IAM / Client / add_role_to_instance_profile

add_role_to_instance_profile#

IAM.Client.add_role_to_instance_profile(**kwargs)#

Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and this quota cannot be increased. You can remove the existing role and then add a different role to an instance profile. You must then wait for the change to appear across all of Amazon Web Services because of eventual consistency. To force the change, you must disassociate the instance profile and then associate the instance profile, or you can stop your instance and then restart it.

Note

The caller of this operation must be granted the PassRole permission on the IAM role by a permissions policy.

For more information about roles, see Working with roles. For more information about instance profiles, see About instance profiles.

See also: AWS API Documentation

Request Syntax

response = client.add_role_to_instance_profile(
    InstanceProfileName='string',
    RoleName='string'
)
Parameters:

  • InstanceProfileName (string) –

    [REQUIRED]

    The name of the instance profile to update.

    This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  • RoleName (string) –

    [REQUIRED]

    The name of the role to add.

    This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

Returns:

None

Exceptions

  • IAM.Client.exceptions.NoSuchEntityException

  • IAM.Client.exceptions.EntityAlreadyExistsException

  • IAM.Client.exceptions.LimitExceededException

  • IAM.Client.exceptions.UnmodifiableEntityException

  • IAM.Client.exceptions.ServiceFailureException

Examples

The following command adds the role named S3Access to the instance profile named Webserver:

response = client.add_role_to_instance_profile(
    InstanceProfileName='Webserver',
    RoleName='S3Access',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}