PutResourcePolicy - Amazon CloudTrail
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

PutResourcePolicy

Attaches a resource-based permission policy to a CloudTrail event data store, dashboard, or channel. For more information about resource-based policies, see CloudTrail resource-based policy examples in the CloudTrail User Guide.

Request Syntax

{
   "ResourceArn": "string",
   "ResourcePolicy": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ResourceArn

The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.

Example event data store ARN format: arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE

Example dashboard ARN format: arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash

Example channel ARN format: arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890

Type: String

Length Constraints: Minimum length of 3. Maximum length of 256.

Pattern: ^[a-zA-Z0-9._/\-:]+$

Required: Yes

ResourcePolicy

A JSON-formatted string for an Amazon resource-based policy.

For example resource-based policies, see CloudTrail resource-based policy examples in the CloudTrail User Guide.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 8192.

Required: Yes

Response Syntax

{
   "DelegatedAdminResourcePolicy": "string",
   "ResourceArn": "string",
   "ResourcePolicy": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

DelegatedAdminResourcePolicy

The default resource-based policy that is automatically generated for the delegated administrator of an Amazon Organizations organization. This policy will be evaluated in tandem with any policy you submit for the resource. For more information about this policy, see Default resource policy for delegated administrators.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 8192.

ResourceArn

The Amazon Resource Name (ARN) of the CloudTrail event data store, dashboard, or channel attached to the resource-based policy.

Example event data store ARN format: arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE

Example dashboard ARN format: arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash

Example channel ARN format: arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890

Type: String

Length Constraints: Minimum length of 3. Maximum length of 256.

Pattern: ^[a-zA-Z0-9._/\-:]+$

ResourcePolicy

The JSON-formatted string of the Amazon resource-based policy attached to the CloudTrail event data store, dashboard, or channel.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 8192.

Errors

For information about the errors that are common to all actions, see Common Errors.

ConflictException

This exception is thrown when the specified resource is not ready for an operation. This can occur when you try to run an operation on a resource before CloudTrail has time to fully load the resource, or because another operation is modifying the resource. If this exception occurs, wait a few minutes, and then try the operation again.

HTTP Status Code: 400

OperationNotPermittedException

This exception is thrown when the requested operation is not permitted.

HTTP Status Code: 400

ResourceARNNotValidException

This exception is thrown when the provided resource does not exist, or the ARN format of the resource is not valid.

The following is the format of an event data store ARN: arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE

The following is the format of a dashboard ARN: arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash

The following is the format of a channel ARN: arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890

HTTP Status Code: 400

ResourceNotFoundException

This exception is thrown when the specified resource is not found.

HTTP Status Code: 400

ResourcePolicyNotValidException

This exception is thrown when the resouce-based policy has syntax errors, or contains a principal that is not valid.

HTTP Status Code: 400

ResourceTypeNotSupportedException

This exception is thrown when the specified resource type is not supported by CloudTrail.

HTTP Status Code: 400

UnsupportedOperationException

This exception is thrown when the requested operation is not supported.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: