AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Adds or updates an inline policy document that is embedded in the specified IAM role.
When you embed an inline policy in a role, the inline policy is used as part of the
role's access (permissions) policy. The role's trust policy is created at the same
time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. For more information about roles, see IAM
roles in the IAM User Guide.
A role can also have a managed policy attached to it. To attach a managed policy to
a role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed
policies and inline policies in the IAM User Guide.
For information about the maximum number of inline policies that you can embed with a role, see IAM and STS quotas in the IAM User Guide.
Because policy documents can be large, you should use POST rather than GET when calling
PutRolePolicy. For general information about using the Query API with IAM,
see Making
query requests in the IAM User Guide.
For .NET Core this operation is only available in asynchronous form. Please refer to PutRolePolicyAsync.
Namespace: Amazon.IdentityManagement
Assembly: AWSSDK.IdentityManagement.dll
Version: 3.x.y.z
public abstract PutRolePolicyResponse PutRolePolicy( PutRolePolicyRequest request )
Container for the necessary parameters to execute the PutRolePolicy service method.
| Exception | Condition |
|---|---|
| LimitExceededException | The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded. |
| MalformedPolicyDocumentException | The request was rejected because the policy document was malformed. The error message describes the specific error. |
| NoSuchEntityException | The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource. |
| ServiceFailureException | The request processing has failed because of an unknown error, exception or failure. |
| UnmodifiableEntityException | The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service. |
The following command adds a permissions policy to the role named Test-Role.
var client = new AmazonIdentityManagementServiceClient();
var response = client.PutRolePolicy(new PutRolePolicyRequest
{
PolicyDocument = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}}",
PolicyName = "S3AccessPolicy",
RoleName = "S3Access"
});
.NET Framework:
Supported in: 4.5, 4.0, 3.5