UNPKG

@spacelift-io/pulumi-spacelift

Version:

A Pulumi package for creating and managing Spacelift resources.

spacelift.io

spacelift-io/pulumi-spacelift

63 lines 3.33 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
"use strict"; // *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.getAwsRoleOutput = exports.getAwsRole = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("./utilities"); /** * `spacelift.AwsRole` represents [cross-account IAM role delegation](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) between the Spacelift worker and an individual stack or module. If this is set, Spacelift will use AWS STS to assume the supplied IAM role and put its temporary credentials in the runtime environment. * * If you use private workers, you can also assume IAM role on the worker side using your own AWS credentials (e.g. from EC2 instance profile). * * Note: when assuming credentials for **shared worker**, Spacelift will use `$accountName@$stackID` or `$accountName@$moduleID` as [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) and `$runID@$stackID@$accountName` truncated to 64 characters as [session ID](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole). * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as spacelift from "@pulumi/spacelift"; * * const k8s-module = spacelift.getAwsRole({ * moduleId: "k8s-module", * }); * const k8s-core = spacelift.getAwsRole({ * stackId: "k8s-core", * }); * ``` */ function getAwsRole(args, opts) { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("spacelift:index/getAwsRole:getAwsRole", { "moduleId": args.moduleId, "stackId": args.stackId, }, opts); } exports.getAwsRole = getAwsRole; /** * `spacelift.AwsRole` represents [cross-account IAM role delegation](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) between the Spacelift worker and an individual stack or module. If this is set, Spacelift will use AWS STS to assume the supplied IAM role and put its temporary credentials in the runtime environment. * * If you use private workers, you can also assume IAM role on the worker side using your own AWS credentials (e.g. from EC2 instance profile). * * Note: when assuming credentials for **shared worker**, Spacelift will use `$accountName@$stackID` or `$accountName@$moduleID` as [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) and `$runID@$stackID@$accountName` truncated to 64 characters as [session ID](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole). * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as spacelift from "@pulumi/spacelift"; * * const k8s-module = spacelift.getAwsRole({ * moduleId: "k8s-module", * }); * const k8s-core = spacelift.getAwsRole({ * stackId: "k8s-core", * }); * ``` */ function getAwsRoleOutput(args, opts) { return pulumi.output(args).apply((a) => getAwsRole(a, opts)); } exports.getAwsRoleOutput = getAwsRoleOutput; //# sourceMappingURL=getAwsRole.js.map