GroupPolicy
Provides an IAM policy attached to a group.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var myDevelopers = new Aws.Iam.Group("myDevelopers", new Aws.Iam.GroupArgs
{
Path = "/users/",
});
var myDeveloperPolicy = new Aws.Iam.GroupPolicy("myDeveloperPolicy", new Aws.Iam.GroupPolicyArgs
{
Group = myDevelopers.Id,
Policy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": [
""ec2:Describe*""
],
""Effect"": ""Allow"",
""Resource"": ""*""
}
]
}
",
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myDevelopers, err := iam.NewGroup(ctx, "myDevelopers", &iam.GroupArgs{
Path: pulumi.String("/users/"),
})
if err != nil {
return err
}
_, err = iam.NewGroupPolicy(ctx, "myDeveloperPolicy", &iam.GroupPolicyArgs{
Group: myDevelopers.ID(),
Policy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": [\n", " \"ec2:Describe*\"\n", " ],\n", " \"Effect\": \"Allow\",\n", " \"Resource\": \"*\"\n", " }\n", " ]\n", "}\n", "\n")),
})
if err != nil {
return err
}
return nil
})
}import pulumi
import pulumi_aws as aws
my_developers = aws.iam.Group("myDevelopers", path="/users/")
my_developer_policy = aws.iam.GroupPolicy("myDeveloperPolicy",
group=my_developers.id,
policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
""")import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const myDevelopers = new aws.iam.Group("my_developers", {
path: "/users/",
});
const myDeveloperPolicy = new aws.iam.GroupPolicy("my_developer_policy", {
group: myDevelopers.id,
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
`,
});Create a GroupPolicy Resource
new GroupPolicy(name: string, args: GroupPolicyArgs, opts?: CustomResourceOptions);def GroupPolicy(resource_name, opts=None, group=None, name=None, name_prefix=None, policy=None, __props__=None);func NewGroupPolicy(ctx *Context, name string, args GroupPolicyArgs, opts ...ResourceOption) (*GroupPolicy, error)public GroupPolicy(string name, GroupPolicyArgs args, CustomResourceOptions? opts = null)- name string
- The unique name of the resource.
- args GroupPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GroupPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GroupPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
GroupPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The GroupPolicy resource accepts the following input properties:
- Group string
The IAM group to attach to the policy.
- Policy string
The policy document. This is a JSON formatted string.
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.
- Group string
The IAM group to attach to the policy.
- Policy interface{}
The policy document. This is a JSON formatted string.
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.
- group string
The IAM group to attach to the policy.
- policy
string | Policy
Document The policy document. This is a JSON formatted string.
- name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.
- group str
The IAM group to attach to the policy.
- policy string | str
The policy document. This is a JSON formatted string.
- name str
The name of the policy. If omitted, this provider will assign a random, unique name.
- name_
prefix str Creates a unique name beginning with the specified prefix. Conflicts with
name.
Outputs
All input properties are implicitly available as output properties. Additionally, the GroupPolicy resource produces the following output properties:
Look up an Existing GroupPolicy Resource
Get an existing GroupPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GroupPolicyState, opts?: CustomResourceOptions): GroupPolicystatic get(resource_name, id, opts=None, group=None, name=None, name_prefix=None, policy=None, __props__=None);func GetGroupPolicy(ctx *Context, name string, id IDInput, state *GroupPolicyState, opts ...ResourceOption) (*GroupPolicy, error)public static GroupPolicy Get(string name, Input<string> id, GroupPolicyState? state, CustomResourceOptions? opts = null)- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Group string
The IAM group to attach to the policy.
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.- Policy string
The policy document. This is a JSON formatted string.
- Group string
The IAM group to attach to the policy.
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.- Policy interface{}
The policy document. This is a JSON formatted string.
- group string
The IAM group to attach to the policy.
- name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.- policy
string | Policy
Document The policy document. This is a JSON formatted string.
- group str
The IAM group to attach to the policy.
- name str
The name of the policy. If omitted, this provider will assign a random, unique name.
- name_
prefix str Creates a unique name beginning with the specified prefix. Conflicts with
name.- policy string | str
The policy document. This is a JSON formatted string.
Package Details
- Repository
- https://github.com/pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.