Alibaba Cloud v3.88.1 published on Saturday, Nov 8, 2025 by Pulumi
Alibaba Cloud v3.88.1 published on Saturday, Nov 8, 2025 by Pulumi
This data source provides the RAM Roles of the current Alibaba Cloud user.
NOTE: Available since v1.0.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
import * as random from "@pulumi/random";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = new random.index.Integer("default", {
min: 10000,
max: 99999,
});
const defaultRole = new alicloud.ram.Role("default", {
roleName: `${name}-${_default.result}`,
description: `${name}-${_default.result}`,
force: true,
assumeRolePolicyDocument: ` {
\\"Statement\\": [
{
\\"Action\\": \\"sts:AssumeRole\\",
\\"Effect\\": \\"Allow\\",
\\"Principal\\": {
\\"Service\\": [
\\"ecs.aliyuncs.com\\"
]
}
}
],
\\"Version\\": \\"1\\"
}
`,
tags: {
Created: "TF",
For: "Role",
},
});
const ids = alicloud.ram.getRolesOutput({
ids: [defaultRole.roleId],
});
export const ramRolesId0 = ids.apply(ids => ids.roles?.[0]?.id);
import pulumi
import pulumi_alicloud as alicloud
import pulumi_random as random
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
default = random.index.Integer("default",
min=10000,
max=99999)
default_role = alicloud.ram.Role("default",
role_name=f"{name}-{default['result']}",
description=f"{name}-{default['result']}",
force=True,
assume_role_policy_document=""" {
\"Statement\": [
{
\"Action\": \"sts:AssumeRole\",
\"Effect\": \"Allow\",
\"Principal\": {
\"Service\": [
\"ecs.aliyuncs.com\"
]
}
}
],
\"Version\": \"1\"
}
""",
tags={
"Created": "TF",
"For": "Role",
})
ids = alicloud.ram.get_roles_output(ids=[default_role.role_id])
pulumi.export("ramRolesId0", ids.roles[0].id)
package main
import (
"fmt"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/ram"
"github.com/pulumi/pulumi-random/sdk/v4/go/random"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_default, err := random.NewInteger(ctx, "default", &random.IntegerArgs{
Min: 10000,
Max: 99999,
})
if err != nil {
return err
}
defaultRole, err := ram.NewRole(ctx, "default", &ram.RoleArgs{
RoleName: pulumi.Sprintf("%v-%v", name, _default.Result),
Description: pulumi.Sprintf("%v-%v", name, _default.Result),
Force: pulumi.Bool(true),
AssumeRolePolicyDocument: pulumi.String(` {
\"Statement\": [
{
\"Action\": \"sts:AssumeRole\",
\"Effect\": \"Allow\",
\"Principal\": {
\"Service\": [
\"ecs.aliyuncs.com\"
]
}
}
],
\"Version\": \"1\"
}
`),
Tags: pulumi.StringMap{
"Created": pulumi.String("TF"),
"For": pulumi.String("Role"),
},
})
if err != nil {
return err
}
ids := ram.GetRolesOutput(ctx, ram.GetRolesOutputArgs{
Ids: pulumi.StringArray{
defaultRole.RoleId,
},
}, nil)
ctx.Export("ramRolesId0", ids.ApplyT(func(ids ram.GetRolesResult) (*string, error) {
return &ids.Roles[0].Id, nil
}).(pulumi.StringPtrOutput))
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
using Random = Pulumi.Random;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var @default = new Random.Index.Integer("default", new()
{
Min = 10000,
Max = 99999,
});
var defaultRole = new AliCloud.Ram.Role("default", new()
{
RoleName = $"{name}-{@default.Result}",
Description = $"{name}-{@default.Result}",
Force = true,
AssumeRolePolicyDocument = @" {
\""Statement\"": [
{
\""Action\"": \""sts:AssumeRole\"",
\""Effect\"": \""Allow\"",
\""Principal\"": {
\""Service\"": [
\""ecs.aliyuncs.com\""
]
}
}
],
\""Version\"": \""1\""
}
",
Tags =
{
{ "Created", "TF" },
{ "For", "Role" },
},
});
var ids = AliCloud.Ram.GetRoles.Invoke(new()
{
Ids = new[]
{
defaultRole.RoleId,
},
});
return new Dictionary<string, object?>
{
["ramRolesId0"] = ids.Apply(getRolesResult => getRolesResult.Roles[0]?.Id),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.Integer;
import com.pulumi.random.IntegerArgs;
import com.pulumi.alicloud.ram.Role;
import com.pulumi.alicloud.ram.RoleArgs;
import com.pulumi.alicloud.ram.RamFunctions;
import com.pulumi.alicloud.ram.inputs.GetRolesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
var default_ = new Integer("default", IntegerArgs.builder()
.min(10000)
.max(99999)
.build());
var defaultRole = new Role("defaultRole", RoleArgs.builder()
.roleName(String.format("%s-%s", name,default_.result()))
.description(String.format("%s-%s", name,default_.result()))
.force(true)
.assumeRolePolicyDocument("""
{
\"Statement\": [
{
\"Action\": \"sts:AssumeRole\",
\"Effect\": \"Allow\",
\"Principal\": {
\"Service\": [
\"ecs.aliyuncs.com\"
]
}
}
],
\"Version\": \"1\"
}
""")
.tags(Map.ofEntries(
Map.entry("Created", "TF"),
Map.entry("For", "Role")
))
.build());
final var ids = RamFunctions.getRoles(GetRolesArgs.builder()
.ids(defaultRole.roleId())
.build());
ctx.export("ramRolesId0", ids.applyValue(_ids -> _ids.roles()[0].id()));
}
}
configuration:
name:
type: string
default: terraform-example
resources:
default:
type: random:Integer
properties:
min: 10000
max: 99999
defaultRole:
type: alicloud:ram:Role
name: default
properties:
roleName: ${name}-${default.result}
description: ${name}-${default.result}
force: true
assumeRolePolicyDocument: |2
{
\"Statement\": [
{
\"Action\": \"sts:AssumeRole\",
\"Effect\": \"Allow\",
\"Principal\": {
\"Service\": [
\"ecs.aliyuncs.com\"
]
}
}
],
\"Version\": \"1\"
}
tags:
Created: TF
For: Role
variables:
ids:
fn::invoke:
function: alicloud:ram:getRoles
arguments:
ids:
- ${defaultRole.roleId}
outputs:
ramRolesId0: ${ids.roles[0].id}
Using getRoles
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getRoles(args: GetRolesArgs, opts?: InvokeOptions): Promise<GetRolesResult>
function getRolesOutput(args: GetRolesOutputArgs, opts?: InvokeOptions): Output<GetRolesResult>def get_roles(ids: Optional[Sequence[str]] = None,
name_regex: Optional[str] = None,
output_file: Optional[str] = None,
policy_name: Optional[str] = None,
policy_type: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
opts: Optional[InvokeOptions] = None) -> GetRolesResult
def get_roles_output(ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
name_regex: Optional[pulumi.Input[str]] = None,
output_file: Optional[pulumi.Input[str]] = None,
policy_name: Optional[pulumi.Input[str]] = None,
policy_type: Optional[pulumi.Input[str]] = None,
tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetRolesResult]func GetRoles(ctx *Context, args *GetRolesArgs, opts ...InvokeOption) (*GetRolesResult, error)
func GetRolesOutput(ctx *Context, args *GetRolesOutputArgs, opts ...InvokeOption) GetRolesResultOutput> Note: This function is named GetRoles in the Go SDK.
public static class GetRoles
{
public static Task<GetRolesResult> InvokeAsync(GetRolesArgs args, InvokeOptions? opts = null)
public static Output<GetRolesResult> Invoke(GetRolesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetRolesResult> getRoles(GetRolesArgs args, InvokeOptions options)
public static Output<GetRolesResult> getRoles(GetRolesArgs args, InvokeOptions options)
fn::invoke:
function: alicloud:ram/getRoles:getRoles
arguments:
# arguments dictionaryThe following arguments are supported:
- Ids List<string>
- A list of Role IDs.
- Name
Regex string - A regex string to filter results by Role name.
- Output
File string - File name where to save data source results (after running
pulumi preview). - Policy
Name string - The name of the policy.
- Policy
Type string - The type of the policy. Default value:
System. Valid values:System,Custom. Note:policy_typetakes effect only whenpolicy_nameis set. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Ids []string
- A list of Role IDs.
- Name
Regex string - A regex string to filter results by Role name.
- Output
File string - File name where to save data source results (after running
pulumi preview). - Policy
Name string - The name of the policy.
- Policy
Type string - The type of the policy. Default value:
System. Valid values:System,Custom. Note:policy_typetakes effect only whenpolicy_nameis set. - map[string]string
- A mapping of tags to assign to the resource.
- ids List<String>
- A list of Role IDs.
- name
Regex String - A regex string to filter results by Role name.
- output
File String - File name where to save data source results (after running
pulumi preview). - policy
Name String - The name of the policy.
- policy
Type String - The type of the policy. Default value:
System. Valid values:System,Custom. Note:policy_typetakes effect only whenpolicy_nameis set. - Map<String,String>
- A mapping of tags to assign to the resource.
- ids string[]
- A list of Role IDs.
- name
Regex string - A regex string to filter results by Role name.
- output
File string - File name where to save data source results (after running
pulumi preview). - policy
Name string - The name of the policy.
- policy
Type string - The type of the policy. Default value:
System. Valid values:System,Custom. Note:policy_typetakes effect only whenpolicy_nameis set. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- ids Sequence[str]
- A list of Role IDs.
- name_
regex str - A regex string to filter results by Role name.
- output_
file str - File name where to save data source results (after running
pulumi preview). - policy_
name str - The name of the policy.
- policy_
type str - The type of the policy. Default value:
System. Valid values:System,Custom. Note:policy_typetakes effect only whenpolicy_nameis set. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- ids List<String>
- A list of Role IDs.
- name
Regex String - A regex string to filter results by Role name.
- output
File String - File name where to save data source results (after running
pulumi preview). - policy
Name String - The name of the policy.
- policy
Type String - The type of the policy. Default value:
System. Valid values:System,Custom. Note:policy_typetakes effect only whenpolicy_nameis set. - Map<String>
- A mapping of tags to assign to the resource.
getRoles Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Ids List<string>
- Names List<string>
- (Available since v1.42.0) A list of Role names.
- Roles
List<Pulumi.
Ali Cloud. Ram. Outputs. Get Roles Role> - A list of Role. Each element contains the following attributes:
- Name
Regex string - Output
File string - Policy
Name string - Policy
Type string - Dictionary<string, string>
- (Available since v1.262.1) The tags of the RAM role.
- Id string
- The provider-assigned unique ID for this managed resource.
- Ids []string
- Names []string
- (Available since v1.42.0) A list of Role names.
- Roles
[]Get
Roles Role - A list of Role. Each element contains the following attributes:
- Name
Regex string - Output
File string - Policy
Name string - Policy
Type string - map[string]string
- (Available since v1.262.1) The tags of the RAM role.
- id String
- The provider-assigned unique ID for this managed resource.
- ids List<String>
- names List<String>
- (Available since v1.42.0) A list of Role names.
- roles
List<Get
Roles Role> - A list of Role. Each element contains the following attributes:
- name
Regex String - output
File String - policy
Name String - policy
Type String - Map<String,String>
- (Available since v1.262.1) The tags of the RAM role.
- id string
- The provider-assigned unique ID for this managed resource.
- ids string[]
- names string[]
- (Available since v1.42.0) A list of Role names.
- roles
Get
Roles Role[] - A list of Role. Each element contains the following attributes:
- name
Regex string - output
File string - policy
Name string - policy
Type string - {[key: string]: string}
- (Available since v1.262.1) The tags of the RAM role.
- id str
- The provider-assigned unique ID for this managed resource.
- ids Sequence[str]
- names Sequence[str]
- (Available since v1.42.0) A list of Role names.
- roles
Sequence[Get
Roles Role] - A list of Role. Each element contains the following attributes:
- name_
regex str - output_
file str - policy_
name str - policy_
type str - Mapping[str, str]
- (Available since v1.262.1) The tags of the RAM role.
- id String
- The provider-assigned unique ID for this managed resource.
- ids List<String>
- names List<String>
- (Available since v1.42.0) A list of Role names.
- roles List<Property Map>
- A list of Role. Each element contains the following attributes:
- name
Regex String - output
File String - policy
Name String - policy
Type String - Map<String>
- (Available since v1.262.1) The tags of the RAM role.
Supporting Types
GetRolesRole
- Arn string
- The Alibaba Cloud Resource Name (ARN) of the RAM role.
- Assume
Role stringPolicy Document - The policy that specifies the trusted entity to assume the RAM role.
- Create
Date string - The creation time.
- Description string
- The description of the RAM role.
- Document string
- The policy that specifies the trusted entity to assume the RAM role.
- Id string
- The ID of the RAM role.
- Name string
- The name of the RAM role.
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Update
Date string - The update time.
- Arn string
- The Alibaba Cloud Resource Name (ARN) of the RAM role.
- Assume
Role stringPolicy Document - The policy that specifies the trusted entity to assume the RAM role.
- Create
Date string - The creation time.
- Description string
- The description of the RAM role.
- Document string
- The policy that specifies the trusted entity to assume the RAM role.
- Id string
- The ID of the RAM role.
- Name string
- The name of the RAM role.
- map[string]string
- A mapping of tags to assign to the resource.
- Update
Date string - The update time.
- arn String
- The Alibaba Cloud Resource Name (ARN) of the RAM role.
- assume
Role StringPolicy Document - The policy that specifies the trusted entity to assume the RAM role.
- create
Date String - The creation time.
- description String
- The description of the RAM role.
- document String
- The policy that specifies the trusted entity to assume the RAM role.
- id String
- The ID of the RAM role.
- name String
- The name of the RAM role.
- Map<String,String>
- A mapping of tags to assign to the resource.
- update
Date String - The update time.
- arn string
- The Alibaba Cloud Resource Name (ARN) of the RAM role.
- assume
Role stringPolicy Document - The policy that specifies the trusted entity to assume the RAM role.
- create
Date string - The creation time.
- description string
- The description of the RAM role.
- document string
- The policy that specifies the trusted entity to assume the RAM role.
- id string
- The ID of the RAM role.
- name string
- The name of the RAM role.
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- update
Date string - The update time.
- arn str
- The Alibaba Cloud Resource Name (ARN) of the RAM role.
- assume_
role_ strpolicy_ document - The policy that specifies the trusted entity to assume the RAM role.
- create_
date str - The creation time.
- description str
- The description of the RAM role.
- document str
- The policy that specifies the trusted entity to assume the RAM role.
- id str
- The ID of the RAM role.
- name str
- The name of the RAM role.
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- update_
date str - The update time.
- arn String
- The Alibaba Cloud Resource Name (ARN) of the RAM role.
- assume
Role StringPolicy Document - The policy that specifies the trusted entity to assume the RAM role.
- create
Date String - The creation time.
- description String
- The description of the RAM role.
- document String
- The policy that specifies the trusted entity to assume the RAM role.
- id String
- The ID of the RAM role.
- name String
- The name of the RAM role.
- Map<String>
- A mapping of tags to assign to the resource.
- update
Date String - The update time.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.
Alibaba Cloud v3.88.1 published on Saturday, Nov 8, 2025 by Pulumi
