Dell Technologies ECS REST API

Search (SHIFT+S)




Create Role

POST /iam?Action=CreateRole

Creates a new IAM Role in the caller's namespace or x-emc-namespace header if provided.


Query Parameters

RoleNameThe name of the role to create.
AssumeRolePolicyDocumentThe trust relationship policy document that grants an entity permission to assume the role
MaxSessionDurationThe maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours
DescriptionA description of the role.
PathThe path to the role. Optional, defaults to "/" and only "/" is allowed.
PermissionsBoundaryThe ARN of the policy that is used to set the permissions boundary for the role.
TagsA list of tags that you want to attach to the role being created.

Required Roles

This call has no restrictions.


Request Payload

No Request Payload


Response Body

Field Description Type Notes
CreateRoleResponse
Result    
Role    
Arn Arn that identifies the role. String
AssumeRolePolicyDocument The trust relationship policy document that grants an entity permission to assume the role. String
CreateDate ISO 8601 DateTime when role was created. String
Description The description of the IAM role. String
MaxSessionDuration The maximum session duration (in seconds) that you want to set for the specified role. Integer
Path The path to the IAM role. String
RoleId Unique Id associated with the role. String
RoleName Simple name identifying the role. String
Tags The list of Tags associated with the role.
Tags 0-* Elements
PermissionsBoundary    
PermissionsBoundaryArn The ARN of the policy set as permissions boundary. String
PermissionsBoundaryType The permissions boundary usage type that indicates what type of IAM resource is used as the permissions boundary for an entity. This data type can only have a value of Policy. String
ResponseMetadata    
RequestId String

Examples

Request
NOTE: AssumeRolePolicyDocument must be url-encoded as a query parameter for the REST API request.
AssumeRolePolicyDocument in json format:
{
  
    "Version": "2012-10-17",
  
    "Statement": [

      {
      
        "Effect": "Allow",
      
        "Principal": {
        
            "AWS": [
          
                  "urn:ecs:iam::ns:user/payroll1"
        
            ]
      
        },
      
        "Action": "sts:AssumeRole"
    
      }
  
    ]

}


POST https://192.168.0.0::4443/iam?Action=CreateRole&RoleName=FinanceRoleAll&Path=%2F&AssumeRolePolicyDocument=%7B%22Version%22%3A%222012-10-17%22%2C%22Statement%22%3A%5B%7B%22Effect%22%3A%22Allow%22%2C%22Principal%22%3A%7B%22AWS%22%3A%5B%22urn%3Aecs%3Aiam%3A%3Ans%3Auser%2Fpayroll1%22%5D%7D%2C%22Action%22%3A%22sts%3AAssumeRole%22%7D%5D%7D&Tags.member.1.Key=Department&Tags.member.1.Value=Finance&MaxSessionDuration=3600
Accept: application/xml
X-SDS-AUTH-TOKEN: <AUTH_TOKEN>
x-emc-namespace: <namespace>
Response
HTTP/1.1 200 OK
Content-Type: application/xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:CreateRoleResponse xmlns:ns2="none">
    <ResponseMetadata>
        <RequestId>0af9f5b8:171648dacb1:19b24:1ca</RequestId>
    </ResponseMetadata>
    <CreateRoleResult>
        <Role>
            <Arn>urn:ecs:iam::ns:role/FinanceRoleAll</Arn>
            <AssumeRolePolicyDocument>{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":["urn:ecs:iam::ns:user/payroll1"]},"Action":"sts:AssumeRole"}]}</AssumeRolePolicyDocument>
            <CreateDate>2020-04-13T19:16:49Z</CreateDate>
            <Description></Description>
            <MaxSessionDuration>3600</MaxSessionDuration>
            <Path>/</Path>
            <RoleId>AROA01293C069EA32003</RoleId>
            <RoleName>FinanceRoleAll</RoleName>
            <Tags>
                <member>
                    <Key>Department</Key>
                    <Value>Finance</Value>
                </member>
            </Tags>
        </Role>
    </CreateRoleResult>
</ns2:CreateRoleResponse>