public MyStack()
{
var user = new Aws.Iam.User("user", new Aws.Iam.UserArgs
{
});
var policy = new Aws.Iam.Policy("policy", new Aws.Iam.PolicyArgs
{
Description = "A test policy",
Policy = "",
});
// insert policy here
var test_attach = new Aws.Iam.UserPolicyAttachment("test-attach", new Aws.Iam.UserPolicyAttachmentArgs
{
PolicyArn = policy.Arn,
User = user.Name,
});
}
public MyStack()
{
var @group = new Aws.Iam.Group("group", new Aws.Iam.GroupArgs
{
});
var policy = new Aws.Iam.Policy("policy", new Aws.Iam.PolicyArgs
{
Description = "A test policy",
Policy = "",
});
// insert policy here
var test_attach = new Aws.Iam.GroupPolicyAttachment("test-attach", new Aws.Iam.GroupPolicyAttachmentArgs
{
Group = @group.Name,
PolicyArn = policy.Arn,
});
}
public MyStack()
{
var testLambda = new Aws.Lambda.Function("testLambda", new Aws.Lambda.FunctionArgs
{
}, new CustomResourceOptions
{
DependsOn =
{
"aws_cloudwatch_log_group.example",
"aws_iam_role_policy_attachment.lambda_logs",
},
});
// This is to optionally manage the CloudWatch Log Group for the Lambda Function.
// If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
var example = new Aws.CloudWatch.LogGroup("example", new Aws.CloudWatch.LogGroupArgs
{
RetentionInDays = 14,
});
// See also the following AWS managed policy: AWSLambdaBasicExecutionRole
var lambdaLogging = new Aws.Iam.Policy("lambdaLogging", new Aws.Iam.PolicyArgs
{
Description = "IAM policy for logging from a lambda",
Path = "/",
Policy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": [
""logs:CreateLogGroup"",
""logs:CreateLogStream"",
""logs:PutLogEvents""
],
""Resource"": ""arn:aws:logs:*:*:*"",
""Effect"": ""Allow""
}
]
}
",
});
var lambdaLogs = new Aws.Iam.RolePolicyAttachment("lambdaLogs", new Aws.Iam.RolePolicyAttachmentArgs
{
PolicyArn = lambdaLogging.Arn,
Role = aws_iam_role.Iam_for_lambda.Name,
});
}
public MyStack()
{
var role = new Aws.Iam.Role("role", new Aws.Iam.RoleArgs
{
AssumeRolePolicy = @" {
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": ""sts:AssumeRole"",
""Principal"": {
""Service"": ""ec2.amazonaws.com""
},
""Effect"": ""Allow"",
""Sid"": """"
}
]
}
",
});
var policy = new Aws.Iam.Policy("policy", new Aws.Iam.PolicyArgs
{
Description = "A test policy",
Policy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": [
""ec2:Describe*""
],
""Effect"": ""Allow"",
""Resource"": ""*""
}
]
}
",
});
var test_attach = new Aws.Iam.RolePolicyAttachment("test-attach", new Aws.Iam.RolePolicyAttachmentArgs
{
PolicyArn = policy.Arn,
Role = role.Name,
});
}
public MyStack()
{
var policy = new Aws.Iam.Policy("policy", new Aws.Iam.PolicyArgs
{
Description = "My test policy",
Path = "/",
Policy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": [
""ec2:Describe*""
],
""Effect"": ""Allow"",
""Resource"": ""*""
}
]
}
",
});
}
