When you attach a resource-based policy to a resource, RAM automatically creates a resource share of featureSet=CREATED_FROM_POLICY with a managed permission that has the same IAM permissions as the original resource-based policy. However, this type of managed permission is visible to only the resource share owner, and the associated resource share can't be modified by using RAM.
See https://www.paws-r-sdk.com/docs/ram_promote_permission_created_from_policy/ for full documentation.
ram_promote_permission_created_from_policy(
permissionArn,
name,
clientToken = NULL
)[required] Specifies the Amazon Resource Name (ARN)
of the CREATED_FROM_POLICY permission that you want to promote. You
can get this Amazon Resource Name (ARN)
by calling the
list_resource_share_permissions
operation.
[required] Specifies a name for the promoted customer managed permission.
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value..
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with
different parameters, the retry fails with an
IdempotentParameterMismatch error.