BedrockAgentCoreControl / Client / list_policy_generations
list_policy_generations¶
- BedrockAgentCoreControl.Client.list_policy_generations(**kwargs)¶
Retrieves a list of policy generation requests within the AgentCore Policy system. This operation supports pagination and filtering to help track and manage AI-powered policy generation operations.
See also: AWS API Documentation
Request Syntax
response = client.list_policy_generations( nextToken='string', maxResults=123, policyEngineId='string' )
- Parameters:
nextToken (string) – A pagination token for retrieving additional policy generations when results are paginated.
maxResults (integer) – The maximum number of policy generations to return in a single response.
policyEngineId (string) –
[REQUIRED]
The identifier of the policy engine whose policy generations to retrieve.
- Return type:
dict
- Returns:
Response Syntax
{ 'policyGenerations': [ { 'policyEngineId': 'string', 'policyGenerationId': 'string', 'name': 'string', 'policyGenerationArn': 'string', 'resource': { 'arn': 'string' }, 'createdAt': datetime(2015, 1, 1), 'updatedAt': datetime(2015, 1, 1), 'status': 'GENERATING'|'GENERATED'|'GENERATE_FAILED'|'DELETE_FAILED', 'statusReasons': [ 'string', ], 'findings': 'string' }, ], 'nextToken': 'string' }
Response Structure
(dict) –
policyGenerations (list) –
An array of policy generation objects that match the specified criteria.
(dict) –
Represents a policy generation request within the AgentCore Policy system. Tracks the AI-powered conversion of natural language descriptions into Cedar policy statements, enabling users to author policies by describing authorization requirements in plain English. The generation process analyzes the natural language input along with the Gateway’s tool context and Cedar schema to produce one or more validated policy options. Each generation request tracks the status of the conversion process and maintains findings about the generated policies, including validation results and potential issues. Generated policy assets remain available for one week after successful generation, allowing time to review and create policies from the generated options.
policyEngineId (string) –
The identifier of the policy engine associated with this generation request.
policyGenerationId (string) –
The unique identifier for this policy generation request.
name (string) –
The customer-assigned name for this policy generation request.
policyGenerationArn (string) –
The ARN of this policy generation request.
resource (dict) –
The resource information associated with this policy generation.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
arn. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
arn (string) –
The Amazon Resource Name (ARN) of the resource. This globally unique identifier specifies the exact resource that policies will be evaluated against for access control decisions.
createdAt (datetime) –
The timestamp when this policy generation request was created.
updatedAt (datetime) –
The timestamp when this policy generation was last updated.
status (string) –
The current status of this policy generation request.
statusReasons (list) –
Additional information about the generation status.
(string) –
findings (string) –
Findings and insights from this policy generation process.
nextToken (string) –
A pagination token for retrieving additional policy generations if more results are available.
Exceptions
BedrockAgentCoreControl.Client.exceptions.AccessDeniedExceptionBedrockAgentCoreControl.Client.exceptions.ValidationExceptionBedrockAgentCoreControl.Client.exceptions.ResourceNotFoundExceptionBedrockAgentCoreControl.Client.exceptions.ThrottlingExceptionBedrockAgentCoreControl.Client.exceptions.InternalServerException