Documentation
¶
Index ¶
- func GetAccessKey(ctx *pulumi.Context) string
- func GetAllowedAccountIds(ctx *pulumi.Context) string
- func GetAssumeRole(ctx *pulumi.Context) string
- func GetDefaultTags(ctx *pulumi.Context) string
- func GetEndpoints(ctx *pulumi.Context) string
- func GetForbiddenAccountIds(ctx *pulumi.Context) string
- func GetIgnoreTags(ctx *pulumi.Context) string
- func GetInsecure(ctx *pulumi.Context) bool
- func GetMaxRetries(ctx *pulumi.Context) int
- func GetProfile(ctx *pulumi.Context) string
- func GetRegion(ctx *pulumi.Context) string
- func GetRoleArn(ctx *pulumi.Context) string
- func GetS3ForcePathStyle(ctx *pulumi.Context) bool
- func GetSecretKey(ctx *pulumi.Context) string
- func GetSharedCredentialsFile(ctx *pulumi.Context) string
- func GetSkipCredentialsValidation(ctx *pulumi.Context) bool
- func GetSkipGetEc2Platforms(ctx *pulumi.Context) bool
- func GetSkipMetadataApiCheck(ctx *pulumi.Context) bool
- func GetSkipRegionValidation(ctx *pulumi.Context) bool
- func GetSkipRequestingAccountId(ctx *pulumi.Context) bool
- func GetToken(ctx *pulumi.Context) string
- type AssumeRole
- type DefaultTags
- type Endpoints
- type IgnoreTags
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetAccessKey ¶
The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
func GetAllowedAccountIds ¶
List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one. Conflicts with `forbiddenAccountIds`.
func GetAssumeRole ¶
Configuration for retrieving temporary credentials from the STS service.
func GetDefaultTags ¶
Configuration block with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource `tags` configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the `tags` argument within a resource to configure new tag values for matching keys.
func GetEndpoints ¶
Configuration block for customizing service endpoints.
func GetForbiddenAccountIds ¶
List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with `allowedAccountIds`.
func GetIgnoreTags ¶
Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as `ec2.Tag`) for situations where external systems are managing certain resource tags.
func GetInsecure ¶
Explicitly allow the provider to perform "insecure" SSL requests. If omitted,default value is `false`.
func GetMaxRetries ¶
The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
func GetProfile ¶
The profile for API operations. If not set, the default profile created with `aws configure` will be used.
func GetRegion ¶
The region where AWS operations will take place. Examples are `us-east-1`, `us-west-2`, etc.
func GetRoleArn ¶ added in v0.18.0
The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. Note, this is a unique feature for server side security enforcement, not to be confused with assumeRole, which is used to obtain temporary client credentials. If you do not specify a role, Cloud Control API uses a temporary session created using your AWS user credentials instead.
func GetS3ForcePathStyle ¶
Set this to true to force the request to use path-style addressing, i.e., `http://s3.amazonaws.com/BUCKET/KEY`. By default, the S3 client will use virtual hosted bucket addressing when possible (`http://BUCKET.s3.amazonaws.com/KEY`). Specific to the Amazon S3 service.
func GetSecretKey ¶
The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
func GetSharedCredentialsFile ¶
The path to the shared credentials file. If not set this defaults to `~/.aws/credentials`.
func GetSkipCredentialsValidation ¶
Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
func GetSkipGetEc2Platforms ¶
Skip getting the supported EC2 platforms. Used by users that don't have `ec2:DescribeAccountAttributes` permissions.
func GetSkipMetadataApiCheck ¶
Skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to true prevents Pulumi from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables.
func GetSkipRegionValidation ¶
Skip static validation of region name. Used by users of alternative AWS-like APIs or users with access to regions that are not public.
func GetSkipRequestingAccountId ¶
Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
Types ¶
type AssumeRole ¶
type AssumeRole struct {
// Number of seconds to restrict the assume role session duration.
DurationSeconds *int `pulumi:"durationSeconds"`
// External identifier to use when assuming the role.
ExternalId *string `pulumi:"externalId"`
// IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
Policy *string `pulumi:"policy"`
// Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role.
PolicyArns []string `pulumi:"policyArns"`
// Amazon Resource Name (ARN) of the IAM Role to assume.
RoleArn *string `pulumi:"roleArn"`
// Session name to use when assuming the role.
SessionName *string `pulumi:"sessionName"`
// Map of assume role session tags.
Tags map[string]string `pulumi:"tags"`
// A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain.
TransitiveTagKeys []string `pulumi:"transitiveTagKeys"`
}
The configuration for a Provider to assume a role.
type DefaultTags ¶
type DefaultTags struct {
// A group of tags to set across all resources.
Tags map[string]string `pulumi:"tags"`
}
The configuration with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource `tags` configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the `tags` argument within a resource to configure new tag values for matching keys.
type Endpoints ¶
type Endpoints struct {
// Override the default endpoint for AWS CloudControl
Cloudcontrol *string `pulumi:"cloudcontrol"`
// Override the default endpoint for AWS CloudFormation
Cloudformation *string `pulumi:"cloudformation"`
// Override the default endpoint for AWS Elastic Compute Cloud (EC2)
Ec2 *string `pulumi:"ec2"`
// Override the default endpoint for AWS Systems Manager
Ssm *string `pulumi:"ssm"`
// Override the default endpoint for AWS Security Token Service (STS)
Sts *string `pulumi:"sts"`
}
The configuration for for customizing service endpoints.
type IgnoreTags ¶
type IgnoreTags struct {
// List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any `tags` attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or `ignoreChanges` is also used.
KeyPrefixes []string `pulumi:"keyPrefixes"`
// List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any `tags` attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or `ignoreChanges` is also used.
Keys []string `pulumi:"keys"`
}
The configuration with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as `ec2.Tag`) for situations where external systems are managing certain resource tags.
Source Files