Update an existing role trust in Vultr IAM. Modify trust relationship parameters such as conditions, IP restrictions, or the trusted principal configuration.
Updating a role trust allows you to change its conditions, trusted entity, expiration date, or trust type. This is useful when you need to extend a trust's validity, adjust IP or time-of-day restrictions, or change which user or group can assume the role.
This guide explains how to update a role trust using the Vultr Console and the Vultr API.
Send a GET request to the List Role Trusts endpoint to retrieve all role trusts in your organization.
$ curl "https://api.vultr.com/v2/role-trusts" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Note the id of the role trust you want to update.
Send a GET request to the Read Role Trust endpoint to retrieve the current trust details. Replace {role-trust-id} with the id you retrieved in the previous step.
$ curl "https://api.vultr.com/v2/role-trusts/{role-trust-id}" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Send a PUT request to the Update Role Trust endpoint to update the trust. Replace the values with your updated trust details.
$ curl "https://api.vultr.com/v2/role-trusts/{role-trust-id}" \
-X PUT \
-H "Authorization: Bearer ${VULTR_API_KEY}" \
-H "Content-Type: application/json" \
-d '{
"role_id": "ROLE-ID",
"trust_type": "IAMAssumption",
"trusted_user_id": "USER-ID",
"conditions": {
"time_of_day": {
"timezone": "utc",
"days_of_week": ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday"]
},
"ip_address": []
},
"valid_until": "2027-01-01T03:59:59+00:00"
}'
The response confirms the trust has been updated with the new configuration.
Send a GET request to the Read Role Trust endpoint to retrieve the updated details.
$ curl "https://api.vultr.com/v2/role-trusts/{role-trust-id}" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Verify that the trust details reflect the new values.