Getting Information About an Inline Policy

You can get information about the content of an inline policy embedded in a user or a group.

Getting Information About an Inline Policy Using OSC CLI

Getting Information About an Inline Policy Embedded in a User

See the GetUserPolicy command sample in the documentation of the EIM API.

Getting Information About an Inline Policy Embedded in a Group

The ReadUserGroupPolicy command returns information about an inline policy included in a specified group.

Request sample
$ osc-cli api ReadUserGroupPolicy --profile "default" \
    --PolicyName "example-policy" \
    --UserGroupName "example-usergroup" \
    --UserGroupPath "/example/"

This command contains the following attributes that you need to specify:

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • PolicyName: The name of the policy.

  • UserGroupName: The name of the group.

  • UserGroupPath: (optional) The path to the group. If not specified, it is set to a slash (/).

The ReadUserGroupPolicy command returns the following elements:

  • Policy: Information about an inline policy.

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "Policy": {
    "Body": "{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}",
    "Name": "example-policy"
  }
}

Getting Information About an Inline Policy Using OSC CLI

Getting Information About an Inline Policy Embedded in a Group

The ReadUserGroupPolicy command returns information about an inline policy included in a specified group.

Request sample
$ oapi-cli --profile "default" ReadUserGroupPolicy \
    --PolicyName "example-policy" \
    --UserGroupName "example-usergroup" \
    --UserGroupPath "/example/"

This command contains the following attributes that you need to specify:

  • DryRun: (optional) If true, checks whether you have the required permissions to perform the action.

  • PolicyName: The name of the policy.

  • UserGroupName: The name of the group.

  • UserGroupPath: (optional) The path to the group. If not specified, it is set to a slash (/).

The ReadUserGroupPolicy command returns the following elements:

  • Policy: Information about an inline policy.

  • ResponseContext: Information about the context of the response.

    • RequestId: The ID of the request.

Result sample
{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "Policy": {
    "Body": "{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}",
    "Name": "example-policy"
  }
}

Getting Information About an Inline Policy Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

Getting Information About an Inline Policy Embedded in a User

To get information about an inline policy embedded in a user, use the get-user-policy command following this syntax:

Request sample
$ aws iam get-user-policy \
    --profile YOUR_PROFILE \
    --user-name USER_NAME \
    --policy-name MY_POLICY \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • user-name: The name of the user.

  • policy-name: The name of the policy.

  • endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The get-user-policy command returns the following elements:

  • UserName: The name of the user the policy is embedded in.

  • PolicyName: The name of the policy.

  • PolicyDocument: The policy document.

Result sample
{
    "UserName": "Jane",
    "PolicyName": "AdminAccess",
    "PolicyDocument": {
                       "statement":[
                                    {
                                    "action":["*"],
                                    "effect":"Allow",
                                    "resource":["*"],
                                    },
                                  ]
                       }
}

Getting Information About an Inline Policy Embedded in a Group

To get information about an inline policy embedded in a group, use the get-group-policy command following this syntax:

Request sample
$ aws iam get-group-policy \
    --profile YOUR_PROFILE \
    --group-name GROUP_NAME \
    --policy-name MY_POLICY \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • group-name: The name of the group.

  • policy-name: The name of the policy.

  • endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The get-user-policy command returns the following elements:

  • GroupName: The name of the group the policy is embedded in.

  • PolicyName: The name of the policy.

  • PolicyDocument: The policy document.

Result sample
{
    "GroupName": "Admin",
    "PolicyDocument": {
                       "statement":[
                                    {
                                    "action":["*"],
                                    "effect":"Allow",
                                    "resource":["*"],
                                    },
                                  ]
                       }
    "PolicyName": "AdminAccess"
}

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.

Export to PDF