IAM/Policy question: how to get all available Actions that can be listed in a policy document?

Skip to first unread message

JI Ioannidis

Sep 11, 2015, 9:39:51 PM9/11/15
to boto-users
The Console -> IAM -> Policies -> Create Policy -> Policy Generator wizard provides a list of AWS Services, and for each service a list of available actions. Knowing Amazon, it is not possible that someone hardwired those into the web page -- they are being generated with an API call. 

Anyone know what that API call is? I haven't been able to find it in either the general API reference, or the boto3 reference.

As a concrete example, this is what I want to do; let's say I'm writing my own little policy creation engine, and I want to let my users pick from a (restricted) set of actions to enable. Recall that a policy document is a json object that looks like this:

  "Version": "2012-10-17",
  "Statement": [
      "Effect": "Allow",
      "Action": [
      "Resource": "arn:aws:iam::*:user/${aws:username}"

How can I programmatically get the list of all the available "iam:*" actions? And by that I don't mean "scrape web pages"!



Victor Trac

Sep 11, 2015, 10:41:09 PM9/11/15
to boto-users

You received this message because you are subscribed to the Google Groups "boto-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to boto-users+...@googlegroups.com.
To post to this group, send email to boto-...@googlegroups.com.
Visit this group at http://groups.google.com/group/boto-users.
For more options, visit https://groups.google.com/d/optout.

JI Ioannidis

Sep 12, 2015, 3:32:51 PM9/12/15
to boto-users

On Friday, September 11, 2015 at 10:41:09 PM UTC-4, Victor Trac wrote:

This is not an API call. This is just scraping the web page.

Reply all
Reply to author
0 new messages