describe_access_policy

describe_access_policy(**kwargs)

Describes an access policy, which specifies an identity's access to an IoT SiteWise Monitor portal or project.

See also: AWS API Documentation

Request Syntax

response = client.describe_access_policy(
    accessPolicyId='string'
)
Parameters
accessPolicyId (string) --

[REQUIRED]

The ID of the access policy.

Return type
dict
Returns
Response Syntax
{
    'accessPolicyId': 'string',
    'accessPolicyArn': 'string',
    'accessPolicyIdentity': {
        'user': {
            'id': 'string'
        },
        'group': {
            'id': 'string'
        },
        'iamUser': {
            'arn': 'string'
        },
        'iamRole': {
            'arn': 'string'
        }
    },
    'accessPolicyResource': {
        'portal': {
            'id': 'string'
        },
        'project': {
            'id': 'string'
        }
    },
    'accessPolicyPermission': 'ADMINISTRATOR'|'VIEWER',
    'accessPolicyCreationDate': datetime(2015, 1, 1),
    'accessPolicyLastUpdateDate': datetime(2015, 1, 1)
}

Response Structure

  • (dict) --
    • accessPolicyId (string) --

      The ID of the access policy.

    • accessPolicyArn (string) --

      The ARN of the access policy, which has the following format.

      arn:${Partition}:iotsitewise:${Region}:${Account}:access-policy/${AccessPolicyId}
    • accessPolicyIdentity (dict) --

      The identity (IAM Identity Center user, IAM Identity Center group, or IAM user) to which this access policy applies.

      • user (dict) --

        An IAM Identity Center user identity.

        • id (string) --

          The IAM Identity Center ID of the user.

      • group (dict) --

        An IAM Identity Center group identity.

        • id (string) --

          The IAM Identity Center ID of the group.

      • iamUser (dict) --

        An IAM user identity.

        • arn (string) --

          The ARN of the IAM user. For more information, see IAM ARNs in the IAM User Guide .

          Note

          If you delete the IAM user, access policies that contain this identity include an empty arn . You can delete the access policy for the IAM user that no longer exists.

      • iamRole (dict) --

        An IAM role identity.

        • arn (string) --

          The ARN of the IAM role. For more information, see IAM ARNs in the IAM User Guide .

    • accessPolicyResource (dict) --

      The IoT SiteWise Monitor resource (portal or project) to which this access policy provides access.

      • portal (dict) --

        A portal resource.

        • id (string) --

          The ID of the portal.

      • project (dict) --

        A project resource.

        • id (string) --

          The ID of the project.

    • accessPolicyPermission (string) --

      The access policy permission. Note that a project ADMINISTRATOR is also known as a project owner.

    • accessPolicyCreationDate (datetime) --

      The date the access policy was created, in Unix epoch time.

    • accessPolicyLastUpdateDate (datetime) --

      The date the access policy was last updated, in Unix epoch time.

Exceptions

  • IoTSiteWise.Client.exceptions.InvalidRequestException
  • IoTSiteWise.Client.exceptions.ResourceNotFoundException
  • IoTSiteWise.Client.exceptions.InternalFailureException
  • IoTSiteWise.Client.exceptions.ThrottlingException