|
|
@ -37,6 +37,11 @@ options:
|
|
|
|
description:
|
|
|
|
description:
|
|
|
|
- The name of the role to create.
|
|
|
|
- The name of the role to create.
|
|
|
|
required: true
|
|
|
|
required: true
|
|
|
|
|
|
|
|
description:
|
|
|
|
|
|
|
|
description:
|
|
|
|
|
|
|
|
- Provide a description of the new role
|
|
|
|
|
|
|
|
required: false
|
|
|
|
|
|
|
|
version_added: "2.5"
|
|
|
|
assume_role_policy_document:
|
|
|
|
assume_role_policy_document:
|
|
|
|
description:
|
|
|
|
description:
|
|
|
|
- "The trust relationship policy document that grants an entity permission to assume the role. This parameter is required when state: present."
|
|
|
|
- "The trust relationship policy document that grants an entity permission to assume the role. This parameter is required when state: present."
|
|
|
@ -60,10 +65,11 @@ extends_documentation_fragment:
|
|
|
|
EXAMPLES = '''
|
|
|
|
EXAMPLES = '''
|
|
|
|
# Note: These examples do not set authentication details, see the AWS Guide for details.
|
|
|
|
# Note: These examples do not set authentication details, see the AWS Guide for details.
|
|
|
|
|
|
|
|
|
|
|
|
# Create a role
|
|
|
|
# Create a role with description
|
|
|
|
- iam_role:
|
|
|
|
- iam_role:
|
|
|
|
name: mynewrole
|
|
|
|
name: mynewrole
|
|
|
|
assume_role_policy_document: "{{ lookup('file','policy.json') }}"
|
|
|
|
assume_role_policy_document: "{{ lookup('file','policy.json') }}"
|
|
|
|
|
|
|
|
description: This is My New Role
|
|
|
|
state: present
|
|
|
|
state: present
|
|
|
|
|
|
|
|
|
|
|
|
# Create a role and attach a managed policy called "PowerUserAccess"
|
|
|
|
# Create a role and attach a managed policy called "PowerUserAccess"
|
|
|
@ -208,6 +214,7 @@ def create_or_update_role(connection, module):
|
|
|
|
params['Path'] = module.params.get('path')
|
|
|
|
params['Path'] = module.params.get('path')
|
|
|
|
params['RoleName'] = module.params.get('name')
|
|
|
|
params['RoleName'] = module.params.get('name')
|
|
|
|
params['AssumeRolePolicyDocument'] = module.params.get('assume_role_policy_document')
|
|
|
|
params['AssumeRolePolicyDocument'] = module.params.get('assume_role_policy_document')
|
|
|
|
|
|
|
|
params['Description'] = module.params.get('description')
|
|
|
|
managed_policies = module.params.get('managed_policy')
|
|
|
|
managed_policies = module.params.get('managed_policy')
|
|
|
|
if managed_policies:
|
|
|
|
if managed_policies:
|
|
|
|
managed_policies = convert_friendly_names_to_arns(connection, module, managed_policies)
|
|
|
|
managed_policies = convert_friendly_names_to_arns(connection, module, managed_policies)
|
|
|
@ -360,7 +367,8 @@ def main():
|
|
|
|
path=dict(default="/", type='str'),
|
|
|
|
path=dict(default="/", type='str'),
|
|
|
|
assume_role_policy_document=dict(type='json'),
|
|
|
|
assume_role_policy_document=dict(type='json'),
|
|
|
|
managed_policy=dict(type='list', aliases=['managed_policies']),
|
|
|
|
managed_policy=dict(type='list', aliases=['managed_policies']),
|
|
|
|
state=dict(choices=['present', 'absent'], required=True)
|
|
|
|
state=dict(choices=['present', 'absent'], required=True),
|
|
|
|
|
|
|
|
description=dict(required=False, type='str', default='')
|
|
|
|
)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|