You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::IAM::Role

Inherits:
Resources::Resource show all
Defined in:
(unknown)

Instance Attribute Summary collapse

Attributes inherited from Resources::Resource

#client, #identifiers

Instance Method Summary collapse

Methods inherited from Resources::Resource

add_data_attribute, add_identifier, #data, data_attributes, #data_loaded?, identifiers, #load, #wait_until

Methods included from Resources::OperationMethods

#add_batch_operation, #add_operation, #batch_operation, #batch_operation_names, #batch_operations, #operation, #operation_names, #operations

Constructor Details

#initialize(name, options = {}) ⇒ Object #initialize(options = {}) ⇒ Object

Overloads:

  • #initialize(name, options = {}) ⇒ Object

    Parameters:

    • name (String)

    Options Hash (options):

    • :client (Client)

      When `:client is not given, the options hash is used to construct a new Client object.

  • #initialize(options = {}) ⇒ Object

    Options Hash (options):

    • :name (required, String)
    • :client (Client)

      When `:client is not given, the options hash is used to construct a new Client object.

Instance Attribute Details

#arnString (readonly)

The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how to use them in policies, see IAM Identifiers in the IAM User Guide guide.

Returns:

  • (String)

    The Amazon Resource Name (ARN) specifying the role.

#assume_role_policy_documentString (readonly)

The policy that grants an entity permission to assume the role.

Returns:

  • (String)

    The policy that grants an entity permission to assume the role.

#create_dateTime (readonly)

The date and time, in ISO 8601 date-time format, when the role was created.

Returns:

  • (Time)

    The date and time, in [ISO 8601 date-time format][1], when the role was created.

#descriptionString (readonly)

A description of the role that you provide.

Returns:

  • (String)

    A description of the role that you provide.

#nameString (readonly)

Returns:

  • (String)

#pathString (readonly)

The path to the role. For more information about paths, see IAM Identifiers in the Using IAM guide.

Returns:

  • (String)

    The path to the role.

#role_idString (readonly)

The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the Using IAM guide.

Returns:

  • (String)

    The stable and unique string identifying the role.

#role_nameString (readonly)

The friendly name that identifies the role.

Returns:

  • (String)

    The friendly name that identifies the role.

Instance Method Details

#assume_role_policyAssumeRolePolicy

Returns:

#attach_policy(options = {}) ⇒ Struct

Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.

You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.

Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide.

Examples:

Request syntax example with placeholder values


role.attach_policy({
  policy_arn: "arnType", # required
})

Options Hash (options):

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#attached_policies(options = {}) ⇒ Collection<Policy>

Returns a Collection of Policy resources. No API requests are made until you call an enumerable method on the collection. Client#list_attached_role_policies will be called multiple times until every Policy has been yielded.

Examples:

Request syntax example with placeholder values


role.attached_policies({
  path_prefix: "policyPathType",
  marker: "markerType",
  max_items: 1,
})

Enumerating Policy resources.

role.attached_policies.each do |policy|
  # yields each policy
end

Enumerating Policy resources with a limit.

role.attached_policies.limit(10).each do |policy|
  # yields at most 10 attached_policies
end

Options Hash (options):

  • :path_prefix (String)

    The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.

    This paramater allows (per its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes, containing any ASCII character from the ! (\u0021) thru the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

  • :marker (String)

    Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

  • :max_items (Integer) — default: Optional

    Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

    If you do not include this parameter, it defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Returns:

See Also:

#deleteStruct

Deletes the specified role. The role must not have any policies attached. For more information about roles, go to Working with Roles.

Make sure you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

Examples:

Request syntax example with placeholder values


role.delete()

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#detach_policy(options = {}) ⇒ Struct

Removes the specified managed policy from the specified role.

A role can also have inline policies embedded with it. To delete an inline policy, use the DeleteRolePolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide.

Examples:

Request syntax example with placeholder values


role.detach_policy({
  policy_arn: "arnType", # required
})

Options Hash (options):

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#instance_profiles(options = {}) ⇒ Collection<InstanceProfile>

Returns a Collection of InstanceProfile resources. No API requests are made until you call an enumerable method on the collection. Client#list_instance_profiles_for_role will be called multiple times until every InstanceProfile has been yielded.

Examples:

Request syntax example with placeholder values


role.instance_profiles({
  marker: "markerType",
  max_items: 1,
})

Enumerating InstanceProfile resources.

role.instance_profiles.each do |instanceprofile|
  # yields each instanceprofile
end

Enumerating InstanceProfile resources with a limit.

role.instance_profiles.limit(10).each do |instanceprofile|
  # yields at most 10 instance_profiles
end

Options Hash (options):

  • :marker (String)

    Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

  • :max_items (Integer) — default: Optional

    Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

    If you do not include this parameter, it defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Returns:

See Also:

#policies(options = {}) ⇒ Collection<RolePolicy>

Returns a Collection of Aws::IAM::RolePolicy resources. No API requests are made until you call an enumerable method on the collection. Client#list_role_policies will be called multiple times until every Aws::IAM::RolePolicy has been yielded.

Examples:

Request syntax example with placeholder values


role.policies({
  marker: "markerType",
  max_items: 1,
})

Enumerating Aws::IAM::RolePolicy resources.

role.policies.each do |rolepolicy|
  # yields each rolepolicy
end

Enumerating Aws::IAM::RolePolicy resources with a limit.

role.policies.limit(10).each do |rolepolicy|
  # yields at most 10 policies
end

Options Hash (options):

  • :marker (String)

    Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

  • :max_items (Integer) — default: Optional

    Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

    If you do not include this parameter, it defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Returns:

See Also:

#policy(name) ⇒ RolePolicy

Parameters:

Returns:

See Also: