Docs Home
Alibaba Cloud v3.77.0 published on Friday, May 2, 2025 by Pulumi
alicloud.ram.getRolePolicyAttachments
Explore with Pulumi AI
This data source provides Ram Role Policy Attachment available to the user.What is Role Policy Attachment
NOTE: Available since v1.248.0.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
import * as random from "@pulumi/random";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const role = new alicloud.ram.Role("role", {
name: "roleName",
document: ` {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"apigateway.aliyuncs.com",
"ecs.aliyuncs.com"
]
}
}
],
"Version": "1"
}
`,
description: "this is a role test.",
});
const defaultInteger = new random.index.Integer("default", {
min: 10000,
max: 99999,
});
const policy = new alicloud.ram.Policy("policy", {
policyName: `tf-example-${defaultInteger.result}`,
policyDocument: ` {
"Statement": [
{
"Action": [
"oss:ListObjects",
"oss:GetObject"
],
"Effect": "Allow",
"Resource": [
"acs:oss:*:*:mybucket",
"acs:oss:*:*:mybucket/*"
]
}
],
"Version": "1"
}
`,
description: "this is a policy test",
});
const defaultRolePolicyAttachment = new alicloud.ram.RolePolicyAttachment("default", {
policyName: policy.policyName,
policyType: policy.type,
roleName: role.name,
});
const _default = alicloud.ram.getRolePolicyAttachmentsOutput({
ids: [defaultRolePolicyAttachment.id],
roleName: role.id,
});
export const alicloudRamRolePolicyAttachmentExampleId = _default.apply(_default => _default.attachments?.[0]?.id);
import pulumi
import pulumi_alicloud as alicloud
import pulumi_random as random
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
role = alicloud.ram.Role("role",
name="roleName",
document=""" {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"apigateway.aliyuncs.com",
"ecs.aliyuncs.com"
]
}
}
],
"Version": "1"
}
""",
description="this is a role test.")
default_integer = random.index.Integer("default",
min=10000,
max=99999)
policy = alicloud.ram.Policy("policy",
policy_name=f"tf-example-{default_integer['result']}",
policy_document=""" {
"Statement": [
{
"Action": [
"oss:ListObjects",
"oss:GetObject"
],
"Effect": "Allow",
"Resource": [
"acs:oss:*:*:mybucket",
"acs:oss:*:*:mybucket/*"
]
}
],
"Version": "1"
}
""",
description="this is a policy test")
default_role_policy_attachment = alicloud.ram.RolePolicyAttachment("default",
policy_name=policy.policy_name,
policy_type=policy.type,
role_name=role.name)
default = alicloud.ram.get_role_policy_attachments_output(ids=[default_role_policy_attachment.id],
role_name=role.id)
pulumi.export("alicloudRamRolePolicyAttachmentExampleId", default.attachments[0].id)
package main
import (
"fmt"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/ram"
"github.com/pulumi/pulumi-random/sdk/v4/go/random"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example";
if param := cfg.Get("name"); param != ""{
name = param
}
role, err := ram.NewRole(ctx, "role", &ram.RoleArgs{
Name: pulumi.String("roleName"),
Document: pulumi.String(` {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"apigateway.aliyuncs.com",
"ecs.aliyuncs.com"
]
}
}
],
"Version": "1"
}
`),
Description: pulumi.String("this is a role test."),
})
if err != nil {
return err
}
defaultInteger, err := random.NewInteger(ctx, "default", &random.IntegerArgs{
Min: 10000,
Max: 99999,
})
if err != nil {
return err
}
policy, err := ram.NewPolicy(ctx, "policy", &ram.PolicyArgs{
PolicyName: pulumi.Sprintf("tf-example-%v", defaultInteger.Result),
PolicyDocument: pulumi.String(` {
"Statement": [
{
"Action": [
"oss:ListObjects",
"oss:GetObject"
],
"Effect": "Allow",
"Resource": [
"acs:oss:*:*:mybucket",
"acs:oss:*:*:mybucket/*"
]
}
],
"Version": "1"
}
`),
Description: pulumi.String("this is a policy test"),
})
if err != nil {
return err
}
defaultRolePolicyAttachment, err := ram.NewRolePolicyAttachment(ctx, "default", &ram.RolePolicyAttachmentArgs{
PolicyName: policy.PolicyName,
PolicyType: policy.Type,
RoleName: role.Name,
})
if err != nil {
return err
}
_default := ram.GetRolePolicyAttachmentsOutput(ctx, ram.GetRolePolicyAttachmentsOutputArgs{
Ids: pulumi.StringArray{
defaultRolePolicyAttachment.ID(),
},
RoleName: role.ID(),
}, nil);
ctx.Export("alicloudRamRolePolicyAttachmentExampleId", _default.ApplyT(func(_default ram.GetRolePolicyAttachmentsResult) (*string, error) {
return &default.Attachments[0].Id, nil
}).(pulumi.StringPtrOutput))
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
using Random = Pulumi.Random;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var role = new AliCloud.Ram.Role("role", new()
{
Name = "roleName",
Document = @" {
""Statement"": [
{
""Action"": ""sts:AssumeRole"",
""Effect"": ""Allow"",
""Principal"": {
""Service"": [
""apigateway.aliyuncs.com"",
""ecs.aliyuncs.com""
]
}
}
],
""Version"": ""1""
}
",
Description = "this is a role test.",
});
var defaultInteger = new Random.Index.Integer("default", new()
{
Min = 10000,
Max = 99999,
});
var policy = new AliCloud.Ram.Policy("policy", new()
{
PolicyName = $"tf-example-{defaultInteger.Result}",
PolicyDocument = @" {
""Statement"": [
{
""Action"": [
""oss:ListObjects"",
""oss:GetObject""
],
""Effect"": ""Allow"",
""Resource"": [
""acs:oss:*:*:mybucket"",
""acs:oss:*:*:mybucket/*""
]
}
],
""Version"": ""1""
}
",
Description = "this is a policy test",
});
var defaultRolePolicyAttachment = new AliCloud.Ram.RolePolicyAttachment("default", new()
{
PolicyName = policy.PolicyName,
PolicyType = policy.Type,
RoleName = role.Name,
});
var @default = AliCloud.Ram.GetRolePolicyAttachments.Invoke(new()
{
Ids = new[]
{
defaultRolePolicyAttachment.Id,
},
RoleName = role.Id,
});
return new Dictionary<string, object?>
{
["alicloudRamRolePolicyAttachmentExampleId"] = @default.Apply(@default => @default.Apply(getRolePolicyAttachmentsResult => getRolePolicyAttachmentsResult.Attachments[0]?.Id)),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.ram.Role;
import com.pulumi.alicloud.ram.RoleArgs;
import com.pulumi.random.integer;
import com.pulumi.random.integerArgs;
import com.pulumi.alicloud.ram.Policy;
import com.pulumi.alicloud.ram.PolicyArgs;
import com.pulumi.alicloud.ram.RolePolicyAttachment;
import com.pulumi.alicloud.ram.RolePolicyAttachmentArgs;
import com.pulumi.alicloud.ram.RamFunctions;
import com.pulumi.alicloud.ram.inputs.GetRolePolicyAttachmentsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
var role = new Role("role", RoleArgs.builder()
.name("roleName")
.document("""
{
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"apigateway.aliyuncs.com",
"ecs.aliyuncs.com"
]
}
}
],
"Version": "1"
}
""")
.description("this is a role test.")
.build());
var defaultInteger = new Integer("defaultInteger", IntegerArgs.builder()
.min(10000)
.max(99999)
.build());
var policy = new Policy("policy", PolicyArgs.builder()
.policyName(String.format("tf-example-%s", defaultInteger.result()))
.policyDocument("""
{
"Statement": [
{
"Action": [
"oss:ListObjects",
"oss:GetObject"
],
"Effect": "Allow",
"Resource": [
"acs:oss:*:*:mybucket",
"acs:oss:*:*:mybucket/*"
]
}
],
"Version": "1"
}
""")
.description("this is a policy test")
.build());
var defaultRolePolicyAttachment = new RolePolicyAttachment("defaultRolePolicyAttachment", RolePolicyAttachmentArgs.builder()
.policyName(policy.policyName())
.policyType(policy.type())
.roleName(role.name())
.build());
final var default = RamFunctions.getRolePolicyAttachments(GetRolePolicyAttachmentsArgs.builder()
.ids(defaultRolePolicyAttachment.id())
.roleName(role.id())
.build());
ctx.export("alicloudRamRolePolicyAttachmentExampleId", default_.applyValue(_default_ -> _default_.attachments()[0].id()));
}
}
configuration:
name:
type: string
default: terraform-example
resources:
role:
type: alicloud:ram:Role
properties:
name: roleName
document: " {\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": [\n \"apigateway.aliyuncs.com\", \n \"ecs.aliyuncs.com\"\n ]\n }\n }\n ],\n \"Version\": \"1\"\n }\n"
description: this is a role test.
defaultInteger:
type: random:integer
name: default
properties:
min: 10000
max: 99999
policy:
type: alicloud:ram:Policy
properties:
policyName: tf-example-${defaultInteger.result}
policyDocument: |2
{
"Statement": [
{
"Action": [
"oss:ListObjects",
"oss:GetObject"
],
"Effect": "Allow",
"Resource": [
"acs:oss:*:*:mybucket",
"acs:oss:*:*:mybucket/*"
]
}
],
"Version": "1"
}
description: this is a policy test
defaultRolePolicyAttachment:
type: alicloud:ram:RolePolicyAttachment
name: default
properties:
policyName: ${policy.policyName}
policyType: ${policy.type}
roleName: ${role.name}
variables:
default:
fn::invoke:
function: alicloud:ram:getRolePolicyAttachments
arguments:
ids:
- ${defaultRolePolicyAttachment.id}
roleName: ${role.id}
outputs:
alicloudRamRolePolicyAttachmentExampleId: ${default.attachments[0].id}
Using getRolePolicyAttachments
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getRolePolicyAttachments(args: GetRolePolicyAttachmentsArgs, opts?: InvokeOptions): Promise<GetRolePolicyAttachmentsResult>
function getRolePolicyAttachmentsOutput(args: GetRolePolicyAttachmentsOutputArgs, opts?: InvokeOptions): Output<GetRolePolicyAttachmentsResult>def get_role_policy_attachments(ids: Optional[Sequence[str]] = None,
output_file: Optional[str] = None,
role_name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetRolePolicyAttachmentsResult
def get_role_policy_attachments_output(ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
output_file: Optional[pulumi.Input[str]] = None,
role_name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetRolePolicyAttachmentsResult]func GetRolePolicyAttachments(ctx *Context, args *GetRolePolicyAttachmentsArgs, opts ...InvokeOption) (*GetRolePolicyAttachmentsResult, error)
func GetRolePolicyAttachmentsOutput(ctx *Context, args *GetRolePolicyAttachmentsOutputArgs, opts ...InvokeOption) GetRolePolicyAttachmentsResultOutput> Note: This function is named GetRolePolicyAttachments in the Go SDK.
public static class GetRolePolicyAttachments
{
public static Task<GetRolePolicyAttachmentsResult> InvokeAsync(GetRolePolicyAttachmentsArgs args, InvokeOptions? opts = null)
public static Output<GetRolePolicyAttachmentsResult> Invoke(GetRolePolicyAttachmentsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetRolePolicyAttachmentsResult> getRolePolicyAttachments(GetRolePolicyAttachmentsArgs args, InvokeOptions options)
public static Output<GetRolePolicyAttachmentsResult> getRolePolicyAttachments(GetRolePolicyAttachmentsArgs args, InvokeOptions options)
fn::invoke:
function: alicloud:ram/getRolePolicyAttachments:getRolePolicyAttachments
arguments:
# arguments dictionaryThe following arguments are supported:
- Role
Name string - The RAM role name.
- Ids List<string>
- A list of Role Policy Attachment IDs. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - Output
File string - File name where to save data source results (after running
pulumi preview).
- Role
Name string - The RAM role name.
- Ids []string
- A list of Role Policy Attachment IDs. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - Output
File string - File name where to save data source results (after running
pulumi preview).
- role
Name String - The RAM role name.
- ids List<String>
- A list of Role Policy Attachment IDs. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - output
File String - File name where to save data source results (after running
pulumi preview).
- role
Name string - The RAM role name.
- ids string[]
- A list of Role Policy Attachment IDs. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - output
File string - File name where to save data source results (after running
pulumi preview).
- role_
name str - The RAM role name.
- ids Sequence[str]
- A list of Role Policy Attachment IDs. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - output_
file str - File name where to save data source results (after running
pulumi preview).
- role
Name String - The RAM role name.
- ids List<String>
- A list of Role Policy Attachment IDs. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - output
File String - File name where to save data source results (after running
pulumi preview).
getRolePolicyAttachments Result
The following output properties are available:
- Attachments
List<Pulumi.
Ali Cloud. Ram. Outputs. Get Role Policy Attachments Attachment> - A list of Role Policy Attachment Entries. Each element contains the following attributes:
- Id string
- The provider-assigned unique ID for this managed resource.
- Ids List<string>
- A list of Role Policy Attachment IDs.
- Role
Name string - Output
File string
- Attachments
[]Get
Role Policy Attachments Attachment - A list of Role Policy Attachment Entries. Each element contains the following attributes:
- Id string
- The provider-assigned unique ID for this managed resource.
- Ids []string
- A list of Role Policy Attachment IDs.
- Role
Name string - Output
File string
- attachments
List<Get
Role Policy Attachments Attachment> - A list of Role Policy Attachment Entries. Each element contains the following attributes:
- id String
- The provider-assigned unique ID for this managed resource.
- ids List<String>
- A list of Role Policy Attachment IDs.
- role
Name String - output
File String
- attachments
Get
Role Policy Attachments Attachment[] - A list of Role Policy Attachment Entries. Each element contains the following attributes:
- id string
- The provider-assigned unique ID for this managed resource.
- ids string[]
- A list of Role Policy Attachment IDs.
- role
Name string - output
File string
- attachments
Sequence[Get
Role Policy Attachments Attachment] - A list of Role Policy Attachment Entries. Each element contains the following attributes:
- id str
- The provider-assigned unique ID for this managed resource.
- ids Sequence[str]
- A list of Role Policy Attachment IDs.
- role_
name str - output_
file str
- attachments List<Property Map>
- A list of Role Policy Attachment Entries. Each element contains the following attributes:
- id String
- The provider-assigned unique ID for this managed resource.
- ids List<String>
- A list of Role Policy Attachment IDs.
- role
Name String - output
File String
Supporting Types
GetRolePolicyAttachmentsAttachment
- Attach
Date string - The time when the role was attached to the policy.
- Description string
- The policy description.
- Id string
- The ID of the resource supplied above. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - Policy
Name string - The name of the policy.
- Policy
Type string - Policy type.- Custom: Custom policy.- System: System policy.
- Attach
Date string - The time when the role was attached to the policy.
- Description string
- The policy description.
- Id string
- The ID of the resource supplied above. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - Policy
Name string - The name of the policy.
- Policy
Type string - Policy type.- Custom: Custom policy.- System: System policy.
- attach
Date String - The time when the role was attached to the policy.
- description String
- The policy description.
- id String
- The ID of the resource supplied above. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - policy
Name String - The name of the policy.
- policy
Type String - Policy type.- Custom: Custom policy.- System: System policy.
- attach
Date string - The time when the role was attached to the policy.
- description string
- The policy description.
- id string
- The ID of the resource supplied above. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - policy
Name string - The name of the policy.
- policy
Type string - Policy type.- Custom: Custom policy.- System: System policy.
- attach_
date str - The time when the role was attached to the policy.
- description str
- The policy description.
- id str
- The ID of the resource supplied above. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - policy_
name str - The name of the policy.
- policy_
type str - Policy type.- Custom: Custom policy.- System: System policy.
- attach
Date String - The time when the role was attached to the policy.
- description String
- The policy description.
- id String
- The ID of the resource supplied above. The value is formulated as
role:<policy_name>:<policy_type>:<role_name>. - policy
Name String - The name of the policy.
- policy
Type String - Policy type.- Custom: Custom policy.- System: System policy.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.