1.1.1 • Published 4 years ago

@sophosoft/pulumi-aws-iamrole v1.1.1

Weekly downloads
-
License
MIT
Repository
gitlab
Last release
4 years ago

Pulumi IAM Role

Pulumi Component for AWS IAM Roles

description

This component aggregates related IAM Role resources, such as an assume role policy, inline and attached policies, and instance profiles. The inline policies are expressed as a map, with policy names as the keys. Attached policies require valid ARNs. If the defined principals include the Ec2Principal, an instance profile will automatically be generated.

AWS limits roles to a maximum of 10 attached policies.

install

npm i @sophosoft/pulumi-aws-iamrole

usage

import { IamRole } from "@sophosoft/pulumi-aws-iamrole"
import { Ec2Principal, LambdaPrincipal, AmazonCognitoReadOnly, EcsPrincipal } from "@pulumi/aws/iam"

export const ec2Role = new IamRole('ec2', {
    name: 'ec2-test',
    principals: [Ec2Principal, EcsPrincipal],
    inlinePolicies: {
        test: {
            Version: "2012-10-17",
            Statement: [{
                Action: ["s3:GetObject"],
                Effect: "Allow"
            }]
        }
    }
})

export const lambdaRole = new IamRole('lambda', {
    name: 'lambda-test',
    principals: [LambdaPrincipal, { AWS: ['111122223333', '222233334444'] }],
    attachedPolicyArns: [AmazonCognitoReadOnly],
    tags: {
        Application: 'test-lambda'
    }
})

constructor

new IamRole(name: string, config: IamRoleOptions, opts?: pulumi.ComponentResourceOptions)

property arn

public arn: pulumi.Output<string>

property id

public id: pulumi.Output<string>

property name

public name: pulumi.Output<string>

property role

public readonly role: aws.iam.Role

property policies

public readonly policies: aws.iam.RolePolicy[]

property attachments

public readonly attachments: aws.iam.PolicyAttachment[]

property profile

public readonly profile?: aws.iam.InstanceProfile | undefined

interface IamRoleOptions

PropertyTypeDescription
attachedPolicyArnsstring[] | undefinedOptional list of policy arns to attach
descriptionstring | undefinedOptional role description
inlinePolicies{[key: string]: PolicyDocument} | undefinedOptional map of PolicyDocuments
namestringA role name
principalsPrincipal[]A list of assume-role principals
tags{[key: string]: any} | undefinedOptional tags
pulumicomponentawsiamroletypescript
@infinitebrahmanuniverse/nolb-_sop@everything-registry/sub-chunk-853
1.1.1

4 years ago

1.1.0

4 years ago

1.0.1

4 years ago