UNPKG

@pulumi/aws-native

Version:

The Pulumi AWS Cloud Control Provider enables you to build, deploy, and manage [any AWS resource that's supported by the AWS Cloud Control API](https://github.com/pulumi/pulumi-aws-native/blob/master/provider/cmd/pulumi-gen-aws-native/supported-types.txt)

pulumi.com

pulumi/pulumi-aws-native

69 lines (68 loc) 3.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import * as pulumi from "@pulumi/pulumi"; import * as enums from "../types/enums"; /** * Policy Grant in AWS DataZone is an explicit authorization assignment that allows a specific principal (user, group, or project) to perform particular actions (such as creating glossary terms, managing projects, or accessing resources) on governed resources within a certain scope (like a Domain Unit or Project). Policy Grants are essentially the mechanism by which DataZone enforces fine-grained, role-based access control beyond what is possible through AWS IAM alone. */ export declare function getPolicyGrant(args: GetPolicyGrantArgs, opts?: pulumi.InvokeOptions): Promise<GetPolicyGrantResult>; export interface GetPolicyGrantArgs { /** * The ID of the domain where you want to add a policy grant. */ domainIdentifier: string; /** * The ID of the entity (resource) to which you want to add a policy grant. */ entityIdentifier: string; /** * The type of entity (resource) to which the grant is added. */ entityType: enums.datazone.PolicyGrantTargetEntityType; /** * The unique identifier of the policy grant returned by the AddPolicyGrant API */ grantId: string; /** * The type of policy that you want to grant. */ policyType: enums.datazone.PolicyGrantManagedPolicyType; } export interface GetPolicyGrantResult { /** * Specifies the timestamp at which policy grant member was created. */ readonly createdAt?: string; /** * Specifies the user who created the policy grant member. */ readonly createdBy?: string; /** * The unique identifier of the policy grant returned by the AddPolicyGrant API */ readonly grantId?: string; } /** * Policy Grant in AWS DataZone is an explicit authorization assignment that allows a specific principal (user, group, or project) to perform particular actions (such as creating glossary terms, managing projects, or accessing resources) on governed resources within a certain scope (like a Domain Unit or Project). Policy Grants are essentially the mechanism by which DataZone enforces fine-grained, role-based access control beyond what is possible through AWS IAM alone. */ export declare function getPolicyGrantOutput(args: GetPolicyGrantOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetPolicyGrantResult>; export interface GetPolicyGrantOutputArgs { /** * The ID of the domain where you want to add a policy grant. */ domainIdentifier: pulumi.Input<string>; /** * The ID of the entity (resource) to which you want to add a policy grant. */ entityIdentifier: pulumi.Input<string>; /** * The type of entity (resource) to which the grant is added. */ entityType: pulumi.Input<enums.datazone.PolicyGrantTargetEntityType>; /** * The unique identifier of the policy grant returned by the AddPolicyGrant API */ grantId: pulumi.Input<string>; /** * The type of policy that you want to grant. */ policyType: pulumi.Input<enums.datazone.PolicyGrantManagedPolicyType>; }