policy#

Exec module for managing Amazon IAM Policies.

async idem_aws.exec.aws.iam.policy.get(hub, ctx, name: str, resource_id: str = None) Dict[source]#

Retrieves the specified AWS IAM Policy.

Parameters:

  • name (str) – The name of the IAM Policy.

  • resource_id (str, Optional) – The Amazon Resource Name (ARN) of the IAM policy in Amazon Web Services. If not supplied, name will be used to get the resource.

Returns:

result(bool):

Whether the result of the function has been successful (True) or not (False).

comment(list):

A list of messages.

ret(dict or None):

The IAM Policy in “present” format.

Return type:

Dict[bool, list, dict or None]

Examples

Calling this exec module function from the cli:

idem exec aws.iam.policy.get name="idem_name" resource_id="resource_id"

Calling this exec module function from within a state module in pure python:

async def state_function(hub, ctx, name, resource_id, **kwargs):
    ret = await hub.exec.aws.iam.policy.get(
        ctx, name=name, resource_id=resource_id
    )
async idem_aws.exec.aws.iam.policy.list_(hub, ctx, scope: str = None, only_attached: bool = None, path_prefix: str = None, policy_usage_filter: str = None) Dict[source]#

Lists AWS IAM Policies.

Arg:
scope(str, Optional):

The scope to use for filtering the results. To list only Amazon Web Services managed policies, set scope to AWS. To list only the customer managed policies in your Amazon Web Services account, set scope to Local. This parameter is optional. If it is not included, or if it is set to All, all policies are returned.

only_attached (bool, Optional):

A flag to filter the results to only the attached policies. When True, the returned list contains only the policies that are attached to an IAM user, group, or role. When False, or when the parameter is not included, all policies are returned.

path_prefix (str, Optional):

The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies. This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (!) through the DEL character (), including most punctuation characters, digits, and upper and lowercased letters.

policy_usage_filter(str, Optional):

The policy usage method to use for filtering the results. To list only permissions policies, set the value to PermissionsPolicy. To list only the policies used to set permissions boundaries, set the value to PermissionsBoundary. This parameter is optional. If it is not included, all policies are returned.

Returns:

result(bool):

Whether the result of the function has been successful (True) or not (False).

comment(list):

A list of messages.

ret(dict or None):

The IAM Policies in “present” format.

Return type:

Dict[bool, list, dict or None]

Examples

Calling this exec module function from the cli:

idem exec aws.iam.policy.list scope="ALL"

Calling this exec module function from within a state module in pure python:

async def state_function(hub, ctx, name, scope, **kwargs):
    ret = await hub.exec.aws.iam.policy.list(
        ctx, scope=scope
    )