inspec/docs/resources/aws_iam_role.md.erb
Franklin Webber a359399fa0 Fixes partially indented blocks and unescaped underscores (#2731)
Moved 2 space examples 2 more spaces in. Don't be shy, show the world your code the way it was meant to be seen.

Underscores in markdown must be escaped otherwise the world goes crooked.

Signed-off-by: Franklin Webber <franklin@chef.io>
2018-02-26 11:11:06 -05:00

63 lines
1.5 KiB
Text

---
title: About the aws_iam_role Resource
platform: aws
---
# aws\_iam\_role
Use the `aws_iam_role` InSpec audit resource to test properties of a single IAM Role. A Role is a collection of permissions that may be temporarily assumed by a user, EC2 Instance, Lambda Function, or certain other resources.
<br>
## Syntax
# Ensure that a certain role exists by name
describe aws_iam_role('my-role') do
it { should exist }
end
<br>
## Resource Parameters
### role\_name
This resource expects a single parameter that uniquely identifies the IAM Role, the Role Name. You may pass it as a string, or as the value in a hash:
describe aws_iam_role('my-role') do
it { should exist }
end
# Same
describe aws_iam_role(role_name: 'my-role') do
it { should exist }
end
<br>
## Properties
### description
A textual description of the IAM Role.
describe aws_iam_role('my-role') do
its('description') { should be('Our most important Role')}
end
<br>
## Matchers
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
### exist
Indicates that the Role Name provided was found. Use `should_not` to test for IAM Roles that should not exist.
describe aws_iam_role('should-be-there') do
it { should exist }
end
describe aws_iam_role('should-not-be-there') do
it { should_not exist }
end