enclave_certificate_iam_role_associations
Used to retrieve a list of enclave_certificate_iam_role_associations in a region or to create or delete a enclave_certificate_iam_role_associations resource, use enclave_certificate_iam_role_association to read or update an individual resource.
Overview
| Name | enclave_certificate_iam_role_associations |
| Type | Resource |
| Description | Associates an AWS Identity and Access Management (IAM) role with an AWS Certificate Manager (ACM) certificate. This association is based on Amazon Resource Names and it enables the certificate to be used by the ACM for Nitro Enclaves application inside an enclave. |
| Id | aws.ec2.enclave_certificate_iam_role_associations |
Fields
| Name | Datatype | Description |
|---|---|---|
certificate_arn | string | The Amazon Resource Name (ARN) of the ACM certificate with which to associate the IAM role. |
role_arn | string | The Amazon Resource Name (ARN) of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | CertificateArn, RoleArn, region |
delete_resource | DELETE | data__Identifier, region |
list_resource | SELECT | region |
SELECT Example
SELECT
region,
certificate_arn,
role_arn
FROM aws.ec2.enclave_certificate_iam_role_associations
WHERE region = 'us-east-1';
INSERT Example
Use the following StackQL query and manifest file to create a new enclave_certificate_iam_role_association resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.ec2.enclave_certificate_iam_role_associations (
CertificateArn,
RoleArn,
region
)
SELECT
'{{ CertificateArn }}',
'{{ RoleArn }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.ec2.enclave_certificate_iam_role_associations (
CertificateArn,
RoleArn,
region
)
SELECT
'{{ CertificateArn }}',
'{{ RoleArn }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: enclave_certificate_iam_role_association
props:
- name: CertificateArn
value: '{{ CertificateArn }}'
- name: RoleArn
value: '{{ RoleArn }}'
DELETE Example
/*+ delete */
DELETE FROM aws.ec2.enclave_certificate_iam_role_associations
WHERE data__Identifier = '<CertificateArn|RoleArn>'
AND region = 'us-east-1';
Permissions
To operate on the enclave_certificate_iam_role_associations resource, the following permissions are required:
Create
ec2:AssociateEnclaveCertificateIamRole
Delete
ec2:DisassociateEnclaveCertificateIamRole
List
ec2:GetAssociatedEnclaveCertificateIamRoles