1. Packages
  2. Alks Provider
  3. API Docs
  4. Iamtrustrole
alks 2.8.2 published on Monday, Apr 14, 2025 by cox-automotive

alks.Iamtrustrole

Explore with Pulumi AI

# Resource: alks.Iamtrustrole

Creates an IAM trust role on AWS.

Example Usage

ALKS IAM Role Creation

import * as pulumi from "@pulumi/pulumi";
import * as alks from "@pulumi/alks";

const testTrustRole = new alks.Iamtrustrole("testTrustRole", {
    enableAlksAccess: false,
    trustArn: "arn:aws:iam::123456789123:role/acct-managed/TestTrustRole",
    type: "Cross Account",
});
Copy
import pulumi
import pulumi_alks as alks

test_trust_role = alks.Iamtrustrole("testTrustRole",
    enable_alks_access=False,
    trust_arn="arn:aws:iam::123456789123:role/acct-managed/TestTrustRole",
    type="Cross Account")
Copy
package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/alks/v2/alks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := alks.NewIamtrustrole(ctx, "testTrustRole", &alks.IamtrustroleArgs{
			EnableAlksAccess: pulumi.Bool(false),
			TrustArn:         pulumi.String("arn:aws:iam::123456789123:role/acct-managed/TestTrustRole"),
			Type:             pulumi.String("Cross Account"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Alks = Pulumi.Alks;

return await Deployment.RunAsync(() => 
{
    var testTrustRole = new Alks.Iamtrustrole("testTrustRole", new()
    {
        EnableAlksAccess = false,
        TrustArn = "arn:aws:iam::123456789123:role/acct-managed/TestTrustRole",
        Type = "Cross Account",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alks.Iamtrustrole;
import com.pulumi.alks.IamtrustroleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testTrustRole = new Iamtrustrole("testTrustRole", IamtrustroleArgs.builder()
            .enableAlksAccess(false)
            .trustArn("arn:aws:iam::123456789123:role/acct-managed/TestTrustRole")
            .type("Cross Account")
            .build());

    }
}
Copy
resources:
  testTrustRole:
    type: alks:Iamtrustrole
    properties:
      enableAlksAccess: false
      # type                   = "Inner Account"
      trustArn: arn:aws:iam::123456789123:role/acct-managed/TestTrustRole
      type: Cross Account
Copy

ALKS IAM Role Creation With Tags

import * as pulumi from "@pulumi/pulumi";
import * as alks from "@pulumi/alks";

const testRole = new alks.Iamrole("testRole", {
    enableAlksAccess: false,
    includeDefaultPolicies: false,
    tags: {
        tagKey: "tagValue",
    },
    type: "Amazon EC2",
});
Copy
import pulumi
import pulumi_alks as alks

test_role = alks.Iamrole("testRole",
    enable_alks_access=False,
    include_default_policies=False,
    tags={
        "tagKey": "tagValue",
    },
    type="Amazon EC2")
Copy
package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/alks/v2/alks"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := alks.NewIamrole(ctx, "testRole", &alks.IamroleArgs{
			EnableAlksAccess:       pulumi.Bool(false),
			IncludeDefaultPolicies: pulumi.Bool(false),
			Tags: pulumi.StringMap{
				"tagKey": pulumi.String("tagValue"),
			},
			Type: pulumi.String("Amazon EC2"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Alks = Pulumi.Alks;

return await Deployment.RunAsync(() => 
{
    var testRole = new Alks.Iamrole("testRole", new()
    {
        EnableAlksAccess = false,
        IncludeDefaultPolicies = false,
        Tags = 
        {
            { "tagKey", "tagValue" },
        },
        Type = "Amazon EC2",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alks.Iamrole;
import com.pulumi.alks.IamroleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testRole = new Iamrole("testRole", IamroleArgs.builder()
            .enableAlksAccess(false)
            .includeDefaultPolicies(false)
            .tags(Map.of("tagKey", "tagValue"))
            .type("Amazon EC2")
            .build());

    }
}
Copy
resources:
  testRole:
    type: alks:Iamrole
    properties:
      enableAlksAccess: false
      includeDefaultPolicies: false
      tags:
        tagKey: tagValue
      type: Amazon EC2
Copy

Create Iamtrustrole Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Iamtrustrole(name: string, args: IamtrustroleArgs, opts?: CustomResourceOptions);
@overload
def Iamtrustrole(resource_name: str,
                 args: IamtrustroleArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def Iamtrustrole(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 trust_arn: Optional[str] = None,
                 type: Optional[str] = None,
                 enable_alks_access: Optional[bool] = None,
                 iamtrustrole_id: Optional[str] = None,
                 max_session_duration_in_seconds: Optional[float] = None,
                 name: Optional[str] = None,
                 name_prefix: Optional[str] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 tags_all: Optional[Mapping[str, str]] = None)
func NewIamtrustrole(ctx *Context, name string, args IamtrustroleArgs, opts ...ResourceOption) (*Iamtrustrole, error)
public Iamtrustrole(string name, IamtrustroleArgs args, CustomResourceOptions? opts = null)
public Iamtrustrole(String name, IamtrustroleArgs args)
public Iamtrustrole(String name, IamtrustroleArgs args, CustomResourceOptions options)
type: alks:Iamtrustrole
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. IamtrustroleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. IamtrustroleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. IamtrustroleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. IamtrustroleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. IamtrustroleArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var iamtrustroleResource = new Alks.Iamtrustrole("iamtrustroleResource", new()
{
    TrustArn = "string",
    Type = "string",
    EnableAlksAccess = false,
    IamtrustroleId = "string",
    MaxSessionDurationInSeconds = 0,
    Name = "string",
    NamePrefix = "string",
    Tags = 
    {
        { "string", "string" },
    },
    TagsAll = 
    {
        { "string", "string" },
    },
});
Copy
example, err := alks.NewIamtrustrole(ctx, "iamtrustroleResource", &alks.IamtrustroleArgs{
	TrustArn:                    pulumi.String("string"),
	Type:                        pulumi.String("string"),
	EnableAlksAccess:            pulumi.Bool(false),
	IamtrustroleId:              pulumi.String("string"),
	MaxSessionDurationInSeconds: pulumi.Float64(0),
	Name:                        pulumi.String("string"),
	NamePrefix:                  pulumi.String("string"),
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	TagsAll: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
})
Copy
var iamtrustroleResource = new Iamtrustrole("iamtrustroleResource", IamtrustroleArgs.builder()
    .trustArn("string")
    .type("string")
    .enableAlksAccess(false)
    .iamtrustroleId("string")
    .maxSessionDurationInSeconds(0)
    .name("string")
    .namePrefix("string")
    .tags(Map.of("string", "string"))
    .tagsAll(Map.of("string", "string"))
    .build());
Copy
iamtrustrole_resource = alks.Iamtrustrole("iamtrustroleResource",
    trust_arn="string",
    type="string",
    enable_alks_access=False,
    iamtrustrole_id="string",
    max_session_duration_in_seconds=0,
    name="string",
    name_prefix="string",
    tags={
        "string": "string",
    },
    tags_all={
        "string": "string",
    })
Copy
const iamtrustroleResource = new alks.Iamtrustrole("iamtrustroleResource", {
    trustArn: "string",
    type: "string",
    enableAlksAccess: false,
    iamtrustroleId: "string",
    maxSessionDurationInSeconds: 0,
    name: "string",
    namePrefix: "string",
    tags: {
        string: "string",
    },
    tagsAll: {
        string: "string",
    },
});
Copy
type: alks:Iamtrustrole
properties:
    enableAlksAccess: false
    iamtrustroleId: string
    maxSessionDurationInSeconds: 0
    name: string
    namePrefix: string
    tags:
        string: string
    tagsAll:
        string: string
    trustArn: string
    type: string
Copy

Iamtrustrole Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Iamtrustrole resource accepts the following input properties:

TrustArn This property is required. string
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
Type This property is required. string
The role type to use Cross Account or Inner Account.
EnableAlksAccess bool
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
IamtrustroleId string
MaxSessionDurationInSeconds double
If present, will set maximum duration for role. Change forces re-creation of resource.
Name string
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
NamePrefix string
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
Tags Dictionary<string, string>
If present, will add specified tags onto role.
TagsAll Dictionary<string, string>
TrustArn This property is required. string
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
Type This property is required. string
The role type to use Cross Account or Inner Account.
EnableAlksAccess bool
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
IamtrustroleId string
MaxSessionDurationInSeconds float64
If present, will set maximum duration for role. Change forces re-creation of resource.
Name string
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
NamePrefix string
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
Tags map[string]string
If present, will add specified tags onto role.
TagsAll map[string]string
trustArn This property is required. String
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type This property is required. String
The role type to use Cross Account or Inner Account.
enableAlksAccess Boolean
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustroleId String
maxSessionDurationInSeconds Double
If present, will set maximum duration for role. Change forces re-creation of resource.
name String
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
namePrefix String
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
tags Map<String,String>
If present, will add specified tags onto role.
tagsAll Map<String,String>
trustArn This property is required. string
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type This property is required. string
The role type to use Cross Account or Inner Account.
enableAlksAccess boolean
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustroleId string
maxSessionDurationInSeconds number
If present, will set maximum duration for role. Change forces re-creation of resource.
name string
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
namePrefix string
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
tags {[key: string]: string}
If present, will add specified tags onto role.
tagsAll {[key: string]: string}
trust_arn This property is required. str
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type This property is required. str
The role type to use Cross Account or Inner Account.
enable_alks_access bool
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustrole_id str
max_session_duration_in_seconds float
If present, will set maximum duration for role. Change forces re-creation of resource.
name str
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
name_prefix str
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
tags Mapping[str, str]
If present, will add specified tags onto role.
tags_all Mapping[str, str]
trustArn This property is required. String
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type This property is required. String
The role type to use Cross Account or Inner Account.
enableAlksAccess Boolean
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustroleId String
maxSessionDurationInSeconds Number
If present, will set maximum duration for role. Change forces re-creation of resource.
name String
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
namePrefix String
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
tags Map<String>
If present, will add specified tags onto role.
tagsAll Map<String>

Outputs

All input properties are implicitly available as output properties. Additionally, the Iamtrustrole resource produces the following output properties:

Arn string
Provides the ARN of the role that was created.
Id string
The provider-assigned unique ID for this managed resource.
IpArn string
If role_added_to_ip was true this will provide the ARN of the instance profile role.
RoleAddedToIp bool
Indicates whether or not an instance profile role was created.
Arn string
Provides the ARN of the role that was created.
Id string
The provider-assigned unique ID for this managed resource.
IpArn string
If role_added_to_ip was true this will provide the ARN of the instance profile role.
RoleAddedToIp bool
Indicates whether or not an instance profile role was created.
arn String
Provides the ARN of the role that was created.
id String
The provider-assigned unique ID for this managed resource.
ipArn String
If role_added_to_ip was true this will provide the ARN of the instance profile role.
roleAddedToIp Boolean
Indicates whether or not an instance profile role was created.
arn string
Provides the ARN of the role that was created.
id string
The provider-assigned unique ID for this managed resource.
ipArn string
If role_added_to_ip was true this will provide the ARN of the instance profile role.
roleAddedToIp boolean
Indicates whether or not an instance profile role was created.
arn str
Provides the ARN of the role that was created.
id str
The provider-assigned unique ID for this managed resource.
ip_arn str
If role_added_to_ip was true this will provide the ARN of the instance profile role.
role_added_to_ip bool
Indicates whether or not an instance profile role was created.
arn String
Provides the ARN of the role that was created.
id String
The provider-assigned unique ID for this managed resource.
ipArn String
If role_added_to_ip was true this will provide the ARN of the instance profile role.
roleAddedToIp Boolean
Indicates whether or not an instance profile role was created.

Look up Existing Iamtrustrole Resource

Get an existing Iamtrustrole resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IamtrustroleState, opts?: CustomResourceOptions): Iamtrustrole
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        arn: Optional[str] = None,
        enable_alks_access: Optional[bool] = None,
        iamtrustrole_id: Optional[str] = None,
        ip_arn: Optional[str] = None,
        max_session_duration_in_seconds: Optional[float] = None,
        name: Optional[str] = None,
        name_prefix: Optional[str] = None,
        role_added_to_ip: Optional[bool] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        trust_arn: Optional[str] = None,
        type: Optional[str] = None) -> Iamtrustrole
func GetIamtrustrole(ctx *Context, name string, id IDInput, state *IamtrustroleState, opts ...ResourceOption) (*Iamtrustrole, error)
public static Iamtrustrole Get(string name, Input<string> id, IamtrustroleState? state, CustomResourceOptions? opts = null)
public static Iamtrustrole get(String name, Output<String> id, IamtrustroleState state, CustomResourceOptions options)
resources:  _:    type: alks:Iamtrustrole    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Arn string
Provides the ARN of the role that was created.
EnableAlksAccess bool
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
IamtrustroleId string
IpArn string
If role_added_to_ip was true this will provide the ARN of the instance profile role.
MaxSessionDurationInSeconds double
If present, will set maximum duration for role. Change forces re-creation of resource.
Name string
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
NamePrefix string
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
RoleAddedToIp bool
Indicates whether or not an instance profile role was created.
Tags Dictionary<string, string>
If present, will add specified tags onto role.
TagsAll Dictionary<string, string>
TrustArn string
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
Type string
The role type to use Cross Account or Inner Account.
Arn string
Provides the ARN of the role that was created.
EnableAlksAccess bool
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
IamtrustroleId string
IpArn string
If role_added_to_ip was true this will provide the ARN of the instance profile role.
MaxSessionDurationInSeconds float64
If present, will set maximum duration for role. Change forces re-creation of resource.
Name string
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
NamePrefix string
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
RoleAddedToIp bool
Indicates whether or not an instance profile role was created.
Tags map[string]string
If present, will add specified tags onto role.
TagsAll map[string]string
TrustArn string
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
Type string
The role type to use Cross Account or Inner Account.
arn String
Provides the ARN of the role that was created.
enableAlksAccess Boolean
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustroleId String
ipArn String
If role_added_to_ip was true this will provide the ARN of the instance profile role.
maxSessionDurationInSeconds Double
If present, will set maximum duration for role. Change forces re-creation of resource.
name String
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
namePrefix String
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
roleAddedToIp Boolean
Indicates whether or not an instance profile role was created.
tags Map<String,String>
If present, will add specified tags onto role.
tagsAll Map<String,String>
trustArn String
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type String
The role type to use Cross Account or Inner Account.
arn string
Provides the ARN of the role that was created.
enableAlksAccess boolean
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustroleId string
ipArn string
If role_added_to_ip was true this will provide the ARN of the instance profile role.
maxSessionDurationInSeconds number
If present, will set maximum duration for role. Change forces re-creation of resource.
name string
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
namePrefix string
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
roleAddedToIp boolean
Indicates whether or not an instance profile role was created.
tags {[key: string]: string}
If present, will add specified tags onto role.
tagsAll {[key: string]: string}
trustArn string
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type string
The role type to use Cross Account or Inner Account.
arn str
Provides the ARN of the role that was created.
enable_alks_access bool
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustrole_id str
ip_arn str
If role_added_to_ip was true this will provide the ARN of the instance profile role.
max_session_duration_in_seconds float
If present, will set maximum duration for role. Change forces re-creation of resource.
name str
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
name_prefix str
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
role_added_to_ip bool
Indicates whether or not an instance profile role was created.
tags Mapping[str, str]
If present, will add specified tags onto role.
tags_all Mapping[str, str]
trust_arn str
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type str
The role type to use Cross Account or Inner Account.
arn String
Provides the ARN of the role that was created.
enableAlksAccess Boolean
If true, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables machine identity capability.
iamtrustroleId String
ipArn String
If role_added_to_ip was true this will provide the ARN of the instance profile role.
maxSessionDurationInSeconds Number
If present, will set maximum duration for role. Change forces re-creation of resource.
name String
The name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
namePrefix String
A prefix for a generated name of the IAM role to create. This parameter allows a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: =,.@-. Role names are not distinguished by case.
roleAddedToIp Boolean
Indicates whether or not an instance profile role was created.
tags Map<String>
If present, will add specified tags onto role.
tagsAll Map<String>
trustArn String
Account role ARN to trust.

  • Note: This only allows ONE account role ARN. This is an intended security control by CAI.
type String
The role type to use Cross Account or Inner Account.

Import

!> Warning: This will force-replace the resource.

ALKS IAM trust roles can be imported using the name, e.g.

$ pulumi import alks:index/iamtrustrole:Iamtrustrole test_trust_role My_Cross_Test_Role
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
alks cox-automotive/terraform-provider-alks
License
Notes
This Pulumi package is based on the alks Terraform Provider.