# Getting started with declarative policies Getting started Follow these steps to get started using declarative policies. 1. [Learn about the permissions you must have to perform declarative policy tasks](orgs_manage_policies_prereqs.md). 1. [Enable declarative policies for your organization](enable-policy-type.md). **Note** **Enabling trust access is required** You must enable trusted access for the service where the declarative policy will enforce a baseline configuration. This creates a read-only service-linked role that is used to generate the account status report of what the existing configuration is for accounts across your organization. **Using the console** If you use the Organizations console, this step is a part of the process for enabling declarative policies. **Using the AWS CLI** If you use the AWS CLI, there are two separate APIs: [EnablePolicyType](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnablePolicyType.html), which you use to enable declarative policies. [EnableAWSServiceAccess](https://docs.aws.amazon.com/organizations/latest/APIReference/API_EnableAWSServiceAccess.html), which you use to enable trusted access. For more information on how to enable trusted access for a specific service with the AWS CLI see, [AWS services that you can use with AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services_list.html). 1. [Run the account status report](orgs_manage_policies_declarative_status-report.md). 1. [Create a declarative policy](orgs_policies_create.md). 1. [Attach the declarative policy to your organization's root, OU, or account](orgs_policies_attach.md). 1. [View the combined effective declarative policy that applies to an account](orgs_manage_policies_effective.md). For all of these steps, you sign in as an IAM user, assume an IAM role, or sign in as the root user ([not recommended](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials)) in the organization's management account. **Other information** + [Learn declarative policy syntax and see example policies](orgs_manage_policies_declarative_syntax.md)