group
Gets an individual group resource
Overview
| Name | group |
| Type | Resource |
| Description | group |
| Id | awscc.iam.group |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | The Arn of the group to create |
group_name | string | The name of the group to create |
managed_policy_arns | array | A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role. |
path | string | The path to the group |
policies | array | Adds or updates an inline policy document that is embedded in the specified IAM group |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
arn,
group_name,
managed_policy_arns,
path,
policies
FROM awscc.iam.group
WHERE data__Identifier = '<GroupName>';
Permissions
To operate on the group resource, the following permissions are required:
Read
iam:GetGroup,
iam:ListGroupPolicies,
iam:GetGroupPolicy,
iam:ListAttachedGroupPolicies
Update
iam:GetGroup,
iam:UpdateGroup,
iam:DetachGroupPolicy,
iam:AttachGroupPolicy,
iam:DeleteGroupPolicy,
iam:PutGroupPolicy,
iam:GetGroupPolicy
Delete
iam:GetGroup,
iam:DeleteGroup,
iam:ListAttachedGroupPolicies,
iam:ListGroupPolicies,
iam:DetachGroupPolicy,
iam:DeleteGroupPolicy,
iam:GetGroupPolicy