End of support notice: On October 7th, 2026, Amazon will discontinue support for Amazon IoT Greengrass Version 1. After October 7th, 2026, you will no longer be able to access the Amazon IoT Greengrass V1 resources. For more information, please visit Migrate from Amazon IoT Greengrass Version 1.
/greengrass/servicerole
GET
GET /greengrass/servicerole
Operation ID: GetServiceRoleForAccount
Produces: application/json
CLI
aws greengrass get-service-role-for-account \ [--cli-input-json <value>] \ [--generate-cli-skeleton]
Responses
- 200
-
Success.
GetServiceRoleForAccountResponse
{ "AssociatedAt": "string", "RoleArn": "string" }- GetServiceRoleForAccountResponse
-
type: object
- AssociatedAt
-
The time when the service role was associated with the account.
type: string
- RoleArn
-
The ARN of the role associated with the account.
type: string
- 500
-
Server error.
{ "Message": "string", "ErrorDetails": [ { "DetailedErrorCode": "string", "DetailedErrorMessage": "string" } ] }- GeneralError
-
General error information.
type: object
- Message
-
A message that contains information about the error.
type: string
- ErrorDetails
-
A list of error details.
type: array
items: ErrorDetail
- ErrorDetail
-
Details about the error.
type: object
- DetailedErrorCode
-
A detailed error code.
type: string
- DetailedErrorMessage
-
A detailed error message.
type: string
PUT
PUT /greengrass/servicerole
Operation ID: AssociateServiceRoleToAccount
Associates a role with your account. Amazon IoT Greengrass uses the role to access your
Lambda functions and Amazon IoT resources. A role is required for deployments to succeed. The
role must have at least minimum permissions in the policy
AWSGreengrassResourceAccessRolePolicy.
Body Parameters
- AssociateServiceRoleToAccountRequestBody
-
where used: body; required: true
{ "RoleArn": "string" }- AssociateServiceRoleToAccountRequest
-
type: object
required: ["RoleArn"]
- RoleArn
-
The ARN of the service role to associate with your account.
type: string
CLI
aws greengrass associate-service-role-to-account \ [--role-arn <value>] \ [--cli-input-json <value>] \ [--generate-cli-skeleton]
cli-input-json format:
{ "RoleArn": "string" }
Responses
- 200
-
Success.
AssociateServiceRoleToAccountResponse
{ "AssociatedAt": "string" }- AssociateServiceRoleToAccountResponse
-
type: object
- AssociatedAt
-
The time when the service role was associated with the account.
type: string
- 400
-
Invalid request.
{ "Message": "string", "ErrorDetails": [ { "DetailedErrorCode": "string", "DetailedErrorMessage": "string" } ] }- GeneralError
-
General error information.
type: object
required: ["Message"]
- Message
-
A message that contains information about the error.
type: string
- ErrorDetails
-
A list of error details.
type: array
items: ErrorDetail
- ErrorDetail
-
Details about the error.
type: object
- DetailedErrorCode
-
A detailed error code.
type: string
- DetailedErrorMessage
-
A detailed error message.
type: string
- 500
-
Server error.
{ "Message": "string", "ErrorDetails": [ { "DetailedErrorCode": "string", "DetailedErrorMessage": "string" } ] }- GeneralError
-
General error information.
type: object
required: ["Message"]
- Message
-
A message that contains information about the error.
type: string
- ErrorDetails
-
A list of error details.
type: array
items: ErrorDetail
- ErrorDetail
-
Details about the error.
type: object
- DetailedErrorCode
-
A detailed error code.
type: string
- DetailedErrorMessage
-
A detailed error message.
type: string
DELETE
DELETE /greengrass/servicerole
Operation ID: DisassociateServiceRoleFromAccount
Disassociates the service role from your account. Without a service role, deployments do not work.
CLI
aws greengrass disassociate-service-role-from-account \ [--cli-input-json <value>] \ [--generate-cli-skeleton]
Responses
- 200
-
Success.
DisassociateServiceRoleFromAccountResponse
{ "DisassociatedAt": "string" }- DisassociateServiceRoleFromAccountResponse
-
type: object
- DisassociatedAt
-
The time when the service role was disassociated from the account.
type: string
- 500
-
Server error.
{ "Message": "string", "ErrorDetails": [ { "DetailedErrorCode": "string", "DetailedErrorMessage": "string" } ] }- GeneralError
-
General error information.
type: object
required: ["Message"]
- Message
-
A message that contains information about the error.
type: string
- ErrorDetails
-
A list of error details.
type: array
items: ErrorDetail
- ErrorDetail
-
Details about the error.
type: object
- DetailedErrorCode
-
A detailed error code.
type: string
- DetailedErrorMessage
-
A detailed error message.
type: string
GET
GET /greengrass/servicerole
Operation ID: GetServiceRoleForAccount
Retrieves the service role that is attached to your account.
CLI
aws greengrass get-service-role-for-account \ [--cli-input-json <value>] \ [--generate-cli-skeleton]
Responses
- 200
-
Success.
GetServiceRoleForAccountResponse
{ "AssociatedAt": "string", "RoleArn": "string" }- GetServiceRoleForAccountResponse
-
type: object
- AssociatedAt
-
The time when the service role was associated with the account.
type: string
- RoleArn
-
The ARN of the role associated with the account.
type: string
- 500
-
Server error.
{ "Message": "string", "ErrorDetails": [ { "DetailedErrorCode": "string", "DetailedErrorMessage": "string" } ] }- GeneralError
-
General error information.
type: object
required: ["Message"]
- Message
-
A message that contains information about the error.
type: string
- ErrorDetails
-
A list of error details.
type: array
items: ErrorDetail
- ErrorDetail
-
Details about the error.
type: object
- DetailedErrorCode
-
A detailed error code.
type: string
- DetailedErrorMessage
-
A detailed error message.
type: string