AWS Code Sample

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above. demonstrates how to create a new version of an IAM policy.

# Copyright 2010-2019, Inc. or its affiliates. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"). You # may not use this file except in compliance with the License. A copy of # the License is located at # # # # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import json import boto3 from botocore.exceptions import ClientError # Set this value before running the program # Policy to create a new version of policy_arn = 'arn:aws:iam::123456789012:policy/POLICY_NAME' # Define the new version of the policy new_policy = { 'Version': '2012-10-17', 'Statement': [ { 'Sid': 'Statement1', 'Effect': 'Allow', 'Action': 'EC2:*', 'Resource': '*' }, { 'Sid': 'Statement2', 'Effect': 'Allow', 'Action': 'S3:*', 'Resource': '*' } ] } print(f'Creating new version of IAM policy {policy_arn}') print(json.dumps(new_policy)) # Create the new version of the policy and set it as the default version try: iam = boto3.client('iam') response = iam.create_policy_version(PolicyArn=policy_arn, PolicyDocument=json.dumps(new_policy), SetAsDefault=True) print(f'Policy Version Created: {response["PolicyVersion"]["VersionId"]}') except ClientError as e: print(e)

Sample Details

Service: iam

Last tested: 2019-04-10

Author: AWS

Type: snippet

On this page: