docs.aws.amazon.com
Open in
urlscan Pro
99.84.133.24
Public Scan
Submitted URL: http://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html
Effective URL: https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html
Submission: On November 01 via api from JP — Scanned from JP
Effective URL: https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html
Submission: On November 01 via api from JP — Scanned from JP
Form analysis 0 forms found in the DOM
Text Content
SELECT YOUR COOKIE PREFERENCES
We use essential cookies and similar tools that are necessary to provide our
site and services. We use performance cookies to collect anonymous statistics so
we can understand how customers use our site and make improvements. Essential
cookies cannot be deactivated, but you can click “Customize cookies” to decline
performance cookies.
If you agree, AWS and approved third parties will also use cookies to provide
useful site features, remember your preferences, and display relevant content,
including relevant advertising. To continue without accepting these cookies,
click “Continue without accepting.” To make more detailed choices or learn more,
click “Customize cookies.”
Accept all cookiesContinue without acceptingCustomize cookies
CUSTOMIZE COOKIE PREFERENCES
We use cookies and similar tools (collectively, "cookies") for the following
purposes.
ESSENTIAL
Essential cookies are necessary to provide our site and services and cannot be
deactivated. They are usually set in response to your actions on the site, such
as setting your privacy preferences, signing in, or filling in forms.
PERFORMANCE
Performance cookies provide anonymous statistics about how customers navigate
our site so we can improve site experience and performance. Approved third
parties may perform analytics on our behalf, but they cannot use the data for
their own purposes.
Allow performance category
Allowed
FUNCTIONAL
Functional cookies help us provide useful site features, remember your
preferences, and display relevant content. Approved third parties may set these
cookies to provide certain site features. If you do not allow these cookies,
then some or all of these services may not function properly.
Allow functional category
Allowed
ADVERTISING
Advertising cookies may be set through our site by us or our advertising
partners and help us deliver relevant marketing content. If you do not allow
these cookies, you will experience less relevant advertising.
Allow advertising category
Allowed
Blocking some types of cookies may impact your experience of our sites. You may
review and change your choices at any time by clicking Cookie preferences in the
footer of this site. We and selected third-parties use cookies or similar
technologies as specified in the AWS Cookie Notice.
CancelSave preferences
UNABLE TO SAVE COOKIE PREFERENCES
We will only store essential cookies at this time, because we were unable to
save your cookie preferences.
If you want to change your cookie preferences, try again later using the link in
the AWS console footer, or contact support if the problem persists.
Dismiss
Contact Us
English
Create an AWS Account
1. AWS
2. ...
3. Documentation
4. AWS Identity and Access Management
5. API Reference
Feedback
Preferences
AWS IDENTITY AND ACCESS MANAGEMENT
API REFERENCE
* Welcome
* Actions
* AddClientIDToOpenIDConnectProvider
* AddRoleToInstanceProfile
* AddUserToGroup
* AttachGroupPolicy
* AttachRolePolicy
* AttachUserPolicy
* ChangePassword
* CreateAccessKey
* CreateAccountAlias
* CreateGroup
* CreateInstanceProfile
* CreateLoginProfile
* CreateOpenIDConnectProvider
* CreatePolicy
* CreatePolicyVersion
* CreateRole
* CreateSAMLProvider
* CreateServiceLinkedRole
* CreateServiceSpecificCredential
* CreateUser
* CreateVirtualMFADevice
* DeactivateMFADevice
* DeleteAccessKey
* DeleteAccountAlias
* DeleteAccountPasswordPolicy
* DeleteGroup
* DeleteGroupPolicy
* DeleteInstanceProfile
* DeleteLoginProfile
* DeleteOpenIDConnectProvider
* DeletePolicy
* DeletePolicyVersion
* DeleteRole
* DeleteRolePermissionsBoundary
* DeleteRolePolicy
* DeleteSAMLProvider
* DeleteServerCertificate
* DeleteServiceLinkedRole
* DeleteServiceSpecificCredential
* DeleteSigningCertificate
* DeleteSSHPublicKey
* DeleteUser
* DeleteUserPermissionsBoundary
* DeleteUserPolicy
* DeleteVirtualMFADevice
* DetachGroupPolicy
* DetachRolePolicy
* DetachUserPolicy
* EnableMFADevice
* GenerateCredentialReport
* GenerateOrganizationsAccessReport
* GenerateServiceLastAccessedDetails
* GetAccessKeyLastUsed
* GetAccountAuthorizationDetails
* GetAccountPasswordPolicy
* GetAccountSummary
* GetContextKeysForCustomPolicy
* GetContextKeysForPrincipalPolicy
* GetCredentialReport
* GetGroup
* GetGroupPolicy
* GetInstanceProfile
* GetLoginProfile
* GetMFADevice
* GetOpenIDConnectProvider
* GetOrganizationsAccessReport
* GetPolicy
* GetPolicyVersion
* GetRole
* GetRolePolicy
* GetSAMLProvider
* GetServerCertificate
* GetServiceLastAccessedDetails
* GetServiceLastAccessedDetailsWithEntities
* GetServiceLinkedRoleDeletionStatus
* GetSSHPublicKey
* GetUser
* GetUserPolicy
* ListAccessKeys
* ListAccountAliases
* ListAttachedGroupPolicies
* ListAttachedRolePolicies
* ListAttachedUserPolicies
* ListEntitiesForPolicy
* ListGroupPolicies
* ListGroups
* ListGroupsForUser
* ListInstanceProfiles
* ListInstanceProfilesForRole
* ListInstanceProfileTags
* ListMFADevices
* ListMFADeviceTags
* ListOpenIDConnectProviders
* ListOpenIDConnectProviderTags
* ListPolicies
* ListPoliciesGrantingServiceAccess
* ListPolicyTags
* ListPolicyVersions
* ListRolePolicies
* ListRoles
* ListRoleTags
* ListSAMLProviders
* ListSAMLProviderTags
* ListServerCertificates
* ListServerCertificateTags
* ListServiceSpecificCredentials
* ListSigningCertificates
* ListSSHPublicKeys
* ListUserPolicies
* ListUsers
* ListUserTags
* ListVirtualMFADevices
* PutGroupPolicy
* PutRolePermissionsBoundary
* PutRolePolicy
* PutUserPermissionsBoundary
* PutUserPolicy
* RemoveClientIDFromOpenIDConnectProvider
* RemoveRoleFromInstanceProfile
* RemoveUserFromGroup
* ResetServiceSpecificCredential
* ResyncMFADevice
* SetDefaultPolicyVersion
* SetSecurityTokenServicePreferences
* SimulateCustomPolicy
* SimulatePrincipalPolicy
* TagInstanceProfile
* TagMFADevice
* TagOpenIDConnectProvider
* TagPolicy
* TagRole
* TagSAMLProvider
* TagServerCertificate
* TagUser
* UntagInstanceProfile
* UntagMFADevice
* UntagOpenIDConnectProvider
* UntagPolicy
* UntagRole
* UntagSAMLProvider
* UntagServerCertificate
* UntagUser
* UpdateAccessKey
* UpdateAccountPasswordPolicy
* UpdateAssumeRolePolicy
* UpdateGroup
* UpdateLoginProfile
* UpdateOpenIDConnectProviderThumbprint
* UpdateRole
* UpdateRoleDescription
* UpdateSAMLProvider
* UpdateServerCertificate
* UpdateServiceSpecificCredential
* UpdateSigningCertificate
* UpdateSSHPublicKey
* UpdateUser
* UploadServerCertificate
* UploadSigningCertificate
* UploadSSHPublicKey
* Data Types
* AccessDetail
* AccessKey
* AccessKeyLastUsed
* AccessKeyMetadata
* AttachedPermissionsBoundary
* AttachedPolicy
* ContextEntry
* DeletionTaskFailureReasonType
* EntityDetails
* EntityInfo
* ErrorDetails
* EvaluationResult
* Group
* GroupDetail
* InstanceProfile
* ListPoliciesGrantingServiceAccessEntry
* LoginProfile
* ManagedPolicyDetail
* MFADevice
* OpenIDConnectProviderListEntry
* OrganizationsDecisionDetail
* PasswordPolicy
* PermissionsBoundaryDecisionDetail
* Policy
* PolicyDetail
* PolicyGrantingServiceAccess
* PolicyGroup
* PolicyRole
* PolicyUser
* PolicyVersion
* Position
* ResourceSpecificResult
* Role
* RoleDetail
* RoleLastUsed
* RoleUsageType
* SAMLProviderListEntry
* ServerCertificate
* ServerCertificateMetadata
* ServiceLastAccessed
* ServiceSpecificCredential
* ServiceSpecificCredentialMetadata
* SigningCertificate
* SSHPublicKey
* SSHPublicKeyMetadata
* Statement
* Tag
* TrackedActionLastAccessed
* User
* UserDetail
* VirtualMFADevice
* Common Parameters
* Common Errors
PutRolePolicy - AWS Identity and Access Management
AWSDocumentationAWS Identity and Access ManagementAPI Reference
Request ParametersErrorsExamplesSee Also
PUTROLEPOLICY
PDF
Adds or updates an inline policy document that is embedded in the specified IAM
role.
When you embed an inline policy in a role, the inline policy is used as part of
the role's access (permissions) policy. The role's trust policy is created at
the same time as the role, using CreateRole. You can update a role's trust
policy using UpdateAssumeRolePolicy. For more information about roles, see IAM
roles in the IAM User Guide.
A role can also have a managed policy attached to it. To attach a managed policy
to a role, use AttachRolePolicy. To create a new managed policy, use
CreatePolicy. For information about policies, see Managed policies and inline
policies in the IAM User Guide.
For information about the maximum number of inline policies that you can embed
with a role, see IAM and AWS STS quotas in the IAM User Guide.
NOTE
Because policy documents can be large, you should use POST rather than GET when
calling PutRolePolicy. For general information about using the Query API with
IAM, see Making query requests in the IAM User Guide.
REQUEST PARAMETERS
For information about the parameters that are common to all actions, see Common
Parameters.
PolicyDocument
The policy document.
You must provide policies in JSON format in IAM. However, for AWS CloudFormation
templates formatted in YAML, you can provide the policy in JSON or YAML format.
AWS CloudFormation always converts a YAML policy to JSON format before
submitting it to IAM.
The regex pattern used to validate this parameter is a string of characters
consisting of the following:
* Any printable ASCII character ranging from the space character (\u0020)
through the end of the ASCII character range
* The printable characters in the Basic Latin and Latin-1 Supplement character
set (through \u00FF)
* The special characters tab (\u0009), line feed (\u000A), and carriage return
(\u000D)
Type: String
Length Constraints: Minimum length of 1. Maximum length of 131072.
Pattern: [\u0009\u000A\u000D\u0020-\u00FF]+
Required: Yes
PolicyName
The name of the policy document.
This parameter allows (through its regex pattern) a string of characters
consisting of upper and lowercase alphanumeric characters with no spaces. You
can also include any of the following characters: _+=,.@-
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: [\w+=,.@-]+
Required: Yes
RoleName
The name of the role to associate the policy with.
This parameter allows (through its regex pattern) a string of characters
consisting of upper and lowercase alphanumeric characters with no spaces. You
can also include any of the following characters: _+=,.@-
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern: [\w+=,.@-]+
Required: Yes
ERRORS
For information about the errors that are common to all actions, see Common
Errors.
LimitExceeded
The request was rejected because it attempted to create resources beyond the
current AWS account limits. The error message describes the limit exceeded.
HTTP Status Code: 409
MalformedPolicyDocument
The request was rejected because the policy document was malformed. The error
message describes the specific error.
HTTP Status Code: 400
NoSuchEntity
The request was rejected because it referenced a resource entity that does not
exist. The error message describes the resource.
HTTP Status Code: 404
ServiceFailure
The request processing has failed because of an unknown error, exception or
failure.
HTTP Status Code: 500
UnmodifiableEntity
The request was rejected because service-linked roles are protected AWS
resources. Only the service that depends on the service-linked role can modify
or delete the role on your behalf. The error message includes the name of the
service that depends on this service-linked role. You must request the change
through that service.
HTTP Status Code: 400
EXAMPLES
EXAMPLE
This example illustrates one usage of PutRolePolicy.
SAMPLE REQUEST
https://iam.amazonaws.com/?Action=PutRolePolicy
&RoleName=S3Access
&PolicyName=S3AccessPolicy
&PolicyDocument={"Version":"2012-10-17","Statement":{"Effect":"Allow","Action":"s3:*","Resource":"*"}}
&Version=2010-05-08
&AUTHPARAMS
SAMPLE RESPONSE
<PutRolePolicyResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
<ResponseMetadata>
<RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>
</ResponseMetadata>
</PutRolePolicyResponse>
SEE ALSO
For more information about using this API in one of the language-specific AWS
SDKs, see the following:
* AWS Command Line Interface
* AWS SDK for .NET
* AWS SDK for C++
* AWS SDK for Go v2
* AWS SDK for Java V2
* AWS SDK for JavaScript V3
* AWS SDK for PHP V3
* AWS SDK for Python
* AWS SDK for Ruby V3
Javascript is disabled or is unavailable in your browser.
To use the Amazon Web Services Documentation, Javascript must be enabled. Please
refer to your browser's Help pages for instructions.
Document Conventions
PutRolePermissionsBoundary
PutUserPermissionsBoundary
Did this page help you? - Yes
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of
it.
Did this page help you? - No
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.
DID THIS PAGE HELP YOU?
Yes
No
Provide feedback
NEXT TOPIC:
PutUserPermissionsBoundary
PREVIOUS TOPIC:
PutRolePermissionsBoundary
NEED HELP?
* Try AWS re:Post
* Connect with an AWS IQ expert
PrivacySite termsCookie preferences
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ON THIS PAGE
* Request Parameters
* Errors
* Examples
* See Also