IoTSiteWise / Client / update_access_policy

update_access_policy

IoTSiteWise.Client.update_access_policy(**kwargs)

Updates an existing access policy that specifies an identity’s access to an IoT SiteWise Monitor portal or project resource.

See also: AWS API Documentation

Request Syntax

response = client.update_access_policy(
    accessPolicyId='string',
    accessPolicyIdentity={
        'user': {
            'id': 'string'
        },
        'group': {
            'id': 'string'
        },
        'iamUser': {
            'arn': 'string'
        },
        'iamRole': {
            'arn': 'string'
        }
    },
    accessPolicyResource={
        'portal': {
            'id': 'string'
        },
        'project': {
            'id': 'string'
        }
    },
    accessPolicyPermission='ADMINISTRATOR'|'VIEWER',
    clientToken='string'
)

Parameters:

• accessPolicyId (string) –

  [REQUIRED]

  The ID of the access policy.

• accessPolicyIdentity (dict) –

  [REQUIRED]

  The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.

  • user (dict) –

    An IAM Identity Center user identity.

    • id (string) – [REQUIRED]

      The IAM Identity Center ID of the user.

  • group (dict) –

    An IAM Identity Center group identity.

    • id (string) – [REQUIRED]

      The IAM Identity Center ID of the group.

  • iamUser (dict) –

    An IAM user identity.

    • arn (string) – [REQUIRED]

      The ARN of the IAM user. For more information, see IAM ARNs in the IAM User Guide.

      Note

      If you delete the IAM user, access policies that contain this identity include an empty arn. You can delete the access policy for the IAM user that no longer exists.

  • iamRole (dict) –

    An IAM role identity.

    • arn (string) – [REQUIRED]

      The ARN of the IAM role. For more information, see IAM ARNs in the IAM User Guide.

• accessPolicyResource (dict) –

  [REQUIRED]

  The IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.

  • portal (dict) –

    A portal resource.

    • id (string) – [REQUIRED]

      The ID of the portal.

  • project (dict) –

    A project resource.

    • id (string) – [REQUIRED]

      The ID of the project.

• accessPolicyPermission (string) –

  [REQUIRED]

  The permission level for this access policy. Note that a project ADMINISTRATOR is also known as a project owner.

• clientToken (string) –

  A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don’t reuse this client token if a new idempotent request is required.

  This field is autopopulated if not provided.

Return type:

dict

Returns:

Response Syntax

{}

Response Structure

• (dict) –

Exceptions

• IoTSiteWise.Client.exceptions.InvalidRequestException

• IoTSiteWise.Client.exceptions.ResourceNotFoundException

• IoTSiteWise.Client.exceptions.InternalFailureException

• IoTSiteWise.Client.exceptions.ThrottlingException