HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux ip-172-31-42-149 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 07:00:04 UTC 2025 aarch64
User: ubuntu (1000)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Upload Files
File: //usr/local/aws-cli/v2/current/current/dist/awscli/examples/iot/attach-policy.rst
**Example 1: To attach a policy to a thing group**

The following ``attach-policy`` example attaches the specified policy to a thing group identified by its ARN. ::

    aws iot attach-policy \
        --target "arn:aws:iot:us-west-2:123456789012:thinggroup/LightBulbs" \
        --policy-name "UpdateDeviceCertPolicy"

This command does not produce any output.

For more information, see `Thing Groups <https://docs.aws.amazon.com/iot/latest/developerguide/thing-groups.html>`__ in the *AWS IoT Developers Guide*.

**Example 2: To attach a policy to a certificate**

The following ``attach-policy`` example attaches the policy ``UpdateDeviceCertPolicy`` to the principal specified by a certificate. ::

    aws iot attach-policy \
        --policy-name UpdateDeviceCertPolicy \
        --target "arn:aws:iot:us-west-2:123456789012:cert/4f0ba725787aa94d67d2fca420eca022242532e8b3c58e7465c7778b443fd65e"

This command does not produce any output.

For more information, see `Attach an AWS IoT Policy to a Device Certificate <https://docs.aws.amazon.com/iot/latest/developerguide/attach-policy-to-certificate.html>`__ in the *AWS IoT Developers Guide*.