Use CreateServiceLinkedRole with an Amazon SDK or command line tool - Amazon Identity and Access Management
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Use CreateServiceLinkedRole with an Amazon SDK or command line tool

The following code examples show how to use CreateServiceLinkedRole.

.NET
Amazon SDK for .NET
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

/// <summary> /// Create an IAM service-linked role. /// </summary> /// <param name="serviceName">The name of the AWS Service.</param> /// <param name="description">A description of the IAM service-linked role.</param> /// <returns>The IAM role that was created.</returns> public async Task<Role> CreateServiceLinkedRoleAsync(string serviceName, string description) { var request = new CreateServiceLinkedRoleRequest { AWSServiceName = serviceName, Description = description }; var response = await _IAMService.CreateServiceLinkedRoleAsync(request); return response.Role; }
CLI
Amazon CLI

To create a service-linked role

The following create-service-linked-role example creates a service-linked role for the specified Amazon service and attaches the specified description.

aws iam create-service-linked-role \ --aws-service-name lex.amazonaws.com \ --description "My service-linked role to support Lex"

Output:

{ "Role": { "Path": "/aws-service-role/lex.amazonaws.com/", "RoleName": "AWSServiceRoleForLexBots", "RoleId": "AROA1234567890EXAMPLE", "Arn": "arn:aws:iam::1234567890:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots", "CreateDate": "2019-04-17T20:34:14+00:00", "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": [ "sts:AssumeRole" ], "Effect": "Allow", "Principal": { "Service": [ "lex.amazonaws.com" ] } } ] } } }

For more information, see Using service-linked roles in the Amazon IAM User Guide.

Go
SDK for Go V2
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

// RoleWrapper encapsulates AWS Identity and Access Management (IAM) role actions // used in the examples. // It contains an IAM service client that is used to perform role actions. type RoleWrapper struct { IamClient *iam.Client } // CreateServiceLinkedRole creates a service-linked role that is owned by the specified service. func (wrapper RoleWrapper) CreateServiceLinkedRole(serviceName string, description string) (*types.Role, error) { var role *types.Role result, err := wrapper.IamClient.CreateServiceLinkedRole(context.TODO(), &iam.CreateServiceLinkedRoleInput{ AWSServiceName: aws.String(serviceName), Description: aws.String(description), }) if err != nil { log.Printf("Couldn't create service-linked role %v. Here's why: %v\n", serviceName, err) } else { role = result.Role } return role, err }
JavaScript
SDK for JavaScript (v3)
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

Create a service-linked role.

import { CreateServiceLinkedRoleCommand, IAMClient } from "@aws-sdk/client-iam"; const client = new IAMClient({}); /** * * @param {string} serviceName */ export const createServiceLinkedRole = async (serviceName) => { const command = new CreateServiceLinkedRoleCommand({ // For a list of AWS services that support service-linked roles, // see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html. // // For a list of AWS service endpoints, see https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html. AWSServiceName: serviceName, }); const response = await client.send(command); console.log(response); return response; };
PHP
SDK for PHP
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

$uuid = uniqid(); $service = new IAMService(); public function createServiceLinkedRole($awsServiceName, $customSuffix = "", $description = "") { $createServiceLinkedRoleArguments = ['AWSServiceName' => $awsServiceName]; if ($customSuffix) { $createServiceLinkedRoleArguments['CustomSuffix'] = $customSuffix; } if ($description) { $createServiceLinkedRoleArguments['Description'] = $description; } return $this->iamClient->createServiceLinkedRole($createServiceLinkedRoleArguments); }
PowerShell
Tools for PowerShell

Example 1: This example creates a servicelinked role for autoscaling service.

New-IAMServiceLinkedRole -AWSServiceName autoscaling.amazonaws.com -CustomSuffix RoleNameEndsWithThis -Description "My service-linked role to support autoscaling"
Python
SDK for Python (Boto3)
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

def create_service_linked_role(service_name, description): """ Creates a service-linked role. :param service_name: The name of the service that owns the role. :param description: A description to give the role. :return: The newly created role. """ try: response = iam.meta.client.create_service_linked_role( AWSServiceName=service_name, Description=description ) role = iam.Role(response["Role"]["RoleName"]) logger.info("Created service-linked role %s.", role.name) except ClientError: logger.exception("Couldn't create service-linked role for %s.", service_name) raise else: return role
Ruby
SDK for Ruby
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

# Creates a service-linked role # # @param service_name [String] The service name to create the role for. # @param description [String] The description of the service-linked role. # @param suffix [String] Suffix for customizing role name. # @return [String] The name of the created role def create_service_linked_role(service_name, description, suffix) response = @iam_client.create_service_linked_role( aws_service_name: service_name, description: description, custom_suffix: suffix,) role_name = response.role.role_name @logger.info("Created service-linked role #{role_name}.") role_name rescue Aws::Errors::ServiceError => e @logger.error("Couldn't create service-linked role for #{service_name}. Here's why:") @logger.error("\t#{e.code}: #{e.message}") raise end
Rust
SDK for Rust
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

pub async fn create_service_linked_role( client: &iamClient, aws_service_name: String, custom_suffix: Option<String>, description: Option<String>, ) -> Result<CreateServiceLinkedRoleOutput, SdkError<CreateServiceLinkedRoleError>> { let response = client .create_service_linked_role() .aws_service_name(aws_service_name) .set_custom_suffix(custom_suffix) .set_description(description) .send() .await?; Ok(response) }
Swift
SDK for Swift
Note

This is prerelease documentation for an SDK in preview release. It is subject to change.

Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

public func createServiceLinkedRole(service: String, suffix: String? = nil, description: String?) async throws -> IAMClientTypes.Role { let input = CreateServiceLinkedRoleInput( awsServiceName: service, customSuffix: suffix, description: description ) do { let output = try await client.createServiceLinkedRole(input: input) guard let role = output.role else { throw ServiceHandlerError.noSuchRole } return role } catch { throw error } }

For a complete list of Amazon SDK developer guides and code examples, see Using IAM with an Amazon SDK. This topic also includes information about getting started and details about previous SDK versions.