UNPKG

@pulumi/aws

Version:

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

pulumi.io

pulumi/pulumi-aws

95 lines (94 loc) 4.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. * For more information see [Configure AWS SRT Support](https://docs.aws.amazon.com/waf/latest/developerguide/authorize-srt.html) * * ## Example Usage * * ### Basic Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const exampleRole = new aws.iam.Role("example", { * name: "example-role", * assumeRolePolicy: JSON.stringify({ * Version: "2012-10-17", * Statement: [{ * Sid: "", * Effect: "Allow", * Principal: { * Service: "drt.shield.amazonaws.com", * }, * Action: "sts:AssumeRole", * }], * }), * }); * const example = new aws.shield.DrtAccessRoleArnAssociation("example", {roleArn: exampleRole.arn}); * const exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment("example", { * role: exampleRole.name, * policyArn: "arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy", * }); * ``` * * ## Import * * Using `pulumi import`, import Shield DRT access role ARN association using the AWS account ID. For example: * * ```sh * $ pulumi import aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation example 123456789012 * ``` */ export declare class DrtAccessRoleArnAssociation extends pulumi.CustomResource { /** * Get an existing DrtAccessRoleArnAssociation resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DrtAccessRoleArnAssociationState, opts?: pulumi.CustomResourceOptions): DrtAccessRoleArnAssociation; /** * Returns true if the given object is an instance of DrtAccessRoleArnAssociation. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is DrtAccessRoleArnAssociation; /** * The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role. */ readonly roleArn: pulumi.Output<string>; readonly timeouts: pulumi.Output<outputs.shield.DrtAccessRoleArnAssociationTimeouts | undefined>; /** * Create a DrtAccessRoleArnAssociation resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: DrtAccessRoleArnAssociationArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering DrtAccessRoleArnAssociation resources. */ export interface DrtAccessRoleArnAssociationState { /** * The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role. */ roleArn?: pulumi.Input<string>; timeouts?: pulumi.Input<inputs.shield.DrtAccessRoleArnAssociationTimeouts>; } /** * The set of arguments for constructing a DrtAccessRoleArnAssociation resource. */ export interface DrtAccessRoleArnAssociationArgs { /** * The Amazon Resource Name (ARN) of the role the SRT will use to access your AWS account. Prior to making the AssociateDRTRole request, you must attach the `AWSShieldDRTAccessPolicy` managed policy to this role. */ roleArn: pulumi.Input<string>; timeouts?: pulumi.Input<inputs.shield.DrtAccessRoleArnAssociationTimeouts>; }