Creates a service-linked role.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateServiceLinkedRole

The operation that you want to perform. Set the value to CreateServiceLinkedRole.

ServiceName String Yes polardb.aliyuncs.com

The name of the service.

For more information about the service name, see Alibaba Cloud services that support service-linked roles.

CustomSuffix String No Example

The suffix of the role name.

The role name (including its suffix) must be 1 to 64 characters in length and can contain letters, digits, periods (.), and hyphens (-).

For example, if the suffix is Example, the role name is ServiceLinkedRoleName_Example.

Description String No Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.

The description of the service-linked role.

You must configure this parameter for service-linked roles that support custom suffixes. Otherwise, the preset value is used and cannot be modified.

The description must be 1 to 1,024 characters in length.

For more information about common request parameters, see Common parameters.

Response parameters

Parameter Type Example Description
Role Object

The information about the role.

AssumeRolePolicyDocument String {\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"polardb.aliyuncs.com\"]}}],\"Version\":\"1\"}

The document of the trust policy for the role.

RolePrincipalName String AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com

The role name that uses a domain name as the suffix.

Description String Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.

The description of the role.

RoleName String AliyunServiceRoleForPolarDB

The name of the role.

CreateDate String 2020-06-30T08:14:16Z

The time when the role was created. The time is displayed in UTC.

Arn String acs:ram::177242285274****:role/aliyunserviceroleforpolardb

The Alibaba Cloud Resource Name (ARN) of the role.

RoleId String 32833240981067****

The ID of the role.

IsServiceLinkedRole Boolean true

Indicates whether the role is a service-linked role. Valid values:

  • true: The role is a service-linked role.
  • false: The role is not a service-linked role.
RequestId String FE58D7CF-03BC-432A-B42D-BC3390C8C2E1

The ID of the request.

Examples

Sample requests

https://resourcemanager.aliyuncs.com/?Action=CreateServiceLinkedRole
&ServiceName=polardb.aliyuncs.com
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<CreateServiceLinkedRoleResponse>
    <Role>
        <RoleName>AliyunServiceRoleForPolarDB</RoleName>
        <Description>Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.</Description>
        <AssumeRolePolicyDocument>{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":["polardb.aliyuncs.com"]}}],"Version":"1"}</AssumeRolePolicyDocument>
        <Arn>acs:ram::177242285274****:role/aliyunserviceroleforpolardb</Arn>
        <IsServiceLinkedRole>true</IsServiceLinkedRole>
        <CreateDate>2020-06-30T08:14:16Z</CreateDate>
        <RoleId>32833240981067****</RoleId>
        <RolePrincipalName>AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com</RolePrincipalName>
    </Role>
    <RequestId>FE58D7CF-03BC-432A-B42D-BC3390C8C2E1</RequestId>
</CreateServiceLinkedRoleResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "Role" : {
    "RoleName" : "AliyunServiceRoleForPolarDB",
    "Description" : "Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.",
    "AssumeRolePolicyDocument" : "{\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"polardb.aliyuncs.com\"]}}],\"Version\":\"1\"}",
    "Arn" : "acs:ram::177242285274****:role/aliyunserviceroleforpolardb",
    "IsServiceLinkedRole" : true,
    "CreateDate" : "2020-06-30T08:14:16Z",
    "RoleId" : "32833240981067****",
    "RolePrincipalName" : "AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com"
  },
  "RequestId" : "FE58D7CF-03BC-432A-B42D-BC3390C8C2E1"
}

Error codes

HTTP status code Error code Error message Description
400 InvalidParameter.CustomSuffix.NotAllowed Custom suffix is not allowed for this Service Linked Role. The error message returned because the service-linked role does not support custom suffixes.
400 InvalidParameter.CustomSuffix.InvalidChars The parameter CustomSuffix contains invalid characters. The error message returned because the value of the CustomSuffix parameter contains invalid characters.
400 InvalidParameter.CustomSuffix.Length The maximum length of the parameter CustomSuffix is exceeded. The error message returned because the length of the value specified for the CustomSuffix parameter has exceeded the upper limit.
400 InvalidParameter.Description.Length The maximum length of the description is exceeded. It must not exceed 1024 characters. The error message returned because the length of the description has exceeded the upper limit. The description must be 1 to 1,024 characters in length.
404 EntityNotExist.Service The service does not exist. The error message returned because the service does not exist.
409 EntityAlreadyExists.Role The role already exists. The error message returned because the role already exists.
409 LimitExceeded.Role The maximum number of roles is exceeded. The error message returned because the maximum number of roles has been reached.

For a list of error codes, see Service error codes.