Listing Managed Policies

You can get the list of all the managed policies available for your account, or of managed policies attached to a user or a group.

Listing Managed Policies Using Cockpit

Listing Managed Policies Available for Your Account

See the EIM Policies dashboard.

Listing Managed Policies Attached to a User

In the EIM Users dashboard, click the name of the user you want to list the policies attached to.
The EIM user details panel appears.
Click the Attached Policies tab.
The list of managed policies attached to the user appears.

Listing Managed Policies Attached to a Group

In the EIM Groups dashboard, click the name of the group for which you want to list the managed policies attached to.
The EIM group details panel appears.
Click the Attached Managed Policies tab.
The list of managed policies attached to the group appears.

Listing Managed Policies Using OSC CLI

The ReadPolicies command lists all the managed policies available for your account.

Request sample

$ osc-cli api ReadPolicies --profile "default" \
    --Filters '{
        "OnlyLinked": True,
        "PathPrefix": "/",
        "Scope": "OWS"
      }' \
    --FirstItem 1 \
    --ResultsPerPage 30

This command contains the following attributes that you need to specify:

DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
Filters: (optional) One or more filters.
- OnlyLinked: (optional) If set to true, lists only the policies attached to a user.
- PathPrefix: (optional) The path prefix you can use to filter the results. If not specified, it is set to a slash (/).
- Scope: (optional) The scope of the policies. A policy can either be created by Outscale (OWS), and therefore applies to all accounts, or be created by its users (LOCAL).
  Possible values: LOCAL | OWS.
FirstItem: (optional) The item starting the list of policies requested.
ResultsPerPage: (optional) The maximum number of items that can be returned in a single response (by default, 100).

The ReadPolicies command returns the following elements:

HasMoreItems: If true, there are more items to return using the FirstItem parameter in a new request.
MaxResultsLimit: Indicates maximum results defined for the operation.
MaxResultsTruncated: If true, indicates whether requested page size is more than allowed.
Policies: Information about one or more policies.
- CreationDate: The date and time (UTC) at which the policy was created.
- Description: A friendly name for the policy (between 0 and 1000 characters).
- IsLinkable: Indicates whether the policy can be linked to a group or an EIM user.
- LastModificationDate: The date and time (UTC) at which the policy was last modified.
- Orn: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers.
- Path: The path to the policy.
- PolicyDefaultVersionId: The ID of the policy default version.
- PolicyId: The ID of the policy.
- PolicyName: The name of the policy.
- ResourcesCount: The number of resources attached to the policy.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "HasMoreItems": true,
  "Policies": [
    {
      "ResourcesCount": 1,
      "PolicyName": "example-user-policy",
      "PolicyDefaultVersionId": "v1",
      "Path": "/example/",
      "CreationDate": "2010-10-01T12:34:56.789+0000",
      "Description": "Example of description",
      "PolicyId": "ABCDEFGHIJKLMNOPQRSTUVWXYZ01234",
      "Orn": "orn:ows:idauth::012345678910:policy/example/example-user-policy",
      "IsLinkable": true,
      "LastModificationDate": "2010-10-01T12:34:56.789+0000"
    }
  ],
  "MaxResultsLimit": 30,
  "MaxResultsTruncated": false
}

Listing Managed Policies Using oapi-cli

The ReadPolicies command lists all the managed policies available for your account.

Request sample

$ oapi-cli --profile "default" ReadPolicies \
    --Filters '{
        "OnlyLinked": true,
        "PathPrefix": "/",
        "Scope": "OWS"
      }' \
    --FirstItem 1 \
    --ResultsPerPage 30

This command contains the following attributes that you need to specify:

DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
Filters: (optional) One or more filters.
- OnlyLinked: (optional) If set to true, lists only the policies attached to a user.
- PathPrefix: (optional) The path prefix you can use to filter the results. If not specified, it is set to a slash (/).
- Scope: (optional) The scope of the policies. A policy can either be created by Outscale (OWS), and therefore applies to all accounts, or be created by its users (LOCAL).
  Possible values: LOCAL | OWS.
FirstItem: (optional) The item starting the list of policies requested.
ResultsPerPage: (optional) The maximum number of items that can be returned in a single response (by default, 100).

The ReadPolicies command returns the following elements:

HasMoreItems: If true, there are more items to return using the FirstItem parameter in a new request.
MaxResultsLimit: Indicates maximum results defined for the operation.
MaxResultsTruncated: If true, indicates whether requested page size is more than allowed.
Policies: Information about one or more policies.
- CreationDate: The date and time (UTC) at which the policy was created.
- Description: A friendly name for the policy (between 0 and 1000 characters).
- IsLinkable: Indicates whether the policy can be linked to a group or an EIM user.
- LastModificationDate: The date and time (UTC) at which the policy was last modified.
- Orn: The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers.
- Path: The path to the policy.
- PolicyDefaultVersionId: The ID of the policy default version.
- PolicyId: The ID of the policy.
- PolicyName: The name of the policy.
- ResourcesCount: The number of resources attached to the policy.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "HasMoreItems": true,
  "Policies": [
    {
      "ResourcesCount": 1,
      "PolicyName": "example-user-policy",
      "PolicyDefaultVersionId": "v1",
      "Path": "/example/",
      "CreationDate": "2010-10-01T12:34:56.789+0000",
      "Description": "Example of description",
      "PolicyId": "ABCDEFGHIJKLMNOPQRSTUVWXYZ01234",
      "Orn": "orn:ows:idauth::012345678910:policy/example/example-user-policy",
      "IsLinkable": true,
      "LastModificationDate": "2010-10-01T12:34:56.789+0000"
    }
  ],
  "MaxResultsLimit": 30,
  "MaxResultsTruncated": false
}

Listing Managed Policies Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

Listing Your Managed Policies

To list the managed policies available for your account, use the list-policies command following this syntax:

Request sample

$ aws iam list-policies \
    --profile YOUR_PROFILE \
    --scope all \
    --only-attached \
    --path-prefix / \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following options that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
(optional) scope: The scope to filter the result (all | local).

As no 3DS OUTSCALE-managed policies are provided, this action only returns policies you created independently from the scope you choose.
(optional) only-attached | not-only-attached: If only-attached is set, only managed policies that are attached to an EIM identity are listed.
(optional) path-prefix: The path prefix of the policies you want to describe (by default, set to a slash /).
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The list-policies command returns the following elements:

Policies: Information about one or more policies. This element contains the following information:
- PolicyName: The name of the policy.
- CreateDate: The date and time of creation of the policy.
- AttachmentCount: The number of EIM identities (users or groups) the policy is attached to.
- IsAttachable: If true, the policy can be attached to an EIM identity. If false, it cannot.
- PolicyId: The ID of the policy.
- DefaultVersionId: The ID of the policy version set as the default one.
- Path: The path for the policy.
- Arn: The OUTSCALE Resource Name (ORN) of the policy.
- UpdateDate: The date and time of the last update of the policy.

Result sample

{
        "Policies": [
        {
                "PolicyName": "AdminAccess",
                "CreateDate": "2016-05-12T18:43:524Z",
                "AttachmentCount": 5,
                "IsAttachable": true,
                "PolicyId": "ABCDEFGHIJKLMNO12PQRS",
                "DefaultVersionId": "v1",
                "Path": "/",
                "Arn": "arn:aws:iam::aws:policy/AdminAccess",
                "UpdateDate": "2016-05-12T18:43:524Z"
              },
        ]
}

Listing the Managed Policies Attached to a User

To list the managed policies attached to a user, use the list-attached-user-policies command following this syntax:

Request sample

$ aws iam list-attached-user-policies \
    --profile YOUR_PROFILE \
    --user-name Jane \
    --path-prefix / \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following options that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
user-name: The name of the user.
(optional) path-prefix: The path prefix of the policies you want to list (by default, set to a slash /).
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The list-attached-user-policies command returns the following elements:

AttachedPolicies: Information about one or more policies attached to the specified user. This element contains the following information:
- PolicyName: The name of the policy.
- PolicyArn: The OUTSCALE Resource Name (ORN) of the policy.

Result sample

{
  "AttachedPolicies": [
    {
      "PolicyName": "AdminAccess",
      "PolicyArn": "arn:aws:iam::aws:policy/AdminAccess"
    },
    {
      "PolicyName": "DevAccess",
      "PolicyArn": "arn:aws:iam::aws:policy/DevAccess"
    }
  ],
}

Listing the Managed Policies Attached to a Group

To list the policies attached to a group, use the list-attached-group-policies command following this syntax:

Request sample

$ aws iam list-attached-group-policies \
    --profile YOUR_PROFILE \
    --group-name Dev \
    --path-prefix / \
    --endpoint https://eim.eu-west-2.outscale.com

This command contains the following options that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
group-name: The name of the user.
(optional) path-prefix: The path prefix of the policies you want to list (by default, set to a slash /).
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The list-attached-user-policies command returns the following elements:

AttachedPolicies: Information about one or more policies attached to the specified group. This element contains the following information:
- PolicyName: The name of the policy.
- PolicyArn: The OUTSCALE Resource Name (ORN) of the policy.

Result sample

{
  "AttachedPolicies": [
    {
      "PolicyName": "DevAccess",
      "PolicyArn": "arn:aws:iam::aws:policy/DevAccess"
    }
  ]
}

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.