PutResourcePolicy - Amazon Kinesis Data Streams Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


Attaches a resource-based policy to a data stream or registered consumer. If you are using an identity other than the root user of the Amazon account that owns the resource, the calling identity must have the PutResourcePolicy permissions on the specified Kinesis Data Streams resource and belong to the owner's account in order to use this operation. If you don't have PutResourcePolicy permissions, Amazon Kinesis Data Streams returns a 403 Access Denied error. If you receive a ResourceNotFoundException, check to see if you passed a valid stream or consumer resource.

Request patterns can be one of the following:

  • Data stream pattern: arn:aws.*:kinesis:.*:\d{12}:.*stream/\S+

  • Consumer pattern: ^(arn):aws.*:kinesis:.*:\d{12}:.*stream\/[a-zA-Z0-9_.-]+\/consumer\/[a-zA-Z0-9_.-]+:[0-9]+

For more information, see Controlling Access to Amazon Kinesis Data Streams Resources Using IAM.

Request Syntax

{ "Policy": "string", "ResourceARN": "string" }

Request Parameters

The request accepts the following data in JSON format.


Details of the resource policy. It must include the identity of the principal and the actions allowed on this resource. This is formatted as a JSON string.

Type: String

Required: Yes


The Amazon Resource Name (ARN) of the data stream or consumer.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Pattern: arn:aws.*:kinesis:.*:\d{12}:.*stream/\S+

Required: Yes

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.


For information about the errors that are common to all actions, see Common Errors.


Specifies that you do not have the permissions required to perform this operation.

HTTP Status Code: 400


A specified parameter exceeds its restrictions, is not supported, or can't be used. For more information, see the returned message.

HTTP Status Code: 400


The requested resource exceeds the maximum number allowed, or the number of concurrent stream requests exceeds the maximum number allowed.

HTTP Status Code: 400


The resource is not available for this operation. For successful operation, the resource must be in the ACTIVE state.

HTTP Status Code: 400


The requested resource could not be found. The stream might not be specified correctly.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: