AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Container for the parameters to the CreatePolicy operation. Creates a policy of a specified type that you can attach to a root, an organizational unit (OU), or an individual Amazon Web Services account.
For more information about policies and their use, see Managing Organizations policies.
If the request includes tags, then the requester must have the organizations:TagResource
permission.
This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.
Namespace: Amazon.Organizations.Model
Assembly: AWSSDK.Organizations.dll
Version: 3.x.y.z
public class CreatePolicyRequest : AmazonOrganizationsRequest IAmazonWebServiceRequest
The CreatePolicyRequest type exposes the following members
Name | Description | |
---|---|---|
CreatePolicyRequest() |
Name | Type | Description | |
---|---|---|---|
Content | System.String |
Gets and sets the property Content.
The policy text content to add to the new policy. The text that you supply must adhere
to the rules of the policy type you specify in the The maximum size of a policy document depends on the policy's type. For more information, see Maximum and minimum values in the Organizations User Guide. |
|
Description | System.String |
Gets and sets the property Description. An optional description to assign to the policy. |
|
Name | System.String |
Gets and sets the property Name. The friendly name to assign to the policy. The regex pattern that is used to validate this parameter is a string of any of the characters in the ASCII character range. |
|
Tags | System.Collections.Generic.List<Amazon.Organizations.Model.Tag> |
Gets and sets the property Tags.
A list of tags that you want to attach to the newly created policy. For each tag in
the list, you must specify both a tag key and a value. You can set the value to an
empty string, but you can't set it to If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created. |
|
Type | Amazon.Organizations.PolicyType |
Gets and sets the property Type. The type of policy to create. You can specify one of the following values: |
The following example shows how to create a service control policy (SCP) that is named AllowAllS3Actions. The JSON string in the content parameter specifies the content in the policy. The parameter string is escaped with backslashes to ensure that the embedded double quotes in the JSON policy are treated as literals in the parameter, which itself is surrounded by double quotes:
var client = new AmazonOrganizationsClient(); var response = client.CreatePolicy(new CreatePolicyRequest { Content = "{\\"Version\\":\\"2012-10-17\\",\\"Statement\\":{\\"Effect\\":\\"Allow\\",\\"Action\\":\\"s3:*\\"}}", Description = "Enables admins of attached accounts to delegate all S3 permissions", Name = "AllowAllS3Actions", Type = "SERVICE_CONTROL_POLICY" }); Policy policy = response.Policy;
.NET Core App:
Supported in: 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5, 4.0, 3.5