Class: Ansible::Ruby::Modules::Iam_role

Inherits:

Base

• Object
• Ansible::Ruby::Models::Base
• Base
• Ansible::Ruby::Modules::Iam_role

Defined in:

lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb

Overview

Manage AWS IAM roles

Instance Method Summary

• #assume_role_policy_document ⇒ String^?

  The trust relationship policy document that grants an entity permission to assume the role.,This parameter is required when C(state=present).

• #boundary ⇒ Object^?

  Add the ARN of an IAM managed policy to restrict the permissions this role can pass on to IAM roles/users that it creates.,Boundaries cannot be set on Instance Profiles, so if this option is specified then C(create_instance_profile) must be false.,This is intended for roles/users that have permissions to create new IAM objects.,For more information on boundaries, see U(docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html).

• #create_instance_profile ⇒ Boolean^?

  Creates an IAM instance profile along with the role.

• #description ⇒ String^?

  Provide a description of the new role.

• #managed_policy ⇒ Array<String>, ...

  A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names.

• #name ⇒ String

  The name of the role to create.

• #path ⇒ String^?

  The path to the role.

• #purge_policies ⇒ Boolean^?

  Detaches any managed policies not listed in the “managed_policy” option.

• #state ⇒ :present, ...

  Create or remove the IAM role.

Methods inherited from Base

#ansible_name, #to_h

Methods inherited from Ansible::Ruby::Models::Base

attr_option, attr_options, attribute, fix_inclusion, #initialize, remove_existing_validations, #to_h, validates

Constructor Details

This class inherits a constructor from Ansible::Ruby::Models::Base

Instance Method Details

#assume_role_policy_document ⇒ String^?

Returns The trust relationship policy document that grants an entity permission to assume the role.,This parameter is required when C(state=present).

Returns:

• (String, nil) —

  The trust relationship policy document that grants an entity permission to assume the role.,This parameter is required when C(state=present).

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 27

attribute :assume_role_policy_document

#boundary ⇒ Object^?

Returns Add the ARN of an IAM managed policy to restrict the permissions this role can pass on to IAM roles/users that it creates.,Boundaries cannot be set on Instance Profiles, so if this option is specified then C(create_instance_profile) must be false.,This is intended for roles/users that have permissions to create new IAM objects.,For more information on boundaries, see U(docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html).

Returns:

• (Object, nil) —

  Add the ARN of an IAM managed policy to restrict the permissions this role can pass on to IAM roles/users that it creates.,Boundaries cannot be set on Instance Profiles, so if this option is specified then C(create_instance_profile) must be false.,This is intended for roles/users that have permissions to create new IAM objects.,For more information on boundaries, see U(docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 24

attribute :boundary

#create_instance_profile ⇒ Boolean^?

Returns Creates an IAM instance profile along with the role.

Returns:

• (Boolean, nil) —

  Creates an IAM instance profile along with the role

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 43

attribute :create_instance_profile

#description ⇒ String^?

Returns Provide a description of the new role.

Returns:

• (String, nil) —

  Provide a description of the new role

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 20

attribute :description

#managed_policy ⇒ Array<String>, ...

Returns A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names. To embed an inline policy, use M(iam_policy). To remove existing policies, use an empty list item.

Returns:

• (Array<String>, String, nil) —

  A list of managed policy ARNs or, since Ansible 2.4, a list of either managed policy ARNs or friendly names. To embed an inline policy, use M(iam_policy). To remove existing policies, use an empty list item.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 31

attribute :managed_policy

#name ⇒ String

Returns The name of the role to create.

Returns:

• (String) —

  The name of the role to create.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 16

attribute :name

#path ⇒ String^?

Returns The path to the role. For more information about paths, see U(docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html).

Returns:

• (String, nil) —

  The path to the role. For more information about paths, see U(docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html).

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 12

attribute :path

#purge_policies ⇒ Boolean^?

Returns Detaches any managed policies not listed in the “managed_policy” option. Set to false if you want to attach policies elsewhere.

Returns:

• (Boolean, nil) —

  Detaches any managed policies not listed in the “managed_policy” option. Set to false if you want to attach policies elsewhere.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 35

attribute :purge_policies

#state ⇒ :present, ...

Returns Create or remove the IAM role.

Returns:

• (:present, :absent, nil) —

  Create or remove the IAM role

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/iam_role.rb', line 39

attribute :state