enclave_certificate_iam_role_associations
Used to retrieve a list of enclave_certificate_iam_role_associations
in a region or to create or delete a enclave_certificate_iam_role_associations
resource, use enclave_certificate_iam_role_association
to read or update an individual resource.
Overview
Name | enclave_certificate_iam_role_associations |
Type | Resource |
Description | Associates an AWS Identity and Access Management (IAM) role with an AWS Certificate Manager (ACM) certificate. This association is based on Amazon Resource Names and it enables the certificate to be used by the ACM for Nitro Enclaves application inside an enclave. |
Id | aws.ec2.enclave_certificate_iam_role_associations |
Fields
Name | Datatype | Description |
---|---|---|
certificate_arn | string | The Amazon Resource Name (ARN) of the ACM certificate with which to associate the IAM role. |
role_arn | string | The Amazon Resource Name (ARN) of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate. |
region | string | AWS region. |
Methods
Name | Accessible by | Required Params |
---|---|---|
create_resource | INSERT | CertificateArn, RoleArn, region |
delete_resource | DELETE | data__Identifier, region |
list_resource | SELECT | region |
SELECT
Example
SELECT
region,
certificate_arn,
role_arn
FROM aws.ec2.enclave_certificate_iam_role_associations
WHERE region = 'us-east-1';
INSERT
Example
Use the following StackQL query and manifest file to create a new enclave_certificate_iam_role_association
resource, using stack-deploy
.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.ec2.enclave_certificate_iam_role_associations (
CertificateArn,
RoleArn,
region
)
SELECT
'{{ CertificateArn }}',
'{{ RoleArn }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.ec2.enclave_certificate_iam_role_associations (
CertificateArn,
RoleArn,
region
)
SELECT
'{{ CertificateArn }}',
'{{ RoleArn }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: enclave_certificate_iam_role_association
props:
- name: CertificateArn
value: '{{ CertificateArn }}'
- name: RoleArn
value: '{{ RoleArn }}'
DELETE
Example
/*+ delete */
DELETE FROM aws.ec2.enclave_certificate_iam_role_associations
WHERE data__Identifier = '<CertificateArn|RoleArn>'
AND region = 'us-east-1';
Permissions
To operate on the enclave_certificate_iam_role_associations
resource, the following permissions are required:
Create
ec2:AssociateEnclaveCertificateIamRole
Delete
ec2:DisassociateEnclaveCertificateIamRole
List
ec2:GetAssociatedEnclaveCertificateIamRoles