Class: AWSCDK::IAM::PolicyStatement
- Inherits:
-
Jsii::Object
- Object
- Jsii::Object
- AWSCDK::IAM::PolicyStatement
- Defined in:
- iam/policy_statement.rb
Overview
Represents a statement in an IAM policy document.
Class Method Summary collapse
-
.from_json(obj) ⇒ AWSCDK::IAM::PolicyStatement
Creates a new PolicyStatement based on the object provided.
- .jsii_overridable_methods ⇒ Object
-
.PROPERTY_INJECTION_ID ⇒ String
Uniquely identifies this class.
Instance Method Summary collapse
-
#actions ⇒ Array<String>
The Actions added to this statement.
-
#add_account_condition(account_id) ⇒ void
Add a
StringEqualscondition that limits to a given account fromsts:ExternalId. -
#add_account_root_principal ⇒ void
Adds an AWS account root user principal to this policy statement.
-
#add_actions(*actions) ⇒ void
Specify allowed actions into the "Action" section of the policy statement.
-
#add_all_resources ⇒ void
Adds a
"*"resource to this statement. -
#add_any_principal ⇒ void
Adds all identities in all accounts ("*") to this policy statement.
-
#add_arn_principal(arn) ⇒ void
Specify a principal using the ARN identifier of the principal.
-
#add_aws_account_principal(account_id) ⇒ void
Specify AWS account ID as the principal entity to the "Principal" section of a policy statement.
-
#add_canonical_user_principal(canonical_user_id) ⇒ void
Adds a canonical user ID principal to this policy document.
-
#add_condition(key, value) ⇒ void
Add a condition to the Policy.
-
#add_conditions(conditions) ⇒ void
Add multiple conditions to the Policy.
-
#add_federated_principal(federated, conditions) ⇒ void
Adds a federated identity provider such as Amazon Cognito to this policy statement.
-
#add_not_actions(*not_actions) ⇒ void
Explicitly allow all actions except the specified list of actions into the "NotAction" section of the policy document.
-
#add_not_principals(*not_principals) ⇒ void
Specify principals that is not allowed or denied access to the "NotPrincipal" section of a policy statement.
-
#add_not_resources(*arns) ⇒ void
Specify resources that this policy statement will not apply to in the "NotResource" section of this policy statement.
-
#add_principals(*principals) ⇒ void
Adds principals to the "Principal" section of a policy statement.
-
#add_resources(*arns) ⇒ void
Specify resources that this policy statement applies into the "Resource" section of this policy statement.
-
#add_service_principal(service, opts = nil) ⇒ void
Adds a service principal to this policy statement.
-
#add_source_account_condition(account_id) ⇒ void
Add an
StringEqualscondition that limits to a given account fromaws:SourceAccount. -
#add_source_arn_condition(arn) ⇒ void
Add an
ArnEqualscondition that limits to a given resource arn fromaws:SourceArn. -
#conditions ⇒ Object
The conditions added to this statement.
-
#copy(overrides = nil) ⇒ AWSCDK::IAM::PolicyStatement
Create a new
PolicyStatementwith the same exact properties as this one, except for the overrides. -
#effect ⇒ AWSCDK::IAM::Effect
Whether to allow or deny the actions in this statement Set effect for this statement.
- #effect=(value) ⇒ Object
-
#freeze ⇒ AWSCDK::IAM::PolicyStatement
Make the PolicyStatement immutable.
-
#frozen ⇒ Boolean
Whether the PolicyStatement has been frozen.
-
#has_principal ⇒ Boolean
Indicates if this permission has a "Principal" section.
-
#has_resource ⇒ Boolean
Indicates if this permission has at least one resource associated with it.
-
#initialize(props = nil) ⇒ PolicyStatement
constructor
A new instance of PolicyStatement.
-
#not_actions ⇒ Array<String>
The NotActions added to this statement.
-
#not_principals ⇒ Array<AWSCDK::IAM::IPrincipal>
The NotPrincipals added to this statement.
-
#not_resources ⇒ Array<String>
The NotResources added to this statement.
-
#principals ⇒ Array<AWSCDK::IAM::IPrincipal>
The Principals added to this statement.
-
#resources ⇒ Array<String>
The Resources added to this statement.
-
#sid ⇒ String?
Statement ID for this statement Set Statement ID for this statement.
- #sid=(value) ⇒ Object
-
#to_json ⇒ Object
JSON-ify the statement.
-
#to_statement_json ⇒ Object
JSON-ify the policy statement.
-
#to_string ⇒ String
String representation of this policy statement.
-
#validate_for_any_policy ⇒ Array<String>
Validate that the policy statement satisfies base requirements for a policy.
-
#validate_for_identity_policy ⇒ Array<String>
Validate that the policy statement satisfies all requirements for an identity-based policy.
-
#validate_for_resource_policy ⇒ Array<String>
Validate that the policy statement satisfies all requirements for a resource-based policy.
Constructor Details
#initialize(props = nil) ⇒ PolicyStatement
Returns a new instance of PolicyStatement.
9 10 11 12 13 |
# File 'iam/policy_statement.rb', line 9 def initialize(props = nil) props = props.is_a?(Hash) ? ::AWSCDK::IAM::PolicyStatementProps.new(**props.transform_keys(&:to_sym)) : props Jsii::Type.check_type(props, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLlBvbGljeVN0YXRlbWVudFByb3BzIn0=")), "props") unless props.nil? Jsii::Object.instance_method(:initialize).bind(self).call(props) end |
Class Method Details
.from_json(obj) ⇒ AWSCDK::IAM::PolicyStatement
Creates a new PolicyStatement based on the object provided.
This will accept an object created from the .toJSON() call
65 66 67 68 |
# File 'iam/policy_statement.rb', line 65 def self.from_json(obj) Jsii::Type.check_type(obj, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "obj") Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_iam.PolicyStatement", "fromJson", [obj]) end |
.jsii_overridable_methods ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'iam/policy_statement.rb', line 15 def self.jsii_overridable_methods { :actions => { kind: :property, name: "actions", is_optional: false }, :conditions => { kind: :property, name: "conditions", is_optional: false }, :frozen => { kind: :property, name: "frozen", is_optional: false }, :has_principal => { kind: :property, name: "hasPrincipal", is_optional: false }, :has_resource => { kind: :property, name: "hasResource", is_optional: false }, :not_actions => { kind: :property, name: "notActions", is_optional: false }, :not_principals => { kind: :property, name: "notPrincipals", is_optional: false }, :not_resources => { kind: :property, name: "notResources", is_optional: false }, :principals => { kind: :property, name: "principals", is_optional: false }, :resources => { kind: :property, name: "resources", is_optional: false }, :effect => { kind: :property, name: "effect", is_optional: false }, :sid => { kind: :property, name: "sid", is_optional: true }, :add_account_condition => { kind: :method, name: "addAccountCondition", is_optional: false }, :add_account_root_principal => { kind: :method, name: "addAccountRootPrincipal", is_optional: false }, :add_actions => { kind: :method, name: "addActions", is_optional: false }, :add_all_resources => { kind: :method, name: "addAllResources", is_optional: false }, :add_any_principal => { kind: :method, name: "addAnyPrincipal", is_optional: false }, :add_arn_principal => { kind: :method, name: "addArnPrincipal", is_optional: false }, :add_aws_account_principal => { kind: :method, name: "addAwsAccountPrincipal", is_optional: false }, :add_canonical_user_principal => { kind: :method, name: "addCanonicalUserPrincipal", is_optional: false }, :add_condition => { kind: :method, name: "addCondition", is_optional: false }, :add_conditions => { kind: :method, name: "addConditions", is_optional: false }, :add_federated_principal => { kind: :method, name: "addFederatedPrincipal", is_optional: false }, :add_not_actions => { kind: :method, name: "addNotActions", is_optional: false }, :add_not_principals => { kind: :method, name: "addNotPrincipals", is_optional: false }, :add_not_resources => { kind: :method, name: "addNotResources", is_optional: false }, :add_principals => { kind: :method, name: "addPrincipals", is_optional: false }, :add_resources => { kind: :method, name: "addResources", is_optional: false }, :add_service_principal => { kind: :method, name: "addServicePrincipal", is_optional: false }, :add_source_account_condition => { kind: :method, name: "addSourceAccountCondition", is_optional: false }, :add_source_arn_condition => { kind: :method, name: "addSourceArnCondition", is_optional: false }, :copy => { kind: :method, name: "copy", is_optional: false }, :freeze => { kind: :method, name: "freeze", is_optional: false }, :to_json => { kind: :method, name: "toJSON", is_optional: false }, :to_statement_json => { kind: :method, name: "toStatementJson", is_optional: false }, :to_string => { kind: :method, name: "toString", is_optional: false }, :validate_for_any_policy => { kind: :method, name: "validateForAnyPolicy", is_optional: false }, :validate_for_identity_policy => { kind: :method, name: "validateForIdentityPolicy", is_optional: false }, :validate_for_resource_policy => { kind: :method, name: "validateForResourcePolicy", is_optional: false }, } end |
.PROPERTY_INJECTION_ID ⇒ String
Uniquely identifies this class.
73 74 75 |
# File 'iam/policy_statement.rb', line 73 def self.PROPERTY_INJECTION_ID() Jsii::Kernel.instance.get_static("aws-cdk-lib.aws_iam.PolicyStatement", "PROPERTY_INJECTION_ID") end |
Instance Method Details
#actions ⇒ Array<String>
The Actions added to this statement.
80 81 82 |
# File 'iam/policy_statement.rb', line 80 def actions() jsii_get_property("actions") end |
#add_account_condition(account_id) ⇒ void
This method returns an undefined value.
Add a StringEquals condition that limits to a given account from sts:ExternalId.
This method can only be called once: subsequent calls will overwrite earlier calls.
180 181 182 183 |
# File 'iam/policy_statement.rb', line 180 def add_account_condition(account_id) Jsii::Type.check_type(account_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "accountId") jsii_call_method("addAccountCondition", [account_id]) end |
#add_account_root_principal ⇒ void
This method returns an undefined value.
Adds an AWS account root user principal to this policy statement.
188 189 190 |
# File 'iam/policy_statement.rb', line 188 def add_account_root_principal() jsii_call_method("addAccountRootPrincipal", []) end |
#add_actions(*actions) ⇒ void
This method returns an undefined value.
Specify allowed actions into the "Action" section of the policy statement.
197 198 199 200 201 202 |
# File 'iam/policy_statement.rb', line 197 def add_actions(*actions) actions.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "actions[#{index}]") end jsii_call_method("addActions", [*actions]) end |
#add_all_resources ⇒ void
This method returns an undefined value.
Adds a "*" resource to this statement.
207 208 209 |
# File 'iam/policy_statement.rb', line 207 def add_all_resources() jsii_call_method("addAllResources", []) end |
#add_any_principal ⇒ void
This method returns an undefined value.
Adds all identities in all accounts ("*") to this policy statement.
214 215 216 |
# File 'iam/policy_statement.rb', line 214 def add_any_principal() jsii_call_method("addAnyPrincipal", []) end |
#add_arn_principal(arn) ⇒ void
This method returns an undefined value.
Specify a principal using the ARN identifier of the principal.
You cannot specify IAM groups and instance profiles as principals.
224 225 226 227 |
# File 'iam/policy_statement.rb', line 224 def add_arn_principal(arn) Jsii::Type.check_type(arn, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "arn") jsii_call_method("addArnPrincipal", [arn]) end |
#add_aws_account_principal(account_id) ⇒ void
This method returns an undefined value.
Specify AWS account ID as the principal entity to the "Principal" section of a policy statement.
233 234 235 236 |
# File 'iam/policy_statement.rb', line 233 def add_aws_account_principal(account_id) Jsii::Type.check_type(account_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "accountId") jsii_call_method("addAwsAccountPrincipal", [account_id]) end |
#add_canonical_user_principal(canonical_user_id) ⇒ void
This method returns an undefined value.
Adds a canonical user ID principal to this policy document.
242 243 244 245 |
# File 'iam/policy_statement.rb', line 242 def add_canonical_user_principal(canonical_user_id) Jsii::Type.check_type(canonical_user_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "canonicalUserId") jsii_call_method("addCanonicalUserPrincipal", [canonical_user_id]) end |
#add_condition(key, value) ⇒ void
This method returns an undefined value.
Add a condition to the Policy.
If multiple calls are made to add a condition with the same operator and field, only the last one wins. For example:
stmt = nil # AWSCDK::IAM::PolicyStatement
stmt.add_condition("StringEquals", {"aws:SomeField" => "1"})
stmt.add_condition("StringEquals", {"aws:SomeField" => "2"})
Will end up with the single condition StringEquals: { 'aws:SomeField': '2' }.
If you meant to add a condition to say that the field can be either 1 or 2, write
this:
stmt = nil # AWSCDK::IAM::PolicyStatement
stmt.add_condition("StringEquals", {"aws:SomeField" => ["1", "2"]})
275 276 277 278 279 |
# File 'iam/policy_statement.rb', line 275 def add_condition(key, value) Jsii::Type.check_type(key, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "key") Jsii::Type.check_type(value, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "value") jsii_call_method("addCondition", [key, value]) end |
#add_conditions(conditions) ⇒ void
This method returns an undefined value.
Add multiple conditions to the Policy.
See the add_condition function for a caveat on calling this method multiple times.
287 288 289 290 |
# File 'iam/policy_statement.rb', line 287 def add_conditions(conditions) Jsii::Type.check_type(conditions, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6ImFueSJ9LCJraW5kIjoibWFwIn19")), "conditions") jsii_call_method("addConditions", [conditions]) end |
#add_federated_principal(federated, conditions) ⇒ void
This method returns an undefined value.
Adds a federated identity provider such as Amazon Cognito to this policy statement.
297 298 299 300 301 |
# File 'iam/policy_statement.rb', line 297 def add_federated_principal(federated, conditions) Jsii::Type.check_type(federated, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "federated") Jsii::Type.check_type(conditions, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6ImFueSJ9LCJraW5kIjoibWFwIn19")), "conditions") jsii_call_method("addFederatedPrincipal", [federated, conditions]) end |
#add_not_actions(*not_actions) ⇒ void
This method returns an undefined value.
Explicitly allow all actions except the specified list of actions into the "NotAction" section of the policy document.
308 309 310 311 312 313 |
# File 'iam/policy_statement.rb', line 308 def add_not_actions(*not_actions) not_actions.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "notActions[#{index}]") end jsii_call_method("addNotActions", [*not_actions]) end |
#add_not_principals(*not_principals) ⇒ void
This method returns an undefined value.
Specify principals that is not allowed or denied access to the "NotPrincipal" section of a policy statement.
320 321 322 323 324 325 |
# File 'iam/policy_statement.rb', line 320 def add_not_principals(*not_principals) not_principals.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklQcmluY2lwYWwifQ==")), "notPrincipals[#{index}]") end jsii_call_method("addNotPrincipals", [*not_principals]) end |
#add_not_resources(*arns) ⇒ void
This method returns an undefined value.
Specify resources that this policy statement will not apply to in the "NotResource" section of this policy statement.
All resources except the specified list will be matched.
334 335 336 337 338 339 |
# File 'iam/policy_statement.rb', line 334 def add_not_resources(*arns) arns.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "arns[#{index}]") end jsii_call_method("addNotResources", [*arns]) end |
#add_principals(*principals) ⇒ void
This method returns an undefined value.
Adds principals to the "Principal" section of a policy statement.
346 347 348 349 350 351 |
# File 'iam/policy_statement.rb', line 346 def add_principals(*principals) principals.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklQcmluY2lwYWwifQ==")), "principals[#{index}]") end jsii_call_method("addPrincipals", [*principals]) end |
#add_resources(*arns) ⇒ void
This method returns an undefined value.
Specify resources that this policy statement applies into the "Resource" section of this policy statement.
358 359 360 361 362 363 |
# File 'iam/policy_statement.rb', line 358 def add_resources(*arns) arns.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "arns[#{index}]") end jsii_call_method("addResources", [*arns]) end |
#add_service_principal(service, opts = nil) ⇒ void
This method returns an undefined value.
Adds a service principal to this policy statement.
370 371 372 373 374 375 |
# File 'iam/policy_statement.rb', line 370 def add_service_principal(service, opts = nil) Jsii::Type.check_type(service, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "service") opts = opts.is_a?(Hash) ? ::AWSCDK::IAM::ServicePrincipalOpts.new(**opts.transform_keys(&:to_sym)) : opts Jsii::Type.check_type(opts, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLlNlcnZpY2VQcmluY2lwYWxPcHRzIn0=")), "opts") unless opts.nil? jsii_call_method("addServicePrincipal", [service, opts]) end |
#add_source_account_condition(account_id) ⇒ void
This method returns an undefined value.
Add an StringEquals condition that limits to a given account from aws:SourceAccount.
This method can only be called once: subsequent calls will overwrite earlier calls.
384 385 386 387 |
# File 'iam/policy_statement.rb', line 384 def add_source_account_condition(account_id) Jsii::Type.check_type(account_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "accountId") jsii_call_method("addSourceAccountCondition", [account_id]) end |
#add_source_arn_condition(arn) ⇒ void
This method returns an undefined value.
Add an ArnEquals condition that limits to a given resource arn from aws:SourceArn.
This method can only be called once: subsequent calls will overwrite earlier calls.
396 397 398 399 |
# File 'iam/policy_statement.rb', line 396 def add_source_arn_condition(arn) Jsii::Type.check_type(arn, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "arn") jsii_call_method("addSourceArnCondition", [arn]) end |
#conditions ⇒ Object
The conditions added to this statement.
87 88 89 |
# File 'iam/policy_statement.rb', line 87 def conditions() jsii_get_property("conditions") end |
#copy(overrides = nil) ⇒ AWSCDK::IAM::PolicyStatement
Create a new PolicyStatement with the same exact properties as this one, except for the overrides.
405 406 407 408 409 |
# File 'iam/policy_statement.rb', line 405 def copy(overrides = nil) overrides = overrides.is_a?(Hash) ? ::AWSCDK::IAM::PolicyStatementProps.new(**overrides.transform_keys(&:to_sym)) : overrides Jsii::Type.check_type(overrides, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLlBvbGljeVN0YXRlbWVudFByb3BzIn0=")), "overrides") unless overrides.nil? jsii_call_method("copy", [overrides]) end |
#effect ⇒ AWSCDK::IAM::Effect
Whether to allow or deny the actions in this statement Set effect for this statement.
152 153 154 |
# File 'iam/policy_statement.rb', line 152 def effect() jsii_get_property("effect") end |
#effect=(value) ⇒ Object
156 157 158 159 |
# File 'iam/policy_statement.rb', line 156 def effect=(value) Jsii::Type.check_type(value, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLkVmZmVjdCJ9")), "effect") jsii_set_property("effect", value) end |
#freeze ⇒ AWSCDK::IAM::PolicyStatement
Make the PolicyStatement immutable.
After calling this, any of the add_xxx() methods will throw an exception.
Libraries that lazily generate statement bodies can override this method to fill the actual PolicyStatement fields. Be aware that this method may be called multiple times.
420 421 422 |
# File 'iam/policy_statement.rb', line 420 def freeze() jsii_call_method("freeze", []) end |
#frozen ⇒ Boolean
Whether the PolicyStatement has been frozen.
The statement object is frozen when freeze() is called.
96 97 98 |
# File 'iam/policy_statement.rb', line 96 def frozen() jsii_get_property("frozen") end |
#has_principal ⇒ Boolean
Indicates if this permission has a "Principal" section.
103 104 105 |
# File 'iam/policy_statement.rb', line 103 def has_principal() jsii_get_property("hasPrincipal") end |
#has_resource ⇒ Boolean
Indicates if this permission has at least one resource associated with it.
110 111 112 |
# File 'iam/policy_statement.rb', line 110 def has_resource() jsii_get_property("hasResource") end |
#not_actions ⇒ Array<String>
The NotActions added to this statement.
117 118 119 |
# File 'iam/policy_statement.rb', line 117 def not_actions() jsii_get_property("notActions") end |
#not_principals ⇒ Array<AWSCDK::IAM::IPrincipal>
The NotPrincipals added to this statement.
124 125 126 |
# File 'iam/policy_statement.rb', line 124 def not_principals() jsii_get_property("notPrincipals") end |
#not_resources ⇒ Array<String>
The NotResources added to this statement.
131 132 133 |
# File 'iam/policy_statement.rb', line 131 def not_resources() jsii_get_property("notResources") end |
#principals ⇒ Array<AWSCDK::IAM::IPrincipal>
The Principals added to this statement.
138 139 140 |
# File 'iam/policy_statement.rb', line 138 def principals() jsii_get_property("principals") end |
#resources ⇒ Array<String>
The Resources added to this statement.
145 146 147 |
# File 'iam/policy_statement.rb', line 145 def resources() jsii_get_property("resources") end |
#sid ⇒ String?
Statement ID for this statement Set Statement ID for this statement.
164 165 166 |
# File 'iam/policy_statement.rb', line 164 def sid() jsii_get_property("sid") end |
#sid=(value) ⇒ Object
168 169 170 171 |
# File 'iam/policy_statement.rb', line 168 def sid=(value) Jsii::Type.check_type(value, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "sid") unless value.nil? jsii_set_property("sid", value) end |
#to_json ⇒ Object
JSON-ify the statement.
Used when JSON.stringify() is called
429 430 431 |
# File 'iam/policy_statement.rb', line 429 def to_json() jsii_call_method("toJSON", []) end |
#to_statement_json ⇒ Object
JSON-ify the policy statement.
Used when JSON.stringify() is called
438 439 440 |
# File 'iam/policy_statement.rb', line 438 def to_statement_json() jsii_call_method("toStatementJson", []) end |
#to_string ⇒ String
String representation of this policy statement.
445 446 447 |
# File 'iam/policy_statement.rb', line 445 def to_string() jsii_call_method("toString", []) end |
#validate_for_any_policy ⇒ Array<String>
Validate that the policy statement satisfies base requirements for a policy.
452 453 454 |
# File 'iam/policy_statement.rb', line 452 def validate_for_any_policy() jsii_call_method("validateForAnyPolicy", []) end |
#validate_for_identity_policy ⇒ Array<String>
Validate that the policy statement satisfies all requirements for an identity-based policy.
459 460 461 |
# File 'iam/policy_statement.rb', line 459 def validate_for_identity_policy() jsii_call_method("validateForIdentityPolicy", []) end |
#validate_for_resource_policy ⇒ Array<String>
Validate that the policy statement satisfies all requirements for a resource-based policy.
466 467 468 |
# File 'iam/policy_statement.rb', line 466 def validate_for_resource_policy() jsii_call_method("validateForResourcePolicy", []) end |