Resource: awsIotRoleAlias
Provides an IoT role alias.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsIamPolicyDocumentAssumeRole =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
this,
"assume_role",
{
actions: ["sts:AssumeRole"],
effect: "Allow",
principals: [
{
identifiers: ["credentials.iot.amazonaws.com"],
type: "Service",
},
],
}
);
const awsIamRoleRole = new aws.iamRole.IamRole(this, "role", {
assumeRolePolicy: dataAwsIamPolicyDocumentAssumeRole.json,
name: "dynamodb-access-role",
});
new aws.iotRoleAlias.IotRoleAlias(this, "alias", {
alias: "Thermostat-dynamodb-access-role-alias",
roleArn: awsIamRoleRole.arn,
});
Argument Reference
The following arguments are supported:
alias
- (Required) The name of the role alias.roleArn
- (Required) The identity of the role to which the alias refers.credentialDuration
- (Optional) The duration of the credential, in seconds. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 900 seconds (15 minutes) to 43200 seconds (12 hours).
Attributes Reference
In addition to all arguments above, the following attributes are exported:
arn
- The ARN assigned by AWS to this role alias.
Import
IOT Role Alias can be imported via the alias, e.g.,