Creating Custom Policies

You can use IAM to create custom policies to supplement system-defined RAM policies. For the actions supported by custom policies, see Permissions and Supported Actions.

To create a custom policy, choose either visual editor or JSON.

Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
JSON: Create a JSON policy or edit an existing one.

For details, see Creating a Custom Policy. The following lists examples of custom policies for RAM.

Example Custom Policies

Example 1: Grant permission to accept resource sharing invitations.

{
    "Version": "1.0",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ram:resourceShareInvitations:accept",
            ],
            "Resource": "*"
        }
    ]
}

Example 2: Grant permission to view the list of permissions and get permission details.

{
    "Version": "1.0",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ram:permissions:list",
                "ram:permissions:get",
            ],
            "Resource": "*"
        }
    ]
}

Parent topic: Permissions Management

Previous topic: Creating an IAM User and Granting RAM Permissions

Next topic: CTS Auditing