:doc:`QBusiness <../../qbusiness>` / Client / associate_permission

********************
associate_permission
********************



.. py:method:: QBusiness.Client.associate_permission(**kwargs)

  

  Adds or updates a permission policy for a Amazon Q Business application, allowing cross-account access for an ISV. This operation creates a new policy statement for the specified Amazon Q Business application. The policy statement defines the IAM actions that the ISV is allowed to perform on the Amazon Q Business application's resources.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/AssociatePermission>`_  


  **Request Syntax**
  ::

    response = client.associate_permission(
        applicationId='string',
        statementId='string',
        actions=[
            'string',
        ],
        conditions=[
            {
                'conditionOperator': 'StringEquals',
                'conditionKey': 'string',
                'conditionValues': [
                    'string',
                ]
            },
        ],
        principal='string'
    )
    
  :type applicationId: string
  :param applicationId: **[REQUIRED]** 

    The unique identifier of the Amazon Q Business application.

    

  
  :type statementId: string
  :param statementId: **[REQUIRED]** 

    A unique identifier for the policy statement.

    

  
  :type actions: list
  :param actions: **[REQUIRED]** 

    The list of Amazon Q Business actions that the ISV is allowed to perform.

    

  
    - *(string) --* 

    

  :type conditions: list
  :param conditions: 

    The conditions that restrict when the permission is effective. These conditions can be used to limit the permission based on specific attributes of the request.

    

  
    - *(dict) --* 

      Defines a condition that restricts when a permission is effective. Conditions allow you to control access based on specific attributes of the request.

      

    
      - **conditionOperator** *(string) --* **[REQUIRED]** 

        The operator to use for the condition evaluation. This determines how the condition values are compared.

        

      
      - **conditionKey** *(string) --* **[REQUIRED]** 

        The key for the condition. This identifies the attribute that the condition applies to.

        

      
      - **conditionValues** *(list) --* **[REQUIRED]** 

        The values to compare against using the specified condition operator.

        

      
        - *(string) --* 

        
    
    

  :type principal: string
  :param principal: **[REQUIRED]** 

    The Amazon Resource Name of the IAM role for the ISV that is being granted permission.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'statement': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **statement** *(string) --* 

        The JSON representation of the added permission statement.

        
  
  **Exceptions**
  
  *   :py:class:`QBusiness.Client.exceptions.InternalServerException`

  
  *   :py:class:`QBusiness.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`QBusiness.Client.exceptions.ConflictException`

  
  *   :py:class:`QBusiness.Client.exceptions.ThrottlingException`

  
  *   :py:class:`QBusiness.Client.exceptions.ValidationException`

  
  *   :py:class:`QBusiness.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`QBusiness.Client.exceptions.ServiceQuotaExceededException`

  