# PutDestinationPolicy Creates or updates an access policy associated with an existing destination. An access policy is an [IAM policy document](https://docs.amazonaws.cn/IAM/latest/UserGuide/policies_overview.html) that is used to authorize claims to register a subscription filter against a given destination. ## Request Syntax ``` { "accessPolicy": "string", "destinationName": "string", "forceUpdate": boolean } ``` ## Request Parameters For information about the parameters that are common to all actions, see [Common Parameters](CommonParameters.md). The request accepts the following data in JSON format. ** [accessPolicy](#API_PutDestinationPolicy_RequestSyntax) ** An IAM policy document that authorizes cross-account users to deliver their log events to the associated destination. This can be up to 5120 bytes. Type: String Length Constraints: Minimum length of 1. Required: Yes ** [destinationName](#API_PutDestinationPolicy_RequestSyntax) ** A name for an existing destination. Type: String Length Constraints: Minimum length of 1. Maximum length of 512. Pattern: `[^:*]*` Required: Yes ** [forceUpdate](#API_PutDestinationPolicy_RequestSyntax) ** Specify true if you are updating an existing destination policy to grant permission to an organization ID instead of granting permission to individual Amazon accounts. Before you update a destination policy this way, you must first update the subscription filters in the accounts that send logs to this destination. If you do not, the subscription filters might stop working. By specifying `true` for `forceUpdate`, you are affirming that you have already updated the subscription filters. For more information, see [ Updating an existing cross-account subscription](https://docs.amazonaws.cn/AmazonCloudWatch/latest/logs/Cross-Account-Log_Subscription-Update.html) If you omit this parameter, the default of `false` is used. Type: Boolean Required: No ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** InvalidParameterException ** A parameter is specified incorrectly. HTTP Status Code: 400 ** OperationAbortedException ** Multiple concurrent requests to update the same resource were in conflict. HTTP Status Code: 400 ** ServiceUnavailableException ** The service cannot complete the request. HTTP Status Code: 500 ## Examples ### To create or update an access policy of a destination The following example updates the access policy of the specified destination. #### Sample Request ``` POST / HTTP/1.1 Host: logs.. X-Amz-Date: Authorization: AWS4-HMAC-SHA256 Credential=, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature= User-Agent: Accept: application/json Content-Type: application/x-amz-json-1.1 Content-Length: Connection: Keep-Alive X-Amz-Target: Logs_20140328.PutDestinationPolicy { "destinationName": "my-destination", "accessPolicy": "{ \"Version\": \"2012-10-17\", \"Statement\": [{ \"Effect\": \"Allow\", \"Principal\": { \"AWS\": \"111111111111\"}, \"Action\": \"logs:PutSubscriptionFilter\",\"Resource\": \"arn:aws:logs:us-east-1:123456789012:destination:my-destination\"}]}" } ``` #### Sample Response ``` HTTP/1.1 200 OK x-amzn-RequestId: Content-Type: application/x-amz-json-1.1 Content-Length: Date: ``` ## See Also For more information about using this API in one of the language-specific Amazon SDKs, see the following: + [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/logs-2014-03-28/PutDestinationPolicy) + [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/logs-2014-03-28/PutDestinationPolicy)