AWS Code Sample

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above. demonstrates how to create a new version of an IAM policy by reading the policy from a file.

# Copyright 2010-2019, Inc. or its affiliates. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"). You # may not use this file except in compliance with the License. A copy of # the License is located at # # # # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import boto3 from botocore.exceptions import ClientError # Assign these values before running the program policy_arn = 'arn:aws:iam::123456789012:policy/POLICY_NAME' policy_file_name = 'POLICY_FILENAME.JSON' try: # Read the policy definition from a file with open(policy_file_name, 'r') as f: policy_version = # Show the loaded policy definition print(f'Creating new version of IAM policy {policy_arn}') print(policy_version) # Create a new version of the policy and set it as the default version iam = boto3.client('iam') response = iam.create_policy_version(PolicyArn=policy_arn, PolicyDocument=policy_version, SetAsDefault=True) print(f'Policy Version Created: {response["PolicyVersion"]["VersionId"]}') except ClientError as e: print(e)

Sample Details

Service: iam

Last tested: 2019-04-10

Author: AWS

Type: snippet

On this page: