update_service_access_policies ( $domain_name, $access_policies, $opt )

Configures the policies that control access to the domain’s document and search services. The maximum size of an access policy document is 100KB.

Access

public

Parameters

Parameter

Type

Required

Description

$domain_name

string

Required

A string that represents the name of a domain. Domain names must be unique across the domains owned by an account within an AWS region. Domain names must start with a letter or number and can contain the following characters: a-z (lowercase), 0-9, and - (hyphen). Uppercase letters and underscores are not allowed. [Constraints: The value must be between 3 and 28 characters, and must match the following regular expression pattern: [a-z][a-z0-9-]+]

$access_policies

string

Required

An IAM access policy as described in The Access Policy Language in Using AWS Identity and Access Management. The maximum size of an access policy document is 100KB. Example: {"Statement": [{"Effect":"Allow", "Action": "", "Resource": "arn:aws:cs:us-east-1:1234567890:search/movies", "Condition": { "IpAddress": { aws:SourceIp": ["203.0.113.1/32"] } }}, {"Effect":"Allow", "Action": "", "Resource": "arn:aws:cs:us-east-1:1234567890:documents/movies", "Condition": { "IpAddress": { aws:SourceIp": ["203.0.113.1/32"] } }} ]}

$opt

array

Optional

An associative array of parameters that can have the following keys:

  • curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
  • returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

Returns

Type

Description

CFResponse

A CFResponse object containing a parsed HTTP response.

Examples

Update and describe the service access policies.

// Instantiate the class
$search = new AmazonCloudSearch();

$domain_name = 'my-domain';

/*%**************************************************************%*/
// Create a new CloudSearch domain

echo '# Creating a new CloudSearch domain' . PHP_EOL;
$response = $search->create_domain($domain_name);

// Check for success...
if ($response->isOK())
{
	echo 'Kicked off the creation of the CloudSearch domain...' . PHP_EOL;
}
else
{
	print_r($response);
}

echo PHP_EOL;

/*%**************************************************************%*/
// Update service access policies

sleep(1);

echo "# Update the service access policies, \"${domain_name}\"" . PHP_EOL;
$response = $search->update_service_access_policies($domain_name, '{my-policy}');

// Check for success...
if ($response->isOK())
{
	echo 'Updated the service access policies...' . PHP_EOL;
}
else
{
	print_r($response);
}

echo PHP_EOL;

/*%**************************************************************%*/
// Describe service access policies

echo "# Describing the service access policies, \"${domain_name}\"" . PHP_EOL;
$response = $search->describe_service_access_policies($domain_name);

// Check for success...
if ($response->isOK())
{
	echo 'Described the service access policies...' . PHP_EOL;
}
else
{
	print_r($response);
}

echo PHP_EOL;

/*%**************************************************************%*/
// Delete the CloudSearch domain

echo '# Deleting the CloudSearch domain...' . PHP_EOL;
$response = $search->delete_domain($domain_name);

// Check for success...
if ($response->isOK())
{
	echo 'CloudSearch domain was deleted successfully.' . PHP_EOL;
}
else
{
	print_r($response);
}

Source

Method defined in services/cloudsearch.class.php | Toggle source view (8 lines) | View on GitHub

public function update_service_access_policies($domain_name, $access_policies, $opt = null)
{
    if (!$opt) $opt = array();
    $opt['DomainName'] = $domain_name;
    $opt['AccessPolicies'] = $access_policies;
    
    return $this->authenticate('UpdateServiceAccessPolicies', $opt);
}

Copyright © 2010–2013 Amazon Web Services, LLC


Feedback