:doc:`IoTSiteWise <../../iotsitewise>` / Client / describe_access_policy

**********************
describe_access_policy
**********************



.. py:method:: IoTSiteWise.Client.describe_access_policy(**kwargs)

  

  Describes an access policy, which specifies an identity's access to an IoT SiteWise Monitor portal or project.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iotsitewise-2019-12-02/DescribeAccessPolicy>`_  


  **Request Syntax**
  ::

    response = client.describe_access_policy(
        accessPolicyId='string'
    )
    
  :type accessPolicyId: string
  :param accessPolicyId: **[REQUIRED]** 

    The ID of the access policy.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'accessPolicyId': 'string',
          'accessPolicyArn': 'string',
          'accessPolicyIdentity': {
              'user': {
                  'id': 'string'
              },
              'group': {
                  'id': 'string'
              },
              'iamUser': {
                  'arn': 'string'
              },
              'iamRole': {
                  'arn': 'string'
              }
          },
          'accessPolicyResource': {
              'portal': {
                  'id': 'string'
              },
              'project': {
                  'id': 'string'
              }
          },
          'accessPolicyPermission': 'ADMINISTRATOR'|'VIEWER',
          'accessPolicyCreationDate': datetime(2015, 1, 1),
          'accessPolicyLastUpdateDate': datetime(2015, 1, 1)
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **accessPolicyId** *(string) --* 

        The ID of the access policy.

        
      

      - **accessPolicyArn** *(string) --* 

        The `ARN <https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html>`__ of the access policy, which has the following format.

         

        ``arn:${Partition}:iotsitewise:${Region}:${Account}:access-policy/${AccessPolicyId}``

        
      

      - **accessPolicyIdentity** *(dict) --* 

        The identity (IAM Identity Center user, IAM Identity Center group, or IAM user) to which this access policy applies.

        
        

        - **user** *(dict) --* 

          An IAM Identity Center user identity.

          
          

          - **id** *(string) --* 

            The IAM Identity Center ID of the user.

            
      
        

        - **group** *(dict) --* 

          An IAM Identity Center group identity.

          
          

          - **id** *(string) --* 

            The IAM Identity Center ID of the group.

            
      
        

        - **iamUser** *(dict) --* 

          An IAM user identity.

          
          

          - **arn** *(string) --* 

            The ARN of the IAM user. For more information, see `IAM ARNs <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html>`__ in the *IAM User Guide*.

             

            .. note::

              

              If you delete the IAM user, access policies that contain this identity include an empty ``arn``. You can delete the access policy for the IAM user that no longer exists.

              

            
      
        

        - **iamRole** *(dict) --* 

          An IAM role identity.

          
          

          - **arn** *(string) --* 

            The ARN of the IAM role. For more information, see `IAM ARNs <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html>`__ in the *IAM User Guide*.

            
      
    
      

      - **accessPolicyResource** *(dict) --* 

        The IoT SiteWise Monitor resource (portal or project) to which this access policy provides access.

        
        

        - **portal** *(dict) --* 

          A portal resource.

          
          

          - **id** *(string) --* 

            The ID of the portal.

            
      
        

        - **project** *(dict) --* 

          A project resource.

          
          

          - **id** *(string) --* 

            The ID of the project.

            
      
    
      

      - **accessPolicyPermission** *(string) --* 

        The access policy permission. Note that a project ``ADMINISTRATOR`` is also known as a project owner.

        
      

      - **accessPolicyCreationDate** *(datetime) --* 

        The date the access policy was created, in Unix epoch time.

        
      

      - **accessPolicyLastUpdateDate** *(datetime) --* 

        The date the access policy was last updated, in Unix epoch time.

        
  
  **Exceptions**
  
  *   :py:class:`IoTSiteWise.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`IoTSiteWise.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`IoTSiteWise.Client.exceptions.InternalFailureException`

  
  *   :py:class:`IoTSiteWise.Client.exceptions.ThrottlingException`

  