Amazon IAM Access Analyzer · Schema

IamRoleConfiguration

The proposed access control configuration for an IAM role. You can propose a configuration for a new IAM role or an existing IAM role that you own by specifying the trust policy. If the configuration is for a new IAM role, you must specify the trust policy. If the configuration is for an existing IAM role that you own and you do not propose the trust policy, the access preview uses the existing trust policy for the role. The proposed trust policy cannot be an empty string. For more information about role trust policy limits, see IAM and STS quotas.

Access ControlComplianceIAMPolicy ManagementSecurity

Properties

Name Type Description
trustPolicy object
View JSON Schema on GitHub

JSON Schema

iam-access-analyzer-iam-role-configuration-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-iam-access-analyzer/refs/heads/main/json-schema/iam-access-analyzer-iam-role-configuration-schema.json",
  "title": "IamRoleConfiguration",
  "description": "The proposed access control configuration for an IAM role. You can propose a configuration for a new IAM role or an existing IAM role that you own by specifying the trust policy. If the configuration is for a new IAM role, you must specify the trust policy. If the configuration is for an existing IAM role that you own and you do not propose the trust policy, the access preview uses the existing trust policy for the role. The proposed trust policy cannot be an empty string. For more information about role trust policy limits, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html\">IAM and STS quotas</a>.",
  "type": "object",
  "properties": {
    "trustPolicy": {
      "allOf": [
        {
          "$ref": "#/components/schemas/IamTrustPolicy"
        },
        {
          "description": "The proposed trust policy for the IAM role."
        }
      ]
    }
  }
}