Creates a service linked role.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateServiceLinkedRole

The operation that you want to perform. Set the value to CreateServiceLinkedRole.

ServiceName String Yes polardb.aliyuncs.com

The service name.

For more information about the service name, see Cloud services that support service linked roles.

CustomSuffix String No Example

The suffix of the role name.

Only a few service linked roles support custom suffixes.

The role name (including its suffix) must be 1 to 64 characters in length and can contain letters, digits, periods (.), and hyphens (-).

For example, if the suffix is Example, the role name is ServiceLinkedRoleName_Example.

Description String No Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.

The description of the service linked role.

This parameter must be specified for only the service linked roles that support custom suffixes. Otherwise, the preset value is used and cannot be modified.

The description must be 1 to 1,024 characters in length.

Response parameters

Parameter Type Example Description
RequestId String FE58D7CF-03BC-432A-B42D-BC3390C8C2E1

The ID of the request.

Role Struct

The information of the role.

Arn String acs:ram::177242285274****:role/aliyunserviceroleforpolardb

The Alibaba Cloud Resource Name (ARN) of the role.

AssumeRolePolicyDocument String {\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"polardb.aliyuncs.com\"]}}],\"Version\":\"1\"}

The trust policy content of the role.

CreateDate String 2020-06-30T08:14:16Z

The time when the role was created.

Description String Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.

The description of the role.

IsServiceLinkedRole Boolean true

Indicates whether the role is a service linked role.

RoleId String 32833240981067****

The ID of the role.

RoleName String AliyunServiceRoleForPolarDB

The name of the role.

RolePrincipalName String AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com

The role name that uses a domain name as the suffix.

Examples

Sample requests

https://resourcemanager.aliyuncs.com/?Action=CreateServiceLinkedRole
&ServiceName=polardb.aliyuncs.com
&<Common request parameters>

Sample success responses

XML format

<CreateServiceLinkedRoleResponse>
      <Role>
            <RoleName>AliyunServiceRoleForPolarDB</RoleName>
            <Description>Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services. </Description>
            <AssumeRolePolicyDocument>{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":["polardb.aliyuncs.com"]}}],"Version":"1"}</AssumeRolePolicyDocument>
            <Arn>acs:ram::177242285274****:role/aliyunserviceroleforpolardb</Arn>
            <IsServiceLinkedRole>true</IsServiceLinkedRole>
            <CreateDate>2020-06-30T08:14:16Z</CreateDate>
            <RoleId>32833240981067****</RoleId>
            <RolePrincipalName>AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com</RolePrincipalName>
      </Role>
      <RequestId>FE58D7CF-03BC-432A-B42D-BC3390C8C2E1</RequestId>
</CreateServiceLinkedRoleResponse>

JSON format

{
	"Role": {
		"RoleName": "AliyunServiceRoleForPolarDB",
		"Description": "Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.",
		"AssumeRolePolicyDocument": "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"polardb.aliyuncs.com\"]}}],\"Version\":\"1\"}",
		"Arn": "acs:ram::177242285274****:role/aliyunserviceroleforpolardb",
		"IsServiceLinkedRole": true,
		"CreateDate": "2020-06-30T08:14:16Z",
		"RoleId": "32833240981067****",
		"RolePrincipalName": "AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com"
	},
	"RequestId": "FE58D7CF-03BC-432A-B42D-BC3390C8C2E1"
}

Error codes

HttpCode Error code Error message Description
400 InvalidParameter.CustomSuffix.NotAllowed Custom suffix is not allowed for this Service Linked Role. The error message returned because the service linked role does not support custom suffixes.
400 InvalidParameter.CustomSuffix.InvalidChars The parameter CustomSuffix contains invalid characters. The error message returned because the value of the CustomSuffix parameter contains invalid characters.
400 InvalidParameter.CustomSuffix.Length The maximum length of the parameter CustomSuffix is exceeded. The error message returned because the length of the value specified for the CustomSuffix parameter has exceeded the upper limit.
400 InvalidParameter.Description.Length The maximum length of the description is exceeded. It must not exceed 1024 characters. The error message returned because the length of the policy description has exceeded the upper limit. The policy description must be 1 to 1,024 characters in length.
404 EntityNotExist.Service The service does not exist. The error message returned because the service does not exist.
409 EntityAlreadyExists.Role The role already exists. The error message returned because the role already exists.
409 LimitExceeded.Role The maximum number of roles is exceeded. The error message returned because the maximum number of roles has been reached.

For a list of error codes, visit the API Error Center.