AssociatePermission - Amazon Q Business
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

AssociatePermission

Adds or updates a permission policy for a Amazon Q Business application, allowing cross-account access for an ISV. This operation creates a new policy statement for the specified Amazon Q Business application. The policy statement defines the IAM actions that the ISV is allowed to perform on the Amazon Q Business application's resources.

Request Syntax

POST /applications/applicationId/policy HTTP/1.1
Content-type: application/json

{
   "actions": [ "string" ],
   "principal": "string",
   "statementId": "string"
}

URI Request Parameters

The request uses the following URI parameters.

applicationId

The unique identifier of the Amazon Q Business application.

Length Constraints: Fixed length of 36.

Pattern: [a-zA-Z0-9][a-zA-Z0-9-]{35}

Required: Yes

Request Body

The request accepts the following data in JSON format.

actions

The list of Amazon Q Business actions that the ISV is allowed to perform.

Type: Array of strings

Array Members: Minimum number of 1 item. Maximum number of 10 items.

Pattern: qbusiness:[a-zA-Z]+

Required: Yes

principal

The Amazon Resource Name of the IAM role for the ISV that is being granted permission.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1284.

Pattern: arn:aws:iam::[0-9]{12}:role/[a-zA-Z0-9_/+=,.@-]+

Required: Yes

statementId

A unique identifier for the policy statement.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 100.

Pattern: [a-zA-Z0-9_-]+

Required: Yes

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "statement": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

statement

The JSON representation of the added permission statement.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have access to perform this action. Make sure you have the required permission policies and user accounts and try again.

HTTP Status Code: 403

ConflictException

You are trying to perform an action that conflicts with the current status of your resource. Fix any inconsistencies with your resources and try again.

HTTP Status Code: 409

InternalServerException

An issue occurred with the internal server used for your Amazon Q Business service. Wait some minutes and try again, or contact Support for help.

HTTP Status Code: 500

ResourceNotFoundException

The application or plugin resource you want to use doesn’t exist. Make sure you have provided the correct resource and try again.

HTTP Status Code: 404

ServiceQuotaExceededException

You have exceeded the set limits for your Amazon Q Business service.

HTTP Status Code: 402

ThrottlingException

The request was denied due to throttling. Reduce the number of requests and try again.

HTTP Status Code: 429

ValidationException

The input doesn't meet the constraints set by the Amazon Q Business service. Provide the correct input and try again.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: