Create an inline IAM policy for a user using an AWS SDK - AWS SDK Code Examples

There are more AWS SDK examples available in the AWS Doc SDK Examples GitHub repo.

Create an inline IAM policy for a user using an AWS SDK

The following code examples show how to create an inline IAM policy for a user.

Go
SDK for Go V2
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

// UserWrapper encapsulates AWS Identity and Access Management (IAM) user actions // used in the examples. // It contains an IAM service client that is used to perform user actions. type UserWrapper struct { IamClient *iam.Client } // CreateUserPolicy adds an inline policy to a user. This example creates a policy that // grants a list of actions on a specified role. // PolicyDocument shows how to work with a policy document as a data structure and // serialize it to JSON by using Go's JSON marshaler. func (wrapper UserWrapper) CreateUserPolicy(userName string, policyName string, actions []string, roleArn string) error { policyDoc := PolicyDocument{ Version: "2012-10-17", Statement: []PolicyStatement{{ Effect: "Allow", Action: actions, Resource: aws.String(roleArn), }}, } policyBytes, err := json.Marshal(policyDoc) if err != nil { log.Printf("Couldn't create policy document for %v. Here's why: %v\n", roleArn, err) return err } _, err = wrapper.IamClient.PutUserPolicy(context.TODO(), &iam.PutUserPolicyInput{ PolicyDocument: aws.String(string(policyBytes)), PolicyName: aws.String(policyName), UserName: aws.String(userName), }) if err != nil { log.Printf("Couldn't create policy for user %v. Here's why: %v\n", userName, err) } return err }
  • For API details, see PutUserPolicy in AWS SDK for Go API Reference.

Ruby
SDK for Ruby
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

# Creates an inline policy for a user that lets the user assume a role. # # @param policy_name [String] The name to give the policy. # @param user [Aws::IAM::User] The user that owns the policy. # @param role [Aws::IAM::Role] The role that can be assumed. # @return [Aws::IAM::UserPolicy] The newly created policy. def create_user_policy(policy_name, user, role) policy = user.create_policy( policy_name: policy_name, policy_document: { Version: "2012-10-17", Statement: [{ Effect: "Allow", Action: "sts:AssumeRole", Resource: role.arn }] }.to_json) puts("Created an inline policy for #{user.name} that lets the user assume role #{role.name}.") rescue Aws::Errors::ServiceError => e puts("Couldn't create an inline policy for user #{user.name}. Here's why: ") puts("\t#{e.code}: #{e.message}") raise else policy end
  • For API details, see PutUserPolicy in AWS SDK for Ruby API Reference.

Swift
SDK for Swift
Note

This is prerelease documentation for an SDK in preview release. It is subject to change.

Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

func putUserPolicy(policyDocument: String, policyName: String, user: IAMClientTypes.User) async throws { let input = PutUserPolicyInput( policyDocument: policyDocument, policyName: policyName, userName: user.userName ) do { _ = try await iamClient.putUserPolicy(input: input) } catch { throw error } }
  • For API details, see PutUserPolicy in AWS SDK for Swift API reference.