Class RoleLookupOptions

Properties for looking up an existing Role.

Inheritance

object

RoleLookupOptions

Implements

IRoleLookupOptions

IFromRoleArnOptions

Inherited Members

object.GetType()

object.MemberwiseClone()

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

Namespace: Amazon.CDK.AWS.IAM

Assembly: Amazon.CDK.Lib.dll

Syntax (csharp)

public class RoleLookupOptions : IRoleLookupOptions, IFromRoleArnOptions

Syntax (vb)

Public Class RoleLookupOptions Implements IRoleLookupOptions, IFromRoleArnOptions

Remarks

ExampleMetadata: infused

Examples

var role = Role.FromLookup(this, "Role", new RoleLookupOptions {
                RoleName = "MyExistingRole"
            });

Synopsis

Constructors

RoleLookupOptions()

Properties for looking up an existing Role.

Properties

AddGrantsToResources	For immutable roles: add grants to resources instead of dropping them.
DefaultPolicyName	Any policies created by this role will use this value as their ID, if specified.
Mutable	Whether the imported role can be modified by attaching policy resources to it.
RoleName	The name of the role to lookup.

Constructors

RoleLookupOptions()

Properties for looking up an existing Role.

public RoleLookupOptions()

Remarks

ExampleMetadata: infused

Examples

var role = Role.FromLookup(this, "Role", new RoleLookupOptions {
                RoleName = "MyExistingRole"
            });

Properties

AddGrantsToResources

For immutable roles: add grants to resources instead of dropping them.

public bool? AddGrantsToResources { get; set; }

Property Value

bool?

Remarks

If this is false or not specified, grant permissions added to this role are ignored. It is your own responsibility to make sure the role has the required permissions.

If this is true, any grant permissions will be added to the resource instead.

Default: false

DefaultPolicyName

Any policies created by this role will use this value as their ID, if specified.

public string? DefaultPolicyName { get; set; }

Property Value

string

Remarks

Specify this if importing the same role in multiple stacks, and granting it different permissions in at least two stacks. If this is not specified (or if the same name is specified in more than one stack), a CloudFormation issue will result in the policy created in whichever stack is deployed last overwriting the policies created by the others.

Default: 'Policy'

Mutable

Whether the imported role can be modified by attaching policy resources to it.

public bool? Mutable { get; set; }

Property Value

bool?

Remarks

Default: true

RoleName

The name of the role to lookup.

public string RoleName { get; set; }

Property Value

string

Remarks

If the role you want to lookup is a service role, you need to specify the role name without the 'service-role' prefix. For example, if the role arn is 'arn:aws:iam::123456789012:role/service-role/ExampleServiceExecutionRole', you need to specify the role name as 'ExampleServiceExecutionRole'.

Implements

IRoleLookupOptions

IFromRoleArnOptions