IAM / Client / update_role



Updates the description or maximum session duration setting of a role.

See also: AWS API Documentation

Request Syntax

response = client.update_role(
  • RoleName (string) –


    The name of the role that you want to modify.

  • Description (string) – The new description that you want to apply to the specified role.

  • MaxSessionDuration (integer) –

    The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.

    Anyone who assumes the role from the CLI or API can use the DurationSeconds API parameter or the duration-seconds CLI parameter to request a longer session. The MaxSessionDuration setting determines the maximum duration that can be requested using the DurationSeconds parameter. If users don’t specify a value for the DurationSeconds parameter, their security credentials are valid for one hour by default. This applies when you use the AssumeRole* API operations or the assume-role* CLI operations but does not apply when you use those operations to create a console URL. For more information, see Using IAM roles in the IAM User Guide.

Return type:



Response Syntax


Response Structure

  • (dict) –


  • IAM.Client.exceptions.UnmodifiableEntityException

  • IAM.Client.exceptions.NoSuchEntityException

  • IAM.Client.exceptions.ServiceFailureException