AI 助理
备案控制台
官方文档
输入文档关键字查找
首页 Terraform 资源列表 RAM Resources alicloud_ram_role

alicloud_ram_role

更新时间:
我的收藏

Provides a RAM Role resource.

For information about RAM Role and how to use it, see What is Role.

-> NOTE: Available since v1.0.0.

-> NOTE: When you want to destroy this resource forcefully(means remove all the relationships associated with it automatically and then destroy it) without set force with true at beginning, you need add force = true to configuration file and run terraform plan, then you can delete resource forcefully.

Example Usage

Basic Usage


resource "random_integer" "default" {
  min = 10000
  max = 99999
}

resource "alicloud_ram_role" "default" {
  role_name                   = "terraform-example-${random_integer.default.result}"
  assume_role_policy_document = <<EOF
  {
    "Statement": [
      {
        "Action": "sts:AssumeRole",
        "Effect": "Allow",
        "Principal": {
          "Service": [
            "apigateway.aliyuncs.com",
            "ecs.aliyuncs.com"
          ]
        }
      }
    ],
    "Version": "1"
  }
  EOF
  description                 = "this is a role test."
}

Argument Reference

The following arguments are supported:

  • assume_role_policy_document - (Optional, Available since v1.252.0) The trust policy that specifies one or more trusted entities to assume the RAM role. The trusted entities can be Alibaba Cloud accounts, Alibaba Cloud services, or identity providers (IdPs).
  • description - (Optional) The description of the RAM role.
  • max_session_duration - (Optional, Int, Available since v1.105.0) The maximum session time of the RAM role. Default value: 3600. Valid values: 3600 to 43200.
  • role_name - (Optional, ForceNew, Available since v1.252.0) The name of the RAM role.
  • tags - (Optional, Map, Available since v1.252.0) The list of tags for the role.
  • force - (Optional, Bool) Specifies whether to force delete the Role. Default value: false. Valid values:
    • true: Enable.
    • false: Disable.
  • name - (Optional, ForceNew, Deprecated since v1.252.0) Field name has been deprecated from provider version 1.252.0. New field role_name instead.
  • document - (Optional, Deprecated since v1.252.0) Field document has been deprecated from provider version 1.252.0. New field assume_role_policy_document instead.
  • version - (Optional, Deprecated since v1.49.0) Field version has been deprecated from provider version 1.49.0. New field document instead.
  • ram_users - (Optional, List, Deprecated since v1.49.0) Field ram_users has been deprecated from provider version 1.49.0. New field document instead.
  • services - (Optional, List, Deprecated since v1.49.0) Field services has been deprecated from provider version 1.49.0. New field document instead.

Attributes Reference

The following attributes are exported:

  • id - The ID of the resource supplied above.
  • arn - The Alibaba Cloud Resource Name (ARN) of the RAM role.
  • create_time - (Available since v1.252.0) The time when the RAM role was created.
  • role_id - The ID of the RAM role.

Timeouts

-> NOTE: Available since v1.159.0.

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 5 mins) Used when create the Role.
  • delete - (Defaults to 5 mins) Used when delete the Role.
  • update - (Defaults to 5 mins) Used when update the Role.

Import

RAM Role can be imported using the id, e.g.

$ terraform import alicloud_ram_role.example <id>

上一篇:alicloud_ram_policy下一篇:alicloud_ram_role_policy_attachment