Getting Information About a Managed Policy

You can get information about the general characteristics of a managed policy, including its default version and the number of users or groups it is attached to, and about the permissions contained in its policy document.

Getting General Information About a Managed Policy

This procedure uses AWS CLI only. Information about these resources is also available from Cockpit v1. For more information, see EIM User Interface > Policies Page.

To get general information about a managed policy, use the get-policy command following this syntax:

Request sample
$ aws iam get-policy \
    --profile YOUR_PROFILE \
    --policy-arn arn:aws:iam::123456789012:policy/MY_POLICY \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • policy-arn: The OUTSCALE Resource Name (ORN) of the policy.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The get-policy command returns the following elements:

  • Policy: Information about the specified policy. This element contains the following information:

    • PolicyName: The name of the policy.

    • CreateDate: The date and time of creation of the policy version.

    • AttachmentCount: The number of EIM identities (users or groups) that the policy is attached to.

    • IsAttachable: If true, the policy can be attached to an EIM identity. If false, it cannot.

    • PolicyId: The ID of the policy.

    • DefaultVersionId: The ID of the policy version set as the default one.

    • Path:The path to the policy.

    • Arn: The OUTSCALE Resource Name (ORN) of the user. For more information, see Resource Identifiers.

    • UpdateDate: The date and time of the last update of the policy.

Result sample
{
    "Policy": {
        "PolicyName": "MY_POLICY",
        "CreateDate": "2015-06-17T19:23;32Z",
        "AttachmentCount": "0",
        "IsAttachable": "true",
        "PolicyId": "Z27SI6FQMGNQ2EXAMPLE1",
        "DefaultVersionId": "v1",
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:policy/MY_POLICY",
        "UpdateDate": "2015-06-17T19:23:32Z"
    }
}

Getting Information About the Content of a Policy Version

In Cockpit, information about the permissions contained in a managed policy is available in the Policies page, when you click View Policy Document .

To get information about the content of a policy version, use the get-policy-version command following this syntax:

Request sample
$ aws iam get-policy-version \
    --profile YOUR_PROFILE \
    --policy-arn arn:aws:iam::123456789012:policy/MY_POLICY \
    --version-id v2 \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • policy-arn: The OUTSCALE Resource Name (ORN) of the policy.

  • version-id: The ID of the policy version.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The get-policy-version command returns the following elements:

  • PolicyVersion: Information about the policy version. This element contains the following information:

    • CreateDate: The date and time of creation of the policy version.

    • VersionId: The ID of the policy version.

    • Document: The policy document.

    • IsDefaultVersion: If true, the policy version is the default one.

Result sample
{
    "PolicyVersion": {
        "CreateDate": "2016-05-12T18:43:524Z",
        "VersionId": "v2",
        "Document": {
                      "Statement": [
                              {
                                      "Action": ["*"],
                                      "Resource": ["*"],
                                      "Effect": "Allow"
                              }
                      ]
                }
        "IsDefaultVersion": "false"
    }
}

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.