PutResourcePolicy - Amazon Kinesis Data Streams Service

PutResourcePolicy

Attaches a resource-based policy to a data stream or registered consumer. If you are using an identity other than the root user of the AWS account that owns the resource, the calling identity must have the PutResourcePolicy permissions on the specified Kinesis Data Streams resource and belong to the owner's account in order to use this operation. If you don't have PutResourcePolicy permissions, Amazon Kinesis Data Streams returns a 403 Access Denied error. If you receive a ResourceNotFoundException, check to see if you passed a valid stream or consumer resource.

Request patterns can be one of the following:

  • Data stream pattern: arn:aws.*:kinesis:.*:\d{12}:.*stream/\S+

  • Consumer pattern: ^(arn):aws.*:kinesis:.*:\d{12}:.*stream\/[a-zA-Z0-9_.-]+\/consumer\/[a-zA-Z0-9_.-]+:[0-9]+

For more information, see Controlling Access to Amazon Kinesis Data Streams Resources Using IAM.

Request Syntax

{ "Policy": "string", "ResourceARN": "string" }

Request Parameters

The request accepts the following data in JSON format.

Policy

Details of the resource policy. It must include the identity of the principal and the actions allowed on this resource. This is formatted as a JSON string.

Type: String

Required: Yes

ResourceARN

The Amazon Resource Name (ARN) of the data stream or consumer.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Pattern: arn:aws.*:kinesis:.*:\d{12}:.*stream/\S+

Required: Yes

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

Specifies that you do not have the permissions required to perform this operation.

HTTP Status Code: 400

InvalidArgumentException

A specified parameter exceeds its restrictions, is not supported, or can't be used. For more information, see the returned message.

HTTP Status Code: 400

LimitExceededException

The requested resource exceeds the maximum number allowed, or the number of concurrent stream requests exceeds the maximum number allowed.

HTTP Status Code: 400

ResourceInUseException

The resource is not available for this operation. For successful operation, the resource must be in the ACTIVE state.

HTTP Status Code: 400

ResourceNotFoundException

The requested resource could not be found. The stream might not be specified correctly.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: