managed_policy
Gets an individual managed_policy resource
Overview
| Name | managed_policy |
| Type | Resource |
| Description | managed_policy |
| Id | awscc.iam.managed_policy |
Fields
| Name | Datatype | Description |
|---|---|---|
description | string | A friendly description of the policy. |
groups | array | The name (friendly name, not ARN) of the group to attach the policy to. |
managed_policy_name | string | The friendly name of the policy. |
path | string | The path for the policy. |
policy_document | object | The JSON policy document that you want to use as the content for the new policy. |
roles | array | The name (friendly name, not ARN) of the role to attach the policy to. |
users | array | The name (friendly name, not ARN) of the IAM user to attach the policy to. |
policy_arn | string | Amazon Resource Name (ARN) of the managed policy |
attachment_count | integer | The number of entities (users, groups, and roles) that the policy is attached to. |
create_date | string | The date and time, in ISO 8601 date-time format, when the policy was created. |
update_date | string | The date and time, in ISO 8601 date-time format, when the policy was last updated. |
default_version_id | string | The identifier for the version of the policy that is set as the default version. |
is_attachable | boolean | Specifies whether the policy can be attached to an IAM user, group, or role. |
permissions_boundary_usage_count | integer | The number of entities (users and roles) for which the policy is used to set the permissions boundary. |
policy_id | string | The stable and unique string identifying the policy. |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
description,
groups,
managed_policy_name,
path,
policy_document,
roles,
users,
policy_arn,
attachment_count,
create_date,
update_date,
default_version_id,
is_attachable,
permissions_boundary_usage_count,
policy_id
FROM awscc.iam.managed_policy
WHERE data__Identifier = '<PolicyArn>';
Permissions
To operate on the managed_policy resource, the following permissions are required:
Read
iam:GetPolicy,
iam:ListEntitiesForPolicy,
iam:GetPolicyVersion
Update
iam:DetachRolePolicy,
iam:GetPolicy,
iam:ListPolicyVersions,
iam:DetachGroupPolicy,
iam:DetachUserPolicy,
iam:CreatePolicyVersion,
iam:DeletePolicyVersion,
iam:AttachGroupPolicy,
iam:AttachUserPolicy,
iam:AttachRolePolicy
Delete
iam:DetachRolePolicy,
iam:GetPolicy,
iam:ListPolicyVersions,
iam:DetachGroupPolicy,
iam:DetachUserPolicy,
iam:DeletePolicyVersion,
iam:DeletePolicy,
iam:ListEntitiesForPolicy