Updated on 2024-07-22 GMT+08:00

Creating Custom Policies

You can use IAM to create custom policies to supplement system-defined RAM policies. For the actions supported by custom policies, see Permissions and Supported Actions..

To create a custom policy, choose either visual editor or JSON.

  • Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
  • JSON: Create a JSON policy or edit an existing one.

For details, see Creating a Custom Policy. The following lists examples of custom policies for RAM.

Example Custom Policies

  • Example 1: Grant permission to accept resource sharing invitations.
    {
        "Version": "1.0",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "ram:resourceShareInvitations:accept",
                ],
                "Resource": "*"
            }
        ]
    }
  • Example 2: Grant permission to view the list of permissions and get permission details.
    {
        "Version": "1.0",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "ram:permissions:list",
                    "ram:permissions:get",
                ],
                "Resource": "*"
            }
        ]
    }