PutResourcePolicy - Amazon CloudTrail
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

PutResourcePolicy

Attaches a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of Amazon. For more information about resource-based policies, see CloudTrail resource-based policy examples in the CloudTrail User Guide.

Request Syntax

{
   "ResourceArn": "string",
   "ResourcePolicy": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ResourceArn

The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN: arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel.

Type: String

Length Constraints: Minimum length of 3. Maximum length of 256.

Pattern: ^[a-zA-Z0-9._/\-:]+$

Required: Yes

ResourcePolicy

A JSON-formatted string for an Amazon resource-based policy.

The following are requirements for the resource policy:

  • Contains only one action: cloudtrail-data:PutAuditEvents

  • Contains at least one statement. The policy can have a maximum of 20 statements.

  • Each statement contains at least one principal. A statement can have a maximum of 50 principals.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 8192.

Required: Yes

Response Syntax

{
   "ResourceArn": "string",
   "ResourcePolicy": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

ResourceArn

The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.

Type: String

Length Constraints: Minimum length of 3. Maximum length of 256.

Pattern: ^[a-zA-Z0-9._/\-:]+$

ResourcePolicy

The JSON-formatted string of the Amazon resource-based policy attached to the CloudTrail channel.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 8192.

Errors

For information about the errors that are common to all actions, see Common Errors.

OperationNotPermittedException

This exception is thrown when the requested operation is not permitted.

HTTP Status Code: 400

ResourceARNNotValidException

This exception is thrown when the provided resource does not exist, or the ARN format of the resource is not valid. The following is the valid format for a resource ARN: arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel.

HTTP Status Code: 400

ResourceNotFoundException

This exception is thrown when the specified resource is not found.

HTTP Status Code: 400

ResourcePolicyNotValidException

This exception is thrown when the resouce-based policy has syntax errors, or contains a principal that is not valid.

The following are requirements for the resource policy:

  • Contains only one action: cloudtrail-data:PutAuditEvents

  • Contains at least one statement. The policy can have a maximum of 20 statements.

  • Each statement contains at least one principal. A statement can have a maximum of 50 principals.

HTTP Status Code: 400

ResourceTypeNotSupportedException

This exception is thrown when the specified resource type is not supported by CloudTrail.

HTTP Status Code: 400

UnsupportedOperationException

This exception is thrown when the requested operation is not supported.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: