| « PreviousNext » | |
  | Did this page help you? Yes | No | Tell us about it... |
iam-rolecreate
Description
Creates a new role in your AWS account.
An AWS account can have only a limited number of roles. For more information, see Appendix A: Limitations on IAM Entities.
Syntax
iam-rolecreate -r
ROLENAME
[ -f POLICYDOCUMENTFILE | -s SERVICE]
[-p PATH] [-v]
Options
| Name | Description | Required |
|---|---|---|
|
|
Name of the role to create. Do not include the path in this value. Type: String Constraints: See Appendix A: Limitations on IAM Entities Default: None |
Yes |
|
|
Path to the user. For more information about paths, go to
Identifiers for IAM Entities in
Using AWS Identity and Access Management. If you don't
want the role to have a path, set to Type: String Constraints: See Appendix A: Limitations on IAM Entities Default: / |
No |
|
|
The entity that can assume the role. Currently, the only
acceptable value is the endpoint for Amazon EC2, Type: String Condition: Either Default: None |
Conditional |
|
|
Path and name of the file containing the policy. Type: String Condition: Either Default: None |
Conditional |
|
|
Causes the response to include the newly created role's ARN, GUID, and JSON policy document. For more information about ARNs and GUIDs, go to Identifiers for IAM Entities in Using AWS Identity and Access Management. Type: String Default: None |
No |
Output
If the command is successful, the output is empty.
Examples
The following example creates a new role called myrole with no path.
You could omit the -p option and get the same result. The
-v option causes the output to include the role's ARN,
GUID, and JSON policy document.
PROMPT> iam-rolecreate -r myrole -p / -s ec2.amazonaws.com -v
arn:aws:iam::123456789012:role/myrole
AROAIFMQYG233LEXAMPLE
{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["ec2.amazonaws.com"]},"Action":["sts:AssumeRole"]}]}
