Creating a New Version of a Managed Policy
You can create a new version of a managed policy to update it. Managed policy can have up to five versions.
You can set this new policy version as the default one to apply to EIM identities the policy is attached to.
Creating a New Version of a Managed Policy Using OSC CLI
The CreatePolicyVersion command creates a version of a specified managed policy.
A managed policy can have up to five versions.
$ osc-cli api CreatePolicyVersion --profile "default" \
--Document '"{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"' \
--PolicyOrn "orn:ows:idauth::012345678910:policy/example/example-user-policy" \
--SetAsDefault True
This command contains the following attributes that you need to specify:
-
Document
: The policy document, corresponding to a JSON string that contains the policy. This policy document can contain a maximum of 5120 non-whitespace characters. For more information, see EIM Reference Information and EIM Policy Generator. -
PolicyOrn
: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers. -
SetAsDefault
: (optional) If set to true, the new policy version is set as the default version and becomes the operative one.
The CreatePolicyVersion command returns the following elements:
-
PolicyVersion
: Information about the policy version.-
Body
: The policy document, corresponding to a JSON string that contains the policy. For more information, see EIM Reference Information and EIM Policy Generator. -
CreationDate
: The date and time (UTC) at which the version was created. -
DefaultVersion
: If true, the version is the default one. -
VersionId
: The ID of the version.
-
-
ResponseContext
: Information about the context of the response.-
RequestId
: The ID of the request.
-
{
"ResponseContext": {
"RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
},
"PolicyVersion": {
"VersionId": "v2",
"DefaultVersion": true,
"CreationDate": "2017-05-10T12:34:56.789+0000",
"Body": "{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"
}
}
Creating a New Version of a Managed Policy Using AWS CLI
Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI. |
To create a new version of a managed policy, use the create-policy-version command following this syntax:
$ aws iam create-policy-version \
--profile YOUR_PROFILE \
--policy-arn arn:aws:iam::123456789012:policy/MY_POLICY \
--policy-document file://policy \
--set-as-default \
--endpoint https://eim.eu-west-2.outscale.com
This command contains the following attributes that you need to specify:
-
(optional)
profile
: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI. -
policy-arn
: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers. -
policy-document
: The policy document, corresponding to a JSON string that contains the new version of the policy. This policy document can contain a maximum of 5120 non-whitespace characters. For more information, see EIM Reference Information and EIM Policy Generator. -
(optional)
set-as-default
|no-set-as-default
: If set toset-as-default
, the new policy version becomes the default one and is applied to the EIM identities the policy is attached to. -
endpoint
: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.
The create-policy-version command returns the following elements:
-
PolicyVersion
: Information about the newly created policy version. This element contains the following information:-
CreateDate
: The date and time of creation of the policy version. -
VersionId
: The ID of the policy version. -
IsDefaultVersion
: Iftrue
, the newly created policy version is the default one.
-
{
"PolicyVersion": {
"CreateDate": "2016-05-12T18:43:524Z",
"VersionId": "v2",
"IsDefaultVersion": true
}
}
The policy version is created and set as the default one if you specified so.
Related Pages
Corresponding API Method
AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.