Reputation: 457
Export an inline user group policy in AWS
I want to make an inline policy (i.e, one that exists only in the context of an IAM permission group) a managed one (i.e, one that exists globally). Is that possible? If so, how? (I would prefer AWS GUI solutions and not CLI ones)
Upvotes: 0
Views: 444
Answers (2)
Reputation: 2787
I believe you are looking for a "Customer managed policy", see more at https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#customer-managed-policies
You can create standalone policies that you administer in your own AWS account, which we refer to as customer managed policies. You can then attach the policies to multiple principal entities in your AWS account. When you attach a policy to a principal entity, you give the entity the permissions that are defined in the policy.
There is also a section specifically for Converting an inline policy to a managed policy
Upvotes: 1
Reputation: 3757
It is not possible to convert an inline policy to a managed policy.
What you can do is:
- Go to IAM - Groups
- Choose the group whose policy you want
- Go to Permissions tab
- Select inline policy
- Open it in JSON Viewer and copy the whole JSON
- Go to Policies
- Click on Create a Policy button and follow the steps. On the first page, switch from Visual editor to JSON and paste your policy
Upvotes: 1
Related Questions
- Programmatically Convert all AWS inline policies to Managed Policies of current IAM Roles
- AWS IAM Policy grant permissions for some EC2 instances
- AWS: IAM Policy to Add User To specific Group
- Using AWS API: Given IAM User, Get Current Effective IAM Policy Document
- How to set policy for IAM user group?
- IAM- Switch role for AWS access and policies limit
- How to add IAM policy for all existed users and new users in AWS IAM?
- AWS IAM Policy to Grant All service permission to specific instances
- IAM Policy for subgroups in AWS
- Is there a way to reuse AWS IAM permissions policy across users and EC2 instance roles?