Sha256: ce65878062c5131c7d3fa91bb802c6b30853676465cf9a758d07de863e1b40aa

Contents?: true

Size: 1.4 KB

Versions: 52

Compression:

Stored size: 1.4 KB

Contents

### exist

```ruby
describe iam_role('my-iam-role') do
  it { should exist }
end
```

### be_allowed_action

```ruby
describe iam_role('my-iam-role') do
  it { should be_allowed_action('ec2:DescribeInstances') }
  it { should be_allowed_action('s3:Put*').resource_arn('arn:aws:s3:::my-bucket-name/*') }
end
```

### have_iam_policy

```ruby
describe iam_role('my-iam-role') do
  it { should have_iam_policy('ReadOnlyAccess') }
end
```

### have_inline_policy

```ruby
describe iam_role('my-iam-role') do
  it { should have_inline_policy('AllowS3BucketAccess') }
  it do
    should have_inline_policy('AllowS3BucketAccess').policy_document(<<-'DOC')
{
"Statement": [
    {
     "Action": [
        "s3:ListAllMyBuckets"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::*"
    },
    {
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": ["arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*"]
    }
  ]
}
DOC
  end
end
```

You can test absence of inline policies.

```ruby
describe iam_role('my-iam-role') do
  it { should_not have_inline_policy }
end
```

### advanced

`iam_role` can use `Aws::IAM::Role` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/IAM/Role.html).

```ruby
describe iam_role('my-iam-role') do
  its('attached_policies.count') { should eq 5 }
end
```

or

```ruby
describe iam_role('my-iam-role') do
  its('resource.attached_policies.count') { should eq 5 }
end
```

Version data entries

52 entries across 52 versions & 3 rubygems

Version Path
awspec-1.18.3 doc/_resource_types/iam_role.md
awspec-1.18.2 doc/_resource_types/iam_role.md
awspec-1.18.1 doc/_resource_types/iam_role.md
awspec-1.18.0 doc/_resource_types/iam_role.md
awspec-1.17.4 doc/_resource_types/iam_role.md
awspec-1.17.3 doc/_resource_types/iam_role.md
awspec-1.17.2 doc/_resource_types/iam_role.md
awspec-1.17.1 doc/_resource_types/iam_role.md
awspec-1.17.0 doc/_resource_types/iam_role.md
awspec-1.16.1 doc/_resource_types/iam_role.md
awspec-1.16.0 doc/_resource_types/iam_role.md
awspec-1.15.3 doc/_resource_types/iam_role.md