AWS::QBusiness::Permission
Adds or updates a permission policy for a Amazon Q Business application, allowing cross-account access for an ISV. This operation creates a new policy statement for the specified Amazon Q Business application. The policy statement defines the IAM actions that the ISV is allowed to perform on the Amazon Q Business application's resources.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::QBusiness::Permission", "Properties" : { "Actions" :[ String, ... ], "ApplicationId" :String, "Principal" :String, "StatementId" :String} }
YAML
Type: AWS::QBusiness::Permission Properties: Actions:- StringApplicationId:StringPrincipal:StringStatementId:String
Properties
Actions-
The list of Amazon Q Business actions that the ISV is allowed to perform.
Required: Yes
Type: Array of String
Minimum:
1Maximum:
10Update requires: Replacement
ApplicationId-
The unique identifier of the Amazon Q Business application.
Required: Yes
Type: String
Pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]{35}$Minimum:
36Maximum:
36Update requires: Replacement
Principal-
Provides user and group information used for filtering documents to use for generating Amazon Q Business conversation responses.
Required: Yes
Type: String
Pattern:
^arn:aws:iam::[0-9]{12}:role/[a-zA-Z0-9_/+=,.@-]+$Minimum:
1Maximum:
1284Update requires: Replacement
StatementId-
A unique identifier for the policy statement.
Required: Yes
Type: String
Pattern:
^[a-zA-Z0-9_-]+$Minimum:
1Maximum:
100Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the application and statement ID. For example:
{"Ref": "ApplicationId|StatementId"}
For more information about using the Ref function, see Ref.
