AWS::RolesAnywhere::Profile - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::RolesAnywhere::Profile

Creates a Profile.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::RolesAnywhere::Profile", "Properties" : { "DurationSeconds" : Number, "Enabled" : Boolean, "ManagedPolicyArns" : [ String, ... ], "Name" : String, "RequireInstanceProperties" : Boolean, "RoleArns" : [ String, ... ], "SessionPolicy" : String, "Tags" : [ Tag, ... ] } }

YAML

Type: AWS::RolesAnywhere::Profile Properties: DurationSeconds: Number Enabled: Boolean ManagedPolicyArns: - String Name: String RequireInstanceProperties: Boolean RoleArns: - String SessionPolicy: String Tags: - Tag

Properties

DurationSeconds

The number of seconds vended session credentials will be valid for

Required: No

Type: Number

Minimum: 900

Maximum: 43200

Update requires: No interruption

Enabled

The enabled status of the resource.

Required: No

Type: Boolean

Update requires: No interruption

ManagedPolicyArns

A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.

Required: No

Type: Array of String

Minimum: 0

Maximum: 50

Update requires: No interruption

Name

The customer specified name of the resource.

Required: Yes

Type: String

Pattern: ^[ a-zA-Z0-9-_]*$

Minimum: 1

Maximum: 255

Update requires: No interruption

RequireInstanceProperties

Specifies whether instance properties are required in CreateSession requests with this profile.

Required: No

Type: Boolean

Update requires: No interruption

RoleArns

A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.

Required: Yes

Type: Array of String

Minimum: 1

Maximum: 1011

Update requires: No interruption

SessionPolicy

A session policy that will applied to the trust boundary of the vended session credentials.

Required: No

Type: String

Update requires: No interruption

Tags

A list of Tags.

Required: No

Type: Array of Tag

Minimum: 0

Maximum: 200

Update requires: No interruption

Return values

Ref

The name of the Profile

Fn::GetAtt

ProfileArn

The ARN of the profile.

ProfileId

The unique primary identifier of the Profile