**To create an IAM role** The following ``create-role`` command creates a role named ``Test-Role`` and attaches a trust policy to it:: aws iam create-role --role-name Test-Role --assume-role-policy-document file://Test-Role-Trust-Policy.json Output:: { "Role": { "AssumeRolePolicyDocument": "<URL-encoded-JSON>", "RoleId": "AKIAIOSFODNN7EXAMPLE", "CreateDate": "2013-06-07T20:43:32.821Z", "RoleName": "Test-Role", "Path": "/", "Arn": "arn:aws:iam::123456789012:role/Test-Role" } } The trust policy is defined as a JSON document in the *Test-Role-Trust-Policy.json* file. (The file name and extension do not have significance.) The trust policy must specify a principal. To attach a permissions policy to a role, use the ``put-role-policy`` command. For more information, see `Creating a Role`_ in the *Using IAM* guide. .. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html