CloudTrail / Client / put_resource_policy

put_resource_policy

CloudTrail.Client.put_resource_policy(**kwargs)

Attaches a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of Amazon Web Services. For more information about resource-based policies, see CloudTrail resource-based policy examples in the CloudTrail User Guide.

See also: AWS API Documentation

Request Syntax

response = client.put_resource_policy(
    ResourceArn='string',
    ResourcePolicy='string'
)

Parameters:

• ResourceArn (string) –

  [REQUIRED]

  The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN: arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel.

• ResourcePolicy (string) –

  [REQUIRED]

  A JSON-formatted string for an Amazon Web Services resource-based policy.

  The following are requirements for the resource policy:

  • Contains only one action: cloudtrail-data:PutAuditEvents

  • Contains at least one statement. The policy can have a maximum of 20 statements.

  • Each statement contains at least one principal. A statement can have a maximum of 50 principals.

Return type:

dict

Returns:

Response Syntax

{
    'ResourceArn': 'string',
    'ResourcePolicy': 'string'
}

Response Structure

• (dict) –

  • ResourceArn (string) –

    The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.

  • ResourcePolicy (string) –

    The JSON-formatted string of the Amazon Web Services resource-based policy attached to the CloudTrail channel.

Exceptions

• CloudTrail.Client.exceptions.ResourceARNNotValidException

• CloudTrail.Client.exceptions.ResourcePolicyNotValidException

• CloudTrail.Client.exceptions.ResourceNotFoundException

• CloudTrail.Client.exceptions.ResourceTypeNotSupportedException

• CloudTrail.Client.exceptions.OperationNotPermittedException

• CloudTrail.Client.exceptions.UnsupportedOperationException