BedrockAgentCoreControl / Client / get_policy_generation
get_policy_generation¶
- BedrockAgentCoreControl.Client.get_policy_generation(**kwargs)¶
Retrieves information about a policy generation request within the AgentCore Policy system. Policy generation converts natural language descriptions into Cedar policy statements using AI-powered translation, enabling non-technical users to create policies.
See also: AWS API Documentation
Request Syntax
response = client.get_policy_generation( policyGenerationId='string', policyEngineId='string' )
- Parameters:
policyGenerationId (string) –
[REQUIRED]
The unique identifier of the policy generation request to be retrieved. This must be a valid generation ID from a previous StartPolicyGeneration call.
policyEngineId (string) –
[REQUIRED]
The identifier of the policy engine associated with the policy generation request. This provides the context for the generation operation and schema validation.
- Return type:
dict
- Returns:
Response Syntax
{ 'policyEngineId': 'string', 'policyGenerationId': 'string', 'name': 'string', 'policyGenerationArn': 'string', 'resource': { 'arn': 'string' }, 'createdAt': datetime(2015, 1, 1), 'updatedAt': datetime(2015, 1, 1), 'status': 'GENERATING'|'GENERATED'|'GENERATE_FAILED'|'DELETE_FAILED', 'statusReasons': [ 'string', ], 'findings': 'string' }
Response Structure
(dict) –
policyEngineId (string) –
The identifier of the policy engine associated with this policy generation. This confirms the policy engine context for the generation operation.
policyGenerationId (string) –
The unique identifier of the policy generation request. This matches the generation ID provided in the request and serves as the tracking identifier.
name (string) –
The customer-assigned name for the policy generation request. This helps identify and track generation operations across multiple requests.
policyGenerationArn (string) –
The Amazon Resource Name (ARN) of the policy generation. This globally unique identifier can be used for tracking, auditing, and cross-service references.
resource (dict) –
The resource information associated with the policy generation. This provides context about the target resources for which the policies are being generated.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
arn. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
arn (string) –
The Amazon Resource Name (ARN) of the resource. This globally unique identifier specifies the exact resource that policies will be evaluated against for access control decisions.
createdAt (datetime) –
The timestamp when the policy generation request was created. This is used for tracking and auditing generation operations and their lifecycle.
updatedAt (datetime) –
The timestamp when the policy generation was last updated. This tracks the progress of the generation process and any status changes.
status (string) –
The current status of the policy generation. This indicates whether the generation is in progress, completed successfully, or failed during processing.
statusReasons (list) –
Additional information about the generation status. This provides details about any failures, warnings, or the current state of the generation process.
(string) –
findings (string) –
The findings and results from the policy generation process. This includes any issues, recommendations, validation results, or insights from the generated policies.
Exceptions
BedrockAgentCoreControl.Client.exceptions.AccessDeniedExceptionBedrockAgentCoreControl.Client.exceptions.ValidationExceptionBedrockAgentCoreControl.Client.exceptions.ResourceNotFoundExceptionBedrockAgentCoreControl.Client.exceptions.ThrottlingExceptionBedrockAgentCoreControl.Client.exceptions.InternalServerException