AWS verifiedpermissions documentation change
Summary
Added documentation for creating policies with policy names, including naming conventions and uniqueness requirements
Security assessment
This adds documentation about an optional feature (policy naming) in Verified Permissions. While policy management is part of security infrastructure, this specific change doesn't address security vulnerabilities or add security-specific documentation.
Diff
diff --git a/verifiedpermissions/latest/userguide/policies-create.md b/verifiedpermissions/latest/userguide/policies-create.md index 2cb4d5734..c99db97bf 100644 --- a//verifiedpermissions/latest/userguide/policies-create.md +++ b//verifiedpermissions/latest/userguide/policies-create.md @@ -78,0 +79,25 @@ You can create a static policy by using the [CreatePolicy](https://docs.aws.amaz +###### To create a policy with a policy name + +You can optionally specify a policy name when creating a policy. The name must be unique for all policies within the policy store and prefixed with `name/`. You can use the name in place of the policy ID. + + + $ aws verifiedpermissions create-policy \ + --definition "{ \"static\": { \"Statement\": \"permit(principal, action, resource in Album::\\\"public_folder\\\");\"}}" \ + --policy-store-id PSEXAMPLEabcdefg111111 \ + --name name/example-policy + { + "createdDate": "2023-06-12T20:33:37.382907+00:00", + "lastUpdatedDate": "2023-06-12T20:33:37.382907+00:00", + "policyId": "SPEXAMPLEabcdefg111111", + "policyStoreId": "PSEXAMPLEabcdefg111111", + "policyType": "STATIC", + "resource": { + "entityId": "public_folder", + "entityType": "Album" + } + } + +###### Note + +If you specify a name that is already associated with another policy in the policy store, you receive a `ConflictException` error. +