AWS::EntityResolution::PolicyStatement - AWS CloudFormation (original) (raw)

Adds a policy statement object. To retrieve a list of existing policy statements, use the GetPolicy API.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::EntityResolution::PolicyStatement",
  "Properties" : {
      "Action" : [ String, ... ],
      "Arn" : String,
      "Condition" : String,
      "Effect" : String,
      "Principal" : [ String, ... ],
      "StatementId" : String
    }
}

YAML

Type: AWS::EntityResolution::PolicyStatement
Properties:
  Action: 
    - String
  Arn: String
  Condition: String
  Effect: String
  Principal: 
    - String
  StatementId: String

Properties

Action

The action that the principal can use on the resource.

For example, entityresolution:GetIdMappingJob,entityresolution:GetMatchingJob.

Required: No

Type: Array of String

Update requires: No interruption

Arn

The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

Required: Yes

Type: String

Pattern: ^arn:(aws|aws-us-gov|aws-cn):entityresolution:[a-z]{2}-[a-z]{1,10}-[0-9]:[0-9]{12}:((schemamapping|matchingworkflow|idmappingworkflow|idnamespace)/[a-zA-Z_0-9-]{1,255})$

Update requires: Replacement

Condition

A set of condition keys that you can use in key policies.

Required: No

Type: String

Minimum: 1

Maximum: 40960

Update requires: No interruption

Effect

Determines whether the permissions specified in the policy are to be allowed (Allow) or denied (Deny).

Important

If you set the value of the effect parameter to Deny for the AddPolicyStatement operation, you must also set the value of theeffect parameter in the policy to Deny for thePutPolicy operation.

Required: No

Type: String

Allowed values: Allow | Deny

Update requires: No interruption

Principal

The AWS service or AWS account that can access the resource defined as ARN.

Required: No

Type: Array of String

Update requires: No interruption

StatementId

A statement identifier that differentiates the statement from others in the same policy.

Required: Yes

Type: String

Pattern: ^[0-9A-Za-z]+$

Minimum: 1

Maximum: 64

Update requires: Replacement

Tag

AWS::EntityResolution::SchemaMapping

Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of it.

Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.