Use CreatePolicyVersion with an AWS SDK or CLI
The following code examples show how to use CreatePolicyVersion.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
- CLI
- 
            - AWS CLI
- 
             
                    To create a new version of a managed policy This example creates a new v2version of the IAM policy whose ARN isarn:aws:iam::123456789012:policy/MyPolicyand makes it the default version.aws iam create-policy-version \ --policy-arnarn:aws:iam::123456789012:policy/MyPolicy\ --policy-documentfile://NewPolicyVersion.json\ --set-as-defaultOutput: { "PolicyVersion": { "CreateDate": "2015-06-16T18:56:03.721Z", "VersionId": "v2", "IsDefaultVersion": true } }For more information, see Versioning IAM policies in the AWS IAM User Guide. - 
                    For API details, see CreatePolicyVersion in AWS CLI Command Reference. 
 
- 
                    
 
- PowerShell
- 
            - Tools for PowerShell V4
- 
             
                    Example 1: This example creates a new "v2" version of the IAM policy whose ARN is arn:aws:iam::123456789012:policy/MyPolicyand makes it the default version. TheNewPolicyVersion.jsonfile provides the policy content. Note that you must use the-Rawswitch parameter to successfully process the JSON policy file.New-IAMPolicyVersion -PolicyArn arn:aws:iam::123456789012:policy/MyPolicy -PolicyDocument (Get-content -Raw NewPolicyVersion.json) -SetAsDefault $trueOutput: CreateDate Document IsDefaultVersion VersionId ---------- -------- ---------------- --------- 4/15/2015 10:54:54 AM True v2- 
                    For API details, see CreatePolicyVersion in AWS Tools for PowerShell Cmdlet Reference (V4). 
 
- 
                    
- Tools for PowerShell V5
- 
             
                    Example 1: This example creates a new "v2" version of the IAM policy whose ARN is arn:aws:iam::123456789012:policy/MyPolicyand makes it the default version. TheNewPolicyVersion.jsonfile provides the policy content. Note that you must use the-Rawswitch parameter to successfully process the JSON policy file.New-IAMPolicyVersion -PolicyArn arn:aws:iam::123456789012:policy/MyPolicy -PolicyDocument (Get-content -Raw NewPolicyVersion.json) -SetAsDefault $trueOutput: CreateDate Document IsDefaultVersion VersionId ---------- -------- ---------------- --------- 4/15/2015 10:54:54 AM True v2- 
                    For API details, see CreatePolicyVersion in AWS Tools for PowerShell Cmdlet Reference (V5). 
 
- 
                    
 
- Python
- 
            - SDK for Python (Boto3)
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . def create_policy_version(policy_arn, actions, resource_arn, set_as_default): """ Creates a policy version. Policies can have up to five versions. The default version is the one that is used for all resources that reference the policy. :param policy_arn: The ARN of the policy. :param actions: The actions to allow in the policy version. :param resource_arn: The ARN of the resource this policy version applies to. :param set_as_default: When True, this policy version is set as the default version for the policy. Otherwise, the default is not changed. :return: The newly created policy version. """ policy_doc = { "Version":"2012-10-17", "Statement": [{"Effect": "Allow", "Action": actions, "Resource": resource_arn}], } try: policy = iam.Policy(policy_arn) policy_version = policy.create_version( PolicyDocument=json.dumps(policy_doc), SetAsDefault=set_as_default ) logger.info( "Created policy version %s for policy %s.", policy_version.version_id, policy_version.arn, ) except ClientError: logger.exception("Couldn't create a policy version for %s.", policy_arn) raise else: return policy_version- 
                    For API details, see CreatePolicyVersion in AWS SDK for Python (Boto3) API Reference. 
 
- 
                    
 
For a complete list of AWS SDK developer guides and code examples, see Using this service with an AWS SDK. This topic also includes information about getting started and details about previous SDK versions.