vpc_endpoint_service_permission#

Exec module for managing EC2 VPC Endpoint Service Permissions.

async idem_aws.exec.aws.ec2.vpc_endpoint_service_permission.get(hub, ctx, service_id: str, principal_arn: str, name: str = None) → Dict[str, Any][source]#

Describes the principal (service consumer) that are permitted to discover your VPC endpoint service.

Parameters:

service_id (str) – The ID of the service.
principal_arn (str) – The ARN of the principal.
name (str, Optional) – Idem name of the resource. Defaults to None.

Returns:

Dict[str, Any]

Examples

Resource State:

unmanaged_resource:
  exec.run:
    - path: aws.ec2.vpc_endpoint_service_permission.get
    - kwargs:
        - service_id: value
        - principal_arn: value

Exec call from the CLI:

idem exec aws.ec2.vpc_endpoint_service_permission.get service_id=value principal_arn=value

async idem_aws.exec.aws.ec2.vpc_endpoint_service_permission.list_(hub, ctx, service_id: str, filters: List[Filter] = None) → Dict[str, Any][source]#

Describes the principals (service consumers) that are permitted to discover your VPC endpoint service.

Parameters:

service_id (str) – The ID of the service.
filters (List[dict[str, Any]], Optional) –
The filters.
- principal - The ARN of the principal.
- principal-type - The principal type (All | Service | OrganizationUnit | Account | User | Role). Defaults to None.
(structure)
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.

If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
Name(str): The name of the filter. Filter names are case-sensitive.

Values(List[str]): The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.

Returns:

Dict[str, Any]

Examples

Resource State:

unmanaged_resources:
  exec.run:
    - path: aws.ec2.vpc_endpoint_service_permission.list
    - kwargs:
        - service_id: value

Exec call from the CLI:

idem exec aws.ec2.vpc_endpoint_service_permission.list service_id=value

async idem_aws.exec.aws.ec2.vpc_endpoint_service_permission.create(hub, ctx, service_id: str, add_allowed_principals: List[str], name: str = None) → Dict[str, Any][source]#

Adds the permissions for your VPC endpoint service. You can add permissions for service consumers (Amazon Web Services accounts, users, and IAM roles) to connect to your endpoint service.

If you grant permissions to all principals, the service is public. Any users who know the name of a public service can send a request to attach an endpoint. If the service does not require manual approval, attachments are automatically approved.

Parameters:

service_id (str) – The ID of the service.
add_allowed_principals (List[str]) – The Amazon Resource Names (ARN) of the principals. Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*).
name (str, Optional) – Idem name of the resource. Defaults to None.

Returns:

Dict[str, Any]

Examples

unmanaged_resources:
  exec.run:
    - path: aws.ec2.vpc_endpoint_service_permission.create:
    - kwargs:
        - service_id: value
        - add_allowed_principals:
          - value

Exec call from the CLI:

idem exec aws.ec2.vpc_endpoint_service_permission.create service_id=value add_allowed_principals=[values]

async idem_aws.exec.aws.ec2.vpc_endpoint_service_permission.update(hub, ctx, service_id: str, add_allowed_principals: List[str] = None, remove_allowed_principals: List[str] = None, name: str = None) → Dict[str, Any][source]#

Modifies the permissions for your VPC endpoint service. You can add or remove permissions for service consumers (Amazon Web Services accounts, users, and IAM roles) to connect to your endpoint service.

Parameters:

service_id (str) – The ID of the service.
add_allowed_principals (List[str], Optional) – The Amazon Resource Names (ARN) of the principals. Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Defaults to None.
remove_allowed_principals (List[str], Optional) – The Amazon Resource Names (ARN) of the principals.
name (str, Optional) – Idem name of the resource. Defaults to None.

Returns:

Dict[str, Any]

Examples

unmanaged_resources:
  exec.run:
    - path: aws.ec2.vpc_endpoint_service_permission.update:
    - kwargs:
        - service_id: value
        - add_allowed_principals:
            - value
        - remove_allowed_principals:
            - value

Exec call from the CLI:

idem exec aws.ec2.vpc_endpoint_service_permission.update service_id=value add_allowed_principals=[values] remove_allowed_principals=[values]

async idem_aws.exec.aws.ec2.vpc_endpoint_service_permission.delete(hub, ctx, service_id: str, remove_allowed_principals: List[str] = None, name: str = None) → Dict[str, Any][source]#

Removes the permissions for your VPC endpoint service. You can remove permissions for service consumers (Amazon Web Services accounts, users, and IAM roles) to connect to your endpoint service.

Parameters:

service_id (str) – The ID of the service.
remove_allowed_principals (List[str], Optional) – The Amazon Resource Names (ARN) of the principals.

Returns:

Dict[str, Any]

Examples

resource_is_absent:
  aws.ec2.vpc_endpoint_service_permission.absent:
    - service_id: value
    - remove_allowed_principals:
        - value

Exec call from the CLI:

idem exec aws.ec2.vpc_endpoint_service_permission.delete service_id=value remove_allowed_principals=[values]