IAM Policy
AWS.IAM.Policy
For IAM Policies, the resource ID is the ARN.
arn:aws:iam::123456789012:policy/example-policy
This resource represents an IAM policy, which is an entity that, when attached to an identity or resource, defines their permissions.
Field | Type | Description |
|
| This has three keys, |
|
| The number of entities (users, groups, and roles) that the policy is attached to. |
|
| The identifier for the version of the policy that is set as the default version. |
|
| A friendly description of the policy. |
|
| Specifies whether the policy can be attached to an IAM user, group, or role. |
|
| The path to the policy. |
|
| A JSON policy document describing what permissions this policy grants. |
|
| The date and time, in ISO 8601 date-time format, when the policy was last updated. |
{"AccountId": "123456789012","Arn": "arn:aws:iam::123456789012:policy/example-policy","AttachmentCount": 1,"DefaultVersionId": "v1","Description": null,"Entities": {"PolicyGroups": null,"PolicyRoles": [{"RoleId": "AAAA","RoleName": "example-role"}],"PolicyUsers": null},"Id": "1111","IsAttachable": true,"Name": "example-policy","Path": "/","PermissionsBoundaryUsageCount": 0,"PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":[\"kms:Encrypt\",\"kms:Decrypt\",\"kms:GenerateDataKey\"],\"Resource\":\"arn:aws:kms:us-west-2:123456789012:key/1\",\"Effect\":\"Allow\",\"Sid\":\"DecryptSecrets\"},{\"Action\":[\"sqs:SendMessage\",\"sqs:SendMessageBatch\"],\"Resource\":[\"arn:aws:sqs:us-west-2:123456789012:example-queue\"],\"Effect\":\"Allow\",\"Sid\":\"SendSQSMessages\"}]}","Region": "global","ResourceId": "arn:aws:iam::123456789012:policy/example-policy","ResourceType": "AWS.IAM.Policy","Tags": null,"TimeCreated": "2019-01-01T00:00:00.000Z","UpdateDate": "2019-01-01T00:00:00Z"}