AWS::IoTSiteWise::AccessPolicy - Amazon CloudFormation
SyntaxPropertiesReturn values
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::IoTSiteWise::AccessPolicy

Creates an access policy that grants the specified identity (IAM Identity Center user, IAM Identity Center group, or IAM user) access to the specified Amazon IoT SiteWise Monitor portal or project resource.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::IoTSiteWise::AccessPolicy",
  "Properties" : {
      "AccessPolicyIdentity" : AccessPolicyIdentity,
      "AccessPolicyPermission" : String,
      "AccessPolicyResource" : AccessPolicyResource
    }
}

YAML

Type: AWS::IoTSiteWise::AccessPolicy
Properties: 
  AccessPolicyIdentity: 
    AccessPolicyIdentity
  AccessPolicyPermission: String
  AccessPolicyResource: 
    AccessPolicyResource

Properties

AccessPolicyIdentity

The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.

Required: Yes

Type: AccessPolicyIdentity

Update requires: No interruption

AccessPolicyPermission

The permission level for this access policy. Choose either a ADMINISTRATOR or VIEWER. Note that a project ADMINISTRATOR is also known as a project owner.

Required: Yes

Type: String

Update requires: No interruption

AccessPolicyResource

The Amazon IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.

Required: Yes

Type: AccessPolicyResource

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the AccessPolicyId.

Fn::GetAtt

The Fn::GetAttintrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAttintrinsic function, see Fn::GetAtt.

AccessPolicyArn

The ARN of the access policy, which has the following format.

arn:${Partition}:iotsitewise:${Region}:${Account}:access-policy/${AccessPolicyId}

For more information about using the Reffunction, see Ref.

AccessPolicyId

The ID of the access policy.

For more information about using the Reffunction, see Ref.