Skip to content

Update Policy

bedrockagentcorecontrol_update_policy R Documentation

Updates an existing policy within the AgentCore Policy system

Description

Updates an existing policy within the AgentCore Policy system. This operation allows modification of the policy description and definition while maintaining the policy's identity. The updated policy is validated against the Cedar schema before being applied. This is an asynchronous operation. Use the get_policy operation to poll the status field to track completion.

Usage

bedrockagentcorecontrol_update_policy(policyEngineId, policyId,
  description, definition, validationMode)

Arguments

policyEngineId

[required] The identifier of the policy engine that manages the policy to be updated. This ensures the policy is updated within the correct policy engine context.
policyId

[required] The unique identifier of the policy to be updated. This must be a valid policy ID that exists within the specified policy engine.
description

The new human-readable description for the policy. This optional field allows updating the policy's documentation while keeping the same policy logic.
definition

The new Cedar policy statement that defines the access control rules. This replaces the existing policy definition with new logic while maintaining the policy's identity.
validationMode

The validation mode for the policy update. Determines how Cedar analyzer validation results are handled during policy updates. FAIL_ON_ANY_FINDINGS runs the Cedar analyzer and fails the update if validation issues are detected, ensuring the policy conforms to the Cedar schema and tool context. IGNORE_ALL_FINDINGS runs the Cedar analyzer but allows updates despite validation warnings. Use FAIL_ON_ANY_FINDINGS to ensure policy correctness during updates, especially when modifying policy logic or conditions.

Value

A list with the following syntax:

list(
  policyId = "string",
  name = "string",
  policyEngineId = "string",
  createdAt = as.POSIXct(
    "2015-01-01"
  ),
  updatedAt = as.POSIXct(
    "2015-01-01"
  ),
  policyArn = "string",
  status = "CREATING"|"ACTIVE"|"UPDATING"|"DELETING"|"CREATE_FAILED"|"UPDATE_FAILED"|"DELETE_FAILED",
  definition = list(
    cedar = list(
      statement = "string"
    ),
    policyGeneration = list(
      policyGenerationId = "string",
      policyGenerationAssetId = "string"
    )
  ),
  description = "string",
  statusReasons = list(
    "string"
  )
)

Request syntax

svc$update_policy(
  policyEngineId = "string",
  policyId = "string",
  description = list(
    optionalValue = "string"
  ),
  definition = list(
    cedar = list(
      statement = "string"
    ),
    policyGeneration = list(
      policyGenerationId = "string",
      policyGenerationAssetId = "string"
    )
  ),
  validationMode = "FAIL_ON_ANY_FINDINGS"|"IGNORE_ALL_FINDINGS"
)