Package com.pulumi.aws.acmpca

Class Policy

  • public class Policy
extends com.pulumi.resources.CustomResource
    Attaches a resource based policy to a private CA. ## Example Usage ### Basic <!--Start PulumiCodeChooser --> ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.iam.IamFunctions; import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; import com.pulumi.aws.acmpca.Policy; import com.pulumi.aws.acmpca.PolicyArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() .statements( GetPolicyDocumentStatementArgs.builder() .sid("1") .effect("Allow") .principals(GetPolicyDocumentStatementPrincipalArgs.builder() .type("AWS") .identifiers(current.accountId()) .build()) .actions( "acm-pca:DescribeCertificateAuthority", "acm-pca:GetCertificate", "acm-pca:GetCertificateAuthorityCertificate", "acm-pca:ListPermissions", "acm-pca:ListTags") .resources(exampleAwsAcmpcaCertificateAuthority.arn()) .build(), GetPolicyDocumentStatementArgs.builder() .sid("2") .effect(allow) .principals(GetPolicyDocumentStatementPrincipalArgs.builder() .type("AWS") .identifiers(current.accountId()) .build()) .actions("acm-pca:IssueCertificate") .resources(exampleAwsAcmpcaCertificateAuthority.arn()) .conditions(GetPolicyDocumentStatementConditionArgs.builder() .test("StringEquals") .variable("acm-pca:TemplateArn") .values("arn:aws:acm-pca:::template/EndEntityCertificate/V1") .build()) .build()) .build()); var examplePolicy = new Policy("examplePolicy", PolicyArgs.builder() .resourceArn(exampleAwsAcmpcaCertificateAuthority.arn()) .policy(example.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())) .build()); } } ``` <!--End PulumiCodeChooser --> ## Import Using `pulumi import`, import `aws_acmpca_policy` using the `resource_arn` value. For example: ```sh $ pulumi import aws:acmpca/policy:Policy example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 ```

    • Nested Class Summary

      • Nested classes/interfaces inherited from class com.pulumi.resources.CustomResource

        com.pulumi.resources.CustomResource.CustomResourceInternal

      • Nested classes/interfaces inherited from class com.pulumi.resources.Resource

        com.pulumi.resources.Resource.LazyField<T extends java.lang.Object>, com.pulumi.resources.Resource.LazyFields, com.pulumi.resources.Resource.ResourceInternal

    • Field Summary

      • Fields inherited from class com.pulumi.resources.Resource

        childResources, remote

    • Constructor Summary

      Constructors 
      Constructor Description
      Policy​(java.lang.String name)  
      Policy​(java.lang.String name, PolicyArgs args)  
      Policy​(java.lang.String name, PolicyArgs args, com.pulumi.resources.CustomResourceOptions options)  

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static Policy get​(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, PolicyState state, com.pulumi.resources.CustomResourceOptions options)
      Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
      com.pulumi.core.Output<java.lang.String> policy()  
      com.pulumi.core.Output<java.lang.String> resourceArn()  

      • Methods inherited from class com.pulumi.resources.CustomResource

        getId, id, idFuture

      • Methods inherited from class com.pulumi.resources.Resource

        getChildResources, getResourceName, getResourceType, getUrn, pulumiChildResources, pulumiResourceName, pulumiResourceType, urn

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • Policy

        public Policy​(java.lang.String name)
        Parameters:
        name - The _unique_ name of the resulting resource.

      • Policy

        public Policy​(java.lang.String name,
              PolicyArgs args)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.

      • Policy

        public Policy​(java.lang.String name,
              PolicyArgs args,
              @Nullable
              com.pulumi.resources.CustomResourceOptions options)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.
        options - A bag of options that control this resource's behavior.

    • Method Detail

      • policy

        public com.pulumi.core.Output<java.lang.String> policy()
        Returns:
        JSON-formatted IAM policy to attach to the specified private CA resource.

      • resourceArn

        public com.pulumi.core.Output<java.lang.String> resourceArn()
        Returns:
        ARN of the private CA to associate with the policy.

      • get

        public static Policy get​(java.lang.String name,
                         com.pulumi.core.Output<java.lang.String> id,
                         @Nullable
                         PolicyState state,
                         @Nullable
                         com.pulumi.resources.CustomResourceOptions options)
        Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
        Parameters:
        name - The _unique_ name of the resulting resource.
        id - The _unique_ provider ID of the resource to lookup.
        state -
        options - Optional settings to control the behavior of the CustomResource.