Class: Aws::IAM::Role

Inherits:

Object

• Object
• Aws::IAM::Role

Extended by:

Deprecations

Defined in:

lib/aws-sdk-iam/role.rb

Defined Under Namespace

Classes: Collection

Read-Only Attributes

• #arn ⇒ String

  The Amazon Resource Name (ARN) specifying the role.

• #assume_role_policy_document ⇒ String

  The policy that grants an entity permission to assume the role.

• #create_date ⇒ Time

  The date and time, in [ISO 8601 date-time format], when the role was created.

• #description ⇒ String

  A description of the role that you provide.

• #name ⇒ String (also: #role_name)
• #path ⇒ String

  The path to the role.

• #role_id ⇒ String

  The stable and unique string identifying the role.

Actions

• #attach_policy(options = {}) ⇒ EmptyStructure
• #delete(options = {}) ⇒ EmptyStructure
• #detach_policy(options = {}) ⇒ EmptyStructure

Associations

• #assume_role_policy ⇒ AssumeRolePolicy
• #attached_policies(options = {}) ⇒ Policy::Collection
• #identifiers ⇒ Object deprecated private Deprecated.
• #instance_profiles(options = {}) ⇒ InstanceProfile::Collection
• #policies(options = {}) ⇒ RolePolicy::Collection
• #policy(name) ⇒ RolePolicy

Instance Method Summary

• #client ⇒ Client
• #data ⇒ Types::Role

  Returns the data for this Role.

• #data_loaded? ⇒ Boolean

  Returns ‘true` if this resource is loaded.

• #initialize(*args) ⇒ Role constructor

  A new instance of Role.

• #load ⇒ self (also: #reload)

  Loads, or reloads #data for the current Role.

Constructor Details

#initialize(name, options = {}) ⇒ Role #initialize(options = {}) ⇒ Role

Returns a new instance of Role.

Overloads:

• #initialize(name, options = {}) ⇒ Role

  Parameters:

  • name (String)

  Options Hash (options):

  • :client (Client)
• #initialize(options = {}) ⇒ Role

  Options Hash (options):

  • :name (required, String)
  • :client (Client)

# File 'lib/aws-sdk-iam/role.rb', line 19

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @name = extract_name(args, options)
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
end

Instance Method Details

#arn ⇒ String

The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how to use them in policies, see [IAM Identifiers] in the *IAM User Guide* guide.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/role.rb', line 65

def arn
  data.arn
end

#assume_role_policy ⇒ AssumeRolePolicy

Returns:

• (AssumeRolePolicy)

# File 'lib/aws-sdk-iam/role.rb', line 187

def assume_role_policy
  AssumeRolePolicy.new(
    role_name: @name,
    client: @client
  )
end

#assume_role_policy_document ⇒ String

The policy that grants an entity permission to assume the role.

Returns:

• (String)

# File 'lib/aws-sdk-iam/role.rb', line 82

def assume_role_policy_document
  data.assume_role_policy_document
end

#attach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

role.attach_policy({
  policy_arn: "arnType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM policy you want to attach.

  For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces] in the *AWS General Reference*.

  [1]: docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/role.rb', line 145

def attach_policy(options = {})
  options = options.merge(role_name: @name)
  resp = @client.attach_role_policy(options)
  resp.data
end

#attached_policies(options = {}) ⇒ Policy::Collection

Examples:

Request syntax with placeholder values

attached_policies = role.attached_policies({
  path_prefix: "policyPathType",
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :path_prefix (String) —

  The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.

  This paramater allows (per its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes, containing any ASCII character from the ! (\u0021) thru the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

  [1]: wikipedia.org/wiki/regex

Returns:

• (Policy::Collection)

# File 'lib/aws-sdk-iam/role.rb', line 216

def attached_policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(role_name: @name)
    resp = @client.list_attached_role_policies(options)
    resp.each_page do |page|
      batch = []
      page.data.attached_policies.each do |a|
        batch << Policy.new(
          arn: a.policy_arn,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Policy::Collection.new(batches)
end

#client ⇒ Client

Returns:

• (Client)

# File 'lib/aws-sdk-iam/role.rb', line 95

def client
  @client
end

#create_date ⇒ Time

The date and time, in [ISO 8601 date-time format], when the role was created.

[1]: www.iso.org/iso/iso8601

Returns:

• (Time)

# File 'lib/aws-sdk-iam/role.rb', line 76

def create_date
  data.create_date
end

#data ⇒ Types::Role

Returns the data for this Aws::IAM::Role. Calls Client#get_role if #data_loaded? is ‘false`.

Returns:

• (Types::Role) —

  Returns the data for this Aws::IAM::Role. Calls Client#get_role if #data_loaded? is ‘false`.

# File 'lib/aws-sdk-iam/role.rb', line 115

def data
  load unless @data
  @data
end

#data_loaded? ⇒ Boolean

Returns ‘true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

• (Boolean) —

  Returns ‘true` if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

# File 'lib/aws-sdk-iam/role.rb', line 123

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

role.delete()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/role.rb', line 156

def delete(options = {})
  options = options.merge(role_name: @name)
  resp = @client.delete_role(options)
  resp.data
end

#description ⇒ String

A description of the role that you provide.

Returns:

• (String)

# File 'lib/aws-sdk-iam/role.rb', line 88

def description
  data.description
end

#detach_policy(options = {}) ⇒ EmptyStructure

Examples:

Request syntax with placeholder values

role.detach_policy({
  policy_arn: "arnType", # required
})

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :policy_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM policy you want to detach.

  For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces] in the *AWS General Reference*.

  [1]: docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Returns:

• (EmptyStructure)

# File 'lib/aws-sdk-iam/role.rb', line 178

def detach_policy(options = {})
  options = options.merge(role_name: @name)
  resp = @client.detach_role_policy(options)
  resp.data
end

#identifiers ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Deprecated.

# File 'lib/aws-sdk-iam/role.rb', line 294

def identifiers
  { name: @name }
end

#instance_profiles(options = {}) ⇒ InstanceProfile::Collection

Examples:

Request syntax with placeholder values

role.instance_profiles()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (InstanceProfile::Collection)

# File 'lib/aws-sdk-iam/role.rb', line 239

def instance_profiles(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(role_name: @name)
    resp = @client.list_instance_profiles_for_role(options)
    resp.each_page do |page|
      batch = []
      page.data.instance_profiles.each do |i|
        batch << InstanceProfile.new(
          name: i.instance_profile_name,
          data: i,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  InstanceProfile::Collection.new(batches)
end

#load ⇒ self Also known as: reload

Loads, or reloads #data for the current Aws::IAM::Role. Returns ‘self` making it possible to chain methods.

role.reload.data

Returns:

• (self)

# File 'lib/aws-sdk-iam/role.rb', line 105

def load
  resp = @client.get_role(role_name: @name)
  @data = resp.role
  self
end

#name ⇒ String Also known as: role_name

Returns:

• (String)

# File 'lib/aws-sdk-iam/role.rb', line 29

def name
  @name
end

#path ⇒ String

The path to the role. For more information about paths, see [IAM Identifiers] in the *Using IAM* guide.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/role.rb', line 41

def path
  data.path
end

#policies(options = {}) ⇒ RolePolicy::Collection

Examples:

Request syntax with placeholder values

role.policies()

Parameters:

• options (Hash) (defaults to: {}) —

  ({})

Returns:

• (RolePolicy::Collection)

# File 'lib/aws-sdk-iam/role.rb', line 263

def policies(options = {})
  batches = Enumerator.new do |y|
    options = options.merge(role_name: @name)
    resp = @client.list_role_policies(options)
    resp.each_page do |page|
      batch = []
      page.data.policy_names.each do |p|
        batch << RolePolicy.new(
          role_name: @name,
          name: p,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  RolePolicy::Collection.new(batches)
end

#policy(name) ⇒ RolePolicy

Parameters:

• name (String)

Returns:

• (RolePolicy)

# File 'lib/aws-sdk-iam/role.rb', line 284

def policy(name)
  RolePolicy.new(
    role_name: @name,
    name: name,
    client: @client
  )
end

#role_id ⇒ String

The stable and unique string identifying the role. For more information about IDs, see [IAM Identifiers] in the *Using IAM* guide.

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html

Returns:

• (String)

# File 'lib/aws-sdk-iam/role.rb', line 53

def role_id
  data.role_id
end