Getting Information About a Managed Policy

You can get information about the general characteristics of a managed policy, including its default version and the number of users or groups it is attached to, and about the permissions contained in its policy document.

Getting Information About a Managed Policy Using Cockpit v2

See the EIM Policies dashboard.

Getting Information About a Managed Policy Using OSC CLI

The ReadPolicy command lists information about a specified managed policy.

Request sample

$ osc-cli api ReadPolicy --profile "default" \
    --PolicyOrn "orn:ows:idauth::012345678910:policy/example/example-user-policy"

This command contains the following attributes that you need to specify:

PolicyOrn: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers.

The ReadPolicy command returns the following elements:

Policy: Information about the policy.
- CreationDate: The date and time (UTC) at which the policy was created.
- Description: A friendly name for the policy (between 0 and 1000 characters).
- IsLinkable: Indicates whether the policy can be linked to a group or an EIM user.
- LastModificationDate: The date and time (UTC) at which the policy was last modified.
- Orn: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers.
- Path: The path to the policy.
- PolicyDefaultVersionId: The ID of the policy default version.
- PolicyId: The ID of the policy.
- PolicyName: The name of the policy.
- ResourcesCount: The number of resources attached to the policy.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample

{
  "Policy": {
    "ResourcesCount": 0,
    "PolicyName": "example-user-policy",
    "PolicyDefaultVersionId": "v1",
    "Path": "/example/",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "Description": "Example of description",
    "PolicyId": "ABCDEFGHIJKLMNOPQRSTUVWXYZ01234",
    "Orn": "orn:ows:idauth::012345678910:policy/example/example-user-policy",
    "IsLinkable": true,
    "LastModificationDate": "2010-10-01T12:34:56.789+0000"
  },
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  }
}

Getting Information About a Managed Policy Using oapi-cli

The ReadPolicy command lists information about a specified managed policy.

Request sample

$ oapi-cli --profile "default" ReadPolicy \
    --PolicyOrn "orn:ows:idauth::012345678910:policy/example/example-user-policy"

This command contains the following attributes that you need to specify:

PolicyOrn: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers.

The ReadPolicy command returns the following elements:

Policy: Information about the policy.
- CreationDate: The date and time (UTC) at which the policy was created.
- Description: A friendly name for the policy (between 0 and 1000 characters).
- IsLinkable: Indicates whether the policy can be linked to a group or an EIM user.
- LastModificationDate: The date and time (UTC) at which the policy was last modified.
- Orn: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers.
- Path: The path to the policy.
- PolicyDefaultVersionId: The ID of the policy default version.
- PolicyId: The ID of the policy.
- PolicyName: The name of the policy.
- ResourcesCount: The number of resources attached to the policy.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample

{
  "Policy": {
    "ResourcesCount": 0,
    "PolicyName": "example-user-policy",
    "PolicyDefaultVersionId": "v1",
    "Path": "/example/",
    "CreationDate": "2010-10-01T12:34:56.789+0000",
    "Description": "Example of description",
    "PolicyId": "ABCDEFGHIJKLMNOPQRSTUVWXYZ01234",
    "Orn": "orn:ows:idauth::012345678910:policy/example/example-user-policy",
    "IsLinkable": true,
    "LastModificationDate": "2010-10-01T12:34:56.789+0000"
  },
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  }
}

Getting Information About a Managed Policy Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

Getting General Information About a Managed Policy

To get general information about a managed policy, use the get-policy command following this syntax:

Request sample

$ aws iam get-policy \
    --profile YOUR_PROFILE \
    --policy-arn arn:aws:iam::123456789012:policy/MY_POLICY \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
policy-arn: The OUTSCALE Resource Name (ORN) of the policy.
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The get-policy command returns the following elements:

Policy: Information about the specified policy. This element contains the following information:
- PolicyName: The name of the policy.
- CreateDate: The date and time of creation of the policy version.
- AttachmentCount: The number of EIM identities (users or groups) that the policy is attached to.
- IsAttachable: If true, the policy can be attached to an EIM identity. If false, it cannot.
- PolicyId: The ID of the policy.
- DefaultVersionId: The ID of the policy version set as the default one.
- Path:The path to the policy.
- Arn: The OUTSCALE Resource Name (ORN) of the user. For more information, see Resource Identifiers.
- UpdateDate: The date and time of the last update of the policy.

Result sample

{
    "Policy": {
        "PolicyName": "MY_POLICY",
        "CreateDate": "2015-06-17T19:23;32Z",
        "AttachmentCount": "0",
        "IsAttachable": true,
        "PolicyId": "Z27SI6FQMGNQ2EXAMPLE1",
        "DefaultVersionId": "v1",
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:policy/MY_POLICY",
        "UpdateDate": "2015-06-17T19:23:32Z"
    }
}

Getting Information About the Content of a Policy Version

To get information about the content of a policy version, use the get-policy-version command following this syntax:

Request sample

$ aws iam get-policy-version \
    --profile YOUR_PROFILE \
    --policy-arn arn:aws:iam::123456789012:policy/MY_POLICY \
    --version-id v2 \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
policy-arn: The OUTSCALE Resource Name (ORN) of the policy.
version-id: The ID of the policy version.
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The get-policy-version command returns the following elements:

PolicyVersion: Information about the policy version. This element contains the following information:
- CreateDate: The date and time of creation of the policy version.
- VersionId: The ID of the policy version.
- Document: The policy document.
- IsDefaultVersion: If true, the policy version is the default one.

Result sample

{
    "PolicyVersion": {
        "CreateDate": "2016-05-12T18:43:524Z",
        "VersionId": "v2",
        "Document": {
                      "Statement": [
                              {
                                      "Action": ["*"],
                                      "Resource": ["*"],
                                      "Effect": "Allow"
                              }
                      ]
                }
        "IsDefaultVersion": "false"
    }
}

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.