Create a service linked role.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Required CreateServiceLinkedRole

The operation that you want to perform. Set the value to CreateServiceLinkedRole.

ServiceName String Required polardb.aliyuncs.com

The service name.

For the service name, see cloud services supporting service-associated roles.

CustomSuffix String No Example

The suffix of the role name.

Only a few service linked roles support custom suffixes.

The name must be 1 to 64 characters in length. It can contain letters, digits, periods (.), and hyphens (-).

For example, assume that the suffix is Example, the role name is ServiceLinkedRoleName_Example, the maximum length cannot exceed 64 characters.

Description String No Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.

The description of the service linked role.

A role description can be entered only for a service linked role that allows a custom suffix. Otherwise, the role description uses the default value and cannot be modified.

The value must be 1 to 1,024 characters in length.

Response parameters

Parameter Type Sample response Description
RequestId String FE58D7 CF-03BC-432A-B42D-BC3390C8C2E1

The ID of the request.

Role Struct

The information of the role.

Arn String acs:ram::177242285274****:role/aliyunserviceroleforpolardb

The Alibaba Cloud Resource Name (ARN) of the role.

AssumeRolePolicyDocument String {\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"polardb.aliyuncs.com\"]}}],\"Version\":\"1\"}

The content of the trust policy for the role.

CreateDate String 2020-06-30T08:14:16Z

The time when the role was created.

Description String Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.

The description of the role.

IsServiceLinkedRole Boolean True

Indicates whether the role is a service linked role.

RoleId String 32833240981067 Upload callback function *

The ID of the role.

RoleName String AliyunServiceRoleForPolarDB

The name of the role.

RolePrincipalName String AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com

The role name with the domain name suffix.

Examples

Sample requests

https://resourcemanager.aliyuncs.com/? Action=CreateServiceLinkedRole
&ServiceName=polardb.aliyuncs.com
&<Common request parameters>

Sample success responses

XML format

<CreateServiceLinkedRoleResponse>
      <Role>
            <RoleName>AliyunServiceRoleForPolarDB</RoleName>
            <Description>Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services. </Description>
            <AssumeRolePolicyDocument>{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":["polardb.aliyuncs.com"]}}],"Version":"1"}</AssumeRolePolicyDocument>
            <Arn>acs:ram::177242285274****:role/aliyunserviceroleforpolardb</Arn>
            <IsServiceLinkedRole>true</IsServiceLinkedRole>
            <CreateDate>2020-06-30T08:14:16Z</CreateDate>
            <RoleId>32833240981067****</RoleId>
            <RolePrincipalName>AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com</RolePrincipalName>
      </Role>
      <RequestId>FE58D7CF-03BC-432A-B42D-BC3390C8C2E1</RequestId>
</CreateServiceLinkedRoleResponse>

JSON format

{
    "Role": {
        "RoleName": "AliyunServiceRoleForPolarDB",
        "Description": "Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.",
        "AssumeRolePolicyDocument": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"polardb.aliyuncs.com\"]}}],\"Version\":\"1\"}",
        "Arn": "acs:ram::177242285274****:role/aliyunserviceroleforpolardb",
        "IsServiceLinkedRole": true,
        "CreateDate": "2020-06-30T08:14:16Z",
        "RoleId": "32833240981067****",
        "RolePrincipalName": "AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com"
    },
    "RequestId": "FE58D7CF-03BC-432A-B42D-BC3390C8C2E1"
}

Error code

HTTP status code Error code Error message Description
400 InvalidParameter.CustomSuffix.NotAllowed Custom suffix is not allowed for this Service Linked Role. The service linked role does not support custom suffixes.
400 InvalidParameter.CustomSuffix.InvalidChars The parameter CustomSuffix contains invalid characters. The parameter CustomSuffix contains invalid characters.
400 InvalidParameter.CustomSuffix.Length The maximum length of the parameter CustomSuffix is exceeded. The length of the CustomSuffix parameter exceeds the upper limit.
400 InvalidParameter.Description.NotAllowed Custom description is not allowed for this Service Linked Role. The service linked role does not support custom descriptions.
400 InvalidParameter.Description.Length The maximum length of the description is exceeded. It must not exceed 1024 characters. The error message returned because the length of the policy description has exceeded the upper limit. The policy description must be 1 to 1,024 characters in length.
404 EntityNotExist.Service The service does not exist. The service does not exist.
409 EntityAlreadyExists.Role The role already exists. The error message returned because the role already exists.
409 LimitExceeded.Role The maximum number of roles is exceeded. The error message returned because the maximum number of roles has been reached.

For a list of error codes, visit the API Error Center.