Role
IAM roles lets you define logical sets of policies to grant to users and API keys.
create-iam-role
Create IAM Role
POST /iam-roleRequest body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
name | string | yes | IAM Role name |
assume-role-policy | Policy | no | IAM Assume role policy |
description | string | no | IAM Role description |
editable | boolean | no | Sets if the IAM Role Policy is editable or not (default: true). This setting cannot be changed after creation |
labels | object | no | IAM Role labels |
max-session-ttl | integer | no | Maximum TTL requester is allowed to ask for when assuming a role |
permissions | array[string] | no | IAM Role permissions |
policy | Policy | no | IAM Role policy |
Example
{
"assume-role-policy": {
"default-service-strategy": "allow",
"services": {}
},
"description": "string",
"editable": true,
"labels": {},
"max-session-ttl": 0,
"name": "string",
"permissions": [
"bypass-governance-retention"
],
"policy": {
"default-service-strategy": "allow",
"services": {}
}
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for create-iam-role: golang | Python | Java
CLI: exo api create-iam-role
get-iam-role
Retrieve IAM Role
GET /iam-role/{id}Path parameters
| Name | In | Description |
|---|---|---|
id | path |
Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
assume-role-policy | Policy | IAM Assume Role Policy |
description | string | IAM Role description |
editable | boolean | IAM Role mutability |
id | string | IAM Role ID |
labels | object | IAM Role Labels |
max-session-ttl | integer | Maximum TTL requester is allowed to ask for when assuming a role |
name | string | IAM Role name |
permissions | array[string] | IAM Role permissions |
policy | Policy | IAM Role Policy |
Example output
{
"assume-role-policy": {
"default-service-strategy": "allow",
"services": {}
},
"description": "string",
"editable": true,
"id": "string",
"labels": {},
"max-session-ttl": 0,
"name": "string",
"permissions": [
"bypass-governance-retention"
],
"policy": {
"default-service-strategy": "allow",
"services": {}
}
}SDK reference for get-iam-role: golang | Python | Java
CLI: exo api get-iam-role
update-iam-role
Update IAM Role
PUT /iam-role/{id}Path parameters
| Name | In | Description |
|---|---|---|
id | path |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
description | string | no | IAM Role description |
labels | object | no | IAM Role labels |
max-session-ttl | integer | no | Maximum TTL requester is allowed to ask for when assuming a role |
permissions | array[string] | no | IAM Role permissions |
Example
{
"description": "string",
"labels": {},
"max-session-ttl": 0,
"permissions": [
"bypass-governance-retention"
]
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for update-iam-role: golang | Python | Java
CLI: exo api update-iam-role
delete-iam-role
Delete IAM Role
DELETE /iam-role/{id}Path parameters
| Name | In | Description |
|---|---|---|
id | path |
Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for delete-iam-role: golang | Python | Java
CLI: exo api delete-iam-role
Other Operations
update-iam-assume-role-policy
Update IAM Assume role Policy
PUT /iam-role/{id}:assume-role-policyPath parameters
| Name | In | Description |
|---|---|---|
id | path |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
default-service-strategy | string | yes | IAM default service strategy Allowed values: allow, deny. |
services | object | yes | IAM services |
Example
{
"default-service-strategy": "allow",
"services": {}
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for update-iam-assume-role-policy: golang | Python | Java
CLI: exo api update-iam-assume-role-policy
update-iam-role-policy
Update IAM Role Policy
PUT /iam-role/{id}:policyPath parameters
| Name | In | Description |
|---|---|---|
id | path |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
default-service-strategy | string | yes | IAM default service strategy Allowed values: allow, deny. |
services | object | yes | IAM services |
Example
{
"default-service-strategy": "allow",
"services": {}
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for update-iam-role-policy: golang | Python | Java
CLI: exo api update-iam-role-policy
list-iam-roles
List IAM Roles
GET /iam-roleResponses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
iam-roles | array of IAM Role |
Example output
{
"iam-roles": [
{
"assume-role-policy": {
"default-service-strategy": "allow",
"services": {}
},
"description": "string",
"editable": true,
"id": "string",
"labels": {},
"max-session-ttl": 0,
"name": "string",
"permissions": [
"bypass-governance-retention"
],
"policy": {
"default-service-strategy": "allow",
"services": {}
}
}
]
}SDK reference for list-iam-roles: golang | Python | Java
CLI: exo api list-iam-roles
Last updated on