Creates a new role for your AWS account. For more information about roles, go to Working with Roles. For information about limitations on role names and the number of roles you can create, go to Limitations on IAM Entities in Using AWS Identity and Access Management.
The policy grants permission to an EC2 instance to assume the role. The policy is URL-encoded according to RFC 3986. For more information about RFC 3986, go to http://www.faqs.org/rfcs/rfc3986.html. Currently, only EC2 instances can assume roles.
Access
public
Parameters
Parameter |
Type |
Required |
Description |
---|---|---|---|
|
Required |
Name of the role to create. [Constraints: The value must be between 1 and 64 characters, and must match the following regular expression pattern: |
|
|
Required |
The policy that grants an entity permission to assume the role. [Constraints: The value must be between 1 and 131072 characters, and must match the following regular expression pattern: |
|
|
Optional |
An associative array of parameters that can have the following keys:
|
Returns
Type |
Description |
---|---|
A |
Examples
Test the preparation of instance profiles and roles.
// Instantiate the client $iam = new AmazonIAM(); // Role policy $role_policy = new CFPolicy($iam, array( 'Statement' => array( array( 'Effect' => 'Allow', 'Action' => '*', 'Resource' => '*' ) ) )); // Create role $response = $iam->create_role('example-role', AmazonIAM::STANDARD_EC2_ASSUME_ROLE_POLICY); var_dump($response->isOK()); // Create instance profile $response = $iam->create_instance_profile('example-profile'); var_dump($response->isOK()); // Put role policy $response = $iam->put_role_policy('example-role', 'example-role-policy', $role_policy->get_json()); var_dump($response->isOK()); // Add role to instance $response = $iam->add_role_to_instance_profile('example-profile', 'example-role'); var_dump($response->isOK());Result:
bool(true) bool(true) bool(true) bool(true)
Source
Method defined in services/iam.class.php | Toggle source view (8 lines) | View on GitHub