AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Updates the policy that grants an IAM entity permission to assume a role. This is typically referred to as the "role trust policy". For more information about roles, see Using roles to delegate permissions and federate identities.

Note:

For .NET Core this operation is only available in asynchronous form. Please refer to UpdateAssumeRolePolicyAsync.

Namespace: Amazon.IdentityManagement
Assembly: AWSSDK.IdentityManagement.dll
Version: 3.x.y.z

Syntax

C# 
public virtual UpdateAssumeRolePolicyResponse UpdateAssumeRolePolicy(
         UpdateAssumeRolePolicyRequest request
)

Parameters

request
Type: Amazon.IdentityManagement.Model.UpdateAssumeRolePolicyRequest

Container for the necessary parameters to execute the UpdateAssumeRolePolicy service method.

Return Value


Type: UpdateAssumeRolePolicyResponse
The response from the UpdateAssumeRolePolicy service method, as returned by IdentityManagementService.

Exceptions

ExceptionCondition
LimitExceededException The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.
MalformedPolicyDocumentException The request was rejected because the policy document was malformed. The error message describes the specific error.
NoSuchEntityException The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.
ServiceFailureException The request processing has failed because of an unknown error, exception or failure.
UnmodifiableEntityException The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

Examples

The following command updates the role trust policy for the role named Test-Role:

To update the trust policy for an IAM role


var client = new AmazonIdentityManagementServiceClient();
var response = client.UpdateAssumeRolePolicy(new UpdateAssumeRolePolicyRequest 
{
    PolicyDocument = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}",
    RoleName = "S3AccessForEC2Instances"
});

Version Information

.NET Framework:
Supported in: 4.5 and newer, 3.5

See Also

REST API Reference for UpdateAssumeRolePolicy Operation