diff --git a/lib/ansible/modules/cloud/amazon/iam_role.py b/lib/ansible/modules/cloud/amazon/iam_role.py index 332b79f27cb..7f3a834515f 100644 --- a/lib/ansible/modules/cloud/amazon/iam_role.py +++ b/lib/ansible/modules/cloud/amazon/iam_role.py @@ -37,6 +37,11 @@ options: description: - The name of the role to create. required: true + description: + description: + - Provide a description of the new role + required: false + version_added: "2.5" assume_role_policy_document: description: - "The trust relationship policy document that grants an entity permission to assume the role. This parameter is required when state: present." @@ -60,10 +65,11 @@ extends_documentation_fragment: EXAMPLES = ''' # Note: These examples do not set authentication details, see the AWS Guide for details. -# Create a role +# Create a role with description - iam_role: name: mynewrole assume_role_policy_document: "{{ lookup('file','policy.json') }}" + description: This is My New Role state: present # Create a role and attach a managed policy called "PowerUserAccess" @@ -208,6 +214,7 @@ def create_or_update_role(connection, module): params['Path'] = module.params.get('path') params['RoleName'] = module.params.get('name') params['AssumeRolePolicyDocument'] = module.params.get('assume_role_policy_document') + params['Description'] = module.params.get('description') managed_policies = module.params.get('managed_policy') if managed_policies: managed_policies = convert_friendly_names_to_arns(connection, module, managed_policies) @@ -360,7 +367,8 @@ def main(): path=dict(default="/", type='str'), assume_role_policy_document=dict(type='json'), managed_policy=dict(type='list', aliases=['managed_policies']), - state=dict(choices=['present', 'absent'], required=True) + state=dict(choices=['present', 'absent'], required=True), + description=dict(required=False, type='str', default='') ) )