2015-05-12 23:09:46 +02:00
|
|
|
---
|
|
|
|
layout: "aws"
|
|
|
|
page_title: "AWS: aws_iam_role"
|
|
|
|
sidebar_current: "docs-aws-resource-iam-role"
|
|
|
|
description: |-
|
|
|
|
Provides an IAM role.
|
|
|
|
---
|
|
|
|
|
|
|
|
# aws\_iam\_role
|
|
|
|
|
|
|
|
Provides an IAM role.
|
|
|
|
|
|
|
|
## Example Usage
|
|
|
|
|
|
|
|
```
|
|
|
|
resource "aws_iam_role" "test_role" {
|
|
|
|
name = "test_role"
|
|
|
|
assume_role_policy = <<EOF
|
|
|
|
{
|
|
|
|
"Version": "2012-10-17",
|
|
|
|
"Statement": [
|
|
|
|
{
|
|
|
|
"Action": "sts:AssumeRole",
|
|
|
|
"Principal": {
|
|
|
|
"Service": "ec2.amazonaws.com"
|
|
|
|
},
|
|
|
|
"Effect": "Allow",
|
|
|
|
"Sid": ""
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|
|
|
|
EOF
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
## Argument Reference
|
|
|
|
|
|
|
|
The following arguments are supported:
|
|
|
|
|
2016-06-05 01:46:27 +02:00
|
|
|
* `name` - (Optional, Forces new resource) The name of the role.
|
|
|
|
* `name_prefix` - (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts with `name`.
|
2015-05-12 23:09:46 +02:00
|
|
|
* `assume_role_policy` - (Required) The policy that grants an entity permission to assume the role.
|
|
|
|
* `path` - (Optional) The path to the role.
|
2016-01-14 21:55:39 +01:00
|
|
|
See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
|
2015-05-12 23:09:46 +02:00
|
|
|
|
|
|
|
## Attributes Reference
|
|
|
|
|
2016-11-14 10:33:53 +01:00
|
|
|
The following attributes are exported:
|
|
|
|
|
2015-05-12 23:09:46 +02:00
|
|
|
* `arn` - The Amazon Resource Name (ARN) specifying the role.
|
2016-11-14 10:33:53 +01:00
|
|
|
* `create_date` - The creation date of the IAM role.
|
2015-05-12 23:09:46 +02:00
|
|
|
* `unique_id` - The stable and unique string identifying the role.
|
2016-12-22 13:41:43 +01:00
|
|
|
|
|
|
|
## Import
|
|
|
|
|
|
|
|
IAM Roles can be imported using the `name`, e.g.
|
|
|
|
|
|
|
|
```
|
|
|
|
$ terraform import aws_iam_role.developer developer_name
|
|
|
|
```
|