Glue / Client / put_resource_policy

put_resource_policy#

Glue.Client.put_resource_policy(**kwargs)#

Sets the Data Catalog resource policy for access control.

Request Syntax

response = client.put_resource_policy(
    PolicyInJson='string',
    ResourceArn='string',
    PolicyHashCondition='string',
    PolicyExistsCondition='MUST_EXIST'|'NOT_EXIST'|'NONE',
    EnableHybrid='TRUE'|'FALSE'
)

Parameters:

PolicyInJson (string) –
[REQUIRED]

Contains the policy document to set, in JSON format.
ResourceArn (string) – Do not use. For internal use only.
PolicyHashCondition (string) – The hash value returned when the previous policy was set using PutResourcePolicy. Its purpose is to prevent concurrent modifications of a policy. Do not use this parameter if no previous policy has been set.
PolicyExistsCondition (string) – A value of MUST_EXIST is used to update a policy. A value of NOT_EXIST is used to create a new policy. If a value of NONE or a null value is used, the call does not depend on the existence of a policy.
EnableHybrid (string) –
If 'TRUE', indicates that you are using both methods to grant cross-account access to Data Catalog resources:
- By directly updating the resource policy with PutResourePolicy
- By using the Grant permissions command on the Amazon Web Services Management Console.
Must be set to 'TRUE' if you have already used the Management Console to grant cross-account access, otherwise the call fails. Default is ‘FALSE’.

Return type:

dict

Returns:

Response Syntax

{
    'PolicyHash': 'string'
}

Response Structure

(dict) –
- PolicyHash (string) –
  
  A hash of the policy that has just been set. This must be included in a subsequent call that overwrites or updates this policy.

Exceptions

Glue.Client.exceptions.EntityNotFoundException
Glue.Client.exceptions.InternalServiceException
Glue.Client.exceptions.OperationTimeoutException
Glue.Client.exceptions.InvalidInputException
Glue.Client.exceptions.ConditionCheckFailureException