Role Management Interfaces

IAM IAM

  • API Reference
    • Common request header and common response header
    • Data type
    • Error code
    • Feature Update Records
    • General Description
    • Introduction
    • Service domain
    • STS-Related Interfaces
  • API Reference_IAM
    • Common request header and common response header
    • Data type
    • Error code
    • General Description
    • Group management API
    • Introduction
    • Policy management API
    • Role Management Interfaces
    • Service domain
    • User management API
  • FAQs
    • Common Questions Overview
    • FAQs related to IAM users
    • FAQs related to product permissions
  • Function Release Records
  • Operation guide
    • Account Security Audit
    • Enterprise Account Integration
      • Federated Login Overview
      • IAM Role-based SSO
      • IAM User-based SSO
    • Group Management
    • Message Center
    • Permission Policies
      • ACL
      • Authorization
      • Managing IAM Policies
      • Permission Policy Overview
      • Policy Authentication Evaluation Logic
      • Strategy type
      • Tag-Based Authorization and Authentication
    • Role Management
      • Common scenarios
      • Create role
      • FAQs
      • Managing Roles
      • Overview
      • Related concepts
      • Using Roles
    • Settings
    • User
      • IAM User Operations
      • Two-Factor Authentication
      • User management
    • User Anomaly Behavior Analysis (Public Beta)
      • Risk Behavior Management
  • Operation records
    • Cloud Trail (Public Beta)
  • Product Announcement
    • Baidu Intelligent Cloud Enables Login Protection MFA Multi-Factor Authentication Notification for All Users
  • Product Description
    • Application scenarios
    • Concepts
    • Currently Supported Product Lines
    • Product functions
    • Product overview
    • System Restrictions
    • Enterprise Organization vs Identity and Access Management
  • Product pricing
    • Product pricing
  • Quick Start
    • Create groups and grant permissions
    • Creating IAM User Administrators
  • SDK
    • Go-SDK
      • Error handling
      • Group management API
      • Initialize SDK
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Java-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Python-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
  • Testing Knowledge Base SDK
  • Typical Practices
    • Baidu Intelligent Cloud Partner Guide to Creating IAM Users
    • User Management and Permission Assignment
All documents
menu
No results found, please re-enter

IAM IAM

  • API Reference
    • Common request header and common response header
    • Data type
    • Error code
    • Feature Update Records
    • General Description
    • Introduction
    • Service domain
    • STS-Related Interfaces
  • API Reference_IAM
    • Common request header and common response header
    • Data type
    • Error code
    • General Description
    • Group management API
    • Introduction
    • Policy management API
    • Role Management Interfaces
    • Service domain
    • User management API
  • FAQs
    • Common Questions Overview
    • FAQs related to IAM users
    • FAQs related to product permissions
  • Function Release Records
  • Operation guide
    • Account Security Audit
    • Enterprise Account Integration
      • Federated Login Overview
      • IAM Role-based SSO
      • IAM User-based SSO
    • Group Management
    • Message Center
    • Permission Policies
      • ACL
      • Authorization
      • Managing IAM Policies
      • Permission Policy Overview
      • Policy Authentication Evaluation Logic
      • Strategy type
      • Tag-Based Authorization and Authentication
    • Role Management
      • Common scenarios
      • Create role
      • FAQs
      • Managing Roles
      • Overview
      • Related concepts
      • Using Roles
    • Settings
    • User
      • IAM User Operations
      • Two-Factor Authentication
      • User management
    • User Anomaly Behavior Analysis (Public Beta)
      • Risk Behavior Management
  • Operation records
    • Cloud Trail (Public Beta)
  • Product Announcement
    • Baidu Intelligent Cloud Enables Login Protection MFA Multi-Factor Authentication Notification for All Users
  • Product Description
    • Application scenarios
    • Concepts
    • Currently Supported Product Lines
    • Product functions
    • Product overview
    • System Restrictions
    • Enterprise Organization vs Identity and Access Management
  • Product pricing
    • Product pricing
  • Quick Start
    • Create groups and grant permissions
    • Creating IAM User Administrators
  • SDK
    • Go-SDK
      • Error handling
      • Group management API
      • Initialize SDK
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Java-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Python-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
  • Testing Knowledge Base SDK
  • Typical Practices
    • Baidu Intelligent Cloud Partner Guide to Creating IAM Users
    • User Management and Permission Assignment
  • Document center
  • arrow
  • IAMIAM
  • arrow
  • SDK
  • arrow
  • Python-SDK
  • arrow
  • Role Management Interfaces
Table of contents on this page
  • Create role
  • Query role
  • Update role
  • Delete role
  • List roles

Role Management Interfaces

Updated at:2025-10-27

Create role

Create a role with reference to the following codes:

Python 
1def create_role():
2    iam_client = IamClient(iam_sample_conf.config)
3    
4# Role creation request as dict
5# Set the role name
6# Set the role description
7# Specify the entity allowed to assume the role (assumeRolePolicyDocument)
8    create_role_request = {"name": "test_role", "description": "create role: test_role",
9                           "assumeRolePolicyDocument": "{\"version\":\"v1\",\"accessControlList\":[{"
10                                                       "\"service\":\"bce:iam\",\"permission\":[\"AssumeRole\"],"
11                                                       "\"region\":\"*\",\"grantee\":[{"
12                                                       "\"id\":\"test_account_id\"}],"
13                                                       "\"effect\":\"Allow\"}]}"}
14    response = iam_client.create_role(create_role_request)
15    print(response)

Query role

Query a role with reference to the following codes:

Python 
1def get_role():
2    iam_client = IamClient(iam_sample_conf.config)
3    
4# Set role name
5    role_name = b"test_role"
6    response = iam_client.get_role(role_name)
7    print(response)

Update role

Update a role with reference to the following codes:

Python 
1def update_role():
2    iam_client = IamClient(iam_sample_conf.config)
3# Old role name
4    role_name = b"test_role"
5    
6# Request to update role is dict
7# Set the updated role name
8# Set updated role description
9# Set updated carriers allowed to assume the role (assumeRolePolicyDocument)
10    update_role_request = {"name": "test_role_new", "description": "update role: test_role",
11                           "assumeRolePolicyDocument": "{\"version\":\"v1\",\"accessControlList\":[{"
12                                                       "\"service\":\"bce:iam\",\"permission\":[\"AssumeRole\"],"
13                                                       "\"region\":\"*\",\"grantee\":[{"
14                                                       "\"id\":\"test_account_id\"}],"
15                                                       "\"effect\":\"Allow\"}]}"}
16    response = iam_client.update_role(role_name, update_role_request)
17    print(response)

Delete role

Delete a role with reference to the following codes:

Python 
1def delete_role():
2    iam_client = IamClient(iam_sample_conf.config)
3# Role name to be deleted
4    role_name = b"test_role"
5    response = iam_client.delete_role(role_name=role_name)
6    print(response)

List roles

List a role with reference to the following codes:

Python 
1def list_role():
2    iam_client = IamClient(iam_sample_conf.config)
3    response = iam_client.list_role()
4    print(response)

Previous
Policy management API
Next
User management API