PutResourcePolicy
Attaches a resource-based permission policy to a CloudTrail channel that is used for an integration with an event source outside of AWS. For more information about resource-based policies, see CloudTrail resource-based policy examples in the CloudTrail User Guide.
Request Syntax
{
"ResourceArn": "string
",
"ResourcePolicy": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- ResourceArn
-
The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN:
arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel
.Type: String
Length Constraints: Minimum length of 3. Maximum length of 256.
Pattern:
^[a-zA-Z0-9._/\-:]+$
Required: Yes
- ResourcePolicy
-
A JSON-formatted string for an AWS resource-based policy.
The following are requirements for the resource policy:
-
Contains only one action: cloudtrail-data:PutAuditEvents
-
Contains at least one statement. The policy can have a maximum of 20 statements.
-
Each statement contains at least one principal. A statement can have a maximum of 50 principals.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 8192.
Required: Yes
-
Response Syntax
{
"ResourceArn": "string",
"ResourcePolicy": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- ResourceArn
-
The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.
Type: String
Length Constraints: Minimum length of 3. Maximum length of 256.
Pattern:
^[a-zA-Z0-9._/\-:]+$
- ResourcePolicy
-
The JSON-formatted string of the AWS resource-based policy attached to the CloudTrail channel.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 8192.
Errors
For information about the errors that are common to all actions, see Common Errors.
- OperationNotPermittedException
-
This exception is thrown when the requested operation is not permitted.
HTTP Status Code: 400
- ResourceARNNotValidException
-
This exception is thrown when the provided resource does not exist, or the ARN format of the resource is not valid. The following is the valid format for a resource ARN:
arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel
.HTTP Status Code: 400
- ResourceNotFoundException
-
This exception is thrown when the specified resource is not found.
HTTP Status Code: 400
- ResourcePolicyNotValidException
-
This exception is thrown when the resouce-based policy has syntax errors, or contains a principal that is not valid.
The following are requirements for the resource policy:
-
Contains only one action: cloudtrail-data:PutAuditEvents
-
Contains at least one statement. The policy can have a maximum of 20 statements.
-
Each statement contains at least one principal. A statement can have a maximum of 50 principals.
HTTP Status Code: 400
-
- ResourceTypeNotSupportedException
-
This exception is thrown when the specified resource type is not supported by CloudTrail.
HTTP Status Code: 400
- UnsupportedOperationException
-
This exception is thrown when the requested operation is not supported.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: