Package software.amazon.awssdk.services.resiliencehub.model

Interface PermissionModel.Builder

All Superinterfaces:
Buildable, CopyableBuilder<PermissionModel.Builder,PermissionModel>, SdkBuilder<PermissionModel.Builder,PermissionModel>, SdkPojo
Enclosing class:
PermissionModel
public static interface PermissionModel.Builder extends SdkPojo, CopyableBuilder<PermissionModel.Builder,PermissionModel>

  • Method Details

    • crossAccountRoleArns

      PermissionModel.Builder crossAccountRoleArns(Collection<String> crossAccountRoleArns)

      Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

      • These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

      • These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

      Parameters:
      crossAccountRoleArns - Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

      • These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

      • These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • crossAccountRoleArns

      PermissionModel.Builder crossAccountRoleArns(String... crossAccountRoleArns)

      Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

      • These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

      • These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

      Parameters:
      crossAccountRoleArns - Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.

      • These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.

      • These roles must have a trust policy with iam:AssumeRole permission to the invoker role in the primary account.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • invokerRoleName

      PermissionModel.Builder invokerRoleName(String invokerRoleName)

      Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

      • You must have iam:passRole permission for this role while creating or updating the application.

      • Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

      Parameters:
      invokerRoleName - Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.

      • You must have iam:passRole permission for this role while creating or updating the application.

      • Currently, invokerRoleName accepts only [A-Za-z0-9_+=,.@-] characters.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • type

      PermissionModel.Builder type(String type)

      Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

      Parameters:
      type - Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:

    • type

      PermissionModel.Builder type(PermissionModelType type)

      Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.

      Parameters:
      type - Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also: