IAM: CLI: How to get contents of a policy?

0

A. Policy: AmazonS3ReadOnlyAccess
B. Arn: arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess

C. Console view:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": "*"
}
]
}

D. How can I get that JSON (C.) output from CLI?

Please, advise. Thank you.

~ Mike

helices
asked 3 years ago34 views
1 Answer
0
Accepted Answer

Hello

  1. you could use a get-policy-version
aws iam get-policy-version --policy-arn arn:aws:iam::ACCOUNTNUMBER:policy/MyPolicy --version-id v1

https://docs.aws.amazon.com/cli/latest/reference/iam/get-policy-version.html

  1. if you are using organizations, you could do a "describe-policy" to get the content.
aws organizations describe-policy --policy-id p-yourPolicyID

https://docs.aws.amazon.com/cli/latest/reference/organizations/describe-policy.html

hope this helps,
RT

rtt
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions