IAM / Client / get_role_policy

get_role_policy#

IAM.Client.get_role_policy(**kwargs)#

Retrieves the specified inline policy document that is embedded with the specified IAM role.

Note

Policies returned by this operation are URL-encoded compliant with RFC 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached to a role, use GetPolicy to determine the policy’s default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed policies and inline policies in the IAM User Guide.

For more information about roles, see Using roles to delegate permissions and federate identities.

See also: AWS API Documentation

Request Syntax

response = client.get_role_policy(
    RoleName='string',
    PolicyName='string'
)
Parameters:

  • RoleName (string) –

    [REQUIRED]

    The name of the role associated with the policy.

    This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  • PolicyName (string) –

    [REQUIRED]

    The name of the policy document to get.

    This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

Return type:

dict

Returns:

Response Syntax

{
    'RoleName': 'string',
    'PolicyName': 'string',
    'PolicyDocument': 'string'
}

Response Structure

  • (dict) –

    Contains the response to a successful GetRolePolicy request.

    • RoleName (string) –

      The role the policy is associated with.

    • PolicyName (string) –

      The name of the policy.

    • PolicyDocument (string) –

      The policy document.

      IAM stores policies in JSON format. However, resources that were created using CloudFormation templates can be formatted in YAML. CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.

Exceptions

  • IAM.Client.exceptions.NoSuchEntityException

  • IAM.Client.exceptions.ServiceFailureException