Table Of Contents

Feedback

User Guide

First time using the AWS CLI? See the User Guide for help getting started.

[ aws . iot ]

create-policy

Description

Creates an AWS IoT policy.

The created policy is the default version for the policy. This operation creates a policy version with a version identifier of 1 and sets 1 as the policy's default version.

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.

Synopsis

  create-policy
--policy-name <value>
--policy-document <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

Options

--policy-name (string)

The policy name.

--policy-document (string)

The JSON document that describes the policy. policyDocument must have a minimum length of 1, with a maximum length of 2048, excluding whitespace.

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.

Examples

To create a policy

The following create-policy example creates a policy that allows updates to all AWS IoT device certificates.

aws iot create-policy \
    --policy-name "UpdateDeviceCertPolicy" \
    --policy-document "{ \"Version\": \"2012-10-17\", \"Statement\": [ { \"Effect\": \"Allow\", \"Action\":  \"iot:UpdateCertificate\", \"Resource\": \"*\" } ] }"

Output:

{
    "policyName": "UpdateDeviceCertPolicy",
    "policyArn": "arn:aws:iot:us-west-2:123456789012:policy/UpdateDeviceCertPolicy",
    "policyDocument": "{ \"Version\": \"2012-10-17\", \"Statement\": [ { \"Effect\": \"Allow\", \"Action\":  \"iot:UpdateCertificate\", \"Resource\": \"*\" } ] }",
    "policyVersionId": "1"
}

For more information, see AWS IoT Policies in the AWS IoT Developers Guide.

Output

policyName -> (string)

The policy name.

policyArn -> (string)

The policy ARN.

policyDocument -> (string)

The JSON document that describes the policy.

policyVersionId -> (string)

The policy version ID.