Class: Aws::IAM::Role
- Inherits:
-
Object
- Object
- Aws::IAM::Role
- Extended by:
- Deprecations
- Defined in:
- sig/role.rbs,
lib/aws-sdk-iam/role.rb
Overview
Defined Under Namespace
Classes: Collection
Read-Only Attributes collapse
-
#arn ⇒ String
The Amazon Resource Name (ARN) specifying the role.
-
#assume_role_policy_document ⇒ String
The policy that grants an entity permission to assume the role.
-
#create_date ⇒ Time
The date and time, in [ISO 8601 date-time format][1], when the role was created.
-
#description ⇒ String
A description of the role that you provide.
-
#max_session_duration ⇒ Integer
The maximum session duration (in seconds) for the specified role.
- #name ⇒ String (also: #role_name)
-
#path ⇒ String
The path to the role.
-
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary
The ARN of the policy used to set the permissions boundary for the role.
-
#role_id ⇒ String
The stable and unique string identifying the role.
-
#role_last_used ⇒ Types::RoleLastUsed
Contains information about the last time that an IAM role was used.
-
#tags ⇒ Array<Types::Tag>
A list of tags that are attached to the role.
Actions collapse
- #attach_policy(options = {}) ⇒ EmptyStructure
- #delete(options = {}) ⇒ EmptyStructure
- #detach_policy(options = {}) ⇒ EmptyStructure
Associations collapse
- #assume_role_policy ⇒ AssumeRolePolicy
- #attached_policies(options = {}) ⇒ Policy::Collection
- #identifiers ⇒ Object deprecated private Deprecated.
- #instance_profiles(options = {}) ⇒ InstanceProfile::Collection
- #policies(options = {}) ⇒ RolePolicy::Collection
- #policy(name) ⇒ RolePolicy
Instance Method Summary collapse
- #client ⇒ Client
-
#data ⇒ Types::Role
Returns the data for this Role.
-
#data_loaded? ⇒ Boolean
Returns
trueif this resource is loaded. -
#initialize(*args) ⇒ Role
constructor
A new instance of Role.
- #load ⇒ self (also: #reload)
-
#wait_until(options = {}) {|resource| ... } ⇒ Resource
deprecated
Deprecated.
Use [Aws::IAM::Client] #wait_until instead
Constructor Details
Instance Method Details
#arn ⇒ String
The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how to use them in policies, see IAM identifiers in the IAM User Guide guide.
28 |
# File 'sig/role.rbs', line 28
def arn: () -> ::String
|
#assume_role_policy ⇒ AssumeRolePolicy
82 |
# File 'sig/role.rbs', line 82
def assume_role_policy: () -> AssumeRolePolicy
|
#assume_role_policy_document ⇒ String
The policy that grants an entity permission to assume the role.
34 |
# File 'sig/role.rbs', line 34
def assume_role_policy_document: () -> ::String
|
#attach_policy(options = {}) ⇒ EmptyStructure
65 |
# File 'sig/role.rbs', line 65
def attach_policy: (
|
#attached_policies(options = {}) ⇒ Policy::Collection
85 |
# File 'sig/role.rbs', line 85
def attached_policies: (
|
#create_date ⇒ Time
The date and time, in ISO 8601 date-time format, when the role was created.
31 |
# File 'sig/role.rbs', line 31
def create_date: () -> ::Time
|
#data ⇒ Types::Role
Returns the data for this Aws::IAM::Role. Calls
Client#get_role if #data_loaded? is false.
58 |
# File 'sig/role.rbs', line 58
def data: () -> Types::Role
|
#data_loaded? ⇒ Boolean
61 |
# File 'sig/role.rbs', line 61
def data_loaded?: () -> bool
|
#delete(options = {}) ⇒ EmptyStructure
71 |
# File 'sig/role.rbs', line 71
def delete: (
|
#description ⇒ String
A description of the role that you provide.
37 |
# File 'sig/role.rbs', line 37
def description: () -> ::String
|
#detach_policy(options = {}) ⇒ EmptyStructure
76 |
# File 'sig/role.rbs', line 76
def detach_policy: (
|
#identifiers ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
461 462 463 |
# File 'lib/aws-sdk-iam/role.rb', line 461 def identifiers { name: @name } end |
#instance_profiles(options = {}) ⇒ InstanceProfile::Collection
91 |
# File 'sig/role.rbs', line 91
def instance_profiles: (
|
#load ⇒ self Also known as: reload
Loads, or reloads #data for the current Aws::IAM::Role.
Returns self making it possible to chain methods.
role.reload.data
54 |
# File 'sig/role.rbs', line 54
def load: () -> self
|
#max_session_duration ⇒ Integer
The maximum session duration (in seconds) for the specified role.
Anyone who uses the CLI, or API to assume the role can specify the
duration using the optional DurationSeconds API parameter or
duration-seconds CLI parameter.
40 |
# File 'sig/role.rbs', line 40
def max_session_duration: () -> ::Integer
|
#name ⇒ String Also known as: role_name
18 |
# File 'sig/role.rbs', line 18
def name: () -> String
|
#path ⇒ String
The path to the role. For more information about paths, see IAM identifiers in the IAM User Guide.
22 |
# File 'sig/role.rbs', line 22
def path: () -> ::String
|
#permissions_boundary ⇒ Types::AttachedPermissionsBoundary
The ARN of the policy used to set the permissions boundary for the role.
For more information about permissions boundaries, see Permissions boundaries for IAM identities in the IAM User Guide.
43 |
# File 'sig/role.rbs', line 43
def permissions_boundary: () -> Types::AttachedPermissionsBoundary
|
#policy(name) ⇒ RolePolicy
101 |
# File 'sig/role.rbs', line 101
def policy: (String name) -> RolePolicy
|
#role_id ⇒ String
The stable and unique string identifying the role. For more information about IDs, see IAM identifiers in the IAM User Guide.
25 |
# File 'sig/role.rbs', line 25
def role_id: () -> ::String
|
#role_last_used ⇒ Types::RoleLastUsed
Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions where data is tracked in the IAM user Guide.
49 |
# File 'sig/role.rbs', line 49
def role_last_used: () -> Types::RoleLastUsed
|
#tags ⇒ Array<Types::Tag>
A list of tags that are attached to the role. For more information about tagging, see Tagging IAM resources in the IAM User Guide.
46 |
# File 'sig/role.rbs', line 46
def tags: () -> ::Array[Types::Tag]
|
#wait_until(options = {}) {|resource| ... } ⇒ Resource
Use [Aws::IAM::Client] #wait_until instead
The waiting operation is performed on a copy. The original resource remains unchanged.
Waiter polls an API operation until a resource enters a desired state.
Basic Usage
Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.
# polls in a loop until condition is true
resource.wait_until() {|resource| condition}
Example
instance.wait_until(max_attempts:10, delay:5) do |instance|
instance.state.name == 'running'
end
Configuration
You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:
# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}
Callbacks
You can be notified before each polling attempt and before each
delay. If you throw :success or :failure from these callbacks,
it will terminate the waiter.
started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
throw :failure if Time.now - started_at > 3600
end
# disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}
Handling Errors
When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.
begin
resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
# resource did not enter the desired state in time
end
attempts attempt in seconds invoked before each attempt invoked before each wait
263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 |
# File 'lib/aws-sdk-iam/role.rb', line 263 def wait_until( = {}, &block) self_copy = self.dup attempts = 0 [:max_attempts] = 10 unless .key?(:max_attempts) [:delay] ||= 10 [:poller] = Proc.new do attempts += 1 if block.call(self_copy) [:success, self_copy] else self_copy.reload unless attempts == [:max_attempts] :retry end end Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do Aws::Waiters::Waiter.new().wait({}) end end |