role_arn - AWS SDKs and Tools


Specifies the Amazon Resource Name (ARN) of an IAM role that you want to use to perform operations requested using this profile.


Default value: None. You must specify this value explicitly.

Valid values: The value must be the ARN of an IAM role. See the example in the following table.

In addition, you must also specify one of the following settings:

  • source_profile – To identify another profile to use to find credentials that have permission to assume the role in this profile.

  • credential_source – To use either credentials identified by the current environment variables or credentials attached to an Amazon EC2 instance profile or an Amazon ECS container instance.

Ways to set this value

Location Supported Example
config file Yes
role_arn = arn:aws:iam::123456789012:role/my-role-name source_profile = profile-with-user-that-can-assume-role
role_arn = arn:aws:iam::123456789012:role/my-role-name credential_source = Ec2InstanceMetadata
credentials file -
Environment variable -
AWS CLI parameter -

Compatibility with AWS SDKS and tools