updatePolicy method

Future<UpdatePolicyResponse> updatePolicy({
  1. required String policyEngineId,
  2. required String policyId,
  3. PolicyDefinition? definition,
  4. UpdatedDescription? description,
  5. PolicyValidationMode? validationMode,
})

Updates an existing policy within the AgentCore Policy system. This operation allows modification of the policy description and definition while maintaining the policy's identity. The updated policy is validated against the Cedar schema before being applied. This is an asynchronous operation. Use the GetPolicy operation to poll the status field to track completion.

May throw AccessDeniedException. May throw ConflictException. May throw InternalServerException. May throw ResourceNotFoundException. May throw ThrottlingException. May throw ValidationException.

Parameter policyEngineId : The identifier of the policy engine that manages the policy to be updated. This ensures the policy is updated within the correct policy engine context.

Parameter policyId : The unique identifier of the policy to be updated. This must be a valid policy ID that exists within the specified policy engine.

Parameter definition : The new Cedar policy statement that defines the access control rules. This replaces the existing policy definition with new logic while maintaining the policy's identity.

Parameter description : The new human-readable description for the policy. This optional field allows updating the policy's documentation while keeping the same policy logic.

Parameter validationMode : The validation mode for the policy update. Determines how Cedar analyzer validation results are handled during policy updates. FAIL_ON_ANY_FINDINGS runs the Cedar analyzer and fails the update if validation issues are detected, ensuring the policy conforms to the Cedar schema and tool context. IGNORE_ALL_FINDINGS runs the Cedar analyzer but allows updates despite validation warnings. Use FAIL_ON_ANY_FINDINGS to ensure policy correctness during updates, especially when modifying policy logic or conditions.

Implementation

Future<UpdatePolicyResponse> updatePolicy({
  required String policyEngineId,
  required String policyId,
  PolicyDefinition? definition,
  UpdatedDescription? description,
  PolicyValidationMode? validationMode,
}) async {
  final $payload = <String, dynamic>{
    if (definition != null) 'definition': definition,
    if (description != null) 'description': description,
    if (validationMode != null) 'validationMode': validationMode.value,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'PATCH',
    requestUri:
        '/policy-engines/${Uri.encodeComponent(policyEngineId)}/policies/${Uri.encodeComponent(policyId)}',
    exceptionFnMap: _exceptionFns,
  );
  return UpdatePolicyResponse.fromJson(response);
}