Skip to content

Create Profile

iamrolesanywhere_create_profile R Documentation

Creates a profile, a list of the roles that Roles Anywhere service is trusted to assume

Description

Creates a profile, a list of the roles that Roles Anywhere service is trusted to assume. You use profiles to intersect permissions with IAM managed policies.

Required permissions: rolesanywhere:CreateProfile.

Usage

iamrolesanywhere_create_profile(name, requireInstanceProperties,
  sessionPolicy, roleArns, managedPolicyArns, durationSeconds, enabled,
  tags, acceptRoleSessionName)

Arguments

name

[required] The name of the profile.
requireInstanceProperties

Unused, saved for future use. Will likely specify whether instance properties are required in temporary credential requests with this profile.
sessionPolicy

A session policy that applies to the trust boundary of the vended session credentials.
roleArns

[required] A list of IAM roles that this profile can assume in a temporary credential request.
managedPolicyArns

A list of managed policy ARNs that apply to the vended session credentials.
durationSeconds

Used to determine how long sessions vended using this profile are valid for. See the Expiration section of the CreateSession API documentation page for more details. In requests, if this value is not provided, the default value will be 3600.
enabled

Specifies whether the profile is enabled.
tags

The tags to attach to the profile.
acceptRoleSessionName

Used to determine if a custom role session name will be accepted in a temporary credential request.

Value

A list with the following syntax:

list(
  profile = list(
    profileId = "string",
    profileArn = "string",
    name = "string",
    requireInstanceProperties = TRUE|FALSE,
    enabled = TRUE|FALSE,
    createdBy = "string",
    sessionPolicy = "string",
    roleArns = list(
      "string"
    ),
    managedPolicyArns = list(
      "string"
    ),
    createdAt = as.POSIXct(
      "2015-01-01"
    ),
    updatedAt = as.POSIXct(
      "2015-01-01"
    ),
    durationSeconds = 123,
    acceptRoleSessionName = TRUE|FALSE,
    attributeMappings = list(
      list(
        certificateField = "x509Subject"|"x509Issuer"|"x509SAN",
        mappingRules = list(
          list(
            specifier = "string"
          )
        )
      )
    )
  )
)

Request syntax

svc$create_profile(
  name = "string",
  requireInstanceProperties = TRUE|FALSE,
  sessionPolicy = "string",
  roleArns = list(
    "string"
  ),
  managedPolicyArns = list(
    "string"
  ),
  durationSeconds = 123,
  enabled = TRUE|FALSE,
  tags = list(
    list(
      key = "string",
      value = "string"
    )
  ),
  acceptRoleSessionName = TRUE|FALSE
)