Learn Idem

Learn Idem

Powered by Idem Project

aws.iam.role_policy

**Autogenerated function**

Deletes the specified inline policy that is embedded in the specified IAM role. A role can also have managed
policies attached to it. To detach a managed policy from a role, use aws.iam.role_policy_attachment.absent.
For more information about policies, refer to Managed policies and inline policies in the IAM User Guide.

Args:
    name(Text): The name of the AWS IAM policy.
    role_name(Text, optional): The name of the AWS IAM role. Idem automatically considers this resource being absent
     if this field is not specified.
    resource_id(Text, optional): The role name and policy name with a separator '-'. Format: [role_name]-[policy_name].
     If not specified, Idem will use "name" parameter to identify the role policy on AWS.

Returns:
    Dict[str, Any]

Examples:

    .. code-block:: sls

        idem-test-role-policy-930323cb-91cf-42a2-ad9b-3f195c776037:
          aws.iam.role_policy.absent:
            - name: idem-test-role-policy-930323cb-91cf-42a2-ad9b-3f195c776037
            - role_name: idem-test-role-e9528a79-a327-4a83-9912-c9b90044f1e4
            - resource_id: idem-test-role-e9528a79-a327-4a83-9912-c9b90044f1e4-idem-test-role-policy-930323cb-91cf-42a2-ad9b-3f195c776037
**Autogenerated function**

Describe the resource in a way that can be recreated/managed with the corresponding "present" function


Lists the names of the inline policies that are embedded in of all IAM roles. An IAM role can also have
managed policies attached to it. These managed polices are not listed with this describe function.
To list the managed policies that are attached to a role, use aws.iam.role_policy_attachment.describe.
If there are no inline policies embedded with the specified role, the operation returns an empty dict.


Returns:
    Dict[str, Any]

Examples:

    .. code-block:: bash

        $ idem describe aws.iam.role_policy
**Autogenerated function**

Adds or updates an inline policy document that is embedded in the specified IAM role. When you embed an inline
policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust
policy is created at the same time as the role, using aws.iam.role.present. A role can also have a managed policy
attached to it. To attach a managed policy to a role, use aws.iam.role_policy_attachment.present.
To create a new managed policy, use aws.iam.policy.present.
For information about policies, see Managed policies and inline policies in the IAM User Guide.
For information about the maximum number of inline policies that you can embed with a role,
see IAM and STS quotas in the IAM User Guide.

Args:
    name(Text): The name of the AWS IAM policy.
    role_name(Text): The name of the role to associate the policy with. This parameter allows (through its regex pattern)
     a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
     You can also include any of the following characters: _+=,.@-
    policy_document(Dict or Text): The policy document. You must provide policies in JSON format in IAM.
     However, for CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format.
     CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.
    resource_id(Text, Optional): The role name and policy name with a separator '-'. Format: [role_name]-[policy_name]

Request Syntax:
    [iam-role-policy-name]:
      aws.iam.role_policy.present:
      - resource_id: 'string'
      - role_name: 'string'
      - policy_document: 'dict or string'

Returns:
    Dict[str, Any]

Examples:

    .. code-block:: sls

        idem-test-role-policy-930323cb-91cf-42a2-ad9b-3f195c776037:
          aws.iam.role_policy.present:
            - role_name: idem-test-role-e9528a79-a327-4a83-9912-c9b90044f1e4
            - resource_id: idem-test-role-e9528a79-a327-4a83-9912-c9b90044f1e4-idem-test-role-policy-930323cb-91cf-42a2-ad9b-3f195c776037
            - policy_document: '{"Version": "2012-10-17", "Statement": {"Effect": "Allow", "Action": "s3:ListBucket", "Resource": "arn:aws:s3:::example_bucket"}}'

Full plugin documentation is available on the Idem documentation site - aws.iam.role_policy .

Last updated on 20 Sep 2022
 Edit on GitHub