Skip to content

Create Profile

iamrolesanywhere_create_profile R Documentation

Creates a profile, a list of the roles that Roles Anywhere service is trusted to assume

Description

Creates a profile, a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies.

Required permissions: rolesanywhere:CreateProfile.

Usage

iamrolesanywhere_create_profile(acceptRoleSessionName, durationSeconds,
  enabled, managedPolicyArns, name, requireInstanceProperties, roleArns,
  sessionPolicy, tags)

Arguments

acceptRoleSessionName

Used to determine if a custom role session name will be accepted in a temporary credential request.

durationSeconds

Used to determine how long sessions vended using this profile are valid for. See the Expiration section of the CreateSession API documentation page for more details. In requests, if this value is not provided, the default value will be 3600.

enabled

Specifies whether the profile is enabled.

managedPolicyArns

A list of managed policy ARNs that apply to the vended session credentials.

name

[required] The name of the profile.

requireInstanceProperties

Specifies whether instance properties are required in temporary credential requests with this profile.

roleArns

[required] A list of IAM roles that this profile can assume in a temporary credential request.

sessionPolicy

A session policy that applies to the trust boundary of the vended session credentials.

tags

The tags to attach to the profile.

Value

A list with the following syntax: 

list(
  profile = list(
    acceptRoleSessionName = TRUE|FALSE,
    attributeMappings = list(
      list(
        certificateField = "x509Subject"|"x509Issuer"|"x509SAN",
        mappingRules = list(
          list(
            specifier = "string"
          )
        )
      )
    ),
    createdAt = as.POSIXct(
      "2015-01-01"
    ),
    createdBy = "string",
    durationSeconds = 123,
    enabled = TRUE|FALSE,
    managedPolicyArns = list(
      "string"
    ),
    name = "string",
    profileArn = "string",
    profileId = "string",
    requireInstanceProperties = TRUE|FALSE,
    roleArns = list(
      "string"
    ),
    sessionPolicy = "string",
    updatedAt = as.POSIXct(
      "2015-01-01"
    )
  )
)

Request syntax

svc$create_profile(
  acceptRoleSessionName = TRUE|FALSE,
  durationSeconds = 123,
  enabled = TRUE|FALSE,
  managedPolicyArns = list(
    "string"
  ),
  name = "string",
  requireInstanceProperties = TRUE|FALSE,
  roleArns = list(
    "string"
  ),
  sessionPolicy = "string",
  tags = list(
    list(
      key = "string",
      value = "string"
    )
  )
)