EntityResolution / Client / add_policy_statement

add_policy_statement#

EntityResolution.Client.add_policy_statement(**kwargs)#

Adds a policy statement object. To retrieve a list of existing policy statements, use the GetPolicy API.

See also: AWS API Documentation

Request Syntax

response = client.add_policy_statement(
    action=[
        'string',
    ],
    arn='string',
    condition='string',
    effect='Allow'|'Deny',
    principal=[
        'string',
    ],
    statementId='string'
)
Parameters:

  • action (list) –

    [REQUIRED]

    The action that the principal can use on the resource.

    For example, entityresolution:GetIdMappingJob, entityresolution:GetMatchingJob.

    • (string) –

  • arn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

  • condition (string) – A set of condition keys that you can use in key policies.

  • effect (string) –

    [REQUIRED]

    Determines whether the permissions specified in the policy are to be allowed ( Allow) or denied ( Deny).

    Warning

    If you set the value of the effect parameter to Deny for the AddPolicyStatement operation, you must also set the value of the effect parameter in the policy to Deny for the PutPolicy operation.

  • principal (list) –

    [REQUIRED]

    The Amazon Web Services service or Amazon Web Services account that can access the resource defined as ARN.

    • (string) –

  • statementId (string) –

    [REQUIRED]

    A statement identifier that differentiates the statement from others in the same policy.

Return type:

dict

Returns:

Response Syntax

{
    'arn': 'string',
    'policy': 'string',
    'token': 'string'
}

Response Structure

  • (dict) –

    • arn (string) –

      The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

    • policy (string) –

      The resource-based policy.

    • token (string) –

      A unique identifier for the current revision of the policy.

Exceptions