You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::IAM::Role
- Inherits:
-
Resources::Resource
- Object
- Resources::Resource
- Aws::IAM::Role
- Defined in:
- (unknown)
Instance Attribute Summary collapse
-
#arn ⇒ String
readonly
The Amazon Resource Name (ARN) specifying the role.
-
#assume_role_policy_document ⇒ String
readonly
The policy that grants an entity permission to assume the role.
-
#create_date ⇒ Time
readonly
The date and time, in [ISO 8601 date-time format][1], when the role was created.
-
#description ⇒ String
readonly
A description of the role that you provide.
-
#max_session_duration ⇒ Integer
readonly
The maximum session duration (in seconds) for the specified role.
-
#name ⇒ String
readonly
-
#path ⇒ String
readonly
The path to the role.
-
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary
readonly
The ARN of the policy used to set the permissions boundary for the role.
-
#role_id ⇒ String
readonly
The stable and unique string identifying the role.
-
#role_last_used ⇒ Types::RoleLastUsed
readonly
Contains information about the last time that an IAM role was used.
-
#role_name ⇒ String
readonly
The friendly name that identifies the role.
-
#tags ⇒ Array<Types::Tag>
readonly
A list of tags that are attached to the specified role.
Attributes inherited from Resources::Resource
Instance Method Summary collapse
-
#assume_role_policy ⇒ AssumeRolePolicy
-
#attach_policy(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified IAM role.
-
#attached_policies(options = {}) ⇒ Collection<Policy>
Returns a Collection of Policy resources.
-
#delete ⇒ Struct
Deletes the specified role.
-
#detach_policy(options = {}) ⇒ Struct
Removes the specified managed policy from the specified role.
A role can also have inline policies embedded with it.
-
#initialize ⇒ Object
constructor
-
#instance_profiles(options = {}) ⇒ Collection<InstanceProfile>
Returns a Collection of InstanceProfile resources.
-
#policies(options = {}) ⇒ Collection<RolePolicy>
Returns a Collection of RolePolicy resources.
-
#policy(name) ⇒ RolePolicy
Methods inherited from Resources::Resource
add_data_attribute, add_identifier, #data, data_attributes, #data_loaded?, identifiers, #load, #wait_until
Methods included from Resources::OperationMethods
#add_batch_operation, #add_operation, #batch_operation, #batch_operation_names, #batch_operations, #operation, #operation_names, #operations
Constructor Details
#initialize(name, options = {}) ⇒ Object #initialize(options = {}) ⇒ Object
Instance Attribute Details
#arn ⇒ String (readonly)
The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how to use them in policies, see IAM Identifiers in the IAM User Guide guide.
#assume_role_policy_document ⇒ String (readonly)
The policy that grants an entity permission to assume the role.
#create_date ⇒ Time (readonly)
The date and time, in ISO 8601 date-time format, when the role was created.
#description ⇒ String (readonly)
A description of the role that you provide.
#max_session_duration ⇒ Integer (readonly)
The maximum session duration (in seconds) for the specified role. Anyone
who uses the AWS CLI, or API to assume the role can specify the duration
using the optional DurationSeconds
API parameter or duration-seconds
CLI parameter.
#name ⇒ String (readonly)
#path ⇒ String (readonly)
The path to the role. For more information about paths, see IAM Identifiers in the IAM User Guide.
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary (readonly)
The ARN of the policy used to set the permissions boundary for the role.
For more information about permissions boundaries, see Permissions Boundaries for IAM Identities in the IAM User Guide.
#role_id ⇒ String (readonly)
The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the IAM User Guide.
#role_last_used ⇒ Types::RoleLastUsed (readonly)
Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions Where Data Is Tracked in the IAM User Guide.
#role_name ⇒ String (readonly)
The friendly name that identifies the role.
#tags ⇒ Array<Types::Tag> (readonly)
A list of tags that are attached to the specified role. For more information about tagging, see Tagging IAM Identities in the IAM User Guide.
Instance Method Details
#assume_role_policy ⇒ AssumeRolePolicy
#attach_policy(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.
You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.
Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#attached_policies(options = {}) ⇒ Collection<Policy>
Returns a Collection of Policy resources. No API requests are made until you call an enumerable method on the collection. Client#list_attached_role_policies will be called multiple times until every Policy has been yielded.
#delete ⇒ Struct
Deletes the specified role. The role must not have any policies attached. For more information about roles, go to Working with Roles.
Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.
#detach_policy(options = {}) ⇒ Struct
Removes the specified managed policy from the specified role.
A role can also have inline policies embedded with it. To delete an inline policy, use the DeleteRolePolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#instance_profiles(options = {}) ⇒ Collection<InstanceProfile>
Returns a Collection of InstanceProfile resources. No API requests are made until you call an enumerable method on the collection. Client#list_instance_profiles_for_role will be called multiple times until every InstanceProfile has been yielded.
#policies(options = {}) ⇒ Collection<RolePolicy>
Returns a Collection of Aws::IAM::RolePolicy resources. No API requests are made until you call an enumerable method on the collection. Client#list_role_policies will be called multiple times until every Aws::IAM::RolePolicy has been yielded.