stratosphere-0.1.0: EDSL for AWS CloudFormation

Safe HaskellNone
LanguageHaskell2010

Stratosphere.Resources.IAMRole

Description

Creates an AWS Identity and Access Management (IAM) role. An IAM role can be used to enable applications running on an Amazon EC2 instance to securely access your AWS resources. For more information about IAM roles, see Working with Roles in the AWS Identity and Access Management User Guide.

Synopsis

Documentation

data IAMRole Source

Full data type definition for IAMRole. See iamRole for a more convenient constructor.

iamRole Source

Constructor for IAMRole containing required fields as arguments.

iamrAssumeRolePolicyDocument :: Lens' IAMRole Object Source

The IAM assume role policy that is associated with this role.

iamrManagedPolicyArns :: Lens' IAMRole (Maybe [Val Text]) Source

One or more managed policy ARNs to attach to this role.

iamrPath :: Lens' IAMRole (Maybe (Val Text)) Source

The path associated with this role. For information about IAM paths, see Friendly Names and Paths in IAM User Guide.

iamrPolicies :: Lens' IAMRole (Maybe [IAMPolicies]) Source

The policies to associate with this role. Policies can also be specified externally. For sample templates that demonstrates both embedded and external policies, see Template Examples. If you specify multiple polices, specify unique values for the policy name. If you don't, updates to the IAM role will fail. Note If an external policy (such as AWS::IAM::Policy or AWS::IAM::ManagedPolicy) has a Ref to a role and if a resource (such as AWS::ECS::Service) also has a Ref to the same role, add a DependsOn attribute to the resource so that the resource depends on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an AWS::ECS::Service resource, the DependsOn attribute ensures that the AWS::ECS::Service resource can complete its deletion before its role's policy is deleted.