instance_profile
Gets or updates an individual instance_profile resource, use instance_profiles to retrieve a list of resources or to create or delete a resource.
Overview
| Name | instance_profile |
| Type | Resource |
| Description | Creates a new instance profile. For information about instance profiles, see [Using instance profiles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html).<br/> For information about the number of instance profiles you can create, see [object quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the *User Guide*. |
| Id | aws.iam.instance_profile |
Fields
| Name | Datatype | Description |
|---|---|---|
path | string | The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.<br/> This parameter is optional. If it is not included, it defaults to a slash (/).<br/> This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters. |
roles | array | The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions. |
instance_profile_name | string | The name of the instance profile to create.<br/> This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@- |
arn | string | |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
get_resource | SELECT | data__Identifier, region |
SELECT Example
SELECT
region,
path,
roles,
instance_profile_name,
arn
FROM aws.iam.instance_profile
WHERE data__Identifier = '<InstanceProfileName>';
Permissions
To operate on the instance_profile resource, the following permissions are required:
Read
iam:GetInstanceProfile
Update
iam:PassRole,
iam:RemoveRoleFromInstanceProfile,
iam:AddRoleToInstanceProfile,
iam:GetInstanceProfile