ByCloud Docs
GuidesCLIAPISDK
post/v1/iam/roles

Create role

Create a new role in the current organization

Request Body

required

Content-Type: application/json

name

stringrequired

description

stringoptional

trust_policy

objectoptional

Defines who/what can assume this role using CRN patterns

Responses

201

Role created

Content-Type: application/json

role

objectoptional
400

Invalid request parameters

Content-Type: application/json

error

objectrequired
401

Authentication required or token invalid

Content-Type: application/json

error

objectrequired
403

Insufficient permissions

Content-Type: application/json

error

objectrequired
409

Resource conflict (e.g., already exists, invalid state)

Content-Type: application/json

error

objectrequired
500

Internal server error

Content-Type: application/json

error

objectrequired
curl -X POST "https://api.spo1.mycloud.com/v1/iam/roles" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "S3ReadOnly",
    "description": "string",
    "trust_policy": {
      "principals": [
        "crn:spo1:compute:instance:*"
      ]
    }
  }'

Response

Role created

{
  "role": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "crn": "crn::iam:role:550e8400-e29b-41d4-a716-446655440000",
    "name": "S3ReadOnly",
    "description": "Read-only access to S3 buckets",
    "trust_policy": {
      "principals": [
        "crn:spo1:compute:instance:*"
      ]
    },
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-01-15T10:30:00Z"
  }
}