user_policy

Gets or updates an individual user_policy resource, use user_policies to retrieve a list of resources or to create or delete a resource.

Overview

Name	`user_policy`
Type	Resource
Description	Adds or updates an inline policy document that is embedded in the specified IAM user.<br/> An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use [AWS::IAM::User](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html). To create a new managed policy, use [AWS::IAM::ManagedPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html). For information about policies, see [Managed policies and inline policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.<br/> For information about the maximum number of inline policies that you can embed in a user, see [IAM and quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.
Id	`aws.iam.user_policy`

Fields

Name	Datatype	Description
`policy_document`	`object`	The policy document.<br/> You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.<br/> The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:<br/> + Any printable ASCII character ranging from the space character (`\u0020`) through the end of the ASCII character range<br/> + The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\u00FF`)<br/> + The special characters tab (`\u0009`), line feed (`\u000A`), and carriage return (`\u000D`)
`policy_name`	`string`	The name of the policy document.<br/> This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
`user_name`	`string`	The name of the user to associate the policy with.<br/> This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
`region`	`string`	AWS region.

Methods

Name	Accessible by	Required Params
`update_resource`	`UPDATE`	`data__Identifier, data__PatchDocument, region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` Example

SELECT
region,
policy_document,
policy_name,
user_name
FROM aws.iam.user_policy
WHERE data__Identifier = '<PolicyName>|<UserName>';

Permissions

To operate on the user_policy resource, the following permissions are required:

Read

iam:GetUserPolicy

Update

iam:PutUserPolicy,
iam:GetUserPolicy

Overview​

Fields​

Methods​

SELECT Example​

Permissions​

Read​

Update​