Organization roles

Roles group one or more organization policies, and can be assigned to organization users and access keys.

Last updated 1 year ago

Was this helpful?

Get role

get

Retrieve a single IAM role.

Authorizations

Path parameters

organizationIdstringRequired

The organization ID

roleIdstringRequired

ID for an IAM role

Responses

application/json

objectOptional

application/json

get

GET /organizations/{organizationId}/iam-roles/{roleId} HTTP/1.1
Host: 
Authorization: Bearer jwt
Accept: */*

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "type": "organization",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ],
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "scope": "organization",
      "type": "managed",
      "createdAt": "2025-04-19T00:11:32.450Z",
      "updatedAt": "2025-04-19T00:11:32.450Z",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      }
    }
  ],
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-04-19T00:11:32.450Z",
  "updatedAt": "2025-04-19T00:11:32.450Z",
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}

Delete role

delete

Remove an IAM role from the organization.

Authorizations

Path parameters

organizationIdstringRequired

The organization ID

roleIdstringRequired

ID for an IAM role

Responses

application/json

delete

DELETE /organizations/{organizationId}/iam-roles/{roleId} HTTP/1.1
Host: 
Authorization: Bearer jwt
Accept: */*

No content

List roles

get

List the IAM roles that are defined for this organization.

Authorizations

Path parameters

organizationIdstringRequired

The organization ID

Query parameters

limitinteger · min: 1 · max: 100Optional

Limits the number of results to return

Default: 10

pageTokenstringOptional

Pagination token that keeps of track of the current position in the list

reversebooleanOptional

Order in which to retrieve the results

Default: false

Responses

application/json

all ofOptional

A list of results that supports pagination.

application/json

get

GET /organizations/{organizationId}/iam-roles HTTP/1.1
Host: 
Authorization: Bearer jwt
Accept: */*

{
  "results": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "organizationId": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "type": "organization",
      "policies": [
        {
          "id": "123e4567-e89b-12d3-a456-426614174000",
          "name": "text",
          "description": "text",
          "definitions": [
            {
              "effect": "allow",
              "resources": [
                "text"
              ],
              "actions": [
                "any"
              ],
              "conditionsAll": [
                {
                  "any": {
                    "ANY_ADDITIONAL_PROPERTY": {
                      "ANY_ADDITIONAL_PROPERTY": "text"
                    }
                  }
                }
              ]
            }
          ],
          "rolesDependencyCount": 1,
          "usersDependencyCount": 1,
          "scope": "organization",
          "type": "managed",
          "createdAt": "2025-04-19T00:11:32.450Z",
          "updatedAt": "2025-04-19T00:11:32.450Z",
          "metadata": {
            "clouds": [
              "platform"
            ],
            "apps": [
              "inbox"
            ],
            "groups": [
              "text"
            ]
          }
        }
      ],
      "usersDependencyCount": 1,
      "accessKeysDependencyCount": 1,
      "createdAt": "2025-04-19T00:11:32.450Z",
      "updatedAt": "2025-04-19T00:11:32.450Z",
      "metadata": {
        "clouds": [
          "platform"
        ]
      },
      "actions": [
        {
          "name": "text",
          "type": "text"
        }
      ]
    }
  ],
  "nextPageToken": "text"
}

Create role

post

Create a new IAM role for this organization.

Authorizations

Path parameters

organizationIdstringRequired

The organization ID

Body

namestringRequired

Role name.

descriptionstringOptional

Role description.

policiesobject[] · max: 32Required

IAM Policies this role contains.

actionsobject[] | nullableOptional

Actions this role contains.

Responses

application/json

objectOptional

application/json

post

POST /organizations/{organizationId}/iam-roles HTTP/1.1
Host: 
Authorization: Bearer jwt
Content-Type: application/json
Accept: */*
Content-Length: 154

{
  "name": "text",
  "description": "text",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "type": "managed"
    }
  ],
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "type": "organization",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ],
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "scope": "organization",
      "type": "managed",
      "createdAt": "2025-04-19T00:11:32.450Z",
      "updatedAt": "2025-04-19T00:11:32.450Z",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      }
    }
  ],
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-04-19T00:11:32.450Z",
  "updatedAt": "2025-04-19T00:11:32.450Z",
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}

Update role

patch

Update an IAM role's properties.

Authorizations

Path parameters

organizationIdstringRequired

The organization ID

roleIdstringRequired

ID for an IAM role

Body

namestringOptional

Role name.

descriptionstringOptional

Role description.

policiesobject[] · max: 32Optional

IAM Policies this role contains.

actionsobject[] | nullableOptional

Actions this role contains.

Responses

application/json

objectOptional

application/json

patch

PATCH /organizations/{organizationId}/iam-roles/{roleId} HTTP/1.1
Host: 
Authorization: Bearer jwt
Content-Type: application/json
Accept: */*
Content-Length: 154

{
  "name": "text",
  "description": "text",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "type": "managed"
    }
  ],
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "type": "organization",
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ],
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "scope": "organization",
      "type": "managed",
      "createdAt": "2025-04-19T00:11:32.450Z",
      "updatedAt": "2025-04-19T00:11:32.450Z",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      }
    }
  ],
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-04-19T00:11:32.450Z",
  "updatedAt": "2025-04-19T00:11:32.450Z",
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ]
}