Module: AWSCDK::BedrockAgentCore::IOAuth2CredentialProvider
- Includes:
- IAM::IGrantable, IResource, Interfaces::AWSBedrockagentcore::IOAuth2CredentialProviderRef
- Included in:
- OAuth2CredentialProvider
- Defined in:
- bedrock_agent_core/io_auth2_credential_provider.rb
Overview
An OAuth2 credential provider registered in AgentCore Token Vault.
Class Method Summary collapse
Instance Method Summary collapse
-
#apply_removal_policy(policy) ⇒ void
Apply the given removal policy to this resource.
-
#bind_for_gateway_o_auth_target(scopes, custom_parameters = nil) ⇒ AWSCDK::BedrockAgentCore::GatewayOAuth2IdentityBinding
ARNs and OAuth scopes for gateway targets (
GatewayCredentialProvider.fromOauthIdentityorfromOauthIdentityArn). -
#callback_url ⇒ String?
Callback URL for the OAuth2 authorization flow.
-
#client_secret_arn ⇒ String?
The ARN of the Secrets Manager secret for the OAuth2 client credentials.
-
#created_time ⇒ String?
Timestamp when the credential provider was created.
-
#credential_provider_arn ⇒ String
The ARN of this credential provider.
-
#credential_provider_vendor ⇒ String
OAuth2 vendor string passed to CloudFormation.
-
#env ⇒ AWSCDK::Interfaces::ResourceEnvironment
The environment this resource belongs to.
-
#grant(grantee, *actions) ⇒ AWSCDK::IAM::Grant
Grants IAM actions to the IAM principal.
-
#grant_admin(grantee) ⇒ AWSCDK::IAM::Grant
Grant control plane permissions to manage this provider.
-
#grant_full_access(grantee) ⇒ AWSCDK::IAM::Grant
Grant read, admin, and token retrieval permissions.
-
#grant_principal ⇒ AWSCDK::IAM::IPrincipal
The principal to grant permissions to.
-
#grant_read(grantee) ⇒ AWSCDK::IAM::Grant
Grant
GetOauth2CredentialProviderandListOauth2CredentialProviders, scoped to this provider and parent resources required by the Bedrock AgentCore authorization model. -
#grant_use(grantee) ⇒ AWSCDK::IAM::Grant
Grant permission to retrieve OAuth tokens (
GetResourceOauth2Token,CompleteResourceTokenAuth). -
#last_updated_time ⇒ String?
Timestamp when the credential provider was last updated.
-
#node ⇒ Constructs::Node
The tree node.
-
#o_auth2_credential_provider_ref ⇒ AWSCDK::Interfaces::AWSBedrockagentcore::OAuth2CredentialProviderReference
A reference to a OAuth2CredentialProvider resource.
-
#stack ⇒ AWSCDK::Stack
The stack in which this resource is defined.
-
#with(*mixins) ⇒ Constructs::IConstruct
Applies one or more mixins to this construct.
Class Method Details
.jsii_overridable_methods ⇒ Object
188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 188 def self.jsii_overridable_methods { :node => { kind: :property, name: "node", is_optional: false }, :env => { kind: :property, name: "env", is_optional: false }, :stack => { kind: :property, name: "stack", is_optional: false }, :grant_principal => { kind: :property, name: "grantPrincipal", is_optional: false }, :o_auth2_credential_provider_ref => { kind: :property, name: "oAuth2CredentialProviderRef", is_optional: false }, :credential_provider_arn => { kind: :property, name: "credentialProviderArn", is_optional: false }, :credential_provider_vendor => { kind: :property, name: "credentialProviderVendor", is_optional: false }, :callback_url => { kind: :property, name: "callbackUrl", is_optional: true }, :client_secret_arn => { kind: :property, name: "clientSecretArn", is_optional: true }, :created_time => { kind: :property, name: "createdTime", is_optional: true }, :last_updated_time => { kind: :property, name: "lastUpdatedTime", is_optional: true }, :with => { kind: :method, name: "with", is_optional: false }, :apply_removal_policy => { kind: :method, name: "applyRemovalPolicy", is_optional: false }, :bind_for_gateway_o_auth_target => { kind: :method, name: "bindForGatewayOAuthTarget", is_optional: false }, :grant => { kind: :method, name: "grant", is_optional: false }, :grant_admin => { kind: :method, name: "grantAdmin", is_optional: false }, :grant_full_access => { kind: :method, name: "grantFullAccess", is_optional: false }, :grant_read => { kind: :method, name: "grantRead", is_optional: false }, :grant_use => { kind: :method, name: "grantUse", is_optional: false }, } end |
Instance Method Details
#apply_removal_policy(policy) ⇒ void
This method returns an undefined value.
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
123 124 125 126 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 123 def apply_removal_policy(policy) Jsii::Type.check_type(policy, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5SZW1vdmFsUG9saWN5In0=")), "policy") jsii_call_method("applyRemovalPolicy", [policy]) end |
#bind_for_gateway_o_auth_target(scopes, custom_parameters = nil) ⇒ AWSCDK::BedrockAgentCore::GatewayOAuth2IdentityBinding
ARNs and OAuth scopes for gateway targets (GatewayCredentialProvider.fromOauthIdentity or fromOauthIdentityArn).
133 134 135 136 137 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 133 def bind_for_gateway_o_auth_target(scopes, custom_parameters = nil) Jsii::Type.check_type(scopes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "scopes") Jsii::Type.check_type(custom_parameters, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoibWFwIn19")), "customParameters") unless custom_parameters.nil? jsii_call_method("bindForGatewayOAuthTarget", [scopes, custom_parameters]) end |
#callback_url ⇒ String?
Callback URL for the OAuth2 authorization flow.
70 71 72 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 70 def callback_url() jsii_get_property("callbackUrl") end |
#client_secret_arn ⇒ String?
The ARN of the Secrets Manager secret for the OAuth2 client credentials.
May be undefined for resources imported without this attribute.
79 80 81 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 79 def client_secret_arn() jsii_get_property("clientSecretArn") end |
#created_time ⇒ String?
Timestamp when the credential provider was created.
86 87 88 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 86 def created_time() jsii_get_property("createdTime") end |
#credential_provider_arn ⇒ String
The ARN of this credential provider.
56 57 58 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 56 def credential_provider_arn() jsii_get_property("credentialProviderArn") end |
#credential_provider_vendor ⇒ String
OAuth2 vendor string passed to CloudFormation.
63 64 65 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 63 def credential_provider_vendor() jsii_get_property("credentialProviderVendor") end |
#env ⇒ AWSCDK::Interfaces::ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
28 29 30 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 28 def env() jsii_get_property("env") end |
#grant(grantee, *actions) ⇒ AWSCDK::IAM::Grant
Grants IAM actions to the IAM principal.
144 145 146 147 148 149 150 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 144 def grant(grantee, *actions) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") actions.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "actions[#{index}]") end jsii_call_method("grant", [grantee, *actions]) end |
#grant_admin(grantee) ⇒ AWSCDK::IAM::Grant
Grant control plane permissions to manage this provider.
156 157 158 159 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 156 def grant_admin(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantAdmin", [grantee]) end |
#grant_full_access(grantee) ⇒ AWSCDK::IAM::Grant
Grant read, admin, and token retrieval permissions.
165 166 167 168 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 165 def grant_full_access(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantFullAccess", [grantee]) end |
#grant_principal ⇒ AWSCDK::IAM::IPrincipal
The principal to grant permissions to.
42 43 44 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 42 def grant_principal() jsii_get_property("grantPrincipal") end |
#grant_read(grantee) ⇒ AWSCDK::IAM::Grant
Grant GetOauth2CredentialProvider and ListOauth2CredentialProviders, scoped to this provider and parent resources required by the Bedrock AgentCore authorization model.
174 175 176 177 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 174 def grant_read(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantRead", [grantee]) end |
#grant_use(grantee) ⇒ AWSCDK::IAM::Grant
Grant permission to retrieve OAuth tokens (GetResourceOauth2Token, CompleteResourceTokenAuth).
183 184 185 186 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 183 def grant_use(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantUse", [grantee]) end |
#last_updated_time ⇒ String?
Timestamp when the credential provider was last updated.
93 94 95 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 93 def last_updated_time() jsii_get_property("lastUpdatedTime") end |
#node ⇒ Constructs::Node
The tree node.
13 14 15 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 13 def node() jsii_get_property("node") end |
#o_auth2_credential_provider_ref ⇒ AWSCDK::Interfaces::AWSBedrockagentcore::OAuth2CredentialProviderReference
A reference to a OAuth2CredentialProvider resource.
49 50 51 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 49 def o_auth2_credential_provider_ref() jsii_get_property("oAuth2CredentialProviderRef") end |
#stack ⇒ AWSCDK::Stack
The stack in which this resource is defined.
35 36 37 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 35 def stack() jsii_get_property("stack") end |
#with(*mixins) ⇒ Constructs::IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the start of the call, so constructs added by a mixin will not be visited.
104 105 106 107 108 109 |
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 104 def with(*mixins) mixins.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJjb25zdHJ1Y3RzLklNaXhpbiJ9")), "mixins[#{index}]") end jsii_call_method("with", [*mixins]) end |