QBusiness / Client / associate_permission

associate_permission

QBusiness.Client.associate_permission(**kwargs)

Adds or updates a permission policy for a Q Business application, allowing cross-account access for an ISV. This operation creates a new policy statement for the specified Q Business application. The policy statement defines the IAM actions that the ISV is allowed to perform on the Q Business application’s resources.

See also: AWS API Documentation

Request Syntax

response = client.associate_permission(
    applicationId='string',
    statementId='string',
    actions=[
        'string',
    ],
    principal='string'
)

Parameters:

• applicationId (string) –

  [REQUIRED]

  The unique identifier of the Q Business application.

• statementId (string) –

  [REQUIRED]

  A unique identifier for the policy statement.

• actions (list) –

  [REQUIRED]

  The list of Q Business actions that the ISV is allowed to perform.

  • (string) –

• principal (string) –

  [REQUIRED]

  The Amazon Resource Name (ARN) of the IAM role for the ISV that is being granted permission.

Return type:

dict

Returns:

Response Syntax

{
    'statement': 'string'
}

Response Structure

• (dict) –

  • statement (string) –

    The JSON representation of the added permission statement.

Exceptions

• QBusiness.Client.exceptions.ResourceNotFoundException

• QBusiness.Client.exceptions.InternalServerException

• QBusiness.Client.exceptions.ConflictException

• QBusiness.Client.exceptions.ThrottlingException

• QBusiness.Client.exceptions.ValidationException

• QBusiness.Client.exceptions.AccessDeniedException

• QBusiness.Client.exceptions.ServiceQuotaExceededException