Creating Amazon Verified Permissions policy templates - Amazon Verified Permissions
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating Amazon Verified Permissions policy templates

You can create policy templates in Verified Permissions using the Amazon Web Services Management Console, the Amazon CLI, or the Amazon SDKs. Policy templates allow a policy to be defined once and then used with multiple principals and resources. Once you create a policy template you can then create template-linked policies to use the policy templates with specific principals and resources. For more information, see Creating Amazon Verified Permissions template-linked policies.

Amazon Web Services Management Console
To create a policy template

  1. Open the Verified Permissions console. Choose your policy store.

  2. In the navigation pane on the left, choose Policy templates.

  3. Choose Create policy template.

  4. In the Details section, type a Policy template description.

  5. In the Policy template body section, use placeholders ?principal and ?resource to allow policies created based on this template to customize permissions they grant. You can choose Format to format the syntax of your policy template with the recommended spacing and indentation.

  6. Choose Create policy template.

Amazon CLI
To create a policy template

You can create a policy template by using the CreatePolicyTemplate operation. The following example creates a policy template with a placeholder for the principal.

The file template1.txt contains the following.

"VacationAccess"
permit(
    principal in ?principal,
    action == Action::"view",
    resource == Photo::"VacationPhoto94.jpg"
);
$ aws verifiedpermissions create-policy-template \
    --description "Template for vacation picture access" 
    --statement file://template1.txt 
    --policy-store-id PSEXAMPLEabcdefg111111
{
    "createdDate": "2023-05-18T21:17:47.284268+00:00",
    "lastUpdatedDate": "2023-05-18T21:17:47.284268+00:00",
    "policyStoreId": "PSEXAMPLEabcdefg111111",
    "policyTemplateId": "PTEXAMPLEabcdefg111111"
}