Interface PermissionModel.Builder
- All Superinterfaces:
Buildable
,CopyableBuilder<PermissionModel.Builder,
,PermissionModel> SdkBuilder<PermissionModel.Builder,
,PermissionModel> SdkPojo
- Enclosing class:
PermissionModel
-
Method Summary
Modifier and TypeMethodDescriptioncrossAccountRoleArns
(String... crossAccountRoleArns) Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts.crossAccountRoleArns
(Collection<String> crossAccountRoleArns) Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts.invokerRoleName
(String invokerRoleName) Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.Defines how Resilience Hub scans your resources.type
(PermissionModelType type) Defines how Resilience Hub scans your resources.Methods inherited from interface software.amazon.awssdk.utils.builder.CopyableBuilder
copy
Methods inherited from interface software.amazon.awssdk.utils.builder.SdkBuilder
applyMutation, build
Methods inherited from interface software.amazon.awssdk.core.SdkPojo
equalsBySdkFields, sdkFields
-
Method Details
-
crossAccountRoleArns
Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.
-
These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.
-
These roles must have a trust policy with
iam:AssumeRole
permission to the invoker role in the primary account.
- Parameters:
crossAccountRoleArns
- Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.-
These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.
-
These roles must have a trust policy with
iam:AssumeRole
permission to the invoker role in the primary account.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
-
crossAccountRoleArns
Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.
-
These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.
-
These roles must have a trust policy with
iam:AssumeRole
permission to the invoker role in the primary account.
- Parameters:
crossAccountRoleArns
- Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.-
These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.
-
These roles must have a trust policy with
iam:AssumeRole
permission to the invoker role in the primary account.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
-
invokerRoleName
Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.
-
You must have
iam:passRole
permission for this role while creating or updating the application. -
Currently,
invokerRoleName
accepts only[A-Za-z0-9_+=,.@-]
characters.
- Parameters:
invokerRoleName
- Existing Amazon Web Services IAM role name in the primary Amazon Web Services account that will be assumed by Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.-
You must have
iam:passRole
permission for this role while creating or updating the application. -
Currently,
invokerRoleName
accepts only[A-Za-z0-9_+=,.@-]
characters.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
-
type
Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.
- Parameters:
type
- Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
type
Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.
- Parameters:
type
- Defines how Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your Amazon Web Services account, or by using the credentials of the current IAM user.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-