IAM.Client.
attach_group_policy
(**kwargs)¶Attaches the specified managed policy to the specified IAM group.
You use this operation to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy.
As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide .
For more information about policies, see Managed policies and inline policies in the IAM User Guide .
See also: AWS API Documentation
Request Syntax
response = client.attach_group_policy(
GroupName='string',
PolicyArn='string'
)
[REQUIRED]
The name (friendly name, not ARN) of the group to attach the policy to.
This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
[REQUIRED]
The Amazon Resource Name (ARN) of the IAM policy you want to attach.
For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference .
None
Exceptions
IAM.Client.exceptions.NoSuchEntityException
IAM.Client.exceptions.LimitExceededException
IAM.Client.exceptions.InvalidInputException
IAM.Client.exceptions.PolicyNotAttachableException
IAM.Client.exceptions.ServiceFailureException
Examples
The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.
response = client.attach_group_policy(
GroupName='Finance',
PolicyArn='arn:aws:iam::aws:policy/ReadOnlyAccess',
)
print(response)
Expected Output:
{
'ResponseMetadata': {
'...': '...',
},
}