Class: AWSCDK::Verifiedpermissions::CfnPolicyStoreProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
verifiedpermissions/cfn_policy_store_props.rb

Overview

Properties for defining a CfnPolicyStore.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(validation_settings:, deletion_protection: nil, description: nil, encryption_settings: nil, schema: nil, tags: nil) ⇒ CfnPolicyStoreProps

Returns a new instance of CfnPolicyStoreProps.

Parameters:



15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 15

def initialize(validation_settings:, deletion_protection: nil, description: nil, encryption_settings: nil, schema: nil, tags: nil)
  @validation_settings = validation_settings.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::ValidationSettingsProperty.new(**validation_settings.transform_keys(&:to_sym)) : validation_settings
  Jsii::Type.check_type(@validation_settings, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLlZhbGlkYXRpb25TZXR0aW5nc1Byb3BlcnR5In1dfX0=")), "validationSettings")
  @deletion_protection = deletion_protection.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::DeletionProtectionProperty.new(**deletion_protection.transform_keys(&:to_sym)) : deletion_protection
  Jsii::Type.check_type(@deletion_protection, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLkRlbGV0aW9uUHJvdGVjdGlvblByb3BlcnR5In1dfX0=")), "deletionProtection") unless @deletion_protection.nil?
  @description = description
  Jsii::Type.check_type(@description, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "description") unless @description.nil?
  @encryption_settings = encryption_settings.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::EncryptionSettingsProperty.new(**encryption_settings.transform_keys(&:to_sym)) : encryption_settings
  Jsii::Type.check_type(@encryption_settings, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLkVuY3J5cHRpb25TZXR0aW5nc1Byb3BlcnR5In1dfX0=")), "encryptionSettings") unless @encryption_settings.nil?
  @schema = schema.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::SchemaDefinitionProperty.new(**schema.transform_keys(&:to_sym)) : schema
  Jsii::Type.check_type(@schema, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLlNjaGVtYURlZmluaXRpb25Qcm9wZXJ0eSJ9XX19")), "schema") unless @schema.nil?
  @tags = tags.is_a?(Array) ? tags.map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::CfnTag.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : tags
  Jsii::Type.check_type(@tags, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLkNmblRhZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "tags") unless @tags.nil?
end

Instance Attribute Details

#deletion_protectionAWSCDK::IResolvable, ... (readonly)

Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.

The default state is DISABLED .



45
46
47
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 45

def deletion_protection
  @deletion_protection
end

#descriptionString? (readonly)

Descriptive text that you can provide to help with identification of the current policy store.



50
51
52
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 50

def description
  @description
end

#encryption_settingsAWSCDK::IResolvable, ... (readonly)



53
54
55
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 53

def encryption_settings
  @encryption_settings
end

#schemaAWSCDK::IResolvable, ... (readonly)

Creates or updates the policy schema in a policy store.

Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.



60
61
62
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 60

def schema
  @schema
end

#tagsArray<AWSCDK::CfnTag>? (readonly)

The list of key-value pairs to associate with the policy store.



65
66
67
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 65

def tags
  @tags
end

#validation_settingsAWSCDK::IResolvable, AWSCDK::Verifiedpermissions::CfnPolicyStore::ValidationSettingsProperty (readonly)

Specifies the validation setting for this policy store.

Currently, the only valid and required value is Mode .

We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.



38
39
40
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 38

def validation_settings
  @validation_settings
end

Class Method Details

.jsii_propertiesObject



67
68
69
70
71
72
73
74
75
76
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 67

def self.jsii_properties
  {
    :validation_settings => "validationSettings",
    :deletion_protection => "deletionProtection",
    :description => "description",
    :encryption_settings => "encryptionSettings",
    :schema => "schema",
    :tags => "tags",
  }
end

Instance Method Details

#to_jsiiObject



78
79
80
81
82
83
84
85
86
87
88
89
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 78

def to_jsii
  result = {}
  result.merge!({
    "validationSettings" => @validation_settings,
    "deletionProtection" => @deletion_protection,
    "description" => @description,
    "encryptionSettings" => @encryption_settings,
    "schema" => @schema,
    "tags" => @tags,
  })
  result.compact
end