QBusiness / Client / associate_permission
associate_permission¶
- QBusiness.Client.associate_permission(**kwargs)¶
Adds or updates a permission policy for a Amazon Q Business application, allowing cross-account access for an ISV. This operation creates a new policy statement for the specified Amazon Q Business application. The policy statement defines the IAM actions that the ISV is allowed to perform on the Amazon Q Business application’s resources.
See also: AWS API Documentation
Request Syntax
response = client.associate_permission( applicationId='string', statementId='string', actions=[ 'string', ], conditions=[ { 'conditionOperator': 'StringEquals', 'conditionKey': 'string', 'conditionValues': [ 'string', ] }, ], principal='string' )
- Parameters:
applicationId (string) –
[REQUIRED]
The unique identifier of the Amazon Q Business application.
statementId (string) –
[REQUIRED]
A unique identifier for the policy statement.
actions (list) –
[REQUIRED]
The list of Amazon Q Business actions that the ISV is allowed to perform.
(string) –
conditions (list) –
The conditions that restrict when the permission is effective. These conditions can be used to limit the permission based on specific attributes of the request.
(dict) –
Defines a condition that restricts when a permission is effective. Conditions allow you to control access based on specific attributes of the request.
conditionOperator (string) – [REQUIRED]
The operator to use for the condition evaluation. This determines how the condition values are compared.
conditionKey (string) – [REQUIRED]
The key for the condition. This identifies the attribute that the condition applies to.
conditionValues (list) – [REQUIRED]
The values to compare against using the specified condition operator.
(string) –
principal (string) –
[REQUIRED]
The Amazon Resource Name of the IAM role for the ISV that is being granted permission.
- Return type:
dict
- Returns:
Response Syntax
{ 'statement': 'string' }
Response Structure
(dict) –
statement (string) –
The JSON representation of the added permission statement.
Exceptions