AddPermission - Amazon Simple Notification Service

AddPermission

Adds a statement to a topic's access control policy, granting access for the specified AWS accounts to the specified actions.

Note

To remove the ability to change topic permissions, you must deny permissions to the AddPermission, RemovePermission, and SetTopicAttributes actions in your IAM policy.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

ActionName.member.N

The action you want to allow for the specified principal(s).

Valid values: Any Amazon SNS action name, for example Publish.

Type: Array of strings

Required: Yes

AWSAccountId.member.N

The AWS account IDs of the users (principals) who will be given access to the specified actions. The users must have AWS account, but do not need to be signed up for this service.

Type: Array of strings

Required: Yes

Label

A unique identifier for the new policy statement.

Type: String

Required: Yes

TopicArn

The ARN of the topic whose access control policy you wish to modify.

Type: String

Required: Yes

Errors

For information about the errors that are common to all actions, see Common Errors.

AuthorizationError

Indicates that the user has been denied access to the requested resource.

HTTP Status Code: 403

InternalError

Indicates an internal service error.

HTTP Status Code: 500

InvalidParameter

Indicates that a request parameter does not comply with the associated constraints.

HTTP Status Code: 400

NotFound

Indicates that the requested resource does not exist.

HTTP Status Code: 404

Examples

The structure of AUTHPARAMS depends on the signature of the API request. For more information, see Examples of the complete Signature Version 4 signing process (Python) in the AWS General Reference.

Example

This example illustrates one usage of AddPermission.

Sample Request

https://sns.us-east-2.amazonaws.com/?Action=AddPermission &TopicArn=arn%3Aaws%3Asns%3Aus-east-2%3A123456789012%3AMy-Test &Label=NewPermission &ActionName.member.1=Publish &ActionName.member.2=GetTopicAttributes &AWSAccountId.member.1=987654321000 &AWSAccountId.member.2=876543210000 &Version=2010-03-31 &AUTHPARAMS

Sample Response

<AddPermissionResponse xmlns="https://sns.amazonaws.com/doc/2010-03-31/"> <ResponseMetadata> <RequestId>6a213e4e-33a8-11df-9540-99d0768312d3</RequestId> </ResponseMetadata> </AddPermissionResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: