RoleAttachment
Provides a RAM role attachment resource to bind role for several ECS instances.
Example Usage
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
class MyStack : Stack
{
public MyStack()
{
var defaultZones = Output.Create(AliCloud.GetZones.InvokeAsync(new AliCloud.GetZonesArgs
{
AvailableDiskCategory = "cloud_efficiency",
AvailableResourceCreation = "VSwitch",
}));
var defaultInstanceTypes = defaultZones.Apply(defaultZones => Output.Create(AliCloud.Ecs.GetInstanceTypes.InvokeAsync(new AliCloud.Ecs.GetInstanceTypesArgs
{
AvailabilityZone = defaultZones.Zones[0].Id,
CpuCoreCount = 2,
MemorySize = 4,
})));
var defaultImages = Output.Create(AliCloud.Ecs.GetImages.InvokeAsync(new AliCloud.Ecs.GetImagesArgs
{
MostRecent = true,
NameRegex = "^ubuntu_18.*64",
Owners = "system",
}));
var defaultNetwork = new AliCloud.Vpc.Network("defaultNetwork", new AliCloud.Vpc.NetworkArgs
{
CidrBlock = "172.16.0.0/16",
});
var defaultSwitch = new AliCloud.Vpc.Switch("defaultSwitch", new AliCloud.Vpc.SwitchArgs
{
AvailabilityZone = defaultZones.Apply(defaultZones => defaultZones.Zones[0].Id),
CidrBlock = "172.16.0.0/24",
VpcId = defaultNetwork.Id,
});
var defaultSecurityGroup = new AliCloud.Ecs.SecurityGroup("defaultSecurityGroup", new AliCloud.Ecs.SecurityGroupArgs
{
VpcId = defaultNetwork.Id,
});
var defaultSecurityGroupRule = new AliCloud.Ecs.SecurityGroupRule("defaultSecurityGroupRule", new AliCloud.Ecs.SecurityGroupRuleArgs
{
CidrIp = "172.16.0.0/24",
IpProtocol = "tcp",
NicType = "intranet",
Policy = "accept",
PortRange = "22/22",
Priority = 1,
SecurityGroupId = defaultSecurityGroup.Id,
Type = "ingress",
});
var config = new Config();
var name = config.Get("name") ?? "ecsInstanceVPCExample";
var foo = new AliCloud.Ecs.Instance("foo", new AliCloud.Ecs.InstanceArgs
{
ImageId = defaultImages.Apply(defaultImages => defaultImages.Images[0].Id),
InstanceName = name,
InstanceType = defaultInstanceTypes.Apply(defaultInstanceTypes => defaultInstanceTypes.InstanceTypes[0].Id),
InternetChargeType = "PayByTraffic",
InternetMaxBandwidthOut = 5,
SecurityGroups =
{
defaultSecurityGroup.Id,
},
SystemDiskCategory = "cloud_efficiency",
VswitchId = defaultSwitch.Id,
});
var role = new AliCloud.Ram.Role("role", new AliCloud.Ram.RoleArgs
{
Description = "this is a test",
Document = @" {
""Statement"": [
{
""Action"": ""sts:AssumeRole"",
""Effect"": ""Allow"",
""Principal"": {
""Service"": [
""ecs.aliyuncs.com""
]
}
}
],
""Version"": ""1""
}
",
Force = true,
});
var attach = new AliCloud.Ram.RoleAttachment("attach", new AliCloud.Ram.RoleAttachmentArgs
{
InstanceIds =
{
{
foo,
}.Select(__item => __item.Id).ToList(),
},
RoleName = role.Name,
});
}
}
Coming soon!
import pulumi
import pulumi_alicloud as alicloud
default_zones = alicloud.get_zones(available_disk_category="cloud_efficiency",
available_resource_creation="VSwitch")
default_instance_types = alicloud.ecs.get_instance_types(availability_zone=default_zones.zones[0]["id"],
cpu_core_count=2,
memory_size=4)
default_images = alicloud.ecs.get_images(most_recent=True,
name_regex="^ubuntu_18.*64",
owners="system")
default_network = alicloud.vpc.Network("defaultNetwork", cidr_block="172.16.0.0/16")
default_switch = alicloud.vpc.Switch("defaultSwitch",
availability_zone=default_zones.zones[0]["id"],
cidr_block="172.16.0.0/24",
vpc_id=default_network.id)
default_security_group = alicloud.ecs.SecurityGroup("defaultSecurityGroup", vpc_id=default_network.id)
default_security_group_rule = alicloud.ecs.SecurityGroupRule("defaultSecurityGroupRule",
cidr_ip="172.16.0.0/24",
ip_protocol="tcp",
nic_type="intranet",
policy="accept",
port_range="22/22",
priority=1,
security_group_id=default_security_group.id,
type="ingress")
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "ecsInstanceVPCExample"
foo = alicloud.ecs.Instance("foo",
image_id=default_images.images[0]["id"],
instance_name=name,
instance_type=default_instance_types.instance_types[0]["id"],
internet_charge_type="PayByTraffic",
internet_max_bandwidth_out=5,
security_groups=[default_security_group.id],
system_disk_category="cloud_efficiency",
vswitch_id=default_switch.id)
role = alicloud.ram.Role("role",
description="this is a test",
document=""" {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"ecs.aliyuncs.com"
]
}
}
],
"Version": "1"
}
""",
force=True)
attach = alicloud.ram.RoleAttachment("attach",
instance_ids=[[__item.id for __item in [foo]]],
role_name=role.name)import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "ecsInstanceVPCExample";
const defaultZones = pulumi.output(alicloud.getZones({
availableDiskCategory: "cloud_efficiency",
availableResourceCreation: "VSwitch",
}, { async: true }));
const defaultInstanceTypes = defaultZones.apply(defaultZones => alicloud.ecs.getInstanceTypes({
availabilityZone: defaultZones.zones[0].id,
cpuCoreCount: 2,
memorySize: 4,
}, { async: true }));
const defaultImages = pulumi.output(alicloud.ecs.getImages({
mostRecent: true,
nameRegex: "^ubuntu_18.*64",
owners: "system",
}, { async: true }));
const defaultNetwork = new alicloud.vpc.Network("default", {
cidrBlock: "172.16.0.0/16",
});
const defaultSwitch = new alicloud.vpc.Switch("default", {
availabilityZone: defaultZones.zones[0].id,
cidrBlock: "172.16.0.0/24",
vpcId: defaultNetwork.id,
});
const defaultSecurityGroup = new alicloud.ecs.SecurityGroup("default", {
vpcId: defaultNetwork.id,
});
const defaultSecurityGroupRule = new alicloud.ecs.SecurityGroupRule("default", {
cidrIp: "172.16.0.0/24",
ipProtocol: "tcp",
nicType: "intranet",
policy: "accept",
portRange: "22/22",
priority: 1,
securityGroupId: defaultSecurityGroup.id,
type: "ingress",
});
const foo = new alicloud.ecs.Instance("foo", {
imageId: defaultImages.images[0].id,
instanceName: name,
instanceType: defaultInstanceTypes.instanceTypes[0].id,
internetChargeType: "PayByTraffic",
internetMaxBandwidthOut: 5,
securityGroups: [defaultSecurityGroup.id],
systemDiskCategory: "cloud_efficiency",
vswitchId: defaultSwitch.id,
});
const role = new alicloud.ram.Role("role", {
description: "this is a test",
document: ` {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"ecs.aliyuncs.com"
]
}
}
],
"Version": "1"
}
`,
force: true,
});
const attach = new alicloud.ram.RoleAttachment("attach", {
instanceIds: [foo.id],
roleName: role.name,
});Create a RoleAttachment Resource
new RoleAttachment(name: string, args: RoleAttachmentArgs, opts?: CustomResourceOptions);def RoleAttachment(resource_name, opts=None, instance_ids=None, role_name=None, __props__=None);func NewRoleAttachment(ctx *Context, name string, args RoleAttachmentArgs, opts ...ResourceOption) (*RoleAttachment, error)public RoleAttachment(string name, RoleAttachmentArgs args, CustomResourceOptions? opts = null)- name string
- The unique name of the resource.
- args RoleAttachmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RoleAttachmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RoleAttachmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
RoleAttachment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The RoleAttachment resource accepts the following input properties:
- Instance
Ids List<string> The list of ECS instance’s IDs.
- Role
Name string The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- Instance
Ids []string The list of ECS instance’s IDs.
- Role
Name string The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- instance
Ids string[] The list of ECS instance’s IDs.
- role
Name string The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- instance_
ids List[str] The list of ECS instance’s IDs.
- role_
name str The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
Outputs
All input properties are implicitly available as output properties. Additionally, the RoleAttachment resource produces the following output properties:
Look up an Existing RoleAttachment Resource
Get an existing RoleAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RoleAttachmentState, opts?: CustomResourceOptions): RoleAttachmentstatic get(resource_name, id, opts=None, instance_ids=None, role_name=None, __props__=None);func GetRoleAttachment(ctx *Context, name string, id IDInput, state *RoleAttachmentState, opts ...ResourceOption) (*RoleAttachment, error)public static RoleAttachment Get(string name, Input<string> id, RoleAttachmentState? state, CustomResourceOptions? opts = null)- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Instance
Ids List<string> The list of ECS instance’s IDs.
- Role
Name string The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- Instance
Ids []string The list of ECS instance’s IDs.
- Role
Name string The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- instance
Ids string[] The list of ECS instance’s IDs.
- role
Name string The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
- instance_
ids List[str] The list of ECS instance’s IDs.
- role_
name str The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.
Package Details
- Repository
- https://github.com/pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.