Role
Create a Role Resource
new Role(name: string, args?: RoleArgs, opts?: CustomResourceOptions);def Role(resource_name, opts=None, description=None, document=None, force=None, name=None, ram_users=None, services=None, version=None, __props__=None);public Role(string name, RoleArgs? args = null, CustomResourceOptions? opts = null)- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RoleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
Role Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The Role resource accepts the following input properties:
- Description string
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- Document string
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- Force bool
This parameter is used for resource destroy. Default value is
false.- Name string
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- Ram
Users List<string> (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- Services List<string>
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- Version string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
- Description string
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- Document string
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- Force bool
This parameter is used for resource destroy. Default value is
false.- Name string
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- Ram
Users []string (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- Services []string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- Version string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
- description string
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- document string
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- force boolean
This parameter is used for resource destroy. Default value is
false.- name string
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- ram
Users string[] (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- services string[]
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- version string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
- description str
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- document str
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- force bool
This parameter is used for resource destroy. Default value is
false.- name str
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- ram_
users List[str] (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- services List[str]
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- version str
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
Outputs
All input properties are implicitly available as output properties. Additionally, the Role resource produces the following output properties:
Look up an Existing Role Resource
Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RoleState, opts?: CustomResourceOptions): Rolestatic get(resource_name, id, opts=None, arn=None, description=None, document=None, force=None, name=None, ram_users=None, role_id=None, services=None, version=None, __props__=None);public static Role Get(string name, Input<string> id, RoleState? state, CustomResourceOptions? opts = null)- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Arn string
The role arn.
- Description string
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- Document string
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- Force bool
This parameter is used for resource destroy. Default value is
false.- Name string
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- Ram
Users List<string> (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- Role
Id string The role ID.
- Services List<string>
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- Version string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
- Arn string
The role arn.
- Description string
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- Document string
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- Force bool
This parameter is used for resource destroy. Default value is
false.- Name string
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- Ram
Users []string (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- Role
Id string The role ID.
- Services []string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- Version string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
- arn string
The role arn.
- description string
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- document string
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- force boolean
This parameter is used for resource destroy. Default value is
false.- name string
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- ram
Users string[] (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- role
Id string The role ID.
- services string[]
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- version string
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
- arn str
The role arn.
- description str
Description of the RAM role. This name can have a string of 1 to 1024 characters.
- document str
Authorization strategy of the RAM role. It is required when the
servicesandram_usersare not specified.- force bool
This parameter is used for resource destroy. Default value is
false.- name str
Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- ram_
users List[str] (It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is
acs:ram::${account_id}:rootoracs:ram::${account_id}:user/${user_name}, such asacs:ram::1234567890000:rootandacs:ram::1234567890001:user/Mary. The${user_name}is the name of a RAM user which must exists in the Alicloud account indicated by the${account_id}.- role_
id str The role ID.
- services List[str]
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is
${service}.aliyuncs.comor${account_id}@${service}.aliyuncs.com, such asecs.aliyuncs.comand1234567890000@ots.aliyuncs.com. The${service}can beecs,log,apigatewayand so on, the${account_id}refers to someone’s Alicloud account id.- version str
(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is
1. Default value is1.
Package Details
- Repository
- https://github.com/pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.