AWS Cloud Control v1.26.0, Mar 12 25

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.rolesanywhere.Profile

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

pulumi/pulumi-aws-native

Create Profile Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Profile(name: string, args: ProfileArgs, opts?: CustomResourceOptions);

@overload
def Profile(resource_name: str,
            args: ProfileArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def Profile(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            role_arns: Optional[Sequence[str]] = None,
            accept_role_session_name: Optional[bool] = None,
            attribute_mappings: Optional[Sequence[ProfileAttributeMappingArgs]] = None,
            duration_seconds: Optional[float] = None,
            enabled: Optional[bool] = None,
            managed_policy_arns: Optional[Sequence[str]] = None,
            name: Optional[str] = None,
            require_instance_properties: Optional[bool] = None,
            session_policy: Optional[str] = None,
            tags: Optional[Sequence[_root_inputs.TagArgs]] = None)

func NewProfile(ctx *Context, name string, args ProfileArgs, opts ...ResourceOption) (*Profile, error)

public Profile(string name, ProfileArgs args, CustomResourceOptions? opts = null)

public Profile(String name, ProfileArgs args)
public Profile(String name, ProfileArgs args, CustomResourceOptions options)

type: aws-native:rolesanywhere:Profile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ProfileArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ProfileArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ProfileArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Profile Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Profile resource accepts the following input properties:

RoleArns List<string>: A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
AcceptRoleSessionName bool: Used to determine if a custom role session name will be accepted in a temporary credential request.
AttributeMappings List<Pulumi.AwsNative.RolesAnywhere.Inputs.ProfileAttributeMapping>: A mapping applied to the authenticating end-entity certificate.
DurationSeconds double: The number of seconds vended session credentials will be valid for
Enabled bool: The enabled status of the resource.
ManagedPolicyArns List<string>: A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
Name string: The customer specified name of the resource.
RequireInstanceProperties bool: Specifies whether instance properties are required in CreateSession requests with this profile.
SessionPolicy string: A session policy that will applied to the trust boundary of the vended session credentials.
Tags List<Pulumi.AwsNative.Inputs.Tag>: A list of Tags.

RoleArns []string: A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
AcceptRoleSessionName bool: Used to determine if a custom role session name will be accepted in a temporary credential request.
AttributeMappings []ProfileAttributeMappingArgs: A mapping applied to the authenticating end-entity certificate.
DurationSeconds float64: The number of seconds vended session credentials will be valid for
Enabled bool: The enabled status of the resource.
ManagedPolicyArns []string: A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
Name string: The customer specified name of the resource.
RequireInstanceProperties bool: Specifies whether instance properties are required in CreateSession requests with this profile.
SessionPolicy string: A session policy that will applied to the trust boundary of the vended session credentials.
Tags TagArgs: A list of Tags.

roleArns List<String>: A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
acceptRoleSessionName Boolean: Used to determine if a custom role session name will be accepted in a temporary credential request.
attributeMappings List<ProfileAttributeMapping>: A mapping applied to the authenticating end-entity certificate.
durationSeconds Double: The number of seconds vended session credentials will be valid for
enabled Boolean: The enabled status of the resource.
managedPolicyArns List<String>: A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
name String: The customer specified name of the resource.
requireInstanceProperties Boolean: Specifies whether instance properties are required in CreateSession requests with this profile.
sessionPolicy String: A session policy that will applied to the trust boundary of the vended session credentials.
tags List<Tag>: A list of Tags.

roleArns string[]: A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
acceptRoleSessionName boolean: Used to determine if a custom role session name will be accepted in a temporary credential request.
attributeMappings ProfileAttributeMapping[]: A mapping applied to the authenticating end-entity certificate.
durationSeconds number: The number of seconds vended session credentials will be valid for
enabled boolean: The enabled status of the resource.
managedPolicyArns string[]: A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
name string: The customer specified name of the resource.
requireInstanceProperties boolean: Specifies whether instance properties are required in CreateSession requests with this profile.
sessionPolicy string: A session policy that will applied to the trust boundary of the vended session credentials.
tags Tag[]: A list of Tags.

role_arns Sequence[str]: A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
accept_role_session_name bool: Used to determine if a custom role session name will be accepted in a temporary credential request.
attribute_mappings Sequence[ProfileAttributeMappingArgs]: A mapping applied to the authenticating end-entity certificate.
duration_seconds float: The number of seconds vended session credentials will be valid for
enabled bool: The enabled status of the resource.
managed_policy_arns Sequence[str]: A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
name str: The customer specified name of the resource.
require_instance_properties bool: Specifies whether instance properties are required in CreateSession requests with this profile.
session_policy str: A session policy that will applied to the trust boundary of the vended session credentials.
tags Sequence[TagArgs]: A list of Tags.

roleArns List<String>: A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
acceptRoleSessionName Boolean: Used to determine if a custom role session name will be accepted in a temporary credential request.
attributeMappings List<Property Map>: A mapping applied to the authenticating end-entity certificate.
durationSeconds Number: The number of seconds vended session credentials will be valid for
enabled Boolean: The enabled status of the resource.
managedPolicyArns List<String>: A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
name String: The customer specified name of the resource.
requireInstanceProperties Boolean: Specifies whether instance properties are required in CreateSession requests with this profile.
sessionPolicy String: A session policy that will applied to the trust boundary of the vended session credentials.
tags List<Property Map>: A list of Tags.

Outputs

All input properties are implicitly available as output properties. Additionally, the Profile resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
ProfileArn string: The ARN of the profile.
ProfileId string: The unique primary identifier of the Profile

Id string: The provider-assigned unique ID for this managed resource.
ProfileArn string: The ARN of the profile.
ProfileId string: The unique primary identifier of the Profile

id String: The provider-assigned unique ID for this managed resource.
profileArn String: The ARN of the profile.
profileId String: The unique primary identifier of the Profile

id string: The provider-assigned unique ID for this managed resource.
profileArn string: The ARN of the profile.
profileId string: The unique primary identifier of the Profile

id str: The provider-assigned unique ID for this managed resource.
profile_arn str: The ARN of the profile.
profile_id str: The unique primary identifier of the Profile

id String: The provider-assigned unique ID for this managed resource.
profileArn String: The ARN of the profile.
profileId String: The unique primary identifier of the Profile

Supporting Types

ProfileAttributeMapping, ProfileAttributeMappingArgs

CertificateField Pulumi.AwsNative.RolesAnywhere.ProfileCertificateField: Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
MappingRules List<Pulumi.AwsNative.RolesAnywhere.Inputs.ProfileMappingRule>: A list of mapping entries for every supported specifier or sub-field.

CertificateField ProfileCertificateField: Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
MappingRules []ProfileMappingRule: A list of mapping entries for every supported specifier or sub-field.

certificateField ProfileCertificateField: Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
mappingRules List<ProfileMappingRule>: A list of mapping entries for every supported specifier or sub-field.

certificateField ProfileCertificateField: Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
mappingRules ProfileMappingRule[]: A list of mapping entries for every supported specifier or sub-field.

certificate_field ProfileCertificateField: Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
mapping_rules Sequence[ProfileMappingRule]: A list of mapping entries for every supported specifier or sub-field.

certificateField "x509Subject" | "x509Issuer" | "x509SAN": Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates.
mappingRules List<Property Map>: A list of mapping entries for every supported specifier or sub-field.

ProfileCertificateField, ProfileCertificateFieldArgs

X509Subject: x509Subject
X509Issuer: x509Issuer
X509san: x509SAN

ProfileCertificateFieldX509Subject: x509Subject
ProfileCertificateFieldX509Issuer: x509Issuer
ProfileCertificateFieldX509san: x509SAN

X509Subject: x509Subject
X509Issuer: x509Issuer
X509san: x509SAN

X509Subject: x509Subject
X509Issuer: x509Issuer
X509san: x509SAN

X509_SUBJECT: x509Subject
X509_ISSUER: x509Issuer
X509SAN: x509SAN

"x509Subject": x509Subject
"x509Issuer": x509Issuer
"x509SAN": x509SAN

ProfileMappingRule, ProfileMappingRuleArgs

Specifier string: Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

Specifier string: Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

specifier String: Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

specifier string: Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

specifier str: Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

specifier String: Specifier within a certificate field, such as CN, OU, or UID from the Subject field.

Tag, TagArgs

Key string: The key name of the tag
Value string: The value of the tag

Key string: The key name of the tag
Value string: The value of the tag

key String: The key name of the tag
value String: The value of the tag

key string: The key name of the tag
value string: The value of the tag

key str: The key name of the tag
value str: The value of the tag

key String: The key name of the tag
value String: The value of the tag

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.rolesanywhere.Profile

On this page

On this page

Create Profile Resource

Constructor syntax

Parameters

Profile Resource Properties

Inputs

Outputs

Supporting Types

ProfileAttributeMapping, ProfileAttributeMappingArgs

ProfileCertificateField, ProfileCertificateFieldArgs

ProfileMappingRule, ProfileMappingRuleArgs

Tag, TagArgs

Package Details

On this page

On this page