Join Log in
Score:2
John Skiles Skinner avatar Server

What is the purpose of version dates in AWS policy documents

cr flag
John Skiles Skinner

AWS policies contain a date version. What is its purpose? In this example a bucket policy and a user policy both contain "Version": "2012-10-17" in the JSON. I don't see the purpose of the date explained in the docs.

I want to add statements from this AWS documentation show with the date 2012-10-17 to an s3 bucket policy that has existing statements with a different version date, 2008-10-17. Is this a problem? Which date should I retain?

494
1 + 1
Tim P avatar
af flag
Tim P
This might help - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html
1
Reply
Score:3
Tim avatar Server
gp flag
Tim

I'm going to copy and paste from the page Tim P linked to, so the question can be marked answered.

Short answer: it's so the policy format / language can change over time, still letting old templates work while new templates can have different format / features.

--

The Version policy element specifies the language syntax rules that are to be used to process a policy. To use all of the available policy features, include the following Version element outside the Statement element in all of your policies.

IAM supports the following Version element values:

  • 2012-10-17. This is the current version of the policy language, and you should always include a Version element and set it to 2012-10-17. Otherwise, you cannot use features such as policy variables that were introduced with this version.

  • 2008-10-17. This was an earlier version of the policy language. You might see this version on older existing policies. Do not use this version for any new policies or when you update any existing policies. Newer features, such as policy variables, will not work with your policy. For example, variables such as ${aws:username} aren't recognized as variables and are instead treated as literal strings in the policy.

+ 2
John Skiles Skinner avatar
cr flag
John Skiles Skinner
Thanks, Tims! Do we know if they're backward-compatible? Can I switch out `2008` on my existing policy for `2012` without breaking it?
0
Reply
Tim avatar
gp flag
Tim
Try it and see :)
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.