1// Code generated by smithy-go-codegen DO NOT EDIT.
2
3package eventbridge
4
5import (
6	"context"
7	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
8	"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
9	"github.com/aws/aws-sdk-go-v2/service/eventbridge/types"
10	"github.com/aws/smithy-go/middleware"
11	smithyhttp "github.com/aws/smithy-go/transport/http"
12)
13
14// Running PutPermission permits the specified AWS account or AWS organization to
15// put events to the specified event bus. Amazon EventBridge (CloudWatch Events)
16// rules in your account are triggered by these events arriving to an event bus in
17// your account. For another account to send events to your account, that external
18// account must have an EventBridge rule with your account's event bus as a target.
19// To enable multiple AWS accounts to put events to your event bus, run
20// PutPermission once for each of these accounts. Or, if all the accounts are
21// members of the same AWS organization, you can run PutPermission once specifying
22// Principal as "*" and specifying the AWS organization ID in Condition, to grant
23// permissions to all accounts in that organization. If you grant permissions using
24// an organization, then accounts in that organization must specify a RoleArn with
25// proper permissions when they use PutTarget to add your account's event bus as a
26// target. For more information, see Sending and Receiving Events Between AWS
27// Accounts
28// (https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html)
29// in the Amazon EventBridge User Guide. The permission policy on the default event
30// bus cannot exceed 10 KB in size.
31func (c *Client) PutPermission(ctx context.Context, params *PutPermissionInput, optFns ...func(*Options)) (*PutPermissionOutput, error) {
32	if params == nil {
33		params = &PutPermissionInput{}
34	}
35
36	result, metadata, err := c.invokeOperation(ctx, "PutPermission", params, optFns, addOperationPutPermissionMiddlewares)
37	if err != nil {
38		return nil, err
39	}
40
41	out := result.(*PutPermissionOutput)
42	out.ResultMetadata = metadata
43	return out, nil
44}
45
46type PutPermissionInput struct {
47
48	// The action that you are enabling the other account to perform. Currently, this
49	// must be events:PutEvents.
50	Action *string
51
52	// This parameter enables you to limit the permission to accounts that fulfill a
53	// certain condition, such as being a member of a certain AWS organization. For
54	// more information about AWS Organizations, see What Is AWS Organizations
55	// (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html)
56	// in the AWS Organizations User Guide. If you specify Condition with an AWS
57	// organization ID, and specify "*" as the value for Principal, you grant
58	// permission to all the accounts in the named organization. The Condition is a
59	// JSON string which must contain Type, Key, and Value fields.
60	Condition *types.Condition
61
62	// The name of the event bus associated with the rule. If you omit this, the
63	// default event bus is used.
64	EventBusName *string
65
66	// A JSON string that describes the permission policy statement. You can include a
67	// Policy parameter in the request instead of using the StatementId, Action,
68	// Principal, or Condition parameters.
69	Policy *string
70
71	// The 12-digit AWS account ID that you are permitting to put events to your
72	// default event bus. Specify "*" to permit any account to put events to your
73	// default event bus. If you specify "*" without specifying Condition, avoid
74	// creating rules that may match undesirable events. To create more secure rules,
75	// make sure that the event pattern for each rule contains an account field with a
76	// specific account ID from which to receive events. Rules with an account field do
77	// not match any events sent from other accounts.
78	Principal *string
79
80	// An identifier string for the external account that you are granting permissions
81	// to. If you later want to revoke the permission for this external account,
82	// specify this StatementId when you run RemovePermission.
83	StatementId *string
84}
85
86type PutPermissionOutput struct {
87	// Metadata pertaining to the operation's result.
88	ResultMetadata middleware.Metadata
89}
90
91func addOperationPutPermissionMiddlewares(stack *middleware.Stack, options Options) (err error) {
92	err = stack.Serialize.Add(&awsAwsjson11_serializeOpPutPermission{}, middleware.After)
93	if err != nil {
94		return err
95	}
96	err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpPutPermission{}, middleware.After)
97	if err != nil {
98		return err
99	}
100	if err = addSetLoggerMiddleware(stack, options); err != nil {
101		return err
102	}
103	if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
104		return err
105	}
106	if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
107		return err
108	}
109	if err = addResolveEndpointMiddleware(stack, options); err != nil {
110		return err
111	}
112	if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
113		return err
114	}
115	if err = addRetryMiddlewares(stack, options); err != nil {
116		return err
117	}
118	if err = addHTTPSignerV4Middleware(stack, options); err != nil {
119		return err
120	}
121	if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
122		return err
123	}
124	if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
125		return err
126	}
127	if err = addClientUserAgent(stack); err != nil {
128		return err
129	}
130	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
131		return err
132	}
133	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
134		return err
135	}
136	if err = addOpPutPermissionValidationMiddleware(stack); err != nil {
137		return err
138	}
139	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutPermission(options.Region), middleware.Before); err != nil {
140		return err
141	}
142	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
143		return err
144	}
145	if err = addResponseErrorMiddleware(stack); err != nil {
146		return err
147	}
148	if err = addRequestResponseLogging(stack, options); err != nil {
149		return err
150	}
151	return nil
152}
153
154func newServiceMetadataMiddleware_opPutPermission(region string) *awsmiddleware.RegisterServiceMetadata {
155	return &awsmiddleware.RegisterServiceMetadata{
156		Region:        region,
157		ServiceID:     ServiceID,
158		SigningName:   "events",
159		OperationName: "PutPermission",
160	}
161}
162