Table Of Contents

Feedback

User Guide

First time using the AWS CLI? See the User Guide for help getting started.

[ aws . iam ]

put-user-policy

Description

Adds or updates an inline policy document that is embedded in the specified IAM user.

An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy . To create a new managed policy, use CreatePolicy . For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .

For information about limits on the number of inline policies that you can embed in a user, see Limitations on IAM Entities in the IAM User Guide .

Note

Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy . For general information about using the Query API with IAM, go to Making Query Requests in the IAM User Guide .

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.

Synopsis

  put-user-policy
--user-name <value>
--policy-name <value>
--policy-document <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

Options

--user-name (string)

The name of the user to associate the policy with.

This parameter allows (per its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

--policy-name (string)

The name of the policy document.

This parameter allows (per its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

--policy-document (string)

The policy document.

The regex pattern used to validate this parameter is a string of characters consisting of the following:

  • Any printable ASCII character ranging from the space character (u0020) through the end of the ASCII character range
  • The printable characters in the Basic Latin and Latin-1 Supplement character set (through u00FF)
  • The special characters tab (u0009), line feed (u000A), and carriage return (u000D)

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.

Examples

To attach a policy to an IAM user

The following put-user-policy command attaches a policy to the IAM user named Bob:

aws iam put-user-policy --user-name Bob --policy-name ExamplePolicy --policy-document file://AdminPolicy.json

The policy is defined as a JSON document in the AdminPolicy.json file. (The file name and extension do not have significance.)

For more information, see Adding a New User to Your AWS Account in the Using IAM guide.

Output

None