Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

UpdateQAppPermissions - Amazon Q Business

UpdateQAppPermissions

Updates read permissions for a Amazon Q App in Amazon Q Business application environment instance.

Request Syntax

POST /apps.updateQAppPermissions HTTP/1.1 instance-id: instanceId Content-type: application/json { "appId": "string", "grantPermissions": [ { "action": "string", "principal": "string" } ], "revokePermissions": [ { "action": "string", "principal": "string" } ] }

URI Request Parameters

The request uses the following URI parameters.

instanceId

The unique identifier of the Amazon Q Business application environment instance.

Required: Yes

Request Body

The request accepts the following data in JSON format.

appId

The unique identifier of the Amazon Q App for which permissions are being updated.

Type: String

Pattern: [\da-f]{8}-[\da-f]{4}-[45][\da-f]{3}-[89ABab][\da-f]{3}-[\da-f]{12}

Required: Yes

grantPermissions

The list of permissions to grant for the Amazon Q App.

Type: Array of PermissionInput objects

Array Members: Minimum number of 0 items. Maximum number of 100 items.

Required: No

revokePermissions

The list of permissions to revoke for the Amazon Q App.

Type: Array of PermissionInput objects

Array Members: Minimum number of 0 items. Maximum number of 100 items.

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "appId": "string", "permissions": [ { "action": "string", "principal": { "email": "string", "userId": "string", "userType": "string" } } ], "resourceArn": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

appId

The unique identifier of the Amazon Q App for which permissions were updated.

Type: String

permissions

The updated list of permissions for the Amazon Q App.

Type: Array of PermissionOutput objects

resourceArn

The Amazon Resource Name (ARN) of the Amazon Q App for which permissions were updated.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

The client is not authorized to perform the requested operation.

HTTP Status Code: 403

InternalServerException

An internal service error occurred while processing the request.

HTTP Status Code: 500

ResourceNotFoundException

The requested resource could not be found.

HTTP Status Code: 404

ThrottlingException

The requested operation could not be completed because too many requests were sent at once. Wait a bit and try again later.

HTTP Status Code: 429

UnauthorizedException

The client is not authenticated or authorized to perform the requested operation.

HTTP Status Code: 401

ValidationException

The input failed to satisfy the constraints specified by the service.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.