AWS::RolesAnywhere::Profile
Creates a Profile.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::RolesAnywhere::Profile", "Properties" : { "DurationSeconds" :
Double
, "Enabled" :Boolean
, "ManagedPolicyArns" :[ String, ... ]
, "Name" :String
, "RequireInstanceProperties" :Boolean
, "RoleArns" :[ String, ... ]
, "SessionPolicy" :String
, "Tags" :[ Tag, ... ]
} }
YAML
Type: AWS::RolesAnywhere::Profile Properties: DurationSeconds:
Double
Enabled:Boolean
ManagedPolicyArns:- String
Name:String
RequireInstanceProperties:Boolean
RoleArns:- String
SessionPolicy:String
Tags:- Tag
Properties
DurationSeconds
-
The number of seconds vended session credentials will be valid for
Required: No
Type: Double
Update requires: No interruption
Enabled
-
The enabled status of the resource.
Required: No
Type: Boolean
Update requires: No interruption
ManagedPolicyArns
-
A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.
Required: No
Type: List of String
Maximum:
50
Update requires: No interruption
Name
-
The customer specified name of the resource.
Required: Yes
Type: String
Minimum:
1
Maximum:
255
Pattern:
^[ a-zA-Z0-9-_]*$
Update requires: No interruption
RequireInstanceProperties
-
Specifies whether instance properties are required in CreateSession requests with this profile.
Required: No
Type: Boolean
Update requires: No interruption
RoleArns
-
A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.
Required: Yes
Type: List of String
Maximum:
50
Update requires: No interruption
SessionPolicy
-
A session policy that will applied to the trust boundary of the vended session credentials.
Required: No
Type: String
Update requires: No interruption
Tags
-
A list of Tags.
Required: No
Type: List of Tag
Update requires: No interruption
Return values
Ref
The name of the Profile
Fn::GetAtt