add_permission ( $topic_arn, $label, $aws_account_id, $action_name, $opt )

The AddPermission action adds a statement to a topic’s access control policy, granting access for the specified AWS accounts to the specified actions.

Access

public

Parameters

Parameter

Type

Required

Description

$topic_arn

string

Required

The ARN of the topic whose access control policy you wish to modify.

$label

string

Required

A unique identifier for the new policy statement.

$aws_account_id

string
array

Required

The AWS account IDs of the users (principals) who will be given access to the specified actions. The users must have AWS accounts, but do not need to be signed up for this service. Pass a string for a single value, or an indexed array for multiple values.

$action_name

string
array

Required

The action you want to allow for the specified principal(s). Pass a string for a single value, or an indexed array for multiple values.

$opt

array

Optional

An associative array of parameters that can have the following keys:

  • curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
  • returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

Returns

Type

Description

CFResponse

A CFResponse object containing a parsed HTTP response.

Examples

Add permissions for a user.

$sns = new AmazonSNS();

// Add permission
$response = $sns->add_permission(
	'arn:aws:sns:us-east-1:9876543210:example-topic',
	'my-permission-label',
	array( 9876543210, CFCredentials::get('@default')->account_id ),
	array( 'Publish', 'GetTopicAttributes' )
);

// Success?
var_dump($response->isOK());
Result:
bool(true)

Related Methods

Source

Method defined in services/sns.class.php | Toggle source view (18 lines) | View on GitHub

public function add_permission($topic_arn, $label, $aws_account_id, $action_name, $opt = null)
{
    if (!$opt) $opt = array();
    $opt['TopicArn'] = $topic_arn;
    $opt['Label'] = $label;
    
    // Required list (non-map)
    $opt = array_merge($opt, CFComplexType::map(array(
        'AWSAccountId' => (is_array($aws_account_id) ? $aws_account_id : array($aws_account_id))
    ), 'member'));
    
    // Required list (non-map)
    $opt = array_merge($opt, CFComplexType::map(array(
        'ActionName' => (is_array($action_name) ? $action_name : array($action_name))
    ), 'member'));

    return $this->authenticate('AddPermission', $opt);
}

Copyright © 2010–2013 Amazon Web Services, LLC


Feedback