--- title: How to Update a Role Trust url: https://docs.vultr.com/platform/iam/roles/role-trusts/how-to-update-a-role-trust description: Update an existing role trust in Vultr IAM. Modify trust relationship parameters such as conditions, IP restrictions, or the trusted principal configuration. publish_date: 2026-03-24T19:52:28.257903Z last_updated: 2026-06-01T20:41:51.198243Z --- Updating a role trust allows you to change its conditions, trusted entity, expiration date, or trust type. This is useful when you need to extend a trust's validity, adjust IP or time-of-day restrictions, or change which user or group can assume the role. Follow this guide to update a role trust using the Vultr Console, the Vultr API, or Terraform. === "Vultr Console" 1. Log in to the [Vultr Console](https://console.vultr.com). 1. Click the organization name in the top navigation bar. 1. Click **Manage Organization**. 1. Click the **Roles** tab. 1. Click the name of the assumable role whose trust you want to update. 1. Expand the **Role Trust** section. 1. Click the **Edit** icon to modify the trust configuration. 1. Update the trusted entity, assumption schedule, or conditions as needed. 1. Click **Save Changes**. === "Vultr API" 1. Send a `GET` request to the [**List Role Trusts** endpoint](https://www.vultr.com/api/#tag/iam/operation/list-iam-role-trusts) to retrieve all role trusts in your organization. ```console $ curl "https://api.vultr.com/v2/role-trusts" \ -X GET \ -H "Authorization: Bearer ${VULTR_API_KEY}" ``` Note the `id` of the role trust you want to update. 1. Send a `GET` request to the [**Read Role Trust** endpoint](https://www.vultr.com/api/#tag/iam/operation/get-iam-role-trust) to retrieve the current trust details. Replace `{role-trust-id}` with the id you retrieved in the previous step. ```console $ curl "https://api.vultr.com/v2/role-trusts/{role-trust-id}" \ -X GET \ -H "Authorization: Bearer ${VULTR_API_KEY}" ``` 1. Send a `PUT` request to the [**Update Role Trust** endpoint](https://www.vultr.com/api/#tag/iam/operation/update-iam-role-trust) to update the trust. Replace the values with your updated trust details. ```console $ curl "https://api.vultr.com/v2/role-trusts/{role-trust-id}" \ -X PUT \ -H "Authorization: Bearer ${VULTR_API_KEY}" \ -H "Content-Type: application/json" \ -d '{ "role_id": "ROLE-ID", "trust_type": "IAMAssumption", "trusted_user_id": "USER-ID", "conditions": { "time_of_day": { "timezone": "utc", "days_of_week": ["monday", "tuesday", "wednesday", "thursday", "friday", "saturday"] }, "ip_address": [] }, "valid_until": "2027-01-01T03:59:59+00:00" }' ``` The response confirms the trust has been updated with the new configuration. 1. Send a `GET` request to the [**Read Role Trust** endpoint](https://www.vultr.com/api/#tag/iam/operation/get-iam-role-trust) to retrieve the updated details. ```console $ curl "https://api.vultr.com/v2/role-trusts/{role-trust-id}" \ -X GET \ -H "Authorization: Bearer ${VULTR_API_KEY}" ``` Verify that the trust details reflect the new values. === "Terraform" 1. Ensure the [Vultr Terraform provider](https://registry.terraform.io/providers/vultr/vultr/latest/docs) is configured in your Terraform project. 1. Modify the mutable fields in the role trust resource: `type`, `hour_start`, `hour_end`, `ip_range`, or `date_expires`. ```hcl resource "vultr_organization_role_trust" "my_role_trust" { role = vultr_organization_role.my_role.id user = vultr_user.new_user.id type = "TemporaryAssumption" hour_start = 9 hour_end = 18 ip_range = ["10.0.0.0/8"] date_expires = "2027-01-01T00:00:00+00:00" } ``` 1. Apply the changes. ```console $ terraform apply ``` Verify that the output shows `vultr_organization_role_trust.my_role_trust: Modifications complete`.