Skip to content

List Entities For Policy

iam_list_entities_for_policy R Documentation

Lists all IAM users, groups, and roles that the specified managed policy is attached to

Description

Lists all IAM users, groups, and roles that the specified managed policy is attached to.

You can use the optional EntityFilter parameter to limit the results to a particular type of entity (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set EntityFilter to Role.

You can paginate the results using the MaxItems and Marker parameters.

Usage

iam_list_entities_for_policy(PolicyArn, EntityFilter, PathPrefix,
  PolicyUsageFilter, Marker, MaxItems)

Arguments

PolicyArn

[required] The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.

For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.

EntityFilter

The entity type to use for filtering the results.

For example, when EntityFilter is Role, only the roles that are attached to the specified policy are returned. This parameter is optional. If it is not included, all attached entities (users, groups, and roles) are returned. The argument for this parameter must be one of the valid values listed below.

PathPrefix

The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all entities.

This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (U+0021) through the DEL character (⁠U+007F⁠), including most punctuation characters, digits, and upper and lowercased letters.

PolicyUsageFilter

The policy usage method to use for filtering the results.

To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy. To list only the policies used to set permissions boundaries, set the value to PermissionsBoundary.

This parameter is optional. If it is not included, all policies are returned.

Marker

Use this parameter only when paginating results and only after you receive a response indicating that the results are truncated. Set it to the value of the Marker element in the response that you received to indicate where the next call should start.

MaxItems

Use this only when paginating results to indicate the maximum number of items you want in the response. If additional items exist beyond the maximum you specify, the IsTruncated response element is true.

If you do not include this parameter, the number of items defaults to 100. Note that IAM might return fewer results, even when there are more results available. In that case, the IsTruncated response element returns true, and Marker contains a value to include in the subsequent call that tells the service where to continue from.

Value

A list with the following syntax:

list(
  PolicyGroups = list(
    list(
      GroupName = "string",
      GroupId = "string"
    )
  ),
  PolicyUsers = list(
    list(
      UserName = "string",
      UserId = "string"
    )
  ),
  PolicyRoles = list(
    list(
      RoleName = "string",
      RoleId = "string"
    )
  ),
  IsTruncated = TRUE|FALSE,
  Marker = "string"
)

Request syntax

svc$list_entities_for_policy(
  PolicyArn = "string",
  EntityFilter = "User"|"Role"|"Group"|"LocalManagedPolicy"|"AWSManagedPolicy",
  PathPrefix = "string",
  PolicyUsageFilter = "PermissionsPolicy"|"PermissionsBoundary",
  Marker = "string",
  MaxItems = 123
)