Use GetPolicy with an AWS SDK or CLI
The following code examples show how to use GetPolicy.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
- .NET
- 
            - SDK for .NET
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . /// <summary> /// Get information about an IAM policy. /// </summary> /// <param name="policyArn">The IAM policy to retrieve information for.</param> /// <returns>The IAM policy.</returns> public async Task<ManagedPolicy> GetPolicyAsync(string policyArn) { var response = await _IAMService.GetPolicyAsync(new GetPolicyRequest { PolicyArn = policyArn }); return response.Policy; }- 
                    For API details, see GetPolicy in AWS SDK for .NET API Reference. 
 
- 
                    
 
- C++
- 
            - SDK for C++
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . bool AwsDoc::IAM::getPolicy(const Aws::String &policyArn, const Aws::Client::ClientConfiguration &clientConfig) { Aws::IAM::IAMClient iam(clientConfig); Aws::IAM::Model::GetPolicyRequest request; request.SetPolicyArn(policyArn); auto outcome = iam.GetPolicy(request); if (!outcome.IsSuccess()) { std::cerr << "Error getting policy " << policyArn << ": " << outcome.GetError().GetMessage() << std::endl; } else { const auto &policy = outcome.GetResult().GetPolicy(); std::cout << "Name: " << policy.GetPolicyName() << std::endl << "ID: " << policy.GetPolicyId() << std::endl << "Arn: " << policy.GetArn() << std::endl << "Description: " << policy.GetDescription() << std::endl << "CreateDate: " << policy.GetCreateDate().ToGmtString(Aws::Utils::DateFormat::ISO_8601) << std::endl; } return outcome.IsSuccess(); }- 
                    For API details, see GetPolicy in AWS SDK for C++ API Reference. 
 
- 
                    
 
- CLI
- 
            - AWS CLI
- 
             
                    To retrieve information about the specified managed policy This example returns details about the managed policy whose ARN is arn:aws:iam::123456789012:policy/MySamplePolicy.aws iam get-policy \ --policy-arnarn:aws:iam::123456789012:policy/MySamplePolicyOutput: { "Policy": { "PolicyName": "MySamplePolicy", "CreateDate": "2015-06-17T19:23;32Z", "AttachmentCount": 0, "IsAttachable": true, "PolicyId": "Z27SI6FQMGNQ2EXAMPLE1", "DefaultVersionId": "v1", "Path": "/", "Arn": "arn:aws:iam::123456789012:policy/MySamplePolicy", "UpdateDate": "2015-06-17T19:23:32Z" } }For more information, see Policies and permissions in IAM in the AWS IAM User Guide. - 
                    For API details, see GetPolicy in AWS CLI Command Reference. 
 
- 
                    
 
- Go
- 
            - SDK for Go V2
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . import ( "context" "encoding/json" "log" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/service/iam" "github.com/aws/aws-sdk-go-v2/service/iam/types" ) // PolicyWrapper encapsulates AWS Identity and Access Management (IAM) policy actions // used in the examples. // It contains an IAM service client that is used to perform policy actions. type PolicyWrapper struct { IamClient *iam.Client } // GetPolicy gets data about a policy. func (wrapper PolicyWrapper) GetPolicy(ctx context.Context, policyArn string) (*types.Policy, error) { var policy *types.Policy result, err := wrapper.IamClient.GetPolicy(ctx, &iam.GetPolicyInput{ PolicyArn: aws.String(policyArn), }) if err != nil { log.Printf("Couldn't get policy %v. Here's why: %v\n", policyArn, err) } else { policy = result.Policy } return policy, err }- 
                    For API details, see GetPolicy in AWS SDK for Go API Reference. 
 
- 
                    
 
- JavaScript
- 
            - SDK for JavaScript (v3)
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . Get the policy. import { GetPolicyCommand, IAMClient } from "@aws-sdk/client-iam"; const client = new IAMClient({}); /** * * @param {string} policyArn */ export const getPolicy = (policyArn) => { const command = new GetPolicyCommand({ PolicyArn: policyArn, }); return client.send(command); };- 
                    For more information, see AWS SDK for JavaScript Developer Guide. 
- 
                    For API details, see GetPolicy in AWS SDK for JavaScript API Reference. 
 
- 
                    
- SDK for JavaScript (v2)
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . // Load the AWS SDK for Node.js var AWS = require("aws-sdk"); // Set the region AWS.config.update({ region: "REGION" }); // Create the IAM service object var iam = new AWS.IAM({ apiVersion: "2010-05-08" }); var params = { PolicyArn: "arn:aws:iam::aws:policy/AWSLambdaExecute", }; iam.getPolicy(params, function (err, data) { if (err) { console.log("Error", err); } else { console.log("Success", data.Policy.Description); } });- 
                    For more information, see AWS SDK for JavaScript Developer Guide. 
- 
                    For API details, see GetPolicy in AWS SDK for JavaScript API Reference. 
 
- 
                    
 
- Kotlin
- 
            - SDK for Kotlin
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . suspend fun getIAMPolicy(policyArnVal: String?) { val request = GetPolicyRequest { policyArn = policyArnVal } IamClient.fromEnvironment { region = "AWS_GLOBAL" }.use { iamClient -> val response = iamClient.getPolicy(request) println("Successfully retrieved policy ${response.policy?.policyName}") } }- 
                    For API details, see GetPolicy in AWS SDK for Kotlin API reference. 
 
- 
                    
 
- PHP
- 
            - SDK for PHP
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . $uuid = uniqid(); $service = new IAMService(); public function getPolicy($policyArn) { return $this->customWaiter(function () use ($policyArn) { return $this->iamClient->getPolicy(['PolicyArn' => $policyArn]); }); }- 
                    For API details, see GetPolicy in AWS SDK for PHP API Reference. 
 
- 
                    
 
- PowerShell
- 
            - Tools for PowerShell V4
- 
             
                    Example 1: This example returns details about the managed policy whose ARN is arn:aws:iam::123456789012:policy/MySamplePolicy.Get-IAMPolicy -PolicyArn arn:aws:iam::123456789012:policy/MySamplePolicyOutput: Arn : arn:aws:iam::aws:policy/MySamplePolicy AttachmentCount : 0 CreateDate : 2/6/2015 10:40:08 AM DefaultVersionId : v1 Description : IsAttachable : True Path : / PolicyId : Z27SI6FQMGNQ2EXAMPLE1 PolicyName : MySamplePolicy UpdateDate : 2/6/2015 10:40:08 AM- 
                    For API details, see GetPolicy in AWS Tools for PowerShell Cmdlet Reference (V4). 
 
- 
                    
- Tools for PowerShell V5
- 
             
                    Example 1: This example returns details about the managed policy whose ARN is arn:aws:iam::123456789012:policy/MySamplePolicy.Get-IAMPolicy -PolicyArn arn:aws:iam::123456789012:policy/MySamplePolicyOutput: Arn : arn:aws:iam::aws:policy/MySamplePolicy AttachmentCount : 0 CreateDate : 2/6/2015 10:40:08 AM DefaultVersionId : v1 Description : IsAttachable : True Path : / PolicyId : Z27SI6FQMGNQ2EXAMPLE1 PolicyName : MySamplePolicy UpdateDate : 2/6/2015 10:40:08 AM- 
                    For API details, see GetPolicy in AWS Tools for PowerShell Cmdlet Reference (V5). 
 
- 
                    
 
- Python
- 
            - SDK for Python (Boto3)
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . def get_default_policy_statement(policy_arn): """ Gets the statement of the default version of the specified policy. :param policy_arn: The ARN of the policy to look up. :return: The statement of the default policy version. """ try: policy = iam.Policy(policy_arn) # To get an attribute of a policy, the SDK first calls get_policy. policy_doc = policy.default_version.document policy_statement = policy_doc.get("Statement", None) logger.info("Got default policy doc for %s.", policy.policy_name) logger.info(policy_doc) except ClientError: logger.exception("Couldn't get default policy statement for %s.", policy_arn) raise else: return policy_statement- 
                    For API details, see GetPolicy in AWS SDK for Python (Boto3) API Reference. 
 
- 
                    
 
- Ruby
- 
            - SDK for Ruby
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . # Fetches an IAM policy by its ARN # @param policy_arn [String] the ARN of the IAM policy to retrieve # @return [Aws::IAM::Types::GetPolicyResponse] the policy object if found def get_policy(policy_arn) response = @iam_client.get_policy(policy_arn: policy_arn) policy = response.policy @logger.info("Got policy '#{policy.policy_name}'. Its ID is: #{policy.policy_id}.") policy rescue Aws::IAM::Errors::NoSuchEntity @logger.error("Couldn't get policy '#{policy_arn}'. The policy does not exist.") raise rescue Aws::IAM::Errors::ServiceError => e @logger.error("Couldn't get policy '#{policy_arn}'. Here's why: #{e.code}: #{e.message}") raise end- 
                    For API details, see GetPolicy in AWS SDK for Ruby API Reference. 
 
- 
                    
 
- Swift
- 
            - SDK for Swift
- 
NoteThere's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository . import AWSIAM import AWSS3 public func getPolicy(arn: String) async throws -> IAMClientTypes.Policy { let input = GetPolicyInput( policyArn: arn ) do { let output = try await client.getPolicy(input: input) guard let policy = output.policy else { throw ServiceHandlerError.noSuchPolicy } return policy } catch { print("ERROR: getPolicy:", dump(error)) throw error } }- 
                    For API details, see GetPolicy in AWS SDK for Swift API reference. 
 
- 
                    
 
For a complete list of AWS SDK developer guides and code examples, see Using this service with an AWS SDK. This topic also includes information about getting started and details about previous SDK versions.