--- layout: "aws" page_title: "AWS: aws_iam_role" sidebar_current: "docs-aws-resource-iam-role" description: |- Provides an IAM role. --- # aws\_iam\_role Provides an IAM role. ## Example Usage ``` resource "aws_iam_role" "test_role" { name = "test_role" assume_role_policy = < **NOTE:** This `assume_role_policy` is very similar but slightly different than just a standard IAM policy and cannot use an `aws_iam_policy` resource. If _can_ however, use an `aws_iam_policy_document` [data source](https://www.terraform.io/docs/providers/aws/d/iam_policy_document.html), see example below for how this could work. * `path` - (Optional) The path to the role. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information. ## Attributes Reference The following attributes are exported: * `arn` - The Amazon Resource Name (ARN) specifying the role. * `create_date` - The creation date of the IAM role. * `unique_id` - The stable and unique string identifying the role. ## Example of Using Data Source for Assume Role Policy ``` data "aws_iam_policy_document" "instance-assume-role-policy" { statement { actions = [ "sts:AssumeRole" ] principals { type = "Service" identifiers = ["ec2.amazonaws.com"] } } } resource "aws_iam_role" "instance" { name = "instance_role" path = "/system/" assume_role_policy = "${data.aws_iam_policy_document.instance-assume-role-policy.json}" } ``` ## Import IAM Roles can be imported using the `name`, e.g. ``` $ terraform import aws_iam_role.developer developer_name ```