CreateRole - API reference| Alibaba Cloud Documentation Center

Interface description

Creates a role.

Request parameters

Action

Type: String
Required: Yes
Description: Operation interface, required. The parameter value is “CreateRole”.

RoleName

Type: String
Required: Yes
Description: Role name. It consists of a maximum of 64 characters.
Format: ^[a-zA-Z0-9\.@\-]+$

Description

Type: String
Required: No
Description: Role description. It consists of a maximum of 1,024 characters.

AssumeRolePolicyDocument

Type: String
Required: Yes
Description: Specifies the identity of the role.

Required permissions

Action

ram:CreateRole

Resource

acs:ram:*:${AccountId}:role/*

Return parameters

Role

Type: Role Type
Description: Role information.

Error messages

InvalidParameter.RoleName.InvalidChars

HTTP Status: 400
Error Message: The parameter - “RoleName” contains invalid chars.

InvalidParameter.RoleName.Length

HTTP Status: 400
Error Message: The parameter - “RoleName” beyond the length limit.

InvalidParameter.AssumeRolePolicyDocument.Length

HTTP Status: 400
Error Message: The parameter - “AssumeRolePolicyDocument” beyond the length limit.

EntityAlreadyExists.Role

HTTP Status: 409
Error Message: The role does already EXIST.

MalformedPolicyDocument

HTTP Status: 400
Error Message: {The error details}

LimitExceeded.Role

HTTP Status: 409
Error Message: The count of roles beyond the current limits.

Operation examples

Request example

https://ram.aliyuncs.com/?Action=CreateRole
&RoleName=ECSAdmin
&AssumeRolePolicyDocument={ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::123456789012345678:root" } } ], "Version": "1" }
&Description=ECS administrator role
&<Public request parameters>

Return example

XML format

<CreateRoleResponse>
    <RequestId>04F0F334-1335-436C-A1D7-6C044FE73368</RequestId>
    <Role>
        <RoleId>901234567890123</RoleId>
        <RoleName>ECSAdmin</RoleName>
        <Arn>acs:ram::1234567890123456:role/ECSAdmin</Arn>
        <Description>ECS Administrator role</Description>
        <AssumeRolePolicyDocument>{ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::123456789012345678:root" } } ], "Version": "1" }</AssumeRolePolicyDocument>
        <CreateDate>2015-01-23T12:33:18Z</CreateDate>
    </Role>
</CreateRoleResponse>

JSON format

{
    "RequestId": "04F0F334-1335-436C-A1D7-6C044FE73368",
    "Role": {
        "RoleId": "901234567890123",
        "RoleName": "ECSAdmin",
        "Arn": "acs:ram::1234567890123456:role/ECSAdmin",
        "Description": "ECS Administrator role",
        "AssumeRolePolicyDocument": "{ \"Statement\": [ { \"Action\": \"sts:AssumeRole\", \"Effect\": \"Allow\", \"Principal\": { \"RAM\": \"acs:ram::123456789012345678:root\" } } ], \"Version\": \"1\" }",
        "CreateDate": "2015-01-23T12:33:18Z"
    }
}