AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Simulate how a set of IAM policies attached to an IAM entity works with a list of API actions and AWS resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to .
You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead.
You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation.
The simulation does not perform the API actions, it only checks the authorization to determine if the simulated policies allow or deny the actions.
Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead.
Context keys are variables maintained by AWS and its services that provide details
about the context of an API query request. You can use the
element of an IAM policy to evaluate context keys. To get the list of context keys
that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.
If the output is long, you can use the
parameters to paginate the results.
For .NET Core, PCL and Unity this operation is only available in asynchronous form. Please refer to SimulatePrincipalPolicyAsync.
public abstract SimulatePrincipalPolicyResponse SimulatePrincipalPolicy( SimulatePrincipalPolicyRequest request )
Container for the necessary parameters to execute the SimulatePrincipalPolicy service method.
|InvalidInputException||The request was rejected because an invalid or out-of-range value was supplied for an input parameter.|
|NoSuchEntityException||The request was rejected because it referenced an entity that does not exist. The error message describes the entity.|
|PolicyEvaluationException||The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.|
Supported in: 4.5, 4.0, 3.5
Portable Class Library:
Supported in: Windows Store Apps
Supported in: Windows Phone 8.1
Supported in: Xamarin Android
Supported in: Xamarin iOS (Unified)
Supported in: Xamarin.Forms
Supported Versions: 4.6 and above
Supported Platforms: Android, iOS, Standalone