1. Packages
  2. AWS
  3. API Docs
  4. iam
  5. getRole
AWS v7.9.1 published on Wednesday, Oct 22, 2025 by Pulumi

aws.iam.getRole

Get Started
aws logo
AWS v7.9.1 published on Wednesday, Oct 22, 2025 by Pulumi

    This data source can be used to fetch information about a specific IAM role. By using this data source, you can reference IAM role properties without having to hard code ARNs as input.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = aws.iam.getRole({
        name: "an_example_role_name",
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.iam.get_role(name="an_example_role_name")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/iam"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := iam.LookupRole(ctx, &iam.LookupRoleArgs{
    			Name: "an_example_role_name",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Aws.Iam.GetRole.Invoke(new()
        {
            Name = "an_example_role_name",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.iam.IamFunctions;
    import com.pulumi.aws.iam.inputs.GetRoleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = IamFunctions.getRole(GetRoleArgs.builder()
                .name("an_example_role_name")
                .build());
    
        }
    }
    
    variables:
      example:
        fn::invoke:
          function: aws:iam:getRole
          arguments:
            name: an_example_role_name
    

    Using getRole

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getRole(args: GetRoleArgs, opts?: InvokeOptions): Promise<GetRoleResult>
    function getRoleOutput(args: GetRoleOutputArgs, opts?: InvokeOptions): Output<GetRoleResult>
    def get_role(name: Optional[str] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 opts: Optional[InvokeOptions] = None) -> GetRoleResult
    def get_role_output(name: Optional[pulumi.Input[str]] = None,
                 tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                 opts: Optional[InvokeOptions] = None) -> Output[GetRoleResult]
    func LookupRole(ctx *Context, args *LookupRoleArgs, opts ...InvokeOption) (*LookupRoleResult, error)
    func LookupRoleOutput(ctx *Context, args *LookupRoleOutputArgs, opts ...InvokeOption) LookupRoleResultOutput

    > Note: This function is named LookupRole in the Go SDK.

    public static class GetRole 
    {
        public static Task<GetRoleResult> InvokeAsync(GetRoleArgs args, InvokeOptions? opts = null)
        public static Output<GetRoleResult> Invoke(GetRoleInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetRoleResult> getRole(GetRoleArgs args, InvokeOptions options)
    public static Output<GetRoleResult> getRole(GetRoleArgs args, InvokeOptions options)
    
    fn::invoke:
      function: aws:iam/getRole:getRole
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Name string
    Friendly IAM role name to match.
    Tags Dictionary<string, string>
    Tags attached to the role.
    Name string
    Friendly IAM role name to match.
    Tags map[string]string
    Tags attached to the role.
    name String
    Friendly IAM role name to match.
    tags Map<String,String>
    Tags attached to the role.
    name string
    Friendly IAM role name to match.
    tags {[key: string]: string}
    Tags attached to the role.
    name str
    Friendly IAM role name to match.
    tags Mapping[str, str]
    Tags attached to the role.
    name String
    Friendly IAM role name to match.
    tags Map<String>
    Tags attached to the role.

    getRole Result

    The following output properties are available:

    Arn string
    ARN of the role.
    AssumeRolePolicy string
    Policy document associated with the role.
    CreateDate string
    Creation date of the role in RFC 3339 format.
    Description string
    Description for the role.
    Id string
    The provider-assigned unique ID for this managed resource.
    MaxSessionDuration int
    Maximum session duration.
    Name string
    Path string
    Path to the role.
    PermissionsBoundary string
    The ARN of the policy that is used to set the permissions boundary for the role.
    RoleLastUseds List<GetRoleRoleLastUsed>
    Contains information about the last time that an IAM role was used. See role_last_used for details.
    Tags Dictionary<string, string>
    Tags attached to the role.
    UniqueId string
    Stable and unique string identifying the role.
    Arn string
    ARN of the role.
    AssumeRolePolicy string
    Policy document associated with the role.
    CreateDate string
    Creation date of the role in RFC 3339 format.
    Description string
    Description for the role.
    Id string
    The provider-assigned unique ID for this managed resource.
    MaxSessionDuration int
    Maximum session duration.
    Name string
    Path string
    Path to the role.
    PermissionsBoundary string
    The ARN of the policy that is used to set the permissions boundary for the role.
    RoleLastUseds []GetRoleRoleLastUsed
    Contains information about the last time that an IAM role was used. See role_last_used for details.
    Tags map[string]string
    Tags attached to the role.
    UniqueId string
    Stable and unique string identifying the role.
    arn String
    ARN of the role.
    assumeRolePolicy String
    Policy document associated with the role.
    createDate String
    Creation date of the role in RFC 3339 format.
    description String
    Description for the role.
    id String
    The provider-assigned unique ID for this managed resource.
    maxSessionDuration Integer
    Maximum session duration.
    name String
    path String
    Path to the role.
    permissionsBoundary String
    The ARN of the policy that is used to set the permissions boundary for the role.
    roleLastUseds List<GetRoleRoleLastUsed>
    Contains information about the last time that an IAM role was used. See role_last_used for details.
    tags Map<String,String>
    Tags attached to the role.
    uniqueId String
    Stable and unique string identifying the role.
    arn string
    ARN of the role.
    assumeRolePolicy string
    Policy document associated with the role.
    createDate string
    Creation date of the role in RFC 3339 format.
    description string
    Description for the role.
    id string
    The provider-assigned unique ID for this managed resource.
    maxSessionDuration number
    Maximum session duration.
    name string
    path string
    Path to the role.
    permissionsBoundary string
    The ARN of the policy that is used to set the permissions boundary for the role.
    roleLastUseds GetRoleRoleLastUsed[]
    Contains information about the last time that an IAM role was used. See role_last_used for details.
    tags {[key: string]: string}
    Tags attached to the role.
    uniqueId string
    Stable and unique string identifying the role.
    arn str
    ARN of the role.
    assume_role_policy str
    Policy document associated with the role.
    create_date str
    Creation date of the role in RFC 3339 format.
    description str
    Description for the role.
    id str
    The provider-assigned unique ID for this managed resource.
    max_session_duration int
    Maximum session duration.
    name str
    path str
    Path to the role.
    permissions_boundary str
    The ARN of the policy that is used to set the permissions boundary for the role.
    role_last_useds Sequence[GetRoleRoleLastUsed]
    Contains information about the last time that an IAM role was used. See role_last_used for details.
    tags Mapping[str, str]
    Tags attached to the role.
    unique_id str
    Stable and unique string identifying the role.
    arn String
    ARN of the role.
    assumeRolePolicy String
    Policy document associated with the role.
    createDate String
    Creation date of the role in RFC 3339 format.
    description String
    Description for the role.
    id String
    The provider-assigned unique ID for this managed resource.
    maxSessionDuration Number
    Maximum session duration.
    name String
    path String
    Path to the role.
    permissionsBoundary String
    The ARN of the policy that is used to set the permissions boundary for the role.
    roleLastUseds List<Property Map>
    Contains information about the last time that an IAM role was used. See role_last_used for details.
    tags Map<String>
    Tags attached to the role.
    uniqueId String
    Stable and unique string identifying the role.

    Supporting Types

    GetRoleRoleLastUsed

    LastUsedDate string
    The date and time, in RFC 3339 format, that the role was last used.
    Region string
    The name of the AWS Region in which the role was last used.
    LastUsedDate string
    The date and time, in RFC 3339 format, that the role was last used.
    Region string
    The name of the AWS Region in which the role was last used.
    lastUsedDate String
    The date and time, in RFC 3339 format, that the role was last used.
    region String
    The name of the AWS Region in which the role was last used.
    lastUsedDate string
    The date and time, in RFC 3339 format, that the role was last used.
    region string
    The name of the AWS Region in which the role was last used.
    last_used_date str
    The date and time, in RFC 3339 format, that the role was last used.
    region str
    The name of the AWS Region in which the role was last used.
    lastUsedDate String
    The date and time, in RFC 3339 format, that the role was last used.
    region String
    The name of the AWS Region in which the role was last used.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v7.9.1 published on Wednesday, Oct 22, 2025 by Pulumi
      Meet Neo: Your AI Platform Teammate