ResourcePolicy
The ResourcePolicy resource lets you manage AWS Lex ResourcePolicys for your Lex bots, enabling you to control access to your resources through IAM policies.
Minimal Example
Section titled “Minimal Example”Create a basic resource policy for an AWS Lex bot with required properties.
import AWS from "alchemy/aws/control";
const lexResourcePolicy = await AWS.Lex.ResourcePolicy("myLexPolicy", { Policy: { Version: "2012-10-17", Statement: [ { Effect: "Allow", Principal: "*", Action: "lex:StartConversation", Resource: "arn:aws:lex:us-west-2:123456789012:bot:myBot:1" } ] }, ResourceArn: "arn:aws:lex:us-west-2:123456789012:bot:myBot:1", adopt: true});Advanced Configuration
Section titled “Advanced Configuration”Configure a resource policy with additional IAM policy statements for more granular access control.
const advancedLexResourcePolicy = await AWS.Lex.ResourcePolicy("advancedLexPolicy", { Policy: { Version: "2012-10-17", Statement: [ { Effect: "Allow", Principal: { AWS: "arn:aws:iam::123456789012:user/Alice" }, Action: [ "lex:StartConversation", "lex:RecognizeUtterance" ], Resource: "arn:aws:lex:us-west-2:123456789012:bot:myBot:1" }, { Effect: "Deny", Principal: "*", Action: "lex:DeleteBot", Resource: "arn:aws:lex:us-west-2:123456789012:bot:myBot:1" } ] }, ResourceArn: "arn:aws:lex:us-west-2:123456789012:bot:myBot:1"});Policy for Specific Actions
Section titled “Policy for Specific Actions”Demonstrate how to create a policy that allows only specific users to invoke certain actions on the Lex bot.
const userSpecificPolicy = await AWS.Lex.ResourcePolicy("userSpecificPolicy", { Policy: { Version: "2012-10-17", Statement: [ { Effect: "Allow", Principal: { AWS: "arn:aws:iam::123456789012:user/Bob" }, Action: "lex:StartConversation", Resource: "arn:aws:lex:us-west-2:123456789012:bot:myBot:1" } ] }, ResourceArn: "arn:aws:lex:us-west-2:123456789012:bot:myBot:1"});