Get an IAM policy using an AWS SDK - AWS SDK Code Examples

There are more AWS SDK examples available in the AWS Doc SDK Examples GitHub repo.

Get an IAM policy using an AWS SDK

The following code examples show how to get an IAM policy.

.NET
AWS SDK for .NET
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

using System; using Amazon.IdentityManagement; using Amazon.IdentityManagement.Model; var client = new AmazonIdentityManagementServiceClient(); var request = new GetPolicyRequest { PolicyArn = "POLICY_ARN", }; var response = await client.GetPolicyAsync(request); Console.Write($"{response.Policy.PolicyName} was created on "); Console.WriteLine($"{response.Policy.CreateDate}");
  • For API details, see GetPolicy in AWS SDK for .NET API Reference.

C++
SDK for C++
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

bool AwsDoc::IAM::getPolicy(const Aws::String &policyArn, const Aws::Client::ClientConfiguration &clientConfig) { Aws::IAM::IAMClient iam(clientConfig); Aws::IAM::Model::GetPolicyRequest request; request.SetPolicyArn(policyArn); auto outcome = iam.GetPolicy(request); if (!outcome.IsSuccess()) { std::cerr << "Error getting policy " << policyArn << ": " << outcome.GetError().GetMessage() << std::endl; } else { const auto &policy = outcome.GetResult().GetPolicy(); std::cout << "Name: " << policy.GetPolicyName() << std::endl << "ID: " << policy.GetPolicyId() << std::endl << "Arn: " << policy.GetArn() << std::endl << "Description: " << policy.GetDescription() << std::endl << "CreateDate: " << policy.GetCreateDate().ToGmtString(Aws::Utils::DateFormat::ISO_8601) << std::endl; } return outcome.IsSuccess(); }
  • For API details, see GetPolicy in AWS SDK for C++ API Reference.

Go
SDK for Go V2
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

// PolicyWrapper encapsulates AWS Identity and Access Management (IAM) policy actions // used in the examples. // It contains an IAM service client that is used to perform policy actions. type PolicyWrapper struct { IamClient *iam.Client } // GetPolicy gets data about a policy. func (wrapper PolicyWrapper) GetPolicy(policyArn string) (*types.Policy, error) { var policy *types.Policy result, err := wrapper.IamClient.GetPolicy(context.TODO(), &iam.GetPolicyInput{ PolicyArn: aws.String(policyArn), }) if err != nil { log.Printf("Couldn't get policy %v. Here's why: %v\n", policyArn, err) } else { policy = result.Policy } return policy, err }
  • For API details, see GetPolicy in AWS SDK for Go API Reference.

JavaScript
SDK for JavaScript V3
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

Create the client.

import { IAMClient } from "@aws-sdk/client-iam"; // Set the AWS Region. const REGION = "REGION"; // For example, "us-east-1". // Create an IAM service client object. const iamClient = new IAMClient({ region: REGION }); export { iamClient };

Get the policy.

// Import required AWS SDK clients and commands for Node.js. import { iamClient } from "./libs/iamClient.js"; import { GetPolicyCommand } from "@aws-sdk/client-iam"; // Set the parameters. const params = { PolicyArn: "POLICY_ARN" /* required */, }; const run = async () => { try { const data = await iamClient.send(new GetPolicyCommand(params)); console.log("Success", data.Policy); } catch (err) { console.log("Error", err); } }; run();
SDK for JavaScript V2
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

// Load the AWS SDK for Node.js var AWS = require('aws-sdk'); // Set the region AWS.config.update({region: 'REGION'}); // Create the IAM service object var iam = new AWS.IAM({apiVersion: '2010-05-08'}); var params = { PolicyArn: 'arn:aws:iam::aws:policy/AWSLambdaExecute' }; iam.getPolicy(params, function(err, data) { if (err) { console.log("Error", err); } else { console.log("Success", data.Policy.Description); } });
Kotlin
SDK for Kotlin
Note

This is prerelease documentation for a feature in preview release. It is subject to change.

Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

suspend fun getIAMPolicy(policyArnVal: String?) { val request = GetPolicyRequest { policyArn = policyArnVal } IamClient { region = "AWS_GLOBAL" }.use { iamClient -> val response = iamClient.getPolicy(request) println("Successfully retrieved policy ${response.policy?.policyName}") } }
  • For API details, see GetPolicy in AWS SDK for Kotlin API reference.

PHP
SDK for PHP
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

$uuid = uniqid(); $service = new IamService(); public function getPolicy($policyArn) { return $this->customWaiter(function () use ($policyArn) { return $this->iamClient->getPolicy(['PolicyArn' => $policyArn]); }); }
  • For API details, see GetPolicy in AWS SDK for PHP API Reference.

Python
SDK for Python (Boto3)
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

def get_default_policy_statement(policy_arn): """ Gets the statement of the default version of the specified policy. :param policy_arn: The ARN of the policy to look up. :return: The statement of the default policy version. """ try: policy = iam.Policy(policy_arn) # To get an attribute of a policy, the SDK first calls get_policy. policy_doc = policy.default_version.document policy_statement = policy_doc.get('Statement', None) logger.info("Got default policy doc for %s.", policy.policy_name) logger.info(policy_doc) except ClientError: logger.exception("Couldn't get default policy statement for %s.", policy_arn) raise else: return policy_statement
  • For API details, see GetPolicy in AWS SDK for Python (Boto3) API Reference.

Ruby
SDK for Ruby
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

# Gets data about a policy. # # @param policy_arn [String] The ARN of the policy to look up. # @return [Aws::IAM::Policy] The retrieved policy. def get_policy(policy_arn) policy = @iam_resource.policy(policy_arn) puts("Got policy '#{policy.policy_name}'. Its ID is: #{policy.policy_id}.") rescue Aws::Errors::ServiceError => e puts("Couldn't get policy '#{policy_arn}'. Here's why:") puts("\t#{e.code}: #{e.message}") raise else policy end
  • For API details, see GetPolicy in AWS SDK for Ruby API Reference.

Swift
SDK for Swift
Note

This is prerelease documentation for an SDK in preview release. It is subject to change.

Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

public func getPolicy(arn: String) async throws -> IamClientTypes.Policy { let input = GetPolicyInput( policyArn: arn ) do { let output = try await client.getPolicy(input: input) guard let policy = output.policy else { throw ServiceHandlerError.noSuchPolicy } return policy } catch { throw error } }
  • For API details, see GetPolicy in AWS SDK for Swift API reference.