Class: Aws::IAM::Types::CreateRoleRequest
- Inherits:
-
Struct
- Object
- Struct
- Aws::IAM::Types::CreateRoleRequest
- Includes:
- Structure
- Defined in:
- lib/aws-sdk-iam/types.rb
Overview
When making an API call, you may pass CreateRoleRequest data as a hash:
{
path: "pathType",
role_name: "roleNameType", # required
assume_role_policy_document: "policyDocumentType", # required
description: "roleDescriptionType",
max_session_duration: 1,
permissions_boundary: "arnType",
tags: [
{
key: "tagKeyType", # required
value: "tagValueType", # required
},
],
}
Instance Attribute Summary collapse
-
#assume_role_policy_document ⇒ String
The trust relationship policy document that grants an entity permission to assume the role.
-
#description ⇒ String
A description of the role.
-
#max_session_duration ⇒ Integer
The maximum session duration (in seconds) that you want to set for the specified role.
-
#path ⇒ String
The path to the role.
-
#permissions_boundary ⇒ String
The ARN of the policy that is used to set the permissions boundary for the role.
-
#role_name ⇒ String
The name of the role to create.
-
#tags ⇒ Array<Types::Tag>
A list of tags that you want to attach to the newly created role.
Instance Attribute Details
#assume_role_policy_document ⇒ String
The trust relationship policy document that grants an entity permission to assume the role.
The [regex pattern] used to validate this parameter is a string of characters consisting of the following:
-
Any printable ASCII character ranging from the space character (\u0020) through the end of the ASCII character range
-
The printable characters in the Basic Latin and Latin-1 Supplement character set (through \u00FF)
-
The special characters tab (\u0009), line feed (\u000A), and carriage return (\u000D)
1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 |
# File 'lib/aws-sdk-iam/types.rb', line 1198 class CreateRoleRequest < Struct.new( :path, :role_name, :assume_role_policy_document, :description, :max_session_duration, :permissions_boundary, :tags) include Aws::Structure end |
#description ⇒ String
A description of the role.
1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 |
# File 'lib/aws-sdk-iam/types.rb', line 1198 class CreateRoleRequest < Struct.new( :path, :role_name, :assume_role_policy_document, :description, :max_session_duration, :permissions_boundary, :tags) include Aws::Structure end |
#max_session_duration ⇒ Integer
The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
Anyone who assumes the role from the AWS CLI or API can use the ‘DurationSeconds` API parameter or the `duration-seconds` CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don’t specify a value for the ‘DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM Roles] in the *IAM User Guide*.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html
1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 |
# File 'lib/aws-sdk-iam/types.rb', line 1198 class CreateRoleRequest < Struct.new( :path, :role_name, :assume_role_policy_document, :description, :max_session_duration, :permissions_boundary, :tags) include Aws::Structure end |
#path ⇒ String
The path to the role. For more information about paths, see [IAM Identifiers] in the *IAM User Guide*.
This parameter is optional. If it is not included, it defaults to a slash (/).
This parameter allows (through its [regex pattern]) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.
[1]: docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html [2]: wikipedia.org/wiki/regex
1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 |
# File 'lib/aws-sdk-iam/types.rb', line 1198 class CreateRoleRequest < Struct.new( :path, :role_name, :assume_role_policy_document, :description, :max_session_duration, :permissions_boundary, :tags) include Aws::Structure end |
#permissions_boundary ⇒ String
The ARN of the policy that is used to set the permissions boundary for the role.
1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 |
# File 'lib/aws-sdk-iam/types.rb', line 1198 class CreateRoleRequest < Struct.new( :path, :role_name, :assume_role_policy_document, :description, :max_session_duration, :permissions_boundary, :tags) include Aws::Structure end |
#role_name ⇒ String
The name of the role to create.
This parameter allows (through its [regex pattern]) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
Role names are not distinguished by case. For example, you cannot create roles named both “PRODROLE” and “prodrole”.
1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 |
# File 'lib/aws-sdk-iam/types.rb', line 1198 class CreateRoleRequest < Struct.new( :path, :role_name, :assume_role_policy_document, :description, :max_session_duration, :permissions_boundary, :tags) include Aws::Structure end |
#tags ⇒ Array<Types::Tag>
A list of tags that you want to attach to the newly created role. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM Identities] in the *IAM User Guide*.
<note markdown=“1”> If any one of the tags is invalid or if you exceed the allowed number of tags per role, then the entire request fails and the role is not created.
</note>
1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 |
# File 'lib/aws-sdk-iam/types.rb', line 1198 class CreateRoleRequest < Struct.new( :path, :role_name, :assume_role_policy_document, :description, :max_session_duration, :permissions_boundary, :tags) include Aws::Structure end |