Getting Information About an Inline Policy
You can get information about the content of an inline policy embedded in a user or a group.
Getting Information About an Inline Policy Using OSC CLI
Getting Information About an Inline Policy Embedded in a User
See the GetUserPolicy command sample in the documentation of the EIM API. |
Getting Information About an Inline Policy Embedded in a Group
The ReadUserGroupPolicy command returns information about an inline policy included in a specified group.
$ osc-cli api ReadUserGroupPolicy --profile "default" \
--PolicyName "example-policy" \
--UserGroupName "example-usergroup" \
--UserGroupPath "/example/"
This command contains the following attributes that you need to specify:
-
DryRun
: (optional) If true, checks whether you have the required permissions to perform the action. -
PolicyName
: The name of the policy. -
UserGroupName
: The name of the group. -
UserGroupPath
: (optional) The path to the group. If not specified, it is set to a slash (/
).
The ReadUserGroupPolicy command returns the following elements:
-
Policy
: Information about an inline policy.-
Body
: The policy document, corresponding to a JSON string that contains the policy. For more information, see EIM Reference Information and EIM Policy Generator. -
Name
: The name of the policy.
-
-
ResponseContext
: Information about the context of the response.-
RequestId
: The ID of the request.
-
{
"ResponseContext": {
"RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
},
"Policy": {
"Body": "{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}",
"Name": "example-policy"
}
}
Getting Information About an Inline Policy Using AWS CLI
Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI. |
Getting Information About an Inline Policy Embedded in a User
To get information about an inline policy embedded in a user, use the get-user-policy command following this syntax:
$ aws iam get-user-policy \
--profile YOUR_PROFILE \
--user-name USER_NAME \
--policy-name MY_POLICY \
--endpoint https://eim.eu-west-2.outscale.com
This command contains the following attributes that you need to specify:
-
(optional)
profile
: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI. -
user-name
: The name of the user. -
policy-name
: The name of the policy. -
endpoint
: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.
The get-user-policy command returns the following elements:
-
UserName
: The name of the user the policy is embedded in. -
PolicyName
: The name of the policy. -
PolicyDocument
: The policy document.
{
"UserName": "Jane",
"PolicyName": "AdminAccess",
"PolicyDocument": {
"statement":[
{
"action":["*"],
"effect":"Allow",
"resource":["*"],
},
]
}
}
Getting Information About an Inline Policy Embedded in a Group
To get information about an inline policy embedded in a group, use the get-group-policy command following this syntax:
$ aws iam get-group-policy \
--profile YOUR_PROFILE \
--group-name GROUP_NAME \
--policy-name MY_POLICY \
--endpoint https://eim.eu-west-2.outscale.com
This command contains the following attributes that you need to specify:
-
(optional)
profile
: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI. -
group-name
: The name of the group. -
policy-name
: The name of the policy. -
endpoint
: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.
The get-user-policy command returns the following elements:
-
GroupName
: The name of the group the policy is embedded in. -
PolicyName
: The name of the policy. -
PolicyDocument
: The policy document.
{
"GroupName": "Admin",
"PolicyDocument": {
"statement":[
{
"action":["*"],
"effect":"Allow",
"resource":["*"],
},
]
}
"PolicyName": "AdminAccess"
}
Related Pages
Corresponding API Methods
AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.