AWS X-Ray

2022/11/16 - AWS X-Ray - 3 new api methods

Changes  This release adds new APIs - PutResourcePolicy, DeleteResourcePolicy, ListResourcePolicies for supporting resource based policies for AWS X-Ray.

PutResourcePolicy (new) Link ¶

Sets the resource policy to grant one or more Amazon Web Services services and accounts permissions to access X-Ray. Each resource policy will be associated with a specific Amazon Web Services account. Each Amazon Web Services account can have a maximum of 5 resource policies, and each policy name must be unique within that account. The maximum size of each resource policy is 5KB.

See also: AWS API Documentation

Request Syntax

client.put_resource_policy(
    PolicyName='string',
    PolicyDocument='string',
    PolicyRevisionId='string',
    BypassPolicyLockoutCheck=True|False
)
type PolicyName

string

param PolicyName

[REQUIRED]

The name of the resource policy. Must be unique within a specific Amazon Web Services account.

type PolicyDocument

string

param PolicyDocument

[REQUIRED]

The resource policy document, which can be up to 5kb in size.

type PolicyRevisionId

string

param PolicyRevisionId

Specifies a specific policy revision, to ensure an atomic create operation. By default the resource policy is created if it does not exist, or updated with an incremented revision id. The revision id is unique to each policy in the account.

If the policy revision id does not match the latest revision id, the operation will fail with an InvalidPolicyRevisionIdException exception. You can also provide a PolicyRevisionId of 0. In this case, the operation will fail with an InvalidPolicyRevisionIdException exception if a resource policy with the same name already exists.

type BypassPolicyLockoutCheck

boolean

param BypassPolicyLockoutCheck

A flag to indicate whether to bypass the resource policy lockout safety check.

Warning

Setting this value to true increases the risk that the policy becomes unmanageable. Do not set this value to true indiscriminately.

Use this parameter only when you include a policy in the request and you intend to prevent the principal that is making the request from making a subsequent PutResourcePolicy request.

The default value is false.

rtype

dict

returns

Response Syntax

{
    'ResourcePolicy': {
        'PolicyName': 'string',
        'PolicyDocument': 'string',
        'PolicyRevisionId': 'string',
        'LastUpdatedTime': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    • ResourcePolicy (dict) --

      The resource policy document, as provided in the PutResourcePolicyRequest .

      • PolicyName (string) --

        The name of the resource policy. Must be unique within a specific Amazon Web Services account.

      • PolicyDocument (string) --

        The resource policy document, which can be up to 5kb in size.

      • PolicyRevisionId (string) --

        Returns the current policy revision id for this policy name.

      • LastUpdatedTime (datetime) --

        When the policy was last updated, in Unix time seconds.

DeleteResourcePolicy (new) Link ¶

Deletes a resource policy from the target Amazon Web Services account.

See also: AWS API Documentation

Request Syntax

client.delete_resource_policy(
    PolicyName='string',
    PolicyRevisionId='string'
)
type PolicyName

string

param PolicyName

[REQUIRED]

The name of the resource policy to delete.

type PolicyRevisionId

string

param PolicyRevisionId

Specifies a specific policy revision to delete. Provide a PolicyRevisionId to ensure an atomic delete operation. If the provided revision id does not match the latest policy revision id, an InvalidPolicyRevisionIdException exception is returned.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

ListResourcePolicies (new) Link ¶

Returns the list of resource policies in the target Amazon Web Services account.

See also: AWS API Documentation

Request Syntax

client.list_resource_policies(
    NextToken='string'
)
type NextToken

string

param NextToken

Not currently supported.

rtype

dict

returns

Response Syntax

{
    'ResourcePolicies': [
        {
            'PolicyName': 'string',
            'PolicyDocument': 'string',
            'PolicyRevisionId': 'string',
            'LastUpdatedTime': datetime(2015, 1, 1)
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • ResourcePolicies (list) --

      The list of resource policies in the target Amazon Web Services account.

      • (dict) --

        A resource policy grants one or more Amazon Web Services services and accounts permissions to access X-Ray. Each resource policy is associated with a specific Amazon Web Services account.

        • PolicyName (string) --

          The name of the resource policy. Must be unique within a specific Amazon Web Services account.

        • PolicyDocument (string) --

          The resource policy document, which can be up to 5kb in size.

        • PolicyRevisionId (string) --

          Returns the current policy revision id for this policy name.

        • LastUpdatedTime (datetime) --

          When the policy was last updated, in Unix time seconds.

    • NextToken (string) --

      Pagination token. Not currently supported.