MENU
      Get role

        Get role


        Article summary

        Available in Classic and VPC

        Get a role.

        Request

        This section describes the request format. The method and URI are as follows:

        MethodURI
        GET/api/v1/roles/{roleNo}

        Request headers

        For information about the headers common to all Sub Account APIs, see Sub Account request headers.

        Request path parameters

        You can use the following path parameters with your request:

        FieldTypeRequiredDescription
        roleNoStringRequiredRole ID

        Request example

        The request example is as follows:

        curl --location --request GET 'https://subaccount.apigw.ntruss.com/api/v1//roles/5d0d4d80-****-****-****-246e96591a38' \
        --header 'x-ncp-apigw-timestamp: {Timestamp}' \
        --header 'x-ncp-iam-access-key: {Access Key}' \
        --header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
        --header 'Accept: application/json'
        Shell

        Response

        This section describes the response format.

        Response body

        The response body includes the following data:

        FieldTypeRequiredDescription
        nrnString-NAVER Cloud Platform resource identification value for role
        roleNoString-Role ID
        roleNameString-Role name
        roleTypeString-Role type
        • Server | Account | Service
          • Server: It is assigned to the server resource in the VPC environment. You can access services and resources without an access key
          • Account: Assign portal and console access permissions for the main account to the sub account. Role switching allows access to the target account's resources
          • Service: It is assigned to the service. You can access resources of other services
        sessionExpirationSecInteger-Session expiration time (second)
        • 600 | 1800 | 3600 | 10800
        descContString-Description of the role
        activeBoolean-Role status
        • true | false
          • true: enabled
          • false: disabled
        createTimeString-Role creation date and time
        • ISO 8601 format
        modifiedTimeString-Last modification date and time of the role
        • ISO 8601 format
        lastUseTimeString-Last usage date and time of the role
        • ISO 8601 format
        policiesArray-List of policies assigned to role
        entitiesArray-List of targets applied with role

        policies

        The following describes policies.

        FieldTypeRequiredDescription
        policyIdString-Policy ID
        policyNameString-Policy Name
        policyTypeString-Policy type
        • SYSTEM_MANAGED | USER_CREATED
          • SYSTEM_MANAGED: System Managed Policies
          • USER_CREATED: User Created Policies
        policyDescString-Policy description
        nrnString-NAVER Cloud Platform resource identification value for policy

        entities

        The following describes entities.

        FieldTypeRequiredDescription
        idString-Role application target ID
        typeString-Role application target type
        • Server | Account | Service
          • Server: server in VPC environment
          • Account: account
          • Service: service
        entityTypeString-Role application target type
        • Server | Account | Service
          • Server: server in VPC environment
          • Account: account
          • Service: service
        entityIdInteger-Role application target ID
        Note

        Note that the entityType and entityId are scheduled to be discontinued in the future.

        Response status codes

        For information about the HTTP status codes common to all Sub Account APIs, see Sub Account status codes.

        Response example

        The response example is as follows:

        {
            "nrn": "nrn:PUB:IAM::*******:Role/5d0d4d80-****-****-****-246e96591a38",
            "roleNo": "5d0d4d80-****-****-****-246e96591a38",
            "roleName": "role002",
            "roleType": "Account",
            "sessionExpirationSec": 600,
            "descCont": "Role description",
            "active": true,
            "createTime": "2024-12-12T23:32:34Z",
            "modifiedTime": "2024-12-26T08:29:30Z",
            "lastUseTime": "2025-01-02T01:26:02Z",
            "policies": [
                {
                    "policyId": "7938a9f0-****-****-****-005056a7ecf2",
                    "policyName": "policy010",
                    "policyType": "USER_CREATED",
                    "policyDesc": "policy",
                    "nrn": "nrn:PUB:IAM::*******:Policy/7938a9f0-****-****-****-005056a7ecf2"
                }
            ],
            "entities": [
                {
                    "id": "*******",
                    "type": "Account",
                    "entityType": "Account",
                    "entityId": *******
                }
            ]
        }
        JSON

        Was this article helpful?

        Changing your password will log you out immediately. Use the new password to log back in.
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.