Module ram

This page documents the language specification for the alicloud package. If you're looking for help working with the inputs, outputs, or functions of alicloud resources in a Pulumi program, please see the resource documentation for examples and API reference.

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-alicloud repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-alicloud repo.

Functions

getAccountAlias
getAccountAliases
getGroups
getPolicies
getRoles
getUsers

Others

Resources

Resource AccessKey

class AccessKey extends CustomResource

Provides a RAM User access key resource.

NOTE: You should set the secretFile if you want to get the access key.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

// Create a new RAM access key for user.
const user = new alicloud.ram.User("user", {
    comments: "yoyoyo",
    displayName: "userDisplayName",
    email: "hello.uuu@aaa.com",
    force: true,
    mobile: "86-18688888888",
});
const ak = new alicloud.ram.AccessKey("ak", {
    secretFile: "/xxx/xxx/xxx.txt",
    userName: user.name,
});

constructor

new AccessKey(name: string, args?: AccessKeyArgs, opts?: pulumi.CustomResourceOptions)

Create a AccessKey resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccessKeyState, opts?: pulumi.CustomResourceOptions): AccessKey

Get an existing AccessKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is AccessKey

Returns true if the given object is an instance of AccessKey. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property encryptedSecret

public encryptedSecret: pulumi.Output<string>;

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property keyFingerprint

public keyFingerprint: pulumi.Output<string>;

The fingerprint of the PGP key used to encrypt the secret

property pgpKey

public pgpKey: pulumi.Output<string | undefined>;

Either a base-64 encoded PGP public key, or a keybase username in the form keybase:some_person_that_exists

property secretFile

public secretFile: pulumi.Output<string | undefined>;

The name of file that can save access key id and access key secret. Strongly suggest you to specified it when you creating access key, otherwise, you wouldn’t get its secret ever.

property status

public status: pulumi.Output<string | undefined>;

Status of access key. It must be Active or Inactive. Default value is Active.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userName

public userName: pulumi.Output<string | undefined>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

Resource AccountAlias

class AccountAlias extends CustomResource

Provides a RAM cloud account alias.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

// Create a alias for cloud account.
const alias = new alicloud.ram.AccountAlias("alias", {
    accountAlias: "hallo",
});

constructor

new AccountAlias(name: string, args: AccountAliasArgs, opts?: pulumi.CustomResourceOptions)

Create a AccountAlias resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccountAliasState, opts?: pulumi.CustomResourceOptions): AccountAlias

Get an existing AccountAlias resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is AccountAlias

Returns true if the given object is an instance of AccountAlias. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accountAlias

public accountAlias: pulumi.Output<string>;

Alias of cloud account. This name can have a string of 3 to 32 characters, must contain only alphanumeric characters or hyphens, such as “-”, and must not begin with a hyphen.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource AccountPasswordPolicy

class AccountPasswordPolicy extends CustomResource

constructor

new AccountPasswordPolicy(name: string, args?: AccountPasswordPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a AccountPasswordPolicy resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccountPasswordPolicyState, opts?: pulumi.CustomResourceOptions): AccountPasswordPolicy

Get an existing AccountPasswordPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is AccountPasswordPolicy

Returns true if the given object is an instance of AccountPasswordPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property hardExpiry

public hardExpiry: pulumi.Output<boolean | undefined>;

Specifies if a password can expire in a hard way. Default to false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property maxLoginAttempts

public maxLoginAttempts: pulumi.Output<number | undefined>;

Maximum logon attempts with an incorrect password within an hour. Valid value range: [0-32]. Default to 5.

property maxPasswordAge

public maxPasswordAge: pulumi.Output<number | undefined>;

The number of days after which password expires. A value of 0 indicates that the password never expires. Valid value range: [0-1095]. Default to 0.

property minimumPasswordLength

public minimumPasswordLength: pulumi.Output<number | undefined>;

Minimal required length of password for a user. Valid value range: [8-32]. Default to 12.

property passwordReusePrevention

public passwordReusePrevention: pulumi.Output<number | undefined>;

User is not allowed to use the latest number of passwords specified in this parameter. A value of 0 indicates the password history check policy is disabled. Valid value range: [0-24]. Default to 0.

property requireLowercaseCharacters

public requireLowercaseCharacters: pulumi.Output<boolean | undefined>;

Specifies if the occurrence of a lowercase character in the password is mandatory. Default to true.

property requireNumbers

public requireNumbers: pulumi.Output<boolean | undefined>;

Specifies if the occurrence of a number in the password is mandatory. Default to true.

property requireSymbols

public requireSymbols: pulumi.Output<boolean | undefined>;

(Optional Specifies if the occurrence of a special character in the password is mandatory. Default to true.

property requireUppercaseCharacters

public requireUppercaseCharacters: pulumi.Output<boolean | undefined>;

Specifies if the occurrence of an uppercase character in the password is mandatory. Default to true.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Alias

class Alias extends CustomResource

constructor

new Alias(name: string, args: AliasArgs, opts?: pulumi.CustomResourceOptions)

Create a Alias resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AliasState, opts?: pulumi.CustomResourceOptions): Alias

Get an existing Alias resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Alias

Returns true if the given object is an instance of Alias. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accountAlias

public accountAlias: pulumi.Output<string>;

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Group

class Group extends CustomResource

constructor

new Group(name: string, args?: GroupArgs, opts?: pulumi.CustomResourceOptions)

Create a Group resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GroupState, opts?: pulumi.CustomResourceOptions): Group

Get an existing Group resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Group

Returns true if the given object is an instance of Group. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property comments

public comments: pulumi.Output<string | undefined>;

Comment of the RAM group. This parameter can have a string of 1 to 128 characters.

property force

public force: pulumi.Output<boolean | undefined>;

This parameter is used for resource destroy. Default value is false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the RAM group. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource GroupMembership

class GroupMembership extends CustomResource

Provides a RAM Group membership resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

// Create a RAM Group membership.
const group = new alicloud.ram.Group("group", {
    comments: "this is a group comments.",
    force: true,
});
const user = new alicloud.ram.User("user", {
    comments: "yoyoyo",
    displayName: "userDisplayName",
    email: "hello.uuu@aaa.com",
    force: true,
    mobile: "86-18688888888",
});
const user1 = new alicloud.ram.User("user1", {
    comments: "yoyoyo",
    displayName: "userDisplayName1",
    email: "hello.uuu@aaa.com",
    force: true,
    mobile: "86-18688888889",
});
const membership = new alicloud.ram.GroupMembership("membership", {
    groupName: group.name,
    userNames: [
        user.name,
        user1.name,
    ],
});

constructor

new GroupMembership(name: string, args: GroupMembershipArgs, opts?: pulumi.CustomResourceOptions)

Create a GroupMembership resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GroupMembershipState, opts?: pulumi.CustomResourceOptions): GroupMembership

Get an existing GroupMembership resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is GroupMembership

Returns true if the given object is an instance of GroupMembership. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property groupName

public groupName: pulumi.Output<string>;

Name of the RAM group. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userNames

public userNames: pulumi.Output<string[]>;

Set of user name which will be added to group. Each name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

Resource GroupPolicyAttachment

class GroupPolicyAttachment extends CustomResource

Provides a RAM Group Policy attachment resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

// Create a RAM Group Policy attachment.
const group = new alicloud.ram.Group("group", {
    comments: "this is a group comments.",
    force: true,
});
const policy = new alicloud.ram.Policy("policy", {
    description: "this is a policy test",
    document: `    {
      "Statement": [
        {
          "Action": [
            "oss:ListObjects",
            "oss:GetObject"
          ],
          "Effect": "Allow",
          "Resource": [
            "acs:oss:*:*:mybucket",
            "acs:oss:*:*:mybucket/*"
          ]
        }
      ],
        "Version": "1"
    }
  `,
    force: true,
});
const attach = new alicloud.ram.GroupPolicyAttachment("attach", {
    groupName: group.name,
    policyName: policy.name,
    policyType: policy.type,
});

constructor

new GroupPolicyAttachment(name: string, args: GroupPolicyAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a GroupPolicyAttachment resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GroupPolicyAttachmentState, opts?: pulumi.CustomResourceOptions): GroupPolicyAttachment

Get an existing GroupPolicyAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is GroupPolicyAttachment

Returns true if the given object is an instance of GroupPolicyAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property groupName

public groupName: pulumi.Output<string>;

Name of the RAM group. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policyName

public policyName: pulumi.Output<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

public policyType: pulumi.Output<string>;

Type of the RAM policy. It must be Custom or System.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource LoginProfile

class LoginProfile extends CustomResource

Provides a RAM User Login Profile resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

// Create a RAM login profile.
const user = new alicloud.ram.User("user", {
    comments: "yoyoyo",
    displayName: "userDisplayName",
    email: "hello.uuu@aaa.com",
    force: true,
    mobile: "86-18688888888",
});
const profile = new alicloud.ram.LoginProfile("profile", {
    password: "Yourpassword1234",
    userName: user.name,
});

constructor

new LoginProfile(name: string, args: LoginProfileArgs, opts?: pulumi.CustomResourceOptions)

Create a LoginProfile resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LoginProfileState, opts?: pulumi.CustomResourceOptions): LoginProfile

Get an existing LoginProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is LoginProfile

Returns true if the given object is an instance of LoginProfile. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property mfaBindRequired

public mfaBindRequired: pulumi.Output<boolean | undefined>;

This parameter indicates whether the MFA needs to be bind when the user first logs in. Default value is false.

property password

public password: pulumi.Output<string>;

Password of the RAM user.

property passwordResetRequired

public passwordResetRequired: pulumi.Output<boolean | undefined>;

This parameter indicates whether the password needs to be reset when the user first logs in. Default value is false.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userName

public userName: pulumi.Output<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

Resource Policy

class Policy extends CustomResource

constructor

new Policy(name: string, args?: PolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a Policy resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PolicyState, opts?: pulumi.CustomResourceOptions): Policy

Get an existing Policy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Policy

Returns true if the given object is an instance of Policy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property attachmentCount

public attachmentCount: pulumi.Output<number>;

The policy attachment count.

property description

public description: pulumi.Output<string | undefined>;

Description of the RAM policy. This name can have a string of 1 to 1024 characters.

property document

public document: pulumi.Output<string>;

Document of the RAM policy. It is required when the statement is not specified.

property force

public force: pulumi.Output<boolean | undefined>;

This parameter is used for resource destroy. Default value is false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property statements

public statements: pulumi.Output<PolicyStatement[]>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Statements of the RAM policy document. It is required when the document is not specified.

property type

public type: pulumi.Output<string>;

The policy type.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property version

public version: pulumi.Output<string | undefined>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM policy document. Valid value is 1. Default value is 1.

Resource Role

class Role extends CustomResource

constructor

new Role(name: string, args?: RoleArgs, opts?: pulumi.CustomResourceOptions)

Create a Role resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RoleState, opts?: pulumi.CustomResourceOptions): Role

Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Role

Returns true if the given object is an instance of Role. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

The role arn.

property description

public description: pulumi.Output<string | undefined>;

Description of the RAM role. This name can have a string of 1 to 1024 characters.

property document

public document: pulumi.Output<string>;

Authorization strategy of the RAM role. It is required when the services and ramUsers are not specified.

property force

public force: pulumi.Output<boolean | undefined>;

This parameter is used for resource destroy. Default value is false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

property ramUsers

public ramUsers: pulumi.Output<string[]>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of ram users who can assume the RAM role. The format of each item in this list is acs:ram::${account_id}:root or acs:ram::${account_id}:user/${user_name}, such as acs:ram::1234567890000:root and acs:ram::1234567890001:user/Mary. The ${user_name} is the name of a RAM user which must exists in the Alicloud account indicated by the ${account_id}.

property roleId

public roleId: pulumi.Output<string>;

The role ID.

property services

public services: pulumi.Output<string[]>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) List of services which can assume the RAM role. The format of each item in this list is ${service}.aliyuncs.com or ${account_id}@${service}.aliyuncs.com, such as ecs.aliyuncs.com and 1234567890000@ots.aliyuncs.com. The ${service} can be ecs, log, apigateway and so on, the ${account_id} refers to someone’s Alicloud account id.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property version

public version: pulumi.Output<string | undefined>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is 1. Default value is 1.

Resource RoleAttachment

class RoleAttachment extends CustomResource

Provides a RAM role attachment resource to bind role for several ECS instances.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const config = new pulumi.Config();
const name = config.get("name") || "ecsInstanceVPCExample";

const defaultZones = pulumi.output(alicloud.getZones({
    availableDiskCategory: "cloudEfficiency",
    availableResourceCreation: "VSwitch",
}, { async: true }));
const defaultInstanceTypes = defaultZones.apply(defaultZones => alicloud.ecs.getInstanceTypes({
    availabilityZone: defaultZones.zones[0].id,
    cpuCoreCount: 2,
    memorySize: 4,
}, { async: true }));
const defaultImages = pulumi.output(alicloud.ecs.getImages({
    mostRecent: true,
    nameRegex: "^ubuntu_18.*64",
    owners: "system",
}, { async: true }));
const defaultNetwork = new alicloud.vpc.Network("default", {
    cidrBlock: "172.16.0.0/16",
});
const defaultSwitch = new alicloud.vpc.Switch("default", {
    availabilityZone: defaultZones.zones[0].id,
    cidrBlock: "172.16.0.0/24",
    vpcId: defaultNetwork.id,
});
const defaultSecurityGroup = new alicloud.ecs.SecurityGroup("default", {
    vpcId: defaultNetwork.id,
});
const defaultSecurityGroupRule = new alicloud.ecs.SecurityGroupRule("default", {
    cidrIp: "172.16.0.0/24",
    ipProtocol: "tcp",
    nicType: "intranet",
    policy: "accept",
    portRange: "22/22",
    priority: 1,
    securityGroupId: defaultSecurityGroup.id,
    type: "ingress",
});
const foo = new alicloud.ecs.Instance("foo", {
    imageId: defaultImages.images[0].id,
    instanceName: name,
    instanceType: defaultInstanceTypes.instanceTypes[0].id,
    internetChargeType: "PayByTraffic",
    internetMaxBandwidthOut: 5,
    securityGroups: [defaultSecurityGroup.id],
    systemDiskCategory: "cloudEfficiency",
    vswitchId: defaultSwitch.id,
});
const role = new alicloud.ram.Role("role", {
    description: "this is a test",
    document: `  {
    "Statement": [
      {
        "Action": "sts:AssumeRole",
        "Effect": "Allow",
        "Principal": {
          "Service": [
            "ecs.aliyuncs.com"
          ]
        }
      }
    ],
    "Version": "1"
  }
  `,
    force: true,
});
const attach = new alicloud.ram.RoleAttachment("attach", {
    instanceIds: [foo.id],
    roleName: role.name,
});

constructor

new RoleAttachment(name: string, args: RoleAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a RoleAttachment resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RoleAttachmentState, opts?: pulumi.CustomResourceOptions): RoleAttachment

Get an existing RoleAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RoleAttachment

Returns true if the given object is an instance of RoleAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceIds

public instanceIds: pulumi.Output<string[]>;

The list of ECS instance’s IDs.

property roleName

public roleName: pulumi.Output<string>;

The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RolePolicyAttachment

class RolePolicyAttachment extends CustomResource

Provides a RAM Role attachment resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

// Create a RAM Role Policy attachment.
const role = new alicloud.ram.Role("role", {
    description: "this is a role test.",
    document: `    {
      "Statement": [
        {
          "Action": "sts:AssumeRole",
          "Effect": "Allow",
          "Principal": {
            "Service": [
              "apigateway.aliyuncs.com",
              "ecs.aliyuncs.com"
            ]
          }
        }
      ],
      "Version": "1"
    }
    `,
    force: true,
});
const policy = new alicloud.ram.Policy("policy", {
    description: "this is a policy test",
    document: `  {
    "Statement": [
      {
        "Action": [
          "oss:ListObjects",
          "oss:GetObject"
        ],
        "Effect": "Allow",
        "Resource": [
          "acs:oss:*:*:mybucket",
          "acs:oss:*:*:mybucket/*"
        ]
      }
    ],
      "Version": "1"
  }
  `,
    force: true,
});
const attach = new alicloud.ram.RolePolicyAttachment("attach", {
    policyName: policy.name,
    policyType: policy.type,
    roleName: role.name,
});

constructor

new RolePolicyAttachment(name: string, args: RolePolicyAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a RolePolicyAttachment resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RolePolicyAttachmentState, opts?: pulumi.CustomResourceOptions): RolePolicyAttachment

Get an existing RolePolicyAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is RolePolicyAttachment

Returns true if the given object is an instance of RolePolicyAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policyName

public policyName: pulumi.Output<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

public policyType: pulumi.Output<string>;

Type of the RAM policy. It must be Custom or System.

property roleName

public roleName: pulumi.Output<string>;

Name of the RAM Role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource User

class User extends CustomResource

constructor

new User(name: string, args?: UserArgs, opts?: pulumi.CustomResourceOptions)

Create a User resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserState, opts?: pulumi.CustomResourceOptions): User

Get an existing User resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is User

Returns true if the given object is an instance of User. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property comments

public comments: pulumi.Output<string | undefined>;

Comment of the RAM user. This parameter can have a string of 1 to 128 characters.

property displayName

public displayName: pulumi.Output<string | undefined>;

Name of the RAM user which for display. This name can have a string of 1 to 128 characters or Chinese characters, must contain only alphanumeric characters or Chinese characters or hyphens, such as “-”,“.”, and must not end with a hyphen.

property email

public email: pulumi.Output<string | undefined>;

Email of the RAM user.

property force

public force: pulumi.Output<boolean | undefined>;

This parameter is used for resource destroy. Default value is false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property mobile

public mobile: pulumi.Output<string | undefined>;

Phone number of the RAM user. This number must contain an international area code prefix, just look like this: 86-18600008888.

property name

public name: pulumi.Output<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource UserPolicyAttachment

class UserPolicyAttachment extends CustomResource

Provides a RAM User Policy attachment resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

// Create a RAM User Policy attachment.
const user = new alicloud.ram.User("user", {
    comments: "yoyoyo",
    displayName: "userDisplayName",
    email: "hello.uuu@aaa.com",
    force: true,
    mobile: "86-18688888888",
});
const policy = new alicloud.ram.Policy("policy", {
    description: "this is a policy test",
    document: `  {
    "Statement": [
      {
        "Action": [
          "oss:ListObjects",
          "oss:GetObject"
        ],
        "Effect": "Allow",
        "Resource": [
          "acs:oss:*:*:mybucket",
          "acs:oss:*:*:mybucket/*"
        ]
      }
    ],
      "Version": "1"
  }
  `,
    force: true,
});
const attach = new alicloud.ram.UserPolicyAttachment("attach", {
    policyName: policy.name,
    policyType: policy.type,
    userName: user.name,
});

constructor

new UserPolicyAttachment(name: string, args: UserPolicyAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a UserPolicyAttachment resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserPolicyAttachmentState, opts?: pulumi.CustomResourceOptions): UserPolicyAttachment

Get an existing UserPolicyAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is UserPolicyAttachment

Returns true if the given object is an instance of UserPolicyAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policyName

public policyName: pulumi.Output<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

public policyType: pulumi.Output<string>;

Type of the RAM policy. It must be Custom or System.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userName

public userName: pulumi.Output<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

Functions

Function getAccountAlias

getAccountAlias(args?: GetAccountAliasArgs, opts?: pulumi.InvokeOptions): Promise<GetAccountAliasResult>

Function getAccountAliases

getAccountAliases(args?: GetAccountAliasesArgs, opts?: pulumi.InvokeOptions): Promise<GetAccountAliasesResult>

This data source provides an alias for the Alibaba Cloud account.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const aliasDs = pulumi.output(alicloud.ram.getAccountAliases({
    outputFile: "alias.txt",
}, { async: true }));

export const accountAlias = aliasDs.accountAlias;

Function getGroups

getGroups(args?: GetGroupsArgs, opts?: pulumi.InvokeOptions): Promise<GetGroupsResult>

This data source provides a list of RAM Groups in an Alibaba Cloud account according to the specified filters.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const groupsDs = pulumi.output(alicloud.ram.getGroups({
    nameRegex: "^group[0-9]*",
    outputFile: "groups.txt",
    userName: "user1",
}, { async: true }));

export const firstGroupName = groupsDs.groups[0].name;

Function getPolicies

getPolicies(args?: GetPoliciesArgs, opts?: pulumi.InvokeOptions): Promise<GetPoliciesResult>

This data source provides a list of RAM policies in an Alibaba Cloud account according to the specified filters.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const policiesDs = pulumi.output(alicloud.ram.getPolicies({
    groupName: "group1",
    outputFile: "policies.txt",
    type: "System",
    userName: "user1",
}, { async: true }));

export const firstPolicyName = policiesDs.policies[0].name;

Function getRoles

getRoles(args?: GetRolesArgs, opts?: pulumi.InvokeOptions): Promise<GetRolesResult>

This data source provides a list of RAM Roles in an Alibaba Cloud account according to the specified filters.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const rolesDs = pulumi.output(alicloud.ram.getRoles({
    nameRegex: ".*test.*",
    outputFile: "roles.txt",
    policyName: "AliyunACSDefaultAccess",
    policyType: "Custom",
}, { async: true }));

export const firstRoleId = rolesDs.roles[0].id;

Function getUsers

getUsers(args?: GetUsersArgs, opts?: pulumi.InvokeOptions): Promise<GetUsersResult>

This data source provides a list of RAM users in an Alibaba Cloud account according to the specified filters.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const usersDs = pulumi.output(alicloud.ram.getUsers({
    groupName: "group1",
    nameRegex: "^user",
    outputFile: "users.txt",
    policyName: "AliyunACSDefaultAccess",
    policyType: "Custom",
}, { async: true }));

export const firstUserId = usersDs.users[0].id;

Others

interface AccessKeyArgs

interface AccessKeyArgs

The set of arguments for constructing a AccessKey resource.

property pgpKey

pgpKey?: pulumi.Input<string>;

Either a base-64 encoded PGP public key, or a keybase username in the form keybase:some_person_that_exists

property secretFile

secretFile?: pulumi.Input<string>;

The name of file that can save access key id and access key secret. Strongly suggest you to specified it when you creating access key, otherwise, you wouldn’t get its secret ever.

property status

status?: pulumi.Input<string>;

Status of access key. It must be Active or Inactive. Default value is Active.

property userName

userName?: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

interface AccessKeyState

interface AccessKeyState

Input properties used for looking up and filtering AccessKey resources.

property encryptedSecret

encryptedSecret?: pulumi.Input<string>;

property keyFingerprint

keyFingerprint?: pulumi.Input<string>;

The fingerprint of the PGP key used to encrypt the secret

property pgpKey

pgpKey?: pulumi.Input<string>;

Either a base-64 encoded PGP public key, or a keybase username in the form keybase:some_person_that_exists

property secretFile

secretFile?: pulumi.Input<string>;

The name of file that can save access key id and access key secret. Strongly suggest you to specified it when you creating access key, otherwise, you wouldn’t get its secret ever.

property status

status?: pulumi.Input<string>;

Status of access key. It must be Active or Inactive. Default value is Active.

property userName

userName?: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

interface AccountAliasArgs

interface AccountAliasArgs

The set of arguments for constructing a AccountAlias resource.

property accountAlias

accountAlias: pulumi.Input<string>;

Alias of cloud account. This name can have a string of 3 to 32 characters, must contain only alphanumeric characters or hyphens, such as “-”, and must not begin with a hyphen.

interface AccountAliasState

interface AccountAliasState

Input properties used for looking up and filtering AccountAlias resources.

property accountAlias

accountAlias?: pulumi.Input<string>;

Alias of cloud account. This name can have a string of 3 to 32 characters, must contain only alphanumeric characters or hyphens, such as “-”, and must not begin with a hyphen.

interface AccountPasswordPolicyArgs

interface AccountPasswordPolicyArgs

The set of arguments for constructing a AccountPasswordPolicy resource.

property hardExpiry

hardExpiry?: pulumi.Input<boolean>;

Specifies if a password can expire in a hard way. Default to false.

property maxLoginAttempts

maxLoginAttempts?: pulumi.Input<number>;

Maximum logon attempts with an incorrect password within an hour. Valid value range: [0-32]. Default to 5.

property maxPasswordAge

maxPasswordAge?: pulumi.Input<number>;

The number of days after which password expires. A value of 0 indicates that the password never expires. Valid value range: [0-1095]. Default to 0.

property minimumPasswordLength

minimumPasswordLength?: pulumi.Input<number>;

Minimal required length of password for a user. Valid value range: [8-32]. Default to 12.

property passwordReusePrevention

passwordReusePrevention?: pulumi.Input<number>;

User is not allowed to use the latest number of passwords specified in this parameter. A value of 0 indicates the password history check policy is disabled. Valid value range: [0-24]. Default to 0.

property requireLowercaseCharacters

requireLowercaseCharacters?: pulumi.Input<boolean>;

Specifies if the occurrence of a lowercase character in the password is mandatory. Default to true.

property requireNumbers

requireNumbers?: pulumi.Input<boolean>;

Specifies if the occurrence of a number in the password is mandatory. Default to true.

property requireSymbols

requireSymbols?: pulumi.Input<boolean>;

(Optional Specifies if the occurrence of a special character in the password is mandatory. Default to true.

property requireUppercaseCharacters

requireUppercaseCharacters?: pulumi.Input<boolean>;

Specifies if the occurrence of an uppercase character in the password is mandatory. Default to true.

interface AccountPasswordPolicyState

interface AccountPasswordPolicyState

Input properties used for looking up and filtering AccountPasswordPolicy resources.

property hardExpiry

hardExpiry?: pulumi.Input<boolean>;

Specifies if a password can expire in a hard way. Default to false.

property maxLoginAttempts

maxLoginAttempts?: pulumi.Input<number>;

Maximum logon attempts with an incorrect password within an hour. Valid value range: [0-32]. Default to 5.

property maxPasswordAge

maxPasswordAge?: pulumi.Input<number>;

The number of days after which password expires. A value of 0 indicates that the password never expires. Valid value range: [0-1095]. Default to 0.

property minimumPasswordLength

minimumPasswordLength?: pulumi.Input<number>;

Minimal required length of password for a user. Valid value range: [8-32]. Default to 12.

property passwordReusePrevention

passwordReusePrevention?: pulumi.Input<number>;

User is not allowed to use the latest number of passwords specified in this parameter. A value of 0 indicates the password history check policy is disabled. Valid value range: [0-24]. Default to 0.

property requireLowercaseCharacters

requireLowercaseCharacters?: pulumi.Input<boolean>;

Specifies if the occurrence of a lowercase character in the password is mandatory. Default to true.

property requireNumbers

requireNumbers?: pulumi.Input<boolean>;

Specifies if the occurrence of a number in the password is mandatory. Default to true.

property requireSymbols

requireSymbols?: pulumi.Input<boolean>;

(Optional Specifies if the occurrence of a special character in the password is mandatory. Default to true.

property requireUppercaseCharacters

requireUppercaseCharacters?: pulumi.Input<boolean>;

Specifies if the occurrence of an uppercase character in the password is mandatory. Default to true.

interface AliasArgs

interface AliasArgs

The set of arguments for constructing a Alias resource.

property accountAlias

accountAlias: pulumi.Input<string>;

interface AliasState

interface AliasState

Input properties used for looking up and filtering Alias resources.

property accountAlias

accountAlias?: pulumi.Input<string>;

interface GetAccountAliasArgs

interface GetAccountAliasArgs

A collection of arguments for invoking getAccountAlias.

property outputFile

outputFile?: undefined | string;

interface GetAccountAliasesArgs

interface GetAccountAliasesArgs

A collection of arguments for invoking getAccountAliases.

property outputFile

outputFile?: undefined | string;

interface GetAccountAliasesResult

interface GetAccountAliasesResult

A collection of values returned by getAccountAliases.

property accountAlias

accountAlias: string;

Alias of the account.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property outputFile

outputFile?: undefined | string;

interface GetAccountAliasResult

interface GetAccountAliasResult

A collection of values returned by getAccountAlias.

property accountAlias

accountAlias: string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property outputFile

outputFile?: undefined | string;

interface GetGroupsArgs

interface GetGroupsArgs

A collection of arguments for invoking getGroups.

property nameRegex

nameRegex?: undefined | string;

A regex string to filter the returned groups by their names.

property outputFile

outputFile?: undefined | string;

property policyName

policyName?: undefined | string;

Filter the results by a specific policy name. If you set this parameter without setting policyType, it will be automatically set to System.

property policyType

policyType?: undefined | string;

Filter the results by a specific policy type. Valid items are Custom and System. If you set this parameter, you must set policyName as well.

property userName

userName?: undefined | string;

Filter the results by a specific the user name.

interface GetGroupsResult

interface GetGroupsResult

A collection of values returned by getGroups.

property groups

groups: GetGroupsGroup[];

A list of groups. Each element contains the following attributes:

property id

id: string;

The provider-assigned unique ID for this managed resource.

property nameRegex

nameRegex?: undefined | string;

property names

names: string[];

A list of ram group names.

property outputFile

outputFile?: undefined | string;

property policyName

policyName?: undefined | string;

property policyType

policyType?: undefined | string;

property userName

userName?: undefined | string;

interface GetPoliciesArgs

interface GetPoliciesArgs

A collection of arguments for invoking getPolicies.

property groupName

groupName?: undefined | string;

Filter results by a specific group name. Returned policies are attached to the specified group.

property nameRegex

nameRegex?: undefined | string;

A regex string to filter resulting policies by name.

property outputFile

outputFile?: undefined | string;

property roleName

roleName?: undefined | string;

Filter results by a specific role name. Returned policies are attached to the specified role.

property type

type?: undefined | string;

Filter results by a specific policy type. Valid values are Custom and System.

property userName

userName?: undefined | string;

Filter results by a specific user name. Returned policies are attached to the specified user.

interface GetPoliciesResult

interface GetPoliciesResult

A collection of values returned by getPolicies.

property groupName

groupName?: undefined | string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property nameRegex

nameRegex?: undefined | string;

property names

names: string[];

A list of ram group names.

property outputFile

outputFile?: undefined | string;

property policies

policies: GetPoliciesPolicy[];

A list of policies. Each element contains the following attributes:

property roleName

roleName?: undefined | string;

property type

type?: undefined | string;

Type of the policy.

property userName

userName?: undefined | string;

interface GetRolesArgs

interface GetRolesArgs

A collection of arguments for invoking getRoles.

property ids

ids?: string[];

A list of ram role IDs.

property nameRegex

nameRegex?: undefined | string;

A regex string to filter results by the role name.

property outputFile

outputFile?: undefined | string;

property policyName

policyName?: undefined | string;

Filter results by a specific policy name. If you set this parameter without setting policyType, the later will be automatically set to System. The resulting roles will be attached to the specified policy.

property policyType

policyType?: undefined | string;

Filter results by a specific policy type. Valid values are Custom and System. If you set this parameter, you must set policyName as well.

interface GetRolesResult

interface GetRolesResult

A collection of values returned by getRoles.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property ids

ids: string[];

A list of ram role IDs.

property nameRegex

nameRegex?: undefined | string;

property names

names: string[];

A list of ram role names.

property outputFile

outputFile?: undefined | string;

property policyName

policyName?: undefined | string;

property policyType

policyType?: undefined | string;

property roles

roles: GetRolesRole[];

A list of roles. Each element contains the following attributes:

interface GetUsersArgs

interface GetUsersArgs

A collection of arguments for invoking getUsers.

property groupName

groupName?: undefined | string;

Filter results by a specific group name. Returned users are in the specified group.

property ids

ids?: string[];

A list of ram user IDs.

property nameRegex

nameRegex?: undefined | string;

A regex string to filter resulting users by their names.

property outputFile

outputFile?: undefined | string;

property policyName

policyName?: undefined | string;

Filter results by a specific policy name. If you set this parameter without setting policyType, the later will be automatically set to System. Returned users are attached to the specified policy.

property policyType

policyType?: undefined | string;

Filter results by a specific policy type. Valid values are Custom and System. If you set this parameter, you must set policyName as well.

interface GetUsersResult

interface GetUsersResult

A collection of values returned by getUsers.

property groupName

groupName?: undefined | string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property ids

ids: string[];

A list of ram user IDs.

property nameRegex

nameRegex?: undefined | string;

property names

names: string[];

A list of ram user names.

property outputFile

outputFile?: undefined | string;

property policyName

policyName?: undefined | string;

property policyType

policyType?: undefined | string;

property users

users: GetUsersUser[];

A list of users. Each element contains the following attributes:

interface GroupArgs

interface GroupArgs

The set of arguments for constructing a Group resource.

property comments

comments?: pulumi.Input<string>;

Comment of the RAM group. This parameter can have a string of 1 to 128 characters.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property name

name?: pulumi.Input<string>;

Name of the RAM group. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

interface GroupMembershipArgs

interface GroupMembershipArgs

The set of arguments for constructing a GroupMembership resource.

property groupName

groupName: pulumi.Input<string>;

Name of the RAM group. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property userNames

userNames: pulumi.Input<pulumi.Input<string>[]>;

interface GroupMembershipState

interface GroupMembershipState

Input properties used for looking up and filtering GroupMembership resources.

property groupName

groupName?: pulumi.Input<string>;

Name of the RAM group. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property userNames

userNames?: pulumi.Input<pulumi.Input<string>[]>;

interface GroupPolicyAttachmentArgs

interface GroupPolicyAttachmentArgs

The set of arguments for constructing a GroupPolicyAttachment resource.

property groupName

groupName: pulumi.Input<string>;

Name of the RAM group. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyName

policyName: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

policyType: pulumi.Input<string>;

Type of the RAM policy. It must be Custom or System.

interface GroupPolicyAttachmentState

interface GroupPolicyAttachmentState

Input properties used for looking up and filtering GroupPolicyAttachment resources.

property groupName

groupName?: pulumi.Input<string>;

Name of the RAM group. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyName

policyName?: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

policyType?: pulumi.Input<string>;

Type of the RAM policy. It must be Custom or System.

interface GroupState

interface GroupState

Input properties used for looking up and filtering Group resources.

property comments

comments?: pulumi.Input<string>;

Comment of the RAM group. This parameter can have a string of 1 to 128 characters.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property name

name?: pulumi.Input<string>;

Name of the RAM group. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

interface LoginProfileArgs

interface LoginProfileArgs

The set of arguments for constructing a LoginProfile resource.

property mfaBindRequired

mfaBindRequired?: pulumi.Input<boolean>;

This parameter indicates whether the MFA needs to be bind when the user first logs in. Default value is false.

property password

password: pulumi.Input<string>;

Password of the RAM user.

property passwordResetRequired

passwordResetRequired?: pulumi.Input<boolean>;

This parameter indicates whether the password needs to be reset when the user first logs in. Default value is false.

property userName

userName: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

interface LoginProfileState

interface LoginProfileState

Input properties used for looking up and filtering LoginProfile resources.

property mfaBindRequired

mfaBindRequired?: pulumi.Input<boolean>;

This parameter indicates whether the MFA needs to be bind when the user first logs in. Default value is false.

property password

password?: pulumi.Input<string>;

Password of the RAM user.

property passwordResetRequired

passwordResetRequired?: pulumi.Input<boolean>;

This parameter indicates whether the password needs to be reset when the user first logs in. Default value is false.

property userName

userName?: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

interface PolicyArgs

interface PolicyArgs

The set of arguments for constructing a Policy resource.

property description

description?: pulumi.Input<string>;

Description of the RAM policy. This name can have a string of 1 to 1024 characters.

property document

document?: pulumi.Input<string>;

Document of the RAM policy. It is required when the statement is not specified.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property name

name?: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property statements

DEPRECATED Field 'statement' has been deprecated from version 1.49.0, and use field 'document' to replace.

statements?: pulumi.Input<pulumi.Input<PolicyStatement>[]>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Statements of the RAM policy document. It is required when the document is not specified.

property version

DEPRECATED Field 'version' has been deprecated from version 1.49.0, and use field 'document' to replace.

version?: pulumi.Input<string>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM policy document. Valid value is 1. Default value is 1.

interface PolicyState

interface PolicyState

Input properties used for looking up and filtering Policy resources.

property attachmentCount

attachmentCount?: pulumi.Input<number>;

The policy attachment count.

property description

description?: pulumi.Input<string>;

Description of the RAM policy. This name can have a string of 1 to 1024 characters.

property document

document?: pulumi.Input<string>;

Document of the RAM policy. It is required when the statement is not specified.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property name

name?: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property statements

DEPRECATED Field 'statement' has been deprecated from version 1.49.0, and use field 'document' to replace.

statements?: pulumi.Input<pulumi.Input<PolicyStatement>[]>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Statements of the RAM policy document. It is required when the document is not specified.

property type

type?: pulumi.Input<string>;

The policy type.

property version

DEPRECATED Field 'version' has been deprecated from version 1.49.0, and use field 'document' to replace.

version?: pulumi.Input<string>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM policy document. Valid value is 1. Default value is 1.

interface RoleArgs

interface RoleArgs

The set of arguments for constructing a Role resource.

property description

description?: pulumi.Input<string>;

Description of the RAM role. This name can have a string of 1 to 1024 characters.

property document

document?: pulumi.Input<string>;

Authorization strategy of the RAM role. It is required when the services and ramUsers are not specified.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property name

name?: pulumi.Input<string>;

Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

property ramUsers

DEPRECATED Field 'ram_users' has been deprecated from version 1.49.0, and use field 'document' to replace.

ramUsers?: pulumi.Input<pulumi.Input<string>[]>;

property services

DEPRECATED Field 'services' has been deprecated from version 1.49.0, and use field 'document' to replace.

services?: pulumi.Input<pulumi.Input<string>[]>;

property version

DEPRECATED Field 'version' has been deprecated from version 1.49.0, and use field 'document' to replace.

version?: pulumi.Input<string>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is 1. Default value is 1.

interface RoleAttachmentArgs

interface RoleAttachmentArgs

The set of arguments for constructing a RoleAttachment resource.

property instanceIds

instanceIds: pulumi.Input<pulumi.Input<string>[]>;

The list of ECS instance’s IDs.

property roleName

roleName: pulumi.Input<string>;

The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

interface RoleAttachmentState

interface RoleAttachmentState

Input properties used for looking up and filtering RoleAttachment resources.

property instanceIds

instanceIds?: pulumi.Input<pulumi.Input<string>[]>;

The list of ECS instance’s IDs.

property roleName

roleName?: pulumi.Input<string>;

The name of role used to bind. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

interface RolePolicyAttachmentArgs

interface RolePolicyAttachmentArgs

The set of arguments for constructing a RolePolicyAttachment resource.

property policyName

policyName: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

policyType: pulumi.Input<string>;

Type of the RAM policy. It must be Custom or System.

property roleName

roleName: pulumi.Input<string>;

Name of the RAM Role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

interface RolePolicyAttachmentState

interface RolePolicyAttachmentState

Input properties used for looking up and filtering RolePolicyAttachment resources.

property policyName

policyName?: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

policyType?: pulumi.Input<string>;

Type of the RAM policy. It must be Custom or System.

property roleName

roleName?: pulumi.Input<string>;

Name of the RAM Role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

interface RoleState

interface RoleState

Input properties used for looking up and filtering Role resources.

property arn

arn?: pulumi.Input<string>;

The role arn.

property description

description?: pulumi.Input<string>;

Description of the RAM role. This name can have a string of 1 to 1024 characters.

property document

document?: pulumi.Input<string>;

Authorization strategy of the RAM role. It is required when the services and ramUsers are not specified.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property name

name?: pulumi.Input<string>;

Name of the RAM role. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”, “_“, and must not begin with a hyphen.

property ramUsers

DEPRECATED Field 'ram_users' has been deprecated from version 1.49.0, and use field 'document' to replace.

ramUsers?: pulumi.Input<pulumi.Input<string>[]>;

property roleId

roleId?: pulumi.Input<string>;

The role ID.

property services

DEPRECATED Field 'services' has been deprecated from version 1.49.0, and use field 'document' to replace.

services?: pulumi.Input<pulumi.Input<string>[]>;

property version

DEPRECATED Field 'version' has been deprecated from version 1.49.0, and use field 'document' to replace.

version?: pulumi.Input<string>;

(It has been deprecated from version 1.49.0, and use field ‘document’ to replace.) Version of the RAM role policy document. Valid value is 1. Default value is 1.

interface UserArgs

interface UserArgs

The set of arguments for constructing a User resource.

property comments

comments?: pulumi.Input<string>;

Comment of the RAM user. This parameter can have a string of 1 to 128 characters.

property displayName

displayName?: pulumi.Input<string>;

property email

email?: pulumi.Input<string>;

Email of the RAM user.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property mobile

mobile?: pulumi.Input<string>;

Phone number of the RAM user. This number must contain an international area code prefix, just look like this: 86-18600008888.

property name

name?: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

interface UserPolicyAttachmentArgs

interface UserPolicyAttachmentArgs

The set of arguments for constructing a UserPolicyAttachment resource.

property policyName

policyName: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

policyType: pulumi.Input<string>;

Type of the RAM policy. It must be Custom or System.

property userName

userName: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

interface UserPolicyAttachmentState

interface UserPolicyAttachmentState

Input properties used for looking up and filtering UserPolicyAttachment resources.

property policyName

policyName?: pulumi.Input<string>;

Name of the RAM policy. This name can have a string of 1 to 128 characters, must contain only alphanumeric characters or hyphen “-”, and must not begin with a hyphen.

property policyType

policyType?: pulumi.Input<string>;

Type of the RAM policy. It must be Custom or System.

property userName

userName?: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

interface UserState

interface UserState

Input properties used for looking up and filtering User resources.

property comments

comments?: pulumi.Input<string>;

Comment of the RAM user. This parameter can have a string of 1 to 128 characters.

property displayName

displayName?: pulumi.Input<string>;

property email

email?: pulumi.Input<string>;

Email of the RAM user.

property force

force?: pulumi.Input<boolean>;

This parameter is used for resource destroy. Default value is false.

property mobile

mobile?: pulumi.Input<string>;

Phone number of the RAM user. This number must contain an international area code prefix, just look like this: 86-18600008888.

property name

name?: pulumi.Input<string>;

Name of the RAM user. This name can have a string of 1 to 64 characters, must contain only alphanumeric characters or hyphens, such as “-”,“.”,”_“, and must not begin with a hyphen.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

Module ram

Resources

Functions

Others

Resources

Example Usage

Example Usage

Example Usage

Example Usage

Example Usage

Example Usage

Example Usage