**Example 1: To grant a user administrative access to a portal** The following ``create-access-policy`` example creates an access policy that grants a user administrative access to a web portal for a wind farm company. :: aws iotsitewise create-access-policy \ --cli-input-json file://create-portal-administrator-access-policy.json Contents of ``create-portal-administrator-access-policy.json``:: { "accessPolicyIdentity": { "user": { "id": "a1b2c3d4e5-a1b2c3d4-5678-90ab-cdef-bbbbbEXAMPLE" } }, "accessPolicyPermission": "ADMINISTRATOR", "accessPolicyResource": { "portal": { "id": "a1b2c3d4-5678-90ab-cdef-aaaaaEXAMPLE" } } } Output:: { "accessPolicyId": "a1b2c3d4-5678-90ab-cdef-cccccEXAMPLE", "accessPolicyArn": "arn:aws:iotsitewise:us-west-2:123456789012:access-policy/a1b2c3d4-5678-90ab-cdef-cccccEXAMPLE" } For more information, see `Adding or removing portal administrators <https://docs.aws.amazon.com/iot-sitewise/latest/userguide/administer-portals.html#portal-change-admins>`__ in the *AWS IoT SiteWise User Guide*. **Example 2: To grant a user read-only access to a project** The following ``create-access-policy`` example creates an access policy that grants a user read-only access to a wind farm project. :: aws iotsitewise create-access-policy \ --cli-input-json file://create-project-viewer-access-policy.json Contents of ``create-project-viewer-access-policy.json``:: { "accessPolicyIdentity": { "user": { "id": "a1b2c3d4e5-a1b2c3d4-5678-90ab-cdef-bbbbbEXAMPLE" } }, "accessPolicyPermission": "VIEWER", "accessPolicyResource": { "project": { "id": "a1b2c3d4-5678-90ab-cdef-eeeeeEXAMPLE" } } } Output:: { "accessPolicyId": "a1b2c3d4-5678-90ab-cdef-dddddEXAMPLE", "accessPolicyArn": "arn:aws:iotsitewise:us-west-2:123456789012:access-policy/a1b2c3d4-5678-90ab-cdef-dddddEXAMPLE" } For more information, see `Assigning project viewers <https://docs.aws.amazon.com/iot-sitewise/latest/appguide/assign-project-viewers.html>`__ in the *AWS IoT SiteWise Monitor Application Guide*.