DeletePolicy - Amazon Bedrock AgentCore Control Plane
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

DeletePolicy

Deletes an existing policy from the AgentCore Policy system. Once deleted, the policy can no longer be used for agent behavior control and all references to it become invalid. This is an asynchronous operation. Use the GetPolicy operation to poll the status field to track completion.

Request Syntax

DELETE /policy-engines/policyEngineId/policies/policyId HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.

policyEngineId

The identifier of the policy engine that manages the policy to be deleted. This ensures the policy is deleted from the correct policy engine context.

Length Constraints: Minimum length of 12. Maximum length of 59.

Pattern: [A-Za-z][A-Za-z0-9_]*-[a-z0-9_]{10}

Required: Yes

policyId

The unique identifier of the policy to be deleted. This must be a valid policy ID that exists within the specified policy engine.

Length Constraints: Minimum length of 12. Maximum length of 59.

Pattern: [A-Za-z][A-Za-z0-9_]*-[a-z0-9_]{10}

Required: Yes

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 202
Content-type: application/json

{
   "createdAt": "string",
   "definition": { ... },
   "description": "string",
   "name": "string",
   "policyArn": "string",
   "policyEngineId": "string",
   "policyId": "string",
   "status": "string",
   "statusReasons": [ "string" ],
   "updatedAt": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 202 response.

The following data is returned in JSON format by the service.

createdAt

The timestamp when the deleted policy was originally created.

Type: Timestamp

definition

Represents the definition structure for policies within the AgentCore Policy system. This structure encapsulates different policy formats and languages that can be used to define access control rules.

Type: PolicyDefinition object

Note: This object is a Union. Only one member of this object can be specified or returned.

description

The human-readable description of the deleted policy.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4096.

name

The customer-assigned name of the deleted policy. This confirms which policy was successfully removed from the system and matches the name that was originally assigned during policy creation.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 48.

Pattern: [A-Za-z][A-Za-z0-9_]*

policyArn

The Amazon Resource Name (ARN) of the deleted policy. This globally unique identifier confirms which policy resource was successfully removed.

Type: String

Length Constraints: Minimum length of 96. Maximum length of 203.

Pattern: arn:aws[-a-z]{0,7}:bedrock-agentcore:[a-z0-9-]{9,15}:[0-9]{12}:policy-engine/[a-zA-Z][a-zA-Z0-9-_]{0,47}-[a-zA-Z0-9_]{10}/policy/[a-zA-Z][a-zA-Z0-9-_]{0,47}-[a-zA-Z0-9_]{10}

policyEngineId

The identifier of the policy engine from which the policy was deleted. This confirms the policy engine context for the deletion operation.

Type: String

Length Constraints: Minimum length of 12. Maximum length of 59.

Pattern: [A-Za-z][A-Za-z0-9_]*-[a-z0-9_]{10}

policyId

The unique identifier of the policy being deleted. This confirms which policy the deletion operation targets.

Type: String

Length Constraints: Minimum length of 12. Maximum length of 59.

Pattern: [A-Za-z][A-Za-z0-9_]*-[a-z0-9_]{10}

status

The status of the policy deletion operation. This provides information about any issues that occurred during the deletion process.

Type: String

Valid Values: CREATING | ACTIVE | UPDATING | DELETING | CREATE_FAILED | UPDATE_FAILED | DELETE_FAILED

statusReasons

Additional information about the deletion status. This provides details about the deletion process or any issues that may have occurred.

Type: Array of strings

updatedAt

The timestamp when the deleted policy was last modified before deletion. This tracks the final state of the policy before it was removed from the system.

Type: Timestamp

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

This exception is thrown when a request is denied per access permissions

HTTP Status Code: 403

ConflictException

This exception is thrown when there is a conflict performing an operation

HTTP Status Code: 409

InternalServerException

This exception is thrown if there was an unexpected error during processing of request

HTTP Status Code: 500

ResourceNotFoundException

This exception is thrown when a resource referenced by the operation does not exist

HTTP Status Code: 404

ThrottlingException

This exception is thrown when the number of requests exceeds the limit

HTTP Status Code: 429

ValidationException

The input fails to satisfy the constraints specified by the service.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: