AWS::IoTSiteWise::AccessPolicy
Creates an access policy that grants the specified identity (IAM Identity Center user, IAM Identity Center group, or IAM user) access to the specified AWS IoT SiteWise Monitor portal or project resource.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::IoTSiteWise::AccessPolicy", "Properties" : { "AccessPolicyIdentity" :AccessPolicyIdentity, "AccessPolicyPermission" :String, "AccessPolicyResource" :AccessPolicyResource} }
YAML
Type: AWS::IoTSiteWise::AccessPolicy Properties: AccessPolicyIdentity:AccessPolicyIdentityAccessPolicyPermission:StringAccessPolicyResource:AccessPolicyResource
Properties
AccessPolicyIdentity-
The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.
Required: Yes
Type: AccessPolicyIdentity
Update requires: No interruption
AccessPolicyPermission-
The permission level for this access policy. Note that a project
ADMINISTRATORis also known as a project owner.Required: Yes
Type: String
Update requires: No interruption
AccessPolicyResource-
The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.
Required: Yes
Type: AccessPolicyResource
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the AccessPolicyId.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
AccessPolicyArn-
The ARN of the access policy, which has the following format.
arn:${Partition}:iotsitewise:${Region}:${Account}:access-policy/${AccessPolicyId}For more information about using the
Reffunction, seeRef. AccessPolicyId-
The ID of the access policy.
For more information about using the
Reffunction, seeRef.
