Package software.amazon.awscdk.services.iam

Class CfnRole

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.iam.CfnRole
All Implemented Interfaces:
IEnvironmentAware, IInspectable, ITaggable, IRoleRef, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.118.0 (build 02eec31)", date="2025-11-10T13:40:07.249Z") @Stability(Stable) public class CfnRole extends CfnResource implements IInspectable, IRoleRef, ITaggable
Creates a new role for your AWS account .

For more information about roles, see IAM roles in the IAM User Guide . For information about quotas for role names and the number of roles you can create, see IAM and AWS STS quotas in the IAM User Guide .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.iam.*;
 Object assumeRolePolicyDocument;
 Object policyDocument;
 CfnRole cfnRole = CfnRole.Builder.create(this, "MyCfnRole")
         .assumeRolePolicyDocument(assumeRolePolicyDocument)
         // the properties below are optional
         .description("description")
         .managedPolicyArns(List.of("managedPolicyArns"))
         .maxSessionDuration(123)
         .path("path")
         .permissionsBoundary("permissionsBoundary")
         .policies(List.of(PolicyProperty.builder()
                 .policyDocument(policyDocument)
                 .policyName("policyName")
                 .build()))
         .roleName("roleName")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();

See Also:

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnRole

      protected CfnRole(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnRole

      protected CfnRole(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnRole

      @Stability(Stable) public CfnRole(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnRoleProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrArn

      @Stability(Stable) @NotNull public String getAttrArn()
      Returns the Amazon Resource Name (ARN) for the role. For example:.

      {"Fn::GetAtt" : ["MyRole", "Arn"] }

      This will return a value such as arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF .

    • getAttrRoleId

      @Stability(Stable) @NotNull public String getAttrRoleId()
      Returns the stable and unique string identifying the role. For example, AIDAJQABLZS4A3QDU576Q .

      For more information about IDs, see IAM Identifiers in the IAM User Guide .

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getRoleRef

      @Stability(Stable) @NotNull public RoleReference getRoleRef()
      A reference to a Role resource.
      Specified by:
      getRoleRef in interface IRoleRef

    • getTags

      @Stability(Stable) @NotNull public TagManager getTags()
      Tag Manager which manages the tags for this resource.
      Specified by:
      getTags in interface ITaggable

    • getAssumeRolePolicyDocument

      @Stability(Stable) @NotNull public Object getAssumeRolePolicyDocument()
      The trust policy that is associated with this role.

    • setAssumeRolePolicyDocument

      @Stability(Stable) public void setAssumeRolePolicyDocument(@NotNull Object value)
      The trust policy that is associated with this role.

    • getDescription

      @Stability(Stable) @Nullable public String getDescription()
      A description of the role that you provide.

    • setDescription

      @Stability(Stable) public void setDescription(@Nullable String value)
      A description of the role that you provide.

    • getManagedPolicyArns

      @Stability(Stable) @Nullable public List<String> getManagedPolicyArns()
      A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.

    • setManagedPolicyArns

      @Stability(Stable) public void setManagedPolicyArns(@Nullable List<String> value)
      A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.

    • getMaxSessionDuration

      @Stability(Stable) @Nullable public Number getMaxSessionDuration()
      The maximum session duration (in seconds) that you want to set for the specified role.

    • setMaxSessionDuration

      @Stability(Stable) public void setMaxSessionDuration(@Nullable Number value)
      The maximum session duration (in seconds) that you want to set for the specified role.

    • getPath

      @Stability(Stable) @Nullable public String getPath()
      The path to the role.

      For more information about paths, see IAM Identifiers in the IAM User Guide .

    • setPath

      @Stability(Stable) public void setPath(@Nullable String value)
      The path to the role.

      For more information about paths, see IAM Identifiers in the IAM User Guide .

    • getPermissionsBoundary

      @Stability(Stable) @Nullable public String getPermissionsBoundary()
      The ARN of the policy used to set the permissions boundary for the role.

    • setPermissionsBoundary

      @Stability(Stable) public void setPermissionsBoundary(@Nullable String value)
      The ARN of the policy used to set the permissions boundary for the role.

    • getPolicies

      @Stability(Stable) @Nullable public Object getPolicies()
      Adds or updates an inline policy document that is embedded in the specified IAM role.

      Returns union: either IResolvable or Listinvalid input: '<'either IResolvable or CfnRole.PolicyProperty>

    • setPolicies

      @Stability(Stable) public void setPolicies(@Nullable IResolvable value)
      Adds or updates an inline policy document that is embedded in the specified IAM role.

    • setPolicies

      @Stability(Stable) public void setPolicies(@Nullable List<Object> value)
      Adds or updates an inline policy document that is embedded in the specified IAM role.

    • getRoleName

      @Stability(Stable) @Nullable public String getRoleName()
      A name for the IAM role, up to 64 characters in length.

    • setRoleName

      @Stability(Stable) public void setRoleName(@Nullable String value)
      A name for the IAM role, up to 64 characters in length.

    • getTagsRaw

      @Stability(Stable) @Nullable public List<CfnTag> getTagsRaw()
      A list of tags that are attached to the role.

    • setTagsRaw

      @Stability(Stable) public void setTagsRaw(@Nullable List<CfnTag> value)
      A list of tags that are attached to the role.