AWS::IAM::GroupPolicy

IAM GroupPolicy

Adds or updates an inline policy document that is embedded in the specified IAM group. A group can also have managed policies attached to it. To attach a managed policy to a group, use [AWS::IAM::Group](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html). To create a new managed policy, use [AWS::IAM::ManagedPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html). For information about policies, see...

Properties

3 configurable properties. 2 required. Click a row to see details.

Filter:

Property	Type	Flags
`GroupName`	`string`	RequiredCreate-only
`PolicyName`	`string`	RequiredCreate-only
`PolicyDocument`	`object`

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::IAM::GroupPolicy

Resources:
  MyResource:
    Type: AWS::IAM::GroupPolicy
    Properties:
      PolicyName: "my-policyname"
      GroupName: "my-groupname"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

iam:PutGroupPolicyiam:GetGroupPolicy

read

iam:GetGroupPolicy

update

iam:PutGroupPolicyiam:GetGroupPolicy

delete

iam:DeleteGroupPolicyiam:GetGroupPolicy

Get the IAM Cheat Sheet

Everything you need to know about IAM on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceIAM

Properties3

Required2

TaggingNot supported

Primary IDPolicyName

Supported Operations

CreateReadUpdateDelete

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

PolicyNameGroupName

Related Resources

External Links

AWS Documentation