createResourcePolicyStatement method

Future<CreateResourcePolicyStatementResponse> createResourcePolicyStatement({
  1. required List<String> action,
  2. required Effect effect,
  3. required List<Principal> principal,
  4. required String resourceArn,
  5. required String statementId,
  6. Map<String, Map<String, String>>? condition,
  7. String? expectedRevisionId,
})

Adds a new resource policy statement to a bot or bot alias. If a resource policy exists, the statement is added to the current resource policy. If a policy doesn't exist, a new policy is created.

You can't create a resource policy statement that allows cross-account access.

You need to add the CreateResourcePolicy or UpdateResourcePolicy action to the bot role in order to call the API.

May throw ConflictException. May throw InternalServerException. May throw PreconditionFailedException. May throw ResourceNotFoundException. May throw ServiceQuotaExceededException. May throw ThrottlingException. May throw ValidationException.

Parameter action : The Amazon Lex action that this policy either allows or denies. The action must apply to the resource type of the specified ARN. For more information, see Actions, resources, and condition keys for Amazon Lex V2.

Parameter effect : Determines whether the statement allows or denies access to the resource.

Parameter principal : An IAM principal, such as an IAM user, IAM role, or Amazon Web Services services that is allowed or denied access to a resource. For more information, see Amazon Web Services JSON policy elements: Principal.

Parameter resourceArn : The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.

Parameter statementId : The name of the statement. The ID is the same as the Sid IAM property. The statement name must be unique within the policy. For more information, see IAM JSON policy elements: Sid.

Parameter condition : Specifies a condition when the policy is in effect. If the principal of the policy is a service principal, you must provide two condition blocks, one with a SourceAccount global condition key and one with a SourceArn global condition key.

For more information, see IAM JSON policy elements: Condition .

Parameter expectedRevisionId : The identifier of the revision of the policy to edit. If this revision ID doesn't match the current revision ID, Amazon Lex throws an exception.

If you don't specify a revision, Amazon Lex overwrites the contents of the policy with the new values.

Implementation

Future<CreateResourcePolicyStatementResponse> createResourcePolicyStatement({
  required List<String> action,
  required Effect effect,
  required List<Principal> principal,
  required String resourceArn,
  required String statementId,
  Map<String, Map<String, String>>? condition,
  String? expectedRevisionId,
}) async {
  final $query = <String, List<String>>{
    if (expectedRevisionId != null)
      'expectedRevisionId': [expectedRevisionId],
  };
  final $payload = <String, dynamic>{
    'action': action,
    'effect': effect.value,
    'principal': principal,
    'statementId': statementId,
    if (condition != null) 'condition': condition,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'POST',
    requestUri: '/policy/${Uri.encodeComponent(resourceArn)}/statements',
    queryParams: $query,
    exceptionFnMap: _exceptionFns,
  );
  return CreateResourcePolicyStatementResponse.fromJson(response);
}