UserPolicy
Provides an IAM policy attached to a user.
Example Usage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var lbUser = new Aws.Iam.User("lbUser", new Aws.Iam.UserArgs
{
Path = "/system/",
});
var lbRo = new Aws.Iam.UserPolicy("lbRo", new Aws.Iam.UserPolicyArgs
{
Policy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": [
""ec2:Describe*""
],
""Effect"": ""Allow"",
""Resource"": ""*""
}
]
}
",
User = lbUser.Name,
});
var lbAccessKey = new Aws.Iam.AccessKey("lbAccessKey", new Aws.Iam.AccessKeyArgs
{
User = lbUser.Name,
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
lbUser, err := iam.NewUser(ctx, "lbUser", &iam.UserArgs{
Path: pulumi.String("/system/"),
})
if err != nil {
return err
}
_, err = iam.NewUserPolicy(ctx, "lbRo", &iam.UserPolicyArgs{
Policy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": [\n", " \"ec2:Describe*\"\n", " ],\n", " \"Effect\": \"Allow\",\n", " \"Resource\": \"*\"\n", " }\n", " ]\n", "}\n", "\n")),
User: lbUser.Name,
})
if err != nil {
return err
}
_, err = iam.NewAccessKey(ctx, "lbAccessKey", &iam.AccessKeyArgs{
User: lbUser.Name,
})
if err != nil {
return err
}
return nil
})
}import pulumi
import pulumi_aws as aws
lb_user = aws.iam.User("lbUser", path="/system/")
lb_ro = aws.iam.UserPolicy("lbRo",
policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
""",
user=lb_user.name)
lb_access_key = aws.iam.AccessKey("lbAccessKey", user=lb_user.name)import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const lbUser = new aws.iam.User("lb", {
path: "/system/",
});
const lbRo = new aws.iam.UserPolicy("lb_ro", {
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
`,
user: lbUser.name,
});
const lbAccessKey = new aws.iam.AccessKey("lb", {
user: lbUser.name,
});Create a UserPolicy Resource
new UserPolicy(name: string, args: UserPolicyArgs, opts?: CustomResourceOptions);def UserPolicy(resource_name, opts=None, name=None, name_prefix=None, policy=None, user=None, __props__=None);func NewUserPolicy(ctx *Context, name string, args UserPolicyArgs, opts ...ResourceOption) (*UserPolicy, error)public UserPolicy(string name, UserPolicyArgs args, CustomResourceOptions? opts = null)- name string
- The unique name of the resource.
- args UserPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- opts ResourceOptions
- A bag of options that control this resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args UserPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args UserPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
UserPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.
Inputs
The UserPolicy resource accepts the following input properties:
- Policy string
The policy document. This is a JSON formatted string.
- User string
IAM user to which to attach this policy.
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.
- Policy interface{}
The policy document. This is a JSON formatted string.
- User string
IAM user to which to attach this policy.
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.
- policy
string | Policy
Document The policy document. This is a JSON formatted string.
- user string
IAM user to which to attach this policy.
- name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.
- policy string | str
The policy document. This is a JSON formatted string.
- user str
IAM user to which to attach this policy.
- name str
The name of the policy. If omitted, this provider will assign a random, unique name.
- name_
prefix str Creates a unique name beginning with the specified prefix. Conflicts with
name.
Outputs
All input properties are implicitly available as output properties. Additionally, the UserPolicy resource produces the following output properties:
Look up an Existing UserPolicy Resource
Get an existing UserPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: UserPolicyState, opts?: CustomResourceOptions): UserPolicystatic get(resource_name, id, opts=None, name=None, name_prefix=None, policy=None, user=None, __props__=None);func GetUserPolicy(ctx *Context, name string, id IDInput, state *UserPolicyState, opts ...ResourceOption) (*UserPolicy, error)public static UserPolicy Get(string name, Input<string> id, UserPolicyState? state, CustomResourceOptions? opts = null)- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.- Policy string
The policy document. This is a JSON formatted string.
- User string
IAM user to which to attach this policy.
- Name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- Name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.- Policy interface{}
The policy document. This is a JSON formatted string.
- User string
IAM user to which to attach this policy.
- name string
The name of the policy. If omitted, this provider will assign a random, unique name.
- name
Prefix string Creates a unique name beginning with the specified prefix. Conflicts with
name.- policy
string | Policy
Document The policy document. This is a JSON formatted string.
- user string
IAM user to which to attach this policy.
- name str
The name of the policy. If omitted, this provider will assign a random, unique name.
- name_
prefix str Creates a unique name beginning with the specified prefix. Conflicts with
name.- policy string | str
The policy document. This is a JSON formatted string.
- user str
IAM user to which to attach this policy.
Package Details
- Repository
- https://github.com/pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.