Use ListEntitiesForPolicy
with an AWS SDK or CLI
The following code examples show how to use ListEntitiesForPolicy
.
- CLI
-
- AWS CLI
-
To list all users, groups, and roles that the specified managed policy is attached to
This example returns a list of IAM groups, roles, and users who have the policy
arn:aws:iam::123456789012:policy/TestPolicy
attached.aws iam list-entities-for-policy \ --policy-arn arn:aws:iam::123456789012:policy/TestPolicy
Output:
{ "PolicyGroups": [ { "GroupName": "Admins", "GroupId": "AGPACKCEVSQ6C2EXAMPLE" } ], "PolicyUsers": [ { "UserName": "Alice", "UserId": "AIDACKCEVSQ6C2EXAMPLE" } ], "PolicyRoles": [ { "RoleName": "DevRole", "RoleId": "AROADBQP57FF2AEXAMPLE" } ], "IsTruncated": false }
For more information, see Policies and permissions in IAM in the AWS IAM User Guide.
-
For API details, see ListEntitiesForPolicy
in AWS CLI Command Reference.
-
- PowerShell
-
- Tools for PowerShell
-
Example 1: This example returns a list of IAM groups, roles, and users who have the policy
arn:aws:iam::123456789012:policy/TestPolicy
attached.Get-IAMEntitiesForPolicy -PolicyArn "arn:aws:iam::123456789012:policy/TestPolicy"
Output:
IsTruncated : False Marker : PolicyGroups : {} PolicyRoles : {testRole} PolicyUsers : {Bob, Theresa}
-
For API details, see ListEntitiesForPolicy in AWS Tools for PowerShell Cmdlet Reference.
-
For a complete list of AWS SDK developer guides and code examples, see Using this service with an AWS SDK. This topic also includes information about getting started and details about previous SDK versions.