IAMRolesAnywhere / Client / update_profile

update_profile#

IAMRolesAnywhere.Client.update_profile(**kwargs)#

Updates the profile. A profile is configuration resource to list the roles that RolesAnywhere service is trusted to assume. In addition, by applying a profile you can scope-down permissions with IAM managed policies.

**Required permissions: ** rolesanywhere:UpdateProfile.

See also: AWS API Documentation

Request Syntax

response = client.update_profile(
    durationSeconds=123,
    managedPolicyArns=[
        'string',
    ],
    name='string',
    profileId='string',
    roleArns=[
        'string',
    ],
    sessionPolicy='string'
)
Parameters:
  • durationSeconds (integer) – The number of seconds the vended session credentials are valid for.

  • managedPolicyArns (list) –

    A list of managed policy ARNs that apply to the vended session credentials.

    • (string) –

  • name (string) – The name of the profile.

  • profileId (string) –

    [REQUIRED]

    The unique identifier of the profile.

  • roleArns (list) –

    A list of IAM roles that this profile can assume in a CreateSession operation.

    • (string) –

  • sessionPolicy (string) – A session policy that applies to the trust boundary of the vended session credentials.

Return type:

dict

Returns:

Response Syntax

{
    'profile': {
        'createdAt': datetime(2015, 1, 1),
        'createdBy': 'string',
        'durationSeconds': 123,
        'enabled': True|False,
        'managedPolicyArns': [
            'string',
        ],
        'name': 'string',
        'profileArn': 'string',
        'profileId': 'string',
        'requireInstanceProperties': True|False,
        'roleArns': [
            'string',
        ],
        'sessionPolicy': 'string',
        'updatedAt': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) –

    • profile (dict) –

      The state of the profile after a read or write operation.

      • createdAt (datetime) –

        The ISO-8601 timestamp when the profile was created.

      • createdBy (string) –

        The Amazon Web Services account that created the profile.

      • durationSeconds (integer) –

        The number of seconds the vended session credentials are valid for.

      • enabled (boolean) –

        Indicates whether the profile is enabled.

      • managedPolicyArns (list) –

        A list of managed policy ARNs that apply to the vended session credentials.

        • (string) –

      • name (string) –

        The name of the profile.

      • profileArn (string) –

        The ARN of the profile.

      • profileId (string) –

        The unique identifier of the profile.

      • requireInstanceProperties (boolean) –

        Specifies whether instance properties are required in CreateSession requests with this profile.

      • roleArns (list) –

        A list of IAM roles that this profile can assume in a CreateSession operation.

        • (string) –

      • sessionPolicy (string) –

        A session policy that applies to the trust boundary of the vended session credentials.

      • updatedAt (datetime) –

        The ISO-8601 timestamp when the profile was last updated.

Exceptions

  • IAMRolesAnywhere.Client.exceptions.ValidationException

  • IAMRolesAnywhere.Client.exceptions.ResourceNotFoundException

  • IAMRolesAnywhere.Client.exceptions.AccessDeniedException