attach_group_policy

IAM.Client.attach_group_policy(**kwargs)

Attaches the specified managed policy to the specified IAM group.

You use this operation to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy.

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide .

For more information about policies, see Managed policies and inline policies in the IAM User Guide .

See also: AWS API Documentation

Request Syntax

response = client.attach_group_policy(
    GroupName='string',
    PolicyArn='string'
)
Parameters
  • GroupName (string) --

    [REQUIRED]

    The name (friendly name, not ARN) of the group to attach the policy to.

    This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  • PolicyArn (string) --

    [REQUIRED]

    The Amazon Resource Name (ARN) of the IAM policy you want to attach.

    For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference .

Returns

None

Exceptions

  • IAM.Client.exceptions.NoSuchEntityException
  • IAM.Client.exceptions.LimitExceededException
  • IAM.Client.exceptions.InvalidInputException
  • IAM.Client.exceptions.PolicyNotAttachableException
  • IAM.Client.exceptions.ServiceFailureException

Examples

The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.

response = client.attach_group_policy(
    GroupName='Finance',
    PolicyArn='arn:aws:iam::aws:policy/ReadOnlyAccess',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}