(foobar.name(), foobar.name()).applyValue(values -> {
* var foobarName = values.t1;
* var foobarName1 = values.t2;
* return serializeJson(
* jsonObject(
* jsonProperty("Version", "2012-10-17"),
* jsonProperty("Statement", jsonArray(jsonObject(
* jsonProperty("Sid", "IPAllow"),
* jsonProperty("Effect", "Deny"),
* jsonProperty("Principal", "*"),
* jsonProperty("Action", "s3:*"),
* jsonProperty("Resource", jsonArray(
* String.format("arn:aws:s3:::%s", foobarName),
* String.format("arn:aws:s3:::%s/*", foobarName1)
* )),
* jsonProperty("Condition", jsonObject(
* jsonProperty("NotIpAddress", jsonObject(
* jsonProperty("aws:SourceIp", "54.240.143.0/24")
* ))
* ))
* )))
* ));
* }))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* foobar:
* type: digitalocean:SpacesBucket
* properties:
* name: foobar
* region: nyc3
* foobarSpacesBucketPolicy:
* type: digitalocean:SpacesBucketPolicy
* name: foobar
* properties:
* region: ${foobar.region}
* bucket: ${foobar.name}
* policy:
* fn::toJSON:
* Version: 2012-10-17
* Statement:
* - Sid: IPAllow
* Effect: Deny
* Principal: '*'
* Action: s3:*
* Resource:
* - arn:aws:s3:::${foobar.name}
* - arn:aws:s3:::${foobar.name}/*
* Condition:
* NotIpAddress:
* aws:SourceIp: 54.240.143.0/24
* ```
*
* !> **Warning:** Before using this policy, replace the 54.240.143.0/24 IP address range in this example with an appropriate value for your use case. Otherwise, you will lose the ability to access your bucket.
* ## Import
* Bucket policies can be imported using the `region` and `bucket` attributes (delimited by a comma):
* ```sh
* $ pulumi import digitalocean:index/spacesBucketPolicy:SpacesBucketPolicy foobar `region`,`bucket`
* ```
* @property bucket The name of the bucket to which to apply the policy.
* @property policy The text of the policy.
* @property region The region where the bucket resides.
* */*/*/*/*/*/
*/
public data class SpacesBucketPolicyArgs(
public val bucket: Output? = null,
public val policy: Output? = null,
public val region: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.digitalocean.SpacesBucketPolicyArgs =
com.pulumi.digitalocean.SpacesBucketPolicyArgs.builder()
.bucket(bucket?.applyValue({ args0 -> args0 }))
.policy(policy?.applyValue({ args0 -> args0 }))
.region(region?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [SpacesBucketPolicyArgs].
*/
@PulumiTagMarker
public class SpacesBucketPolicyArgsBuilder internal constructor() {
private var bucket: Output? = null
private var policy: Output? = null
private var region: Output? = null
/**
* @param value The name of the bucket to which to apply the policy.
*/
@JvmName("eparqsekauiokavm")
public suspend fun bucket(`value`: Output) {
this.bucket = value
}
/**
* @param value The text of the policy.
*/
@JvmName("kmyeudjwnchjelvt")
public suspend fun policy(`value`: Output) {
this.policy = value
}
/**
* @param value The region where the bucket resides.
*/
@JvmName("mojwhbmugvsbohkd")
public suspend fun region(`value`: Output) {
this.region = value
}
/**
* @param value The name of the bucket to which to apply the policy.
*/
@JvmName("lcisexpnrefldmuj")
public suspend fun bucket(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.bucket = mapped
}
/**
* @param value The text of the policy.
*/
@JvmName("uktmnovkawkwskww")
public suspend fun policy(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.policy = mapped
}
/**
* @param value The region where the bucket resides.
*/
@JvmName("vmctxssephplayvw")
public suspend fun region(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.region = mapped
}
internal fun build(): SpacesBucketPolicyArgs = SpacesBucketPolicyArgs(
bucket = bucket,
policy = policy,
region = region,
)
}