Class: AWSCDK::CognitoIdentitypool::IdentityPoolRoleMapping
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::CognitoIdentitypool::IdentityPoolRoleMapping
- Defined in:
- cognito_identitypool/identity_pool_role_mapping.rb
Overview
Map roles to users in the Identity Pool based on claims from the Identity Provider.
Instance Attribute Summary collapse
-
#mapping_key ⇒ String?
readonly
The key used for the role mapping in the role mapping hash.
-
#provider_url ⇒ AWSCDK::CognitoIdentitypool::IdentityPoolProviderURL
readonly
The url of the Provider for which the role is mapped.
-
#resolve_ambiguous_roles ⇒ Boolean?
readonly
Allow for role assumption when results of role mapping are ambiguous.
-
#rules ⇒ Array<AWSCDK::CognitoIdentitypool::RoleMappingRule>?
readonly
The claim and value that must be matched in order to assume the role.
-
#use_token ⇒ Boolean?
readonly
If true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from Identity Provider.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(provider_url:, mapping_key: nil, resolve_ambiguous_roles: nil, rules: nil, use_token: nil) ⇒ IdentityPoolRoleMapping
constructor
A new instance of IdentityPoolRoleMapping.
- #to_jsii ⇒ Object
Constructor Details
#initialize(provider_url:, mapping_key: nil, resolve_ambiguous_roles: nil, rules: nil, use_token: nil) ⇒ IdentityPoolRoleMapping
Returns a new instance of IdentityPoolRoleMapping.
14 15 16 17 18 19 20 21 22 23 24 25 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 14 def initialize(provider_url:, mapping_key: nil, resolve_ambiguous_roles: nil, rules: nil, use_token: nil) @provider_url = provider_url Jsii::Type.check_type(@provider_url, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY29nbml0b19pZGVudGl0eXBvb2wuSWRlbnRpdHlQb29sUHJvdmlkZXJVcmwifQ==")), "providerUrl") @mapping_key = mapping_key Jsii::Type.check_type(@mapping_key, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "mappingKey") unless @mapping_key.nil? @resolve_ambiguous_roles = resolve_ambiguous_roles Jsii::Type.check_type(@resolve_ambiguous_roles, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "resolveAmbiguousRoles") unless @resolve_ambiguous_roles.nil? @rules = rules.is_a?(Array) ? rules.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::CognitoIdentitypool::RoleMappingRule.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : rules Jsii::Type.check_type(@rules, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvX2lkZW50aXR5cG9vbC5Sb2xlTWFwcGluZ1J1bGUifSwia2luZCI6ImFycmF5In19")), "rules") unless @rules.nil? @use_token = use_token Jsii::Type.check_type(@use_token, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "useToken") unless @use_token.nil? end |
Instance Attribute Details
#mapping_key ⇒ String? (readonly)
Default: - The provided providerUrl
The key used for the role mapping in the role mapping hash.
Required if the providerUrl is a token.
37 38 39 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 37 def mapping_key @mapping_key end |
#provider_url ⇒ AWSCDK::CognitoIdentitypool::IdentityPoolProviderURL (readonly)
The url of the Provider for which the role is mapped.
30 31 32 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 30 def provider_url @provider_url end |
#resolve_ambiguous_roles ⇒ Boolean? (readonly)
Default: false - Ambiguous role resolutions will lead to requester being denied
Allow for role assumption when results of role mapping are ambiguous.
42 43 44 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 42 def resolve_ambiguous_roles @resolve_ambiguous_roles end |
#rules ⇒ Array<AWSCDK::CognitoIdentitypool::RoleMappingRule>? (readonly)
Default: - No role mapping rule
The claim and value that must be matched in order to assume the role.
Required if useToken is false
49 50 51 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 49 def rules @rules end |
#use_token ⇒ Boolean? (readonly)
Default: false
If true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from Identity Provider.
55 56 57 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 55 def use_token @use_token end |
Class Method Details
.jsii_properties ⇒ Object
57 58 59 60 61 62 63 64 65 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 57 def self.jsii_properties { :provider_url => "providerUrl", :mapping_key => "mappingKey", :resolve_ambiguous_roles => "resolveAmbiguousRoles", :rules => "rules", :use_token => "useToken", } end |
Instance Method Details
#to_jsii ⇒ Object
67 68 69 70 71 72 73 74 75 76 77 |
# File 'cognito_identitypool/identity_pool_role_mapping.rb', line 67 def to_jsii result = {} result.merge!({ "providerUrl" => @provider_url, "mappingKey" => @mapping_key, "resolveAmbiguousRoles" => @resolve_ambiguous_roles, "rules" => @rules, "useToken" => @use_token, }) result.compact end |