Class: AWSCDK::RolesAnywhere::CfnProfileProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
roles_anywhere/cfn_profile_props.rb

Overview

Properties for defining a CfnProfile.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(name:, role_arns:, accept_role_session_name: nil, attribute_mappings: nil, duration_seconds: nil, enabled: nil, managed_policy_arns: nil, require_instance_properties: nil, session_policy: nil, tags: nil) ⇒ CfnProfileProps

Returns a new instance of CfnProfileProps.

Parameters:

  • name (String)

    The customer specified name of the resource.

  • role_arns (Array<String, AWSCDK::Interfaces::AWSIAM::IRoleRef>)

    A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.

  • accept_role_session_name (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Used to determine if a custom role session name will be accepted in a temporary credential request.

  • attribute_mappings (AWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::RolesAnywhere::CfnProfile::AttributeMappingProperty>, nil) (defaults to: nil)

    A mapping applied to the authenticating end-entity certificate.

  • duration_seconds (Numeric, nil) (defaults to: nil)

    The number of seconds vended session credentials will be valid for.

  • enabled (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    The enabled status of the resource.

  • managed_policy_arns (Array<String>, nil) (defaults to: nil)

    A list of managed policy ARNs.

  • require_instance_properties (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Specifies whether instance properties are required in CreateSession requests with this profile.

  • session_policy (String, nil) (defaults to: nil)

    A session policy that will applied to the trust boundary of the vended session credentials.

  • tags (Array<AWSCDK::CfnTag>, nil) (defaults to: nil)

    A list of Tags.



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# File 'roles_anywhere/cfn_profile_props.rb', line 19

def initialize(name:, role_arns:, accept_role_session_name: nil, attribute_mappings: nil, duration_seconds: nil, enabled: nil, managed_policy_arns: nil, require_instance_properties: nil, session_policy: nil, tags: nil)
  @name = name
  Jsii::Type.check_type(@name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "name")
  @role_arns = role_arns
  Jsii::Type.check_type(@role_arns, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InVuaW9uIjp7InR5cGVzIjpbeyJwcmltaXRpdmUiOiJzdHJpbmcifSx7ImZxbiI6ImF3cy1jZGstbGliLmludGVyZmFjZXMuYXdzX2lhbS5JUm9sZVJlZiJ9XX19LCJraW5kIjoiYXJyYXkifX0=")), "roleArns")
  @accept_role_session_name = accept_role_session_name
  Jsii::Type.check_type(@accept_role_session_name, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "acceptRoleSessionName") unless @accept_role_session_name.nil?
  @attribute_mappings = attribute_mappings
  Jsii::Type.check_type(@attribute_mappings, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfcm9sZXNhbnl3aGVyZS5DZm5Qcm9maWxlLkF0dHJpYnV0ZU1hcHBpbmdQcm9wZXJ0eSJ9XX19LCJraW5kIjoiYXJyYXkifX1dfX0=")), "attributeMappings") unless @attribute_mappings.nil?
  @duration_seconds = duration_seconds
  Jsii::Type.check_type(@duration_seconds, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "durationSeconds") unless @duration_seconds.nil?
  @enabled = enabled
  Jsii::Type.check_type(@enabled, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "enabled") unless @enabled.nil?
  @managed_policy_arns = managed_policy_arns
  Jsii::Type.check_type(@managed_policy_arns, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "managedPolicyArns") unless @managed_policy_arns.nil?
  @require_instance_properties = require_instance_properties
  Jsii::Type.check_type(@require_instance_properties, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "requireInstanceProperties") unless @require_instance_properties.nil?
  @session_policy = session_policy
  Jsii::Type.check_type(@session_policy, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "sessionPolicy") unless @session_policy.nil?
  @tags = tags.is_a?(Array) ? tags.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::CfnTag.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : tags
  Jsii::Type.check_type(@tags, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLkNmblRhZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "tags") unless @tags.nil?
end

Instance Attribute Details

#accept_role_session_nameBoolean, ... (readonly)

Used to determine if a custom role session name will be accepted in a temporary credential request.



56
57
58
# File 'roles_anywhere/cfn_profile_props.rb', line 56

def accept_role_session_name
  @accept_role_session_name
end

#attribute_mappingsAWSCDK::IResolvable, ... (readonly)

A mapping applied to the authenticating end-entity certificate.



61
62
63
# File 'roles_anywhere/cfn_profile_props.rb', line 61

def attribute_mappings
  @attribute_mappings
end

#duration_secondsNumeric? (readonly)

The number of seconds vended session credentials will be valid for.



66
67
68
# File 'roles_anywhere/cfn_profile_props.rb', line 66

def duration_seconds
  @duration_seconds
end

#enabledBoolean, ... (readonly)

The enabled status of the resource.



71
72
73
# File 'roles_anywhere/cfn_profile_props.rb', line 71

def enabled
  @enabled
end

#managed_policy_arnsArray<String>? (readonly)

A list of managed policy ARNs.

Managed policies identified by this list will be applied to the vended session credentials.



78
79
80
# File 'roles_anywhere/cfn_profile_props.rb', line 78

def managed_policy_arns
  @managed_policy_arns
end

#nameString (readonly)

The customer specified name of the resource.



46
47
48
# File 'roles_anywhere/cfn_profile_props.rb', line 46

def name
  @name
end

#require_instance_propertiesBoolean, ... (readonly)

Specifies whether instance properties are required in CreateSession requests with this profile.



83
84
85
# File 'roles_anywhere/cfn_profile_props.rb', line 83

def require_instance_properties
  @require_instance_properties
end

#role_arnsArray<String, AWSCDK::Interfaces::AWSIAM::IRoleRef> (readonly)

A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.



51
52
53
# File 'roles_anywhere/cfn_profile_props.rb', line 51

def role_arns
  @role_arns
end

#session_policyString? (readonly)

A session policy that will applied to the trust boundary of the vended session credentials.



88
89
90
# File 'roles_anywhere/cfn_profile_props.rb', line 88

def session_policy
  @session_policy
end

#tagsArray<AWSCDK::CfnTag>? (readonly)

A list of Tags.



93
94
95
# File 'roles_anywhere/cfn_profile_props.rb', line 93

def tags
  @tags
end

Class Method Details

.jsii_propertiesObject



95
96
97
98
99
100
101
102
103
104
105
106
107
108
# File 'roles_anywhere/cfn_profile_props.rb', line 95

def self.jsii_properties
  {
    :name => "name",
    :role_arns => "roleArns",
    :accept_role_session_name => "acceptRoleSessionName",
    :attribute_mappings => "attributeMappings",
    :duration_seconds => "durationSeconds",
    :enabled => "enabled",
    :managed_policy_arns => "managedPolicyArns",
    :require_instance_properties => "requireInstanceProperties",
    :session_policy => "sessionPolicy",
    :tags => "tags",
  }
end

Instance Method Details

#to_jsiiObject



110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# File 'roles_anywhere/cfn_profile_props.rb', line 110

def to_jsii
  result = {}
  result.merge!({
    "name" => @name,
    "roleArns" => @role_arns,
    "acceptRoleSessionName" => @accept_role_session_name,
    "attributeMappings" => @attribute_mappings,
    "durationSeconds" => @duration_seconds,
    "enabled" => @enabled,
    "managedPolicyArns" => @managed_policy_arns,
    "requireInstanceProperties" => @require_instance_properties,
    "sessionPolicy" => @session_policy,
    "tags" => @tags,
  })
  result.compact
end