PromoteResourceShareCreatedFromPolicy - AWS RAM

PromoteResourceShareCreatedFromPolicy

When you attach a resource-based policy to a resource, AWS RAM automatically creates a resource share of featureSet=CREATED_FROM_POLICY with a managed permission that has the same IAM permissions as the original resource-based policy. However, this type of managed permission is visible to only the resource share owner, and the associated resource share can't be modified by using AWS RAM.

This operation promotes the resource share to a STANDARD resource share that is fully manageable in AWS RAM. When you promote a resource share, you can then manage the resource share in AWS RAM and it becomes visible to all of the principals you shared it with.

Important

Before you perform this operation, you should first run PromotePermissionCreatedFromPolicyto ensure that you have an appropriate customer managed permission that can be associated with this resource share after its is promoted. If this operation can't find a managed permission that exactly matches the existing CREATED_FROM_POLICY permission, then this operation fails.

Request Syntax

POST /promoteresourcesharecreatedfrompolicy?resourceShareArn=resourceShareArn HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.

resourceShareArn

Specifies the Amazon Resource Name (ARN) of the resource share to promote.

Required: Yes

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200 Content-type: application/json { "returnValue": boolean }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

returnValue

A return value of true indicates that the request succeeded. A value of false indicates that the request failed.

Type: Boolean

Errors

For information about the errors that are common to all actions, see Common Errors.

InvalidParameterException

The operation failed because a parameter you specified isn't valid.

HTTP Status Code: 400

InvalidStateTransitionException

The operation failed because the requested operation isn't valid for the resource share in its current state.

HTTP Status Code: 400

MalformedArnException

The operation failed because the specified Amazon Resource Name (ARN) has a format that isn't valid.

HTTP Status Code: 400

MissingRequiredParameterException

The operation failed because a required input parameter is missing.

HTTP Status Code: 400

OperationNotPermittedException

The operation failed because the requested operation isn't permitted.

HTTP Status Code: 400

ResourceShareLimitExceededException

The operation failed because it would exceed the limit for resource shares for your account. To view the limits for your AWS account, see the AWS RAM page in the Service Quotas console.

HTTP Status Code: 400

ServerInternalException

The operation failed because the service could not respond to the request due to an internal problem. Try again later.

HTTP Status Code: 500

ServiceUnavailableException

The operation failed because the service isn't available. Try again later.

HTTP Status Code: 503

UnknownResourceException

The operation failed because a specified resource couldn't be found.

HTTP Status Code: 400

UnmatchedPolicyPermissionException

There isn't an existing managed permission defined in AWS RAM that has the same IAM permissions as the resource-based policy attached to the resource. You should first run PromotePermissionCreatedFromPolicy to create that managed permission.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: