:doc:`EntityResolution <../../entityresolution>` / Client / add_policy_statement

********************
add_policy_statement
********************



.. py:method:: EntityResolution.Client.add_policy_statement(**kwargs)

  

  Adds a policy statement object. To retrieve a list of existing policy statements, use the ``GetPolicy`` API.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/entityresolution-2018-05-10/AddPolicyStatement>`_  


  **Request Syntax**
  ::

    response = client.add_policy_statement(
        arn='string',
        statementId='string',
        effect='Allow'|'Deny',
        action=[
            'string',
        ],
        principal=[
            'string',
        ],
        condition='string'
    )
    
  :type arn: string
  :param arn: **[REQUIRED]** 

    The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

    

  
  :type statementId: string
  :param statementId: **[REQUIRED]** 

    A statement identifier that differentiates the statement from others in the same policy.

    

  
  :type effect: string
  :param effect: **[REQUIRED]** 

    Determines whether the permissions specified in the policy are to be allowed ( ``Allow``) or denied ( ``Deny``).

     

    .. warning::

       

      If you set the value of the ``effect`` parameter to ``Deny`` for the ``AddPolicyStatement`` operation, you must also set the value of the ``effect`` parameter in the ``policy`` to ``Deny`` for the ``PutPolicy`` operation.

      

    

  
  :type action: list
  :param action: **[REQUIRED]** 

    The action that the principal can use on the resource.

     

    For example, ``entityresolution:GetIdMappingJob``, ``entityresolution:GetMatchingJob``.

    

  
    - *(string) --* 

    

  :type principal: list
  :param principal: **[REQUIRED]** 

    The Amazon Web Services service or Amazon Web Services account that can access the resource defined as ARN.

    

  
    - *(string) --* 

    

  :type condition: string
  :param condition: 

    A set of condition keys that you can use in key policies.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'arn': 'string',
          'token': 'string',
          'policy': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **arn** *(string) --* 

        The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.

        
      

      - **token** *(string) --* 

        A unique identifier for the current revision of the policy.

        
      

      - **policy** *(string) --* 

        The resource-based policy.

        
  
  **Exceptions**
  
  *   :py:class:`EntityResolution.Client.exceptions.ThrottlingException`

  
  *   :py:class:`EntityResolution.Client.exceptions.InternalServerException`

  
  *   :py:class:`EntityResolution.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`EntityResolution.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`EntityResolution.Client.exceptions.ConflictException`

  
  *   :py:class:`EntityResolution.Client.exceptions.ValidationException`

  