Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

iam/aws.sdk.kotlin.services.iam/IamClient/addRoleToInstanceProfile

addRoleToInstanceProfile

abstract suspend fun addRoleToInstanceProfile(input: AddRoleToInstanceProfileRequest): AddRoleToInstanceProfileResponse

Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and this quota cannot be increased. You can remove the existing role and then add a different role to an instance profile. You must then wait for the change to appear across all of Amazon Web Services because of eventual consistency. To force the change, you must disassociate the instance profile and then associate the instance profile, or you can stop your instance and then restart it.

The caller of this operation must be granted the PassRole permission on the IAM role by a permissions policy.

When using the iam:AssociatedResourceArn condition in a policy to restrict the PassRole IAM action, special considerations apply if the policy is intended to define access for the AddRoleToInstanceProfile action. In this case, you cannot specify a Region or instance ID in the EC2 instance ARN. The ARN value must be arn:aws:ec2:*:CallerAccountId:instance/*. Using any other ARN value may lead to unexpected evaluation results.

For more information about roles, see IAM roles in the IAM User Guide. For more information about instance profiles, see Using instance profiles in the IAM User Guide.

Samples


fun main() { 
   //sampleStart 
   // The following command adds the role named S3Access to the instance profile named Webserver
iamClient.addRoleToInstanceProfile {
    roleName = "S3Access"
    instanceProfileName = "Webserver"
} 
   //sampleEnd
}
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved. Generated by dokka