Organization roles
Roles group one or more organization policies, and can be assigned to organization users and access keys.
Last updated
Was this helpful?
Roles group one or more organization policies, and can be assigned to organization users and access keys.
Last updated
Was this helpful?
Retrieve a single IAM role.
The organization ID
ID for an IAM role
GET /organizations/{organizationId}/iam-roles/{roleId} HTTP/1.1
Host:
Authorization: Bearer jwt
Accept: */*
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"organizationId": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"type": "organization",
"policies": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"definitions": [
{
"effect": "allow",
"resources": [
"text"
],
"actions": [
"any"
],
"conditionsAll": [
{
"any": {
"ANY_ADDITIONAL_PROPERTY": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
}
]
}
],
"rolesDependencyCount": 1,
"usersDependencyCount": 1,
"scope": "organization",
"type": "managed",
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
],
"apps": [
"inbox"
],
"groups": [
"text"
]
}
}
],
"usersDependencyCount": 1,
"accessKeysDependencyCount": 1,
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
]
},
"actions": [
{
"name": "text",
"type": "text"
}
]
}
Remove an IAM role from the organization.
The organization ID
ID for an IAM role
DELETE /organizations/{organizationId}/iam-roles/{roleId} HTTP/1.1
Host:
Authorization: Bearer jwt
Accept: */*
No content
List the IAM roles that are defined for this organization.
The organization ID
Limits the number of results to return
10
Pagination token that keeps of track of the current position in the list
Order in which to retrieve the results
false
GET /organizations/{organizationId}/iam-roles HTTP/1.1
Host:
Authorization: Bearer jwt
Accept: */*
{
"results": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"organizationId": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"type": "organization",
"policies": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"definitions": [
{
"effect": "allow",
"resources": [
"text"
],
"actions": [
"any"
],
"conditionsAll": [
{
"any": {
"ANY_ADDITIONAL_PROPERTY": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
}
]
}
],
"rolesDependencyCount": 1,
"usersDependencyCount": 1,
"scope": "organization",
"type": "managed",
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
],
"apps": [
"inbox"
],
"groups": [
"text"
]
}
}
],
"usersDependencyCount": 1,
"accessKeysDependencyCount": 1,
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
]
},
"actions": [
{
"name": "text",
"type": "text"
}
]
}
],
"nextPageToken": "text"
}
Create a new IAM role for this organization.
The organization ID
Role name.
Role description.
POST /organizations/{organizationId}/iam-roles HTTP/1.1
Host:
Authorization: Bearer jwt
Content-Type: application/json
Accept: */*
Content-Length: 154
{
"name": "text",
"description": "text",
"policies": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "managed"
}
],
"actions": [
{
"name": "text",
"type": "text"
}
]
}
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"organizationId": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"type": "organization",
"policies": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"definitions": [
{
"effect": "allow",
"resources": [
"text"
],
"actions": [
"any"
],
"conditionsAll": [
{
"any": {
"ANY_ADDITIONAL_PROPERTY": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
}
]
}
],
"rolesDependencyCount": 1,
"usersDependencyCount": 1,
"scope": "organization",
"type": "managed",
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
],
"apps": [
"inbox"
],
"groups": [
"text"
]
}
}
],
"usersDependencyCount": 1,
"accessKeysDependencyCount": 1,
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
]
},
"actions": [
{
"name": "text",
"type": "text"
}
]
}
Update an IAM role's properties.
The organization ID
ID for an IAM role
Role name.
Role description.
PATCH /organizations/{organizationId}/iam-roles/{roleId} HTTP/1.1
Host:
Authorization: Bearer jwt
Content-Type: application/json
Accept: */*
Content-Length: 154
{
"name": "text",
"description": "text",
"policies": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"type": "managed"
}
],
"actions": [
{
"name": "text",
"type": "text"
}
]
}
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"organizationId": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"type": "organization",
"policies": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text",
"description": "text",
"definitions": [
{
"effect": "allow",
"resources": [
"text"
],
"actions": [
"any"
],
"conditionsAll": [
{
"any": {
"ANY_ADDITIONAL_PROPERTY": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
}
]
}
],
"rolesDependencyCount": 1,
"usersDependencyCount": 1,
"scope": "organization",
"type": "managed",
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
],
"apps": [
"inbox"
],
"groups": [
"text"
]
}
}
],
"usersDependencyCount": 1,
"accessKeysDependencyCount": 1,
"createdAt": "2025-06-20T17:18:54.254Z",
"updatedAt": "2025-06-20T17:18:54.254Z",
"metadata": {
"clouds": [
"platform"
]
},
"actions": [
{
"name": "text",
"type": "text"
}
]
}