put_resource_policy

Glue.Client.put_resource_policy(**kwargs)

Sets the Data Catalog resource policy for access control.

See also: AWS API Documentation

Request Syntax

response = client.put_resource_policy(
    PolicyInJson='string',
    ResourceArn='string',
    PolicyHashCondition='string',
    PolicyExistsCondition='MUST_EXIST'|'NOT_EXIST'|'NONE',
    EnableHybrid='TRUE'|'FALSE'
)

Parameters

• PolicyInJson (string) --

  [REQUIRED]

  Contains the policy document to set, in JSON format.

• ResourceArn (string) -- Do not use. For internal use only.
• PolicyHashCondition (string) -- The hash value returned when the previous policy was set using PutResourcePolicy . Its purpose is to prevent concurrent modifications of a policy. Do not use this parameter if no previous policy has been set.
• PolicyExistsCondition (string) -- A value of MUST_EXIST is used to update a policy. A value of NOT_EXIST is used to create a new policy. If a value of NONE or a null value is used, the call does not depend on the existence of a policy.
• EnableHybrid (string) --

  If 'TRUE' , indicates that you are using both methods to grant cross-account access to Data Catalog resources:

  • By directly updating the resource policy with PutResourePolicy
  • By using the Grant permissions command on the Amazon Web Services Management Console.

  Must be set to 'TRUE' if you have already used the Management Console to grant cross-account access, otherwise the call fails. Default is 'FALSE'.

Return type

dict

Returns

Response Syntax

{
    'PolicyHash': 'string'
}

Response Structure

• (dict) --

  • PolicyHash (string) --

    A hash of the policy that has just been set. This must be included in a subsequent call that overwrites or updates this policy.

Exceptions

• Glue.Client.exceptions.EntityNotFoundException
• Glue.Client.exceptions.InternalServiceException
• Glue.Client.exceptions.OperationTimeoutException
• Glue.Client.exceptions.InvalidInputException
• Glue.Client.exceptions.ConditionCheckFailureException