takakabe/update_iam_policy.sh

## update_iam_policy.sh
#!/bin/bash

policy_arn='arn:aws:iam::account:policy/policy-name-with-path'
policy_file='iam_policy.json'

default_version_id=`aws iam get-policy --policy-arn ${policy_arn} | jq -r .Policy.DefaultVersionId`

policy_version_result=`aws iam list-policy-versions --policy-arn ${policy_arn}`
version_counts=`echo ${policy_version_result} | jq '.Versions | length'`

if [ ${version_counts} -eq 5 ]; then
  aws iam delete-policy-version --policy-arn ${policy_arn} --version-id $(echo ${policy_version_result} \
    | jq -r '.Versions[-1].VersionId')
fi

aws iam create-policy-version  --policy-arn ${policy_arn} --policy-document file://${policy_file} --set-as-default
	#!/bin/bash

	policy_arn='arn:aws:iam::account:policy/policy-name-with-path'
	policy_file='iam_policy.json'

	default_version_id=`aws iam get-policy --policy-arn ${policy_arn} \| jq -r .Policy.DefaultVersionId`

	policy_version_result=`aws iam list-policy-versions --policy-arn ${policy_arn}`
	version_counts=`echo ${policy_version_result} \| jq '.Versions \| length'`

	if [ ${version_counts} -eq 5 ]; then
	aws iam delete-policy-version --policy-arn ${policy_arn} --version-id $(echo ${policy_version_result} \
	\| jq -r '.Versions[-1].VersionId')
	fi

	aws iam create-policy-version --policy-arn ${policy_arn} --policy-document file://${policy_file} --set-as-default