CloudTrail / Client / put_resource_policy

put_resource_policy#

CloudTrail.Client.put_resource_policy(**kwargs)#

Attaches a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of Amazon Web Services. For more information about resource-based policies, see CloudTrail resource-based policy examples in the CloudTrail User Guide.

See also: AWS API Documentation

Request Syntax

response = client.put_resource_policy(
    ResourceArn='string',
    ResourcePolicy='string'
)
Parameters:
  • ResourceArn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN: arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel.

  • ResourcePolicy (string) –

    [REQUIRED]

    A JSON-formatted string for an Amazon Web Services resource-based policy.

    The following are requirements for the resource policy:

    • Contains only one action: cloudtrail-data:PutAuditEvents

    • Contains at least one statement. The policy can have a maximum of 20 statements.

    • Each statement contains at least one principal. A statement can have a maximum of 50 principals.

Return type:

dict

Returns:

Response Syntax

{
    'ResourceArn': 'string',
    'ResourcePolicy': 'string'
}

Response Structure

  • (dict) –

    • ResourceArn (string) –

      The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.

    • ResourcePolicy (string) –

      The JSON-formatted string of the Amazon Web Services resource-based policy attached to the CloudTrail channel.

Exceptions