Organization roles

Roles group one or more organization policies, and can be assigned to organization users and access keys.

Last updated 1 year ago

Was this helpful?

List roles

List the IAM roles that are defined for this organization.

get

/organizations/{organizationId}/iam-roles

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

Query parameters

limitinteger · min: 1 · max: 100 · default: 10

Limits the number of results to return

pageTokenstring

Pagination token that keeps of track of the current position in the list

reverseboolean

Order in which to retrieve the results

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url '/organizations/{organizationId}/iam-roles' \
  --header 'Authorization: Bearer jwt'

200

401

404

{
  "results": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "organizationId": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "usersDependencyCount": 1,
      "accessKeysDependencyCount": 1,
      "createdAt": "2025-02-21T18:03:09.435Z",
      "updatedAt": "2025-02-21T18:03:09.435Z",
      "type": "organization",
      "actions": [
        {
          "name": "text",
          "type": "text"
        }
      ],
      "metadata": {
        "clouds": [
          "platform"
        ]
      },
      "policies": [
        {
          "id": "123e4567-e89b-12d3-a456-426614174000",
          "name": "text",
          "description": "text",
          "rolesDependencyCount": 1,
          "usersDependencyCount": 1,
          "createdAt": "2025-02-21T18:03:09.435Z",
          "updatedAt": "2025-02-21T18:03:09.435Z",
          "scope": "organization",
          "type": "managed",
          "metadata": {
            "clouds": [
              "platform"
            ],
            "apps": [
              "inbox"
            ],
            "groups": [
              "text"
            ]
          },
          "definitions": [
            {
              "effect": "allow",
              "resources": [
                "text"
              ],
              "actions": [
                "any"
              ],
              "conditionsAll": [
                {
                  "any": {
                    "ANY_ADDITIONAL_PROPERTY": {
                      "ANY_ADDITIONAL_PROPERTY": "text"
                    }
                  }
                }
              ]
            }
          ]
        }
      ]
    }
  ],
  "nextPageToken": "text"
}

Create role

Create a new IAM role for this organization.

post

/organizations/{organizationId}/iam-roles

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

Body

namestringrequired

Role name.

descriptionstring

Role description.

policiesPolicyRef[]required

IAM Policies this role contains.

actionsAction[] | nullable

Actions this role contains.

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url '/organizations/{organizationId}/iam-roles' \
  --header 'Authorization: Bearer jwt' \
  --header 'Content-Type: application/json' \
  --data '{"name":"text","policies":[{"id":"123e4567-e89b-12d3-a456-426614174000","type":"managed"}],"actions":[{"name":"text","type":"text"}]}'

201

403

404

409

422

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-02-21T18:03:09.435Z",
  "updatedAt": "2025-02-21T18:03:09.435Z",
  "type": "organization",
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ],
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "createdAt": "2025-02-21T18:03:09.435Z",
      "updatedAt": "2025-02-21T18:03:09.435Z",
      "scope": "organization",
      "type": "managed",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      },
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ]
    }
  ]
}

Created

Get role

Retrieve a single IAM role.

get

/organizations/{organizationId}/iam-roles/{roleId}

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

roleIdstringrequired

ID for an IAM role

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url '/organizations/{organizationId}/iam-roles/{roleId}' \
  --header 'Authorization: Bearer jwt'

200

404

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-02-21T18:03:09.435Z",
  "updatedAt": "2025-02-21T18:03:09.435Z",
  "type": "organization",
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ],
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "createdAt": "2025-02-21T18:03:09.435Z",
      "updatedAt": "2025-02-21T18:03:09.435Z",
      "scope": "organization",
      "type": "managed",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      },
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ]
    }
  ]
}

Delete role

Remove an IAM role from the organization.

delete

/organizations/{organizationId}/iam-roles/{roleId}

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

roleIdstringrequired

ID for an IAM role

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request DELETE \
  --url '/organizations/{organizationId}/iam-roles/{roleId}' \
  --header 'Authorization: Bearer jwt'

204

400

403

404

409

410

No body

Update role

Update an IAM role's properties.

patch

/organizations/{organizationId}/iam-roles/{roleId}

Authorizations

Path parameters

organizationIdstringrequired

The organization ID

roleIdstringrequired

ID for an IAM role

Body

namestring

Role name.

descriptionstring

Role description.

policiesPolicyRef[]

IAM Policies this role contains.

actionsAction[] | nullable

Actions this role contains.

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request PATCH \
  --url '/organizations/{organizationId}/iam-roles/{roleId}' \
  --header 'Authorization: Bearer jwt' \
  --header 'Content-Type: application/json' \
  --data '{"policies":[{"id":"123e4567-e89b-12d3-a456-426614174000","type":"managed"}],"actions":[{"name":"text","type":"text"}]}'

200

403

404

422

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organizationId": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "usersDependencyCount": 1,
  "accessKeysDependencyCount": 1,
  "createdAt": "2025-02-21T18:03:09.435Z",
  "updatedAt": "2025-02-21T18:03:09.435Z",
  "type": "organization",
  "actions": [
    {
      "name": "text",
      "type": "text"
    }
  ],
  "metadata": {
    "clouds": [
      "platform"
    ]
  },
  "policies": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "createdAt": "2025-02-21T18:03:09.435Z",
      "updatedAt": "2025-02-21T18:03:09.435Z",
      "scope": "organization",
      "type": "managed",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      },
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ]
    }
  ]
}