Creating an Inline Policy

You can create inline policies embedded in a user or a group. Inline policies are then applied to this user or to all the users that are in this group.

Creating an Inline Policy Using OSC CLI

Creating an Inline Policy for a User

See the PutUserPolicy command sample in the documentation of the EIM API.

Creating an Inline Policy for a Group

The PutUserGroupPolicy command creates or updates an inline policy included in a specified group.
The policy is automatically applied to all the users of the group after its creation.

Request sample

$ osc-cli api PutUserGroupPolicy --profile "default" \
    --PolicyDocument '"{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"' \
    --PolicyName "example-usergroup-policy" \
    --UserGroupName "example-usergroup" \
    --UserGroupPath "/example/"

This command contains the following attributes that you need to specify:

DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
PolicyDocument: The policy document, corresponding to a JSON string that contains the policy. For more information, see EIM Reference Information and EIM Policy Generator.
PolicyName: The name of the policy.
UserGroupName: The name of the group.
UserGroupPath: (optional) The path to the group. If not specified, it is set to a slash (/).

The PutUserGroupPolicy command returns the following elements:

ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  }
}

Creating an Inline Policy Using oapi-cli

Creating an Inline Policy for a Group

The PutUserGroupPolicy command creates or updates an inline policy included in a specified group.
The policy is automatically applied to all the users of the group after its creation.

Request sample

$ oapi-cli --profile "default" PutUserGroupPolicy \
    --PolicyDocument --jsonstr-file "policy.json" \
    --PolicyName "example-usergroup-policy" \
    --UserGroupName "example-usergroup" \
    --UserGroupPath "/example/"

This command contains the following attributes that you need to specify:

DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
PolicyDocument: The policy document, corresponding to a JSON string that contains the policy. For more information, see EIM Reference Information and EIM Policy Generator.
PolicyName: The name of the policy.
UserGroupName: The name of the group.
UserGroupPath: (optional) The path to the group. If not specified, it is set to a slash (/).

The PutUserGroupPolicy command returns the following elements:

ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  }
}

Creating an Inline Policy Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

Creating an Inline Policy for a User

To create a new inline policy associated with a user, use the put-user-policy command following this syntax:

Request sample

$ aws iam put-user-policy \
    --profile YOUR_PROFILE \
    --user-name Jane \
    --policy-name AdminAccess \
    --policy-document file://policy \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
user-name: The name of the user.
policy-name: The name of the policy.
policy-document: The policy document, corresponding to a JSON string that contains the policy. For more information, see EIM Reference Information and EIM Policy Generator.
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The new inline policy is created for the specified user.

Creating an Inline Policy for a Group

To create a new inline policy associated with a group, use the put-group-policy command following this syntax:

Request sample

$ aws iam put-group-policy \
    --profile YOUR_PROFILE \
    --group-name Admin \
    --policy-name AdminAccess \
    --policy-document file://policy \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
group-name: The name of the group.
policy-name: The name of the policy.
policy-document: The policy document, corresponding to a JSON string that contains the policy. For more information, see EIM Reference Information and EIM Policy Generator.
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The new inline policy is created for the specified group.

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.