VerifiedPermissions / Client / update_policy_store

update_policy_store

VerifiedPermissions.Client.update_policy_store(**kwargs)

Modifies the validation setting for a policy store.

Note

Verified Permissions is eventually consistent . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

See also: AWS API Documentation

Request Syntax

response = client.update_policy_store(
    policyStoreId='string',
    validationSettings={
        'mode': 'OFF'|'STRICT'
    },
    description='string'
)

Parameters:

• policyStoreId (string) –

  [REQUIRED]

  Specifies the ID of the policy store that you want to update

• validationSettings (dict) –

  [REQUIRED]

  A structure that defines the validation settings that want to enable for the policy store.

  • mode (string) – [REQUIRED]

    The validation mode currently configured for this policy store. The valid values are:

    • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.

    • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn’t store them in the policy store.

    Warning

    If Mode=STRICT and the policy store doesn’t contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

    To submit a static policy or policy template without a schema, you must turn off validation.

• description (string) – Descriptive text that you can provide to help with identification of the current policy store.

Return type:

dict

Returns:

Response Syntax

{
    'policyStoreId': 'string',
    'arn': 'string',
    'createdDate': datetime(2015, 1, 1),
    'lastUpdatedDate': datetime(2015, 1, 1)
}

Response Structure

• (dict) –

  • policyStoreId (string) –

    The ID of the updated policy store.

  • arn (string) –

    The Amazon Resource Name (ARN) of the updated policy store.

  • createdDate (datetime) –

    The date and time that the policy store was originally created.

  • lastUpdatedDate (datetime) –

    The date and time that the policy store was most recently updated.

Exceptions

• VerifiedPermissions.Client.exceptions.ValidationException

• VerifiedPermissions.Client.exceptions.ConflictException

• VerifiedPermissions.Client.exceptions.AccessDeniedException

• VerifiedPermissions.Client.exceptions.ResourceNotFoundException

• VerifiedPermissions.Client.exceptions.ThrottlingException

• VerifiedPermissions.Client.exceptions.InternalServerException