AWS::EntityResolution::PolicyStatement

Adds a policy statement object. To retrieve a list of existing policy statements, use the GetPolicy API.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::EntityResolution::PolicyStatement",
  "Properties" : {
      "Action" : [ String, ... ],
      "Arn" : String,
      "Condition" : String,
      "Effect" : String,
      "Principal" : [ String, ... ],
      "StatementId" : String
    }
}

YAML


Type: AWS::EntityResolution::PolicyStatement
Properties:
  Action: 
    - String
  Arn: String
  Condition: String
  Effect: String
  Principal: 
    - String
  StatementId: String

Properties

Action

The action that the principal can use on the resource.

For example, entityresolution:GetIdMappingJob, entityresolution:GetMatchingJob.

Required: No

Type: Array of String

Update requires: No interruption

Arn

The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

Required: Yes

Type: String

Pattern: ^arn:(aws|aws-us-gov|aws-cn):entityresolution:[a-z]{2}-[a-z]{1,10}-[0-9]:[0-9]{12}:((schemamapping|matchingworkflow|idmappingworkflow|idnamespace)/[a-zA-Z_0-9-]{1,255})$

Update requires: Replacement

Condition

A set of condition keys that you can use in key policies.

Required: No

Type: String

Minimum: 1

Maximum: 40960

Update requires: No interruption

Effect

Determines whether the permissions specified in the policy are to be allowed (Allow) or denied (Deny).

Important

If you set the value of the effect parameter to Deny for the AddPolicyStatement operation, you must also set the value of the effect parameter in the policy to Deny for the PutPolicy operation.

Required: No

Type: String

Allowed values: Allow | Deny

Update requires: No interruption

Principal

The AWS service or AWS account that can access the resource defined as ARN.

Required: No

Type: Array of String

Update requires: No interruption

StatementId

A statement identifier that differentiates the statement from others in the same policy.

Required: Yes

Type: String

Pattern: ^[0-9A-Za-z]+$

Minimum: 1

Maximum: 64

Update requires: Replacement

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Tag

AWS::EntityResolution::SchemaMapping