Skip to content

Resource: awsIamInstanceProfile

Provides an IAM instance profile.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsIamPolicyDocumentAssumeRole =
  new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
    this,
    "assume_role",
    {
      statement: [
        {
          actions: ["sts:AssumeRole"],
          effect: "Allow",
          principals: [
            {
              identifiers: ["ec2.amazonaws.com"],
              type: "Service",
            },
          ],
        },
      ],
    }
  );
const awsIamRoleRole = new aws.iamRole.IamRole(this, "role", {
  assumeRolePolicy: dataAwsIamPolicyDocumentAssumeRole.json,
  name: "test_role",
  path: "/",
});
new aws.iamInstanceProfile.IamInstanceProfile(this, "test_profile", {
  name: "test_profile",
  role: awsIamRoleRole.name,
});

Argument Reference

The following arguments are optional:

  • name - (Optional, Forces new resource) Name of the instance profile. If omitted, Terraform will assign a random, unique name. Conflicts with namePrefix. Can be a string of characters consisting of upper and lowercase alphanumeric characters and these special characters: _, +, =, ,, ., @, -. Spaces are not allowed.
  • namePrefix - (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts with name.
  • path - (Optional, default "/") Path to the instance profile. For more information about paths, see IAM Identifiers in the IAM User Guide. Can be a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. Can include any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercase letters.
  • role - (Optional) Name of the role to add to the profile.
  • tags - (Optional) Map of resource tags for the IAM Instance Profile. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - ARN assigned by AWS to the instance profile.
  • createDate - Creation timestamp of the instance profile.
  • id - Instance profile's ID.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

  • uniqueId - Unique ID assigned by AWS.

Import

Instance Profiles can be imported using the name, e.g.,

$ terraform import aws_iam_instance_profile.test_profile app-instance-profile-1