put_resource_policy

put_resource_policy(**kwargs)

Creates or updates a resource policy.

You can only call this operation from the organization's management account.

See also: AWS API Documentation

Request Syntax

response = client.put_resource_policy(
    Content='string',
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)
Parameters
  • Content (string) --

    [REQUIRED]

    If provided, the new content for the resource policy. The text must be correctly formatted JSON that complies with the syntax for the resource policy's type. For more information, see Service Control Policy Syntax in the Organizations User Guide.

  • Tags (list) --

    A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null . For more information about tagging, see Tagging Organizations resources in the Organizations User Guide.

    Note

    Calls with tags apply to the initial creation of the resource policy, otherwise an exception is thrown. If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.

    • (dict) --

      A custom key-value pair associated with a resource within your organization.

      You can attach tags to any of the following organization resources.

      • Amazon Web Services account
      • Organizational unit (OU)
      • Organization root
      • Policy
      • Key (string) -- [REQUIRED]

        The key identifier, or name, of the tag.

      • Value (string) -- [REQUIRED]

        The string value that's associated with the key of the tag. You can set the value of a tag to an empty string, but you can't set the value of a tag to null.

Return type

dict

Returns

Response Syntax

{
    'ResourcePolicy': {
        'ResourcePolicySummary': {
            'Id': 'string',
            'Arn': 'string'
        },
        'Content': 'string'
    }
}

Response Structure

  • (dict) --

    • ResourcePolicy (dict) --

      A structure that contains details about the resource policy.

      • ResourcePolicySummary (dict) --

        A structure that contains resource policy ID and Amazon Resource Name (ARN).

        • Id (string) --

          The unique identifier (ID) of the resource policy.

        • Arn (string) --

          The Amazon Resource Name (ARN) of the resource policy.

      • Content (string) --

        The policy text of the resource policy.

Exceptions

  • Organizations.Client.exceptions.AccessDeniedException
  • Organizations.Client.exceptions.ServiceException
  • Organizations.Client.exceptions.UnsupportedAPIEndpointException
  • Organizations.Client.exceptions.TooManyRequestsException
  • Organizations.Client.exceptions.ConcurrentModificationException
  • Organizations.Client.exceptions.InvalidInputException
  • Organizations.Client.exceptions.ConstraintViolationException
  • Organizations.Client.exceptions.AWSOrganizationsNotInUseException