Skip to content

Put Resource Policy

cloudhsmv2_put_resource_policy R Documentation

Creates or updates an CloudHSM resource policy

Description

Creates or updates an CloudHSM resource policy. A resource policy helps you to define the IAM entity (for example, an Amazon Web Services account) that can manage your CloudHSM resources. The following resources support CloudHSM resource policies:

  • Backup - The resource policy allows you to describe the backup and restore a cluster from the backup in another Amazon Web Services account.

In order to share a backup, it must be in a 'READY' state and you must own it.

While you can share a backup using the CloudHSM PutResourcePolicy operation, we recommend using Resource Access Manager (RAM) instead. Using RAM provides multiple benefits as it creates the policy for you, allows multiple resources to be shared at one time, and increases the discoverability of shared resources. If you use PutResourcePolicy and want consumers to be able to describe the backups you share with them, you must promote the backup to a standard RAM Resource Share using the RAM PromoteResourceShareCreatedFromPolicy API operation. For more information, see Working with shared backups in the CloudHSM User Guide

Cross-account use: No. You cannot perform this operation on an CloudHSM resource in a different Amazon Web Services account.

Usage

cloudhsmv2_put_resource_policy(ResourceArn, Policy)

Arguments

ResourceArn

Amazon Resource Name (ARN) of the resource to which you want to attach a policy.

Policy

The policy you want to associate with a resource.

For an example policy, see Working with shared backups in the CloudHSM User Guide

Value

A list with the following syntax:

list(
  ResourceArn = "string",
  Policy = "string"
)

Request syntax

svc$put_resource_policy(
  ResourceArn = "string",
  Policy = "string"
)