Skip to main content

CreatePolicyRequest

namestringrequired

Name of the policy. Must be unique within the organization. Only alphanumeric characters and +=,.@_- are allowed.

Possible values: <= 128 characters

document objectrequired

AWS IAM-compatible policy document. See IAM Policies documentation for details.

Versionstringrequired

Policy language version.

Possible values: [2012-10-17]

Statement object[]required
  • Array [
    • Sidstring

    Optional identifier for the statement

    Effectstringrequired

    Whether this statement allows or denies the specified actions

    Possible values: [Allow, Deny]

    Actionstring[]required

    S3 actions to allow or deny. Common actions: s3:GetObject, s3:PutObject, s3:DeleteObject, s3:ListBucket, s3:*. See supported actions.

    Resourcestring[]required

    S3 resource ARNs. Use arn:aws:s3:::bucket for bucket-level and arn:aws:s3:::bucket/prefix/* for prefix-scoped access.

    Conditionobject

    Optional conditions (IP, time-based). See condition examples.

  • ]
    • descriptionstring

    A description for the policy

    Possible values: <= 1000 characters

    CreatePolicyRequest
    {
      "name": "string",
      "document": {
        "Version": "2012-10-17",
        "Statement": [
          {
            "Sid": "string",
            "Effect": "Allow",
            "Action": [
              "string"
            ],
            "Resource": [
              "string"
            ],
            "Condition": {}
          }
        ]
      },
      "description": "string"
    }