IAM: CLI: How to get contents of a policy?

Question

A. Policy: AmazonS3ReadOnlyAccess  
B. Arn:    arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess  
  
C. Console view:  
{  
    "Version": "2012-10-17",  
    "Statement": \[  
        {  
            "Effect": "Allow",  
            "Action": \[  
                "s3:Get*",  
                "s3:List*"  
            ],  
            "Resource": "*"  
        }  
    ]  
}  
  
D. How can I get that JSON (C.) output from CLI?  
  
Please, advise. Thank you.  
  
~ Mike

Accepted Answer

Hello  
  
1. you could use a get-policy-version

```
aws iam get-policy-version --policy-arn arn:aws:iam::ACCOUNTNUMBER:policy/MyPolicy --version-id v1
```

2. if you are using organizations, you could do a "describe-policy" to get the content.

```
aws organizations describe-policy --policy-id p-yourPolicyID
```

hope this helps,  
RT

IAM: CLI: How to get contents of a policy?

相关内容