Class: AWSCDK::Codepipeline::CfnWebhook::WebhookAuthConfigurationProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
codepipeline/cfn_webhook.rb

Overview

The authentication applied to incoming webhook trigger requests.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(allowed_ip_range: nil, secret_token: nil) ⇒ WebhookAuthConfigurationProperty

Returns a new instance of WebhookAuthConfigurationProperty.

Parameters:

  • allowed_ip_range (String, nil) (defaults to: nil)

    The property used to configure acceptance of webhooks in an IP address range.

  • secret_token (String, nil) (defaults to: nil)

    The property used to configure GitHub authentication. For GITHUB_HMAC, only the SecretToken property must be set.



650
651
652
653
654
655
# File 'codepipeline/cfn_webhook.rb', line 650

def initialize(allowed_ip_range: nil, secret_token: nil)
  @allowed_ip_range = allowed_ip_range
  Jsii::Type.check_type(@allowed_ip_range, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "allowedIpRange") unless @allowed_ip_range.nil?
  @secret_token = secret_token
  Jsii::Type.check_type(@secret_token, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "secretToken") unless @secret_token.nil?
end

Instance Attribute Details

#allowed_ip_rangeString? (readonly)

The property used to configure acceptance of webhooks in an IP address range.

For IP, only the AllowedIPRange property must be set. This property must be set to a valid CIDR range.



663
664
665
# File 'codepipeline/cfn_webhook.rb', line 663

def allowed_ip_range
  @allowed_ip_range
end

#secret_tokenString? (readonly)

The property used to configure GitHub authentication. For GITHUB_HMAC, only the SecretToken property must be set.

When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. > If a secret token was provided, it will be redacted in the response.



670
671
672
# File 'codepipeline/cfn_webhook.rb', line 670

def secret_token
  @secret_token
end

Class Method Details

.jsii_propertiesObject



672
673
674
675
676
677
# File 'codepipeline/cfn_webhook.rb', line 672

def self.jsii_properties
  {
    :allowed_ip_range => "allowedIpRange",
    :secret_token => "secretToken",
  }
end

Instance Method Details

#to_jsiiObject



679
680
681
682
683
684
685
686
# File 'codepipeline/cfn_webhook.rb', line 679

def to_jsii
  result = {}
  result.merge!({
    "allowedIpRange" => @allowed_ip_range,
    "secretToken" => @secret_token,
  })
  result.compact
end