Show Iam Role Policy

Show detailed IAM role policies using the Exo CLI and format the output using jq.

Terminal

exo iam role show <iam_role_name> --policy -O <json> | jq .

exo iam role show <iam_role_name> --policy -O <json> | jq .

#!/bin/bash

# Show Iam Role Policy
exo iam role show {{iam_role_name}} --policy {{[-O|--output-format]}} {{json}} | jq .

When To Use

When auditing existing IAM role policies for security reviews or compliance checks.

Pro Tip

Combine with `--policy` to view inline policies; use `--verbose` for additional debugging information regarding role policies.

Command Builder

Tune the command before you copy it

Generated Command

exo iam role show <iam_role_name> --policy -O <json> | jq .

Anatomy of Output

Role Name: UserRole | Policy Version: 2012-10-17 | Policy Document: { ... } Policy Summary

Provides an overview of the role and its associated policy.

Statement: Allow | Resource: * Statement Details

Indicates what actions are allowed on what resources.

Last Updated: 2023-10-01 Last Update Info

Indicates the last modification date of the policy.

Troubleshooting

Error: Role not found.

Solution: Confirm the IAM role name is correct and exists in your account.

Error: Access denied.

Solution: Verify that your permissions include 'iam:GetRolePolicy' for the specified role.

Error: Invalid output format specified.

Solution: Use either 'json' or 'table' as valid output formats.

Command Breakdown

exo: Base Command; The executable that performs this operation. Here it runs Exo before the shell applies any redirect operators.
<iam_role_name>: iam role name; The value supplied for iam role name.
-O: O| output format; The value supplied for O| output format.
<json>: json; The value supplied for json.
--policy: Command Option; Tool-specific option used by this command invocation.
-O: Command Option; Tool-specific option used by this command invocation.

Alternative Approaches

Alternative cloud infrastructure tools for the same job.