iamrole create

  • Updated on Apr 13, 2026
  • Published on Jan 28, 2026
  • 1 minute(s) read
Prev Next

This command creates an IAM Role.

Usage


iamrole create --name NAME
               --trust-policy TRUSTPOLICY
              [--tenant-id TENANT]
              [--description DESCRIPTION] 
              [--identity-policies-ids POLICY_IDS]
              [--max-session-duration DURATION]
    

Required Parameters

--name NAME

Specifies the name of IAM Role.

--trust-policy TRUSTPOLICY

Specifies the Trust policy, in JSON format.

Options

--tenant-id TENANT

Specifies the ID of the tenant to which this IAM Role belongs.

--description DESCRIPTION

Description of the IAM Role.

--identity-policies-ids POLICY_IDS

Specifies the Identity Policy IDs to attach to this role.

Specify POLICY_IDS as a comma-separated list of IDs. The policies must belong to the tenant associated with the role

Example: 1,2,3

--max-session-duration DURATION

This option is introduced in VAST Cluster 5.4.3.

Limits the maximum duration for which a temporary access key can be granted to a requesting user, in seconds.

Maximum (default): 129,600 (36 hours)

Minimum: 900 (15 minutes)

Example

This example creates a new IAM Role named "read-only-role".


      vcli: admin> iamrole create --name read-only-role \
                                  --trust-policy '{"Version":"2012-10-17","Statement":...}' \
                                  --tenant-id 101 \
                                  --description "Read-only role for audit" \
                                  --identity-policies-ids 5,6    

Related articles
  • iamrole modify
    VAST Cluster > Version 5.4 > VAST Cluster 5.4 CLI Command Reference > iamrole commands
  • role create
    VAST Cluster > Version 5.3 > VAST Cluster 5.3 CLI Command Reference > role commands
  • role create
    VAST Cluster > Version 5.2 > VAST Cluster 5.2 CLI Command Reference > role commands