Menu
AWS IoT
Developer Guide

CreatePolicyVersion

Creates a new version of the specified AWS IoT policy. To update a policy, create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must use DeletePolicyVersion to delete an existing version before you create a new one.

Optionally, you can set the new version as the policy's default version. The default version is the operative version (that is, the version that is in effect for the certificates to which the policy is attached).

Request syntax:

POST /policies/policyName/version?setAsDefault=setAsDefault Content-type: application/json { "policyDocument": "string" }

URI Request Parameters:

Name

Type

Req?

Description

policyName

PolicyName

yes

The policy name.

setAsDefault

SetAsDefault

no

Specifies whether the policy version is set as the default. When this parameter is true, the new policy version becomes the operative version (that is, the version that is in effect for the certificates to which the policy is attached).

Request Body Parameters:

Name

Type

Req?

Description

policyDocument

PolicyDocument

yes

The JSON document that describes the policy. Minimum length of 1. Maximum length of 2048, excluding whitespace.

Response syntax:

Content-type: application/json { "policyArn": "string", "policyDocument": "string", "policyVersionId": "string", "isDefaultVersion": "boolean" }

Response Body Parameters:

Name

Type

Req?

Description

policyArn

PolicyArn

no

The policy ARN.

policyDocument

PolicyDocument

no

The JSON document that describes the policy.

policyVersionId

PolicyVersionId

no

The policy version ID.

isDefaultVersion

IsDefaultVersion

no

Specifies whether the policy version is the default.

Errors:

ResourceNotFoundException

The specified resource does not exist.

HTTP response code: 404

MalformedPolicyException

The policy documentation is not valid.

HTTP response code: 400

VersionsLimitExceededException

The number of policy versions exceeds the limit.

HTTP response code: 409

InvalidRequestException

The contents of the request were invalid. For example, this code is returned when an UpdateJobExecution request contains invalid status details. The message contains details about the error.

HTTP response code: 400

ThrottlingException

The rate exceeds the limit.

HTTP response code: 429

UnauthorizedException

You are not authorized to perform this operation.

HTTP response code: 401

ServiceUnavailableException

The service is temporarily unavailable.

HTTP response code: 503

InternalFailureException

An unexpected error has occurred.

HTTP response code: 500

CLI

Synopsis:

aws iot create-policy-version \ --policy-name <value> \ --policy-document <value> \ [--set-as-default | --no-set-as-default] \ [--cli-input-json <value>] \ [--generate-cli-skeleton]

cli-input-json format:

{ "policyName": "string", "policyDocument": "string", "setAsDefault": "boolean" }

cli-input-json fields:

Name

Type

Description

policyName

string

length max:128 min:1

pattern: [w+=,.@-]+

The policy name.

policyDocument

string

The JSON document that describes the policy. Minimum length of 1. Maximum length of 2048, excluding whitespace.

setAsDefault

boolean

Specifies whether the policy version is set as the default. When this parameter is true, the new policy version becomes the operative version (that is, the version that is in effect for the certificates to which the policy is attached).

Output:

{ "policyArn": "string", "policyDocument": "string", "policyVersionId": "string", "isDefaultVersion": "boolean" }

cli output fields:

Name

Type

Description

policyArn

string

The policy ARN.

policyDocument

string

The JSON document that describes the policy.

policyVersionId

string

pattern: [0-9]+

The policy version ID.

isDefaultVersion

boolean

Specifies whether the policy version is the default.

On this page: