Organization roles

Roles group one or more organization policies, and can be assigned to organization users and access keys.

Last updated 1 year ago

Was this helpful?

Get role

get

Retrieve a single IAM role.

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

roleIdstringrequired

ID for an IAM role

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url '/organizations/{organizationId}/iam-roles/{roleId}' \
  --header 'Authorization: Bearer jwt'

200

404

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "type": "organization",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ],
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "scope": "organization",
      "type": "managed",
      "createdAt": "2025-03-23T01:19:48.110Z",
      "updatedAt": "2025-03-23T01:19:48.110Z",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      }
    }
  ],
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-03-23T01:19:48.110Z",
  "updatedAt": "2025-03-23T01:19:48.110Z",
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}

Delete role

delete

Remove an IAM role from the organization.

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

roleIdstringrequired

ID for an IAM role

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request DELETE \
  --url '/organizations/{organizationId}/iam-roles/{roleId}' \
  --header 'Authorization: Bearer jwt'

204

400

403

404

409

410

No body

List roles

get

List the IAM roles that are defined for this organization.

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

Query parameters

limitinteger · min: 1 · max: 100 · default: 10optional

Limits the number of results to return

pageTokenstringoptional

Pagination token that keeps of track of the current position in the list

reverseboolean · default: falseoptional

Order in which to retrieve the results

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url '/organizations/{organizationId}/iam-roles' \
  --header 'Authorization: Bearer jwt'

200

401

404

{
  "results": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "organizationId": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "type": "organization",
      "policies": [
        {
          "id": "123e4567-e89b-12d3-a456-426614174000",
          "name": "text",
          "description": "text",
          "definitions": [
            {
              "effect": "allow",
              "resources": [
                "text"
              ],
              "actions": [
                "any"
              ],
              "conditionsAll": [
                {
                  "any": {
                    "ANY_ADDITIONAL_PROPERTY": {
                      "ANY_ADDITIONAL_PROPERTY": "text"
                    }
                  }
                }
              ]
            }
          ],
          "rolesDependencyCount": 1,
          "usersDependencyCount": 1,
          "scope": "organization",
          "type": "managed",
          "createdAt": "2025-03-23T01:19:48.110Z",
          "updatedAt": "2025-03-23T01:19:48.110Z",
          "metadata": {
            "clouds": [
              "platform"
            ],
            "apps": [
              "inbox"
            ],
            "groups": [
              "text"
            ]
          }
        }
      ],
      "usersDependencyCount": 1,
      "accessKeysDependencyCount": 1,
      "createdAt": "2025-03-23T01:19:48.110Z",
      "updatedAt": "2025-03-23T01:19:48.110Z",
      "metadata": {
        "clouds": [
          "platform"
        ]
      },
      "actions": [
        {
          "name": "text",
          "type": "text"
        }
      ]
    }
  ],
  "nextPageToken": "text"
}

Create role

post

Create a new IAM role for this organization.

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

Body

namestringrequired

Role name.

descriptionstringoptional

Role description.

policiesobject[] · max: 32required

IAM Policies this role contains.

actionsobject[] | nullableoptional

Actions this role contains.

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '/organizations/{organizationId}/iam-roles' \
  --header 'Authorization: Bearer jwt' \
  --header 'Content-Type: application/json' \
  --data '{
    "name": "text",
    "description": "text",
    "policies": [
      {
        "id": "123e4567-e89b-12d3-a456-426614174000",
        "type": "managed"
      }
    ],
    "actions": [
      {
        "name": "text",
        "type": "text"
      }
    ]
  }'

201

403

404

409

422

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "type": "organization",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ],
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "scope": "organization",
      "type": "managed",
      "createdAt": "2025-03-23T01:19:48.110Z",
      "updatedAt": "2025-03-23T01:19:48.110Z",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      }
    }
  ],
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-03-23T01:19:48.110Z",
  "updatedAt": "2025-03-23T01:19:48.110Z",
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}

Created

Update role

patch

Update an IAM role's properties.

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

roleIdstringrequired

ID for an IAM role

Body

namestringoptional

Role name.

descriptionstringoptional

Role description.

policiesobject[] · max: 32optional

IAM Policies this role contains.

actionsobject[] | nullableoptional

Actions this role contains.

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PATCH \
  --url '/organizations/{organizationId}/iam-roles/{roleId}' \
  --header 'Authorization: Bearer jwt' \
  --header 'Content-Type: application/json' \
  --data '{
    "name": "text",
    "description": "text",
    "policies": [
      {
        "id": "123e4567-e89b-12d3-a456-426614174000",
        "type": "managed"
      }
    ],
    "actions": [
      {
        "name": "text",
        "type": "text"
      }
    ]
  }'

200

403

404

422

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "type": "organization",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ],
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "scope": "organization",
      "type": "managed",
      "createdAt": "2025-03-23T01:19:48.110Z",
      "updatedAt": "2025-03-23T01:19:48.110Z",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      }
    }
  ],
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-03-23T01:19:48.110Z",
  "updatedAt": "2025-03-23T01:19:48.110Z",
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}

Get role

Delete role

List roles

Create role

Show child attributes

Show child attributes

Update role

Show child attributes

Show child attributes