:doc:`BedrockAgentCoreControl <../../bedrock-agentcore-control>` / Client / list_policy_generation_assets

*****************************
list_policy_generation_assets
*****************************



.. py:method:: BedrockAgentCoreControl.Client.list_policy_generation_assets(**kwargs)

  

  Retrieves a list of generated policy assets from a policy generation request within the AgentCore Policy system. This operation returns the actual Cedar policies and related artifacts produced by the AI-powered policy generation process, allowing users to review and select from multiple generated policy options.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/ListPolicyGenerationAssets>`_  


  **Request Syntax**
  ::

    response = client.list_policy_generation_assets(
        policyGenerationId='string',
        policyEngineId='string',
        nextToken='string',
        maxResults=123
    )
    
  :type policyGenerationId: string
  :param policyGenerationId: **[REQUIRED]** 

    The unique identifier of the policy generation request whose assets are to be retrieved. This must be a valid generation ID from a previous `StartPolicyGeneration <https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_StartPolicyGeneration.html>`__ call that has completed processing.

    

  
  :type policyEngineId: string
  :param policyEngineId: **[REQUIRED]** 

    The unique identifier of the policy engine associated with the policy generation request. This provides the context for the generation operation and ensures assets are retrieved from the correct policy engine.

    

  
  :type nextToken: string
  :param nextToken: 

    A pagination token returned from a previous `ListPolicyGenerationAssets <https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_ListPolicyGenerationAssets.html>`__ call. Use this token to retrieve the next page of assets when the response is paginated due to large numbers of generated policy options.

    

  
  :type maxResults: integer
  :param maxResults: 

    The maximum number of policy generation assets to return in a single response. If not specified, the default is 10 assets per page, with a maximum of 100 per page. This helps control response size when dealing with policy generations that produce many alternative policy options.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'policyGenerationAssets': [
              {
                  'policyGenerationAssetId': 'string',
                  'definition': {
                      'cedar': {
                          'statement': 'string'
                      }
                  },
                  'rawTextFragment': 'string',
                  'findings': [
                      {
                          'type': 'VALID'|'INVALID'|'NOT_TRANSLATABLE'|'ALLOW_ALL'|'ALLOW_NONE'|'DENY_ALL'|'DENY_NONE',
                          'description': 'string'
                      },
                  ]
              },
          ],
          'nextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **policyGenerationAssets** *(list) --* 

        An array of generated policy assets including Cedar policies and related artifacts from the AI-powered policy generation process. Each asset represents a different policy option or variation generated from the original natural language input.

        
        

        - *(dict) --* 

          Represents a generated policy asset from the AI-powered policy generation process within the AgentCore Policy system. Each asset contains a Cedar policy statement generated from natural language input, along with associated metadata and analysis findings to help users evaluate and select the most appropriate policy option.

          
          

          - **policyGenerationAssetId** *(string) --* 

            The unique identifier for this generated policy asset within the policy generation request. This ID can be used to reference specific generated policy options when creating actual policies from the generation results.

            
          

          - **definition** *(dict) --* 

            Represents the definition structure for policies within the AgentCore Policy system. This structure encapsulates different policy formats and languages that can be used to define access control rules.

            .. note::    This is a Tagged Union structure. Only one of the     following top level keys will be set: ``cedar``.     If a client receives an unknown member it will     set ``SDK_UNKNOWN_MEMBER`` as the top level key,     which maps to the name or tag of the unknown     member. The structure of ``SDK_UNKNOWN_MEMBER`` is     as follows::

                        'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}


          
            

            - **cedar** *(dict) --* 

              The Cedar policy definition within the policy definition structure. This contains the Cedar policy statement that defines the authorization logic using Cedar's human-readable, analyzable policy language. Cedar policies specify principals (who can access), actions (what operations are allowed), resources (what can be accessed), and optional conditions for fine-grained control. Cedar provides a formal policy language designed for authorization with deterministic evaluation, making policies testable, reviewable, and auditable. All Cedar policies follow a default-deny model where actions are denied unless explicitly permitted, and forbid policies always override permit policies.

              
              

              - **statement** *(string) --* 

                The Cedar policy statement that defines the authorization logic. This statement follows Cedar syntax and specifies principals, actions, resources, and conditions that determine when access should be allowed or denied.

                
          
        
          

          - **rawTextFragment** *(string) --* 

            The portion of the original natural language input that this generated policy asset addresses. This helps users understand which part of their policy description was translated into this specific Cedar policy statement, enabling better policy selection and refinement. When a single natural language input describes multiple authorization requirements, the generation process creates separate policy assets for each requirement, with each asset's rawTextFragment showing which requirement it addresses. Use this mapping to verify that all parts of your natural language input were correctly translated into Cedar policies.

            
          

          - **findings** *(list) --* 

            Analysis findings and insights related to this specific generated policy asset. These findings may include validation results, potential issues, or recommendations for improvement to help users evaluate the quality and appropriateness of the generated policy.

            
            

            - *(dict) --* 

              Represents a finding or issue discovered during policy generation or validation. Findings provide insights about potential problems, recommendations, or validation results from policy analysis operations. Finding types include: VALID (policy is ready to use), INVALID (policy has validation errors that must be fixed), NOT_TRANSLATABLE (input couldn't be converted to policy), ALLOW_ALL (policy would allow all actions, potential security risk), ALLOW_NONE (policy would allow no actions, unusable), DENY_ALL (policy would deny all actions, may be too restrictive), and DENY_NONE (policy would deny no actions, ineffective). Review all findings before creating policies from generated assets to ensure they match your security requirements.

              
              

              - **type** *(string) --* 

                The type or category of the finding. This classifies the finding as an error, warning, recommendation, or informational message to help users understand the severity and nature of the issue.

                
              

              - **description** *(string) --* 

                A human-readable description of the finding. This provides detailed information about the issue, recommendation, or validation result to help users understand and address the finding.

                
          
        
      
    
      

      - **nextToken** *(string) --* 

        A pagination token that can be used in subsequent `ListPolicyGenerationAssets <https://docs.aws.amazon.com/bedrock-agentcore-control/latest/APIReference/API_ListPolicyGenerationAssets.html>`__ calls to retrieve additional assets. This token is only present when there are more generated policy assets available beyond the current response.

        
  
  **Exceptions**
  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ValidationException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.ThrottlingException`

  
  *   :py:class:`BedrockAgentCoreControl.Client.exceptions.InternalServerException`

  