CfnProfileProps

class aws_cdk.aws_rolesanywhere.CfnProfileProps(*, name, role_arns, attribute_mappings=None, duration_seconds=None, enabled=None, managed_policy_arns=None, require_instance_properties=None, session_policy=None, tags=None)

Bases: object

Properties for defining a CfnProfile.

Parameters:
  • name (str) – The customer specified name of the resource.

  • role_arns (Sequence[str]) – A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.

  • attribute_mappings (Union[IResolvable, Sequence[Union[IResolvable, AttributeMappingProperty, Dict[str, Any]]], None]) – A mapping applied to the authenticating end-entity certificate.

  • duration_seconds (Union[int, float, None]) – The number of seconds vended session credentials will be valid for.

  • enabled (Union[bool, IResolvable, None]) – The enabled status of the resource.

  • managed_policy_arns (Optional[Sequence[str]]) – A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.

  • require_instance_properties (Union[bool, IResolvable, None]) – Specifies whether instance properties are required in CreateSession requests with this profile.

  • session_policy (Optional[str]) – A session policy that will applied to the trust boundary of the vended session credentials.

  • tags (Optional[Sequence[Union[CfnTag, Dict[str, Any]]]]) – A list of Tags.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_rolesanywhere as rolesanywhere

cfn_profile_props = rolesanywhere.CfnProfileProps(
    name="name",
    role_arns=["roleArns"],

    # the properties below are optional
    attribute_mappings=[rolesanywhere.CfnProfile.AttributeMappingProperty(
        certificate_field="certificateField",
        mapping_rules=[rolesanywhere.CfnProfile.MappingRuleProperty(
            specifier="specifier"
        )]
    )],
    duration_seconds=123,
    enabled=False,
    managed_policy_arns=["managedPolicyArns"],
    require_instance_properties=False,
    session_policy="sessionPolicy",
    tags=[CfnTag(
        key="key",
        value="value"
    )]
)

Attributes

attribute_mappings

A mapping applied to the authenticating end-entity certificate.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-attributemappings

duration_seconds

The number of seconds vended session credentials will be valid for.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-durationseconds

enabled

The enabled status of the resource.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-enabled

managed_policy_arns

A list of managed policy ARNs.

Managed policies identified by this list will be applied to the vended session credentials.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-managedpolicyarns

name

The customer specified name of the resource.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-name

require_instance_properties

Specifies whether instance properties are required in CreateSession requests with this profile.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-requireinstanceproperties

role_arns

A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-rolearns

session_policy

A session policy that will applied to the trust boundary of the vended session credentials.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-sessionpolicy

tags

A list of Tags.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rolesanywhere-profile.html#cfn-rolesanywhere-profile-tags