EntityResolution / Client / add_policy_statement

add_policy_statement

EntityResolution.Client.add_policy_statement(**kwargs)

Adds a policy statement object. To retrieve a list of existing policy statements, use the GetPolicy API.

See also: AWS API Documentation

Request Syntax

response = client.add_policy_statement(
    arn='string',
    statementId='string',
    effect='Allow'|'Deny',
    action=[
        'string',
    ],
    principal=[
        'string',
    ],
    condition='string'
)
Parameters:

  • arn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

  • statementId (string) –

    [REQUIRED]

    A statement identifier that differentiates the statement from others in the same policy.

  • effect (string) –

    [REQUIRED]

    Determines whether the permissions specified in the policy are to be allowed ( Allow) or denied ( Deny).

    Warning

    If you set the value of the effect parameter to Deny for the AddPolicyStatement operation, you must also set the value of the effect parameter in the policy to Deny for the PutPolicy operation.

  • action (list) –

    [REQUIRED]

    The action that the principal can use on the resource.

    For example, entityresolution:GetIdMappingJob, entityresolution:GetMatchingJob.

    • (string) –

  • principal (list) –

    [REQUIRED]

    The Amazon Web Services service or Amazon Web Services account that can access the resource defined as ARN.

    • (string) –

  • condition (string) – A set of condition keys that you can use in key policies.

Return type:

dict

Returns:

Response Syntax

{
    'arn': 'string',
    'token': 'string',
    'policy': 'string'
}

Response Structure

  • (dict) –

    • arn (string) –

      The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

    • token (string) –

      A unique identifier for the current revision of the policy.

    • policy (string) –

      The resource-based policy.

Exceptions