create
******


Description
===========

Creates a new policy in the specified compartment (either the tenancy
or another of your compartments). If you're new to policies, see
Getting Started with Policies.

You must specify a *name* for the policy, which must be unique across
all policies in your tenancy and cannot be changed.

You must also specify a *description* for the policy (although it can
be an empty string). It does not have to be unique, and you can change
it anytime with UpdatePolicy.

You must specify one or more policy statements in the statements
array. For information about writing policies, see How Policies Work
and Common Policies.

After you send your request, the new object's *lifecycleState* will
temporarily be CREATING. Before using the object, first make sure its
*lifecycleState* has changed to ACTIVE.

New policies take effect typically within 10 seconds.


Usage
=====

   oci iam policy create [OPTIONS]


Options
=======


--compartment-id, -c [text]
---------------------------

The OCID of the compartment containing the policy (either the tenancy
or another compartment). [required]


--name [text]
-------------

The name you assign to the policy during creation. The name must be
unique across all policies in the tenancy and cannot be changed.
[required]


--statements [complex type]
---------------------------

An array of policy statements written in the policy language. See How
Policies Work and Common Policies. [required] This is a complex type
whose value must be valid JSON. The value can be provided as a string
on the command line or passed in as a file using the
file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an
example of the JSON which must be provided. We recommend storing this
example in a file, modifying it as needed and then passing it back in
via the file:// syntax. This must be provided in JSON format. See API
reference for additional help.

Example: '["statement 1","statement 2"]'


--description [text]
--------------------

The description you assign to the policy during creation. Does not
have to be unique, and it's changeable. [required]


--version-date [text]
---------------------

The version of the policy. If null or set to an empty string, when a
request comes in for authorization, the policy will be evaluated
according to the current behavior of the services at that moment. If
set to a particular date (YYYY-MM-DD), the policy will be evaluated
according to the behavior of the services on that date.


--generate-full-command-json-input
----------------------------------

Prints out a JSON document which represents all possible options that
can be provided to this command.

This JSON document can be saved to a file, modified with the
appropriate option values, and then passed back via the --from-json
option. This provides an alternative to typing options out on the
command line.


--generate-param-json-input [text]
----------------------------------

Complex input, such as arrays and objects, are passed in JSON format.

When passed the name of an option which takes complex input, this will
print out example JSON of what needs to be passed to that option.


--from-json [text]
------------------

Provide input to this command as a JSON document from a file.

Options can still be provided on the command line. If an option exists
in both the JSON document and the command line then the command line
specified value will be used


-?, -h, --help
--------------

Show this message and exit.
