AWS Identity and Access Management
User Guide

Attaching a Policy to an IAM Group

You can attach an AWS managed policy—that is, a prewritten policy provided by AWS—to a group, as explained in the following steps. To attach a customer managed policy—that is, a policy with custom permissions that you create—you must first create the policy. For information about creating customer managed policies, see Creating IAM Policies.

For more information about permissions and policies, see Access Management.

To attach a policy to a group (console)

  1. Sign in to the AWS Management Console and open the IAM console at

  2. In the navigation pane, select Policies.

  3. In the list of policies, select the check box next to the name of the policy to attach. You can use the Filter menu and the search box to filter the list of policies.

  4. Click Policy actions, then click Attach.

  5. For Filter, choose All Types, then click Groups.

  6. Select the check box next to the name of the group to attach the policy to, then click Attach policy.

To attach a policy to a group (AWS CLI or AWS API)

Do either of the following: