Request Syntax URI Request Parameters Request Body Response Syntax Response Elements Errors See Also

AddPolicyStatement

Adds a policy statement object. To retrieve a list of existing policy statements, use the GetPolicy API.

Request Syntax


POST /policies/arn/statementId HTTP/1.1
Content-type: application/json

{
   "action": [ "string" ],
   "condition": "string",
   "effect": "string",
   "principal": [ "string" ]
}

URI Request Parameters

The request uses the following URI parameters.

arn

The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

Pattern: ^arn:(aws|aws-us-gov|aws-cn):entityresolution:[a-z]{2}-[a-z]{1,10}-[0-9]:[0-9]{12}:((schemamapping|matchingworkflow|idmappingworkflow|idnamespace)/[a-zA-Z_0-9-]{1,255})$

Required: Yes

statementId

A statement identifier that differentiates the statement from others in the same policy.

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: ^[0-9A-Za-z]+$

Required: Yes

Request Body

The request accepts the following data in JSON format.

action

The action that the principal can use on the resource.

For example, entityresolution:GetIdMappingJob, entityresolution:GetMatchingJob.

Type: Array of strings

Array Members: Minimum number of 1 item.

Length Constraints: Minimum length of 3. Maximum length of 64.

Pattern: ^(entityresolution:[a-zA-Z0-9]+)$

Required: Yes

condition

A set of condition keys that you can use in key policies.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 40960.

Required: No

effect

Determines whether the permissions specified in the policy are to be allowed (Allow) or denied (Deny).

Important

If you set the value of the effect parameter to Deny for the AddPolicyStatement operation, you must also set the value of the effect parameter in the policy to Deny for the PutPolicy operation.

Type: String

Valid Values: Allow | Deny

Required: Yes

principal

The AWS service or AWS account that can access the resource defined as ARN.

Type: Array of strings

Array Members: Minimum number of 1 item.

Length Constraints: Minimum length of 12. Maximum length of 64.

Pattern: ^(\d{12})|([a-z0-9\.]+)$

Required: Yes

Response Syntax


HTTP/1.1 200
Content-type: application/json

{
   "arn": "string",
   "policy": "string",
   "token": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

arn

The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

Type: String

Pattern: ^arn:(aws|aws-us-gov|aws-cn):entityresolution:[a-z]{2}-[a-z]{1,10}-[0-9]:[0-9]{12}:((schemamapping|matchingworkflow|idmappingworkflow|idnamespace)/[a-zA-Z_0-9-]{1,255})$

policy

The resource-based policy.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 40960.

token

A unique identifier for the current revision of the policy.

Type: String

Length Constraints: Fixed length of 36.

Pattern: ^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 403

ConflictException

The request could not be processed because of conflict in the current state of the resource. Example: Workflow already exists, Schema already exists, Workflow is currently running, etc.

HTTP Status Code: 400

InternalServerException

This exception occurs when there is an internal failure in the AWS Entity Resolution service.

HTTP Status Code: 500

ResourceNotFoundException

The resource could not be found.

HTTP Status Code: 404

ThrottlingException

The request was denied due to request throttling.

HTTP Status Code: 429

ValidationException

The input fails to satisfy the constraints specified by AWS Entity Resolution.

HTTP Status Code: 400