IAMRolesAnywhere.Client.
create_profile
(**kwargs)¶Creates a profile. A profile is configuration resource to list the roles that RolesAnywhere service is trusted to assume. In addition, by applying a profile you can intersect permissions with IAM managed policies.
Required permissions:rolesanywhere:CreateProfile
.
See also: AWS API Documentation
Request Syntax
response = client.create_profile(
durationSeconds=123,
enabled=True|False,
managedPolicyArns=[
'string',
],
name='string',
requireInstanceProperties=True|False,
roleArns=[
'string',
],
sessionPolicy='string',
tags=[
{
'key': 'string',
'value': 'string'
},
]
)
A list of managed policy ARNs that apply to the vended session credentials.
[REQUIRED]
The name of the profile.
[REQUIRED]
A list of IAM roles that this profile can assume in a CreateSession operation.
The tags to attach to the profile.
A label that consists of a key and value you define.
The tag key.
The tag value.
dict
Response Syntax
{
'profile': {
'createdAt': datetime(2015, 1, 1),
'createdBy': 'string',
'durationSeconds': 123,
'enabled': True|False,
'managedPolicyArns': [
'string',
],
'name': 'string',
'profileArn': 'string',
'profileId': 'string',
'requireInstanceProperties': True|False,
'roleArns': [
'string',
],
'sessionPolicy': 'string',
'updatedAt': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
profile (dict) --
The state of the profile after a read or write operation.
createdAt (datetime) --
The ISO-8601 timestamp when the profile was created.
createdBy (string) --
The Amazon Web Services account that created the profile.
durationSeconds (integer) --
The number of seconds the vended session credentials are valid for.
enabled (boolean) --
Indicates whether the profile is enabled.
managedPolicyArns (list) --
A list of managed policy ARNs that apply to the vended session credentials.
name (string) --
The name of the profile.
profileArn (string) --
The ARN of the profile.
profileId (string) --
The unique identifier of the profile.
requireInstanceProperties (boolean) --
Specifies whether instance properties are required in CreateSession requests with this profile.
roleArns (list) --
A list of IAM roles that this profile can assume in a CreateSession operation.
sessionPolicy (string) --
A session policy that applies to the trust boundary of the vended session credentials.
updatedAt (datetime) --
The ISO-8601 timestamp when the profile was last updated.
Exceptions
IAMRolesAnywhere.Client.exceptions.ValidationException
IAMRolesAnywhere.Client.exceptions.AccessDeniedException