Class: AWSCDK::Verifiedpermissions::CfnPolicyStoreProps
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::Verifiedpermissions::CfnPolicyStoreProps
- Defined in:
- verifiedpermissions/cfn_policy_store_props.rb
Overview
Properties for defining a CfnPolicyStore.
Instance Attribute Summary collapse
-
#deletion_protection ⇒ AWSCDK::IResolvable, ...
readonly
Specifies whether the policy store can be deleted.
-
#description ⇒ String?
readonly
Descriptive text that you can provide to help with identification of the current policy store.
- #encryption_settings ⇒ AWSCDK::IResolvable, ... readonly
-
#schema ⇒ AWSCDK::IResolvable, ...
readonly
Creates or updates the policy schema in a policy store.
-
#tags ⇒ Array<AWSCDK::CfnTag>?
readonly
The list of key-value pairs to associate with the policy store.
-
#validation_settings ⇒ AWSCDK::IResolvable, AWSCDK::Verifiedpermissions::CfnPolicyStore::ValidationSettingsProperty
readonly
Specifies the validation setting for this policy store.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(validation_settings:, deletion_protection: nil, description: nil, encryption_settings: nil, schema: nil, tags: nil) ⇒ CfnPolicyStoreProps
constructor
A new instance of CfnPolicyStoreProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(validation_settings:, deletion_protection: nil, description: nil, encryption_settings: nil, schema: nil, tags: nil) ⇒ CfnPolicyStoreProps
Returns a new instance of CfnPolicyStoreProps.
15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 15 def initialize(validation_settings:, deletion_protection: nil, description: nil, encryption_settings: nil, schema: nil, tags: nil) @validation_settings = validation_settings.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::ValidationSettingsProperty.new(**validation_settings.transform_keys(&:to_sym)) : validation_settings Jsii::Type.check_type(@validation_settings, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLlZhbGlkYXRpb25TZXR0aW5nc1Byb3BlcnR5In1dfX0=")), "validationSettings") @deletion_protection = deletion_protection.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::DeletionProtectionProperty.new(**deletion_protection.transform_keys(&:to_sym)) : deletion_protection Jsii::Type.check_type(@deletion_protection, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLkRlbGV0aW9uUHJvdGVjdGlvblByb3BlcnR5In1dfX0=")), "deletionProtection") unless @deletion_protection.nil? @description = description Jsii::Type.check_type(@description, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "description") unless @description.nil? @encryption_settings = encryption_settings.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::EncryptionSettingsProperty.new(**encryption_settings.transform_keys(&:to_sym)) : encryption_settings Jsii::Type.check_type(@encryption_settings, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLkVuY3J5cHRpb25TZXR0aW5nc1Byb3BlcnR5In1dfX0=")), "encryptionSettings") unless @encryption_settings.nil? @schema = schema.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnPolicyStore::SchemaDefinitionProperty.new(**schema.transform_keys(&:to_sym)) : schema Jsii::Type.check_type(@schema, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmblBvbGljeVN0b3JlLlNjaGVtYURlZmluaXRpb25Qcm9wZXJ0eSJ9XX19")), "schema") unless @schema.nil? @tags = .is_a?(Array) ? .map { |jsii_v0| jsii_v0.is_a?(Hash) ? ::AWSCDK::CfnTag.new(**jsii_v0.transform_keys(&:to_sym)) : jsii_v0 } : Jsii::Type.check_type(@tags, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLkNmblRhZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "tags") unless @tags.nil? end |
Instance Attribute Details
#deletion_protection ⇒ AWSCDK::IResolvable, ... (readonly)
Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.
The default state is DISABLED .
45 46 47 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 45 def deletion_protection @deletion_protection end |
#description ⇒ String? (readonly)
Descriptive text that you can provide to help with identification of the current policy store.
50 51 52 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 50 def description @description end |
#encryption_settings ⇒ AWSCDK::IResolvable, ... (readonly)
53 54 55 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 53 def encryption_settings @encryption_settings end |
#schema ⇒ AWSCDK::IResolvable, ... (readonly)
Creates or updates the policy schema in a policy store.
Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
60 61 62 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 60 def schema @schema end |
#tags ⇒ Array<AWSCDK::CfnTag>? (readonly)
The list of key-value pairs to associate with the policy store.
65 66 67 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 65 def @tags end |
#validation_settings ⇒ AWSCDK::IResolvable, AWSCDK::Verifiedpermissions::CfnPolicyStore::ValidationSettingsProperty (readonly)
Specifies the validation setting for this policy store.
Currently, the only valid and required value is Mode .
We recommend that you turn on
STRICTmode only after you define a schema. If a schema doesn't exist, thenSTRICTmode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
38 39 40 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 38 def validation_settings @validation_settings end |
Class Method Details
.jsii_properties ⇒ Object
67 68 69 70 71 72 73 74 75 76 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 67 def self.jsii_properties { :validation_settings => "validationSettings", :deletion_protection => "deletionProtection", :description => "description", :encryption_settings => "encryptionSettings", :schema => "schema", :tags => "tags", } end |
Instance Method Details
#to_jsii ⇒ Object
78 79 80 81 82 83 84 85 86 87 88 89 |
# File 'verifiedpermissions/cfn_policy_store_props.rb', line 78 def to_jsii result = {} result.merge!({ "validationSettings" => @validation_settings, "deletionProtection" => @deletion_protection, "description" => @description, "encryptionSettings" => @encryption_settings, "schema" => @schema, "tags" => @tags, }) result.compact end |