Module: Aws::VerifiedPermissions::Types

Defined in:

lib/aws-sdk-verifiedpermissions/types.rb

Defined Under Namespace

Classes: AccessDeniedException, ActionIdentifier, AttributeValue, BatchGetPolicyErrorItem, BatchGetPolicyInput, BatchGetPolicyInputItem, BatchGetPolicyOutput, BatchGetPolicyOutputItem, BatchIsAuthorizedInput, BatchIsAuthorizedInputItem, BatchIsAuthorizedOutput, BatchIsAuthorizedOutputItem, BatchIsAuthorizedWithTokenInput, BatchIsAuthorizedWithTokenInputItem, BatchIsAuthorizedWithTokenOutput, BatchIsAuthorizedWithTokenOutputItem, CognitoGroupConfiguration, CognitoGroupConfigurationDetail, CognitoGroupConfigurationItem, CognitoUserPoolConfiguration, CognitoUserPoolConfigurationDetail, CognitoUserPoolConfigurationItem, Configuration, ConfigurationDetail, ConfigurationItem, ConflictException, ContextDefinition, CreateIdentitySourceInput, CreateIdentitySourceOutput, CreatePolicyInput, CreatePolicyOutput, CreatePolicyStoreInput, CreatePolicyStoreOutput, CreatePolicyTemplateInput, CreatePolicyTemplateOutput, DeleteIdentitySourceInput, DeleteIdentitySourceOutput, DeletePolicyInput, DeletePolicyOutput, DeletePolicyStoreInput, DeletePolicyStoreOutput, DeletePolicyTemplateInput, DeletePolicyTemplateOutput, DeterminingPolicyItem, EntitiesDefinition, EntityIdentifier, EntityItem, EntityReference, EvaluationErrorItem, GetIdentitySourceInput, GetIdentitySourceOutput, GetPolicyInput, GetPolicyOutput, GetPolicyStoreInput, GetPolicyStoreOutput, GetPolicyTemplateInput, GetPolicyTemplateOutput, GetSchemaInput, GetSchemaOutput, IdentitySourceDetails, IdentitySourceFilter, IdentitySourceItem, IdentitySourceItemDetails, InternalServerException, IsAuthorizedInput, IsAuthorizedOutput, IsAuthorizedWithTokenInput, IsAuthorizedWithTokenOutput, ListIdentitySourcesInput, ListIdentitySourcesOutput, ListPoliciesInput, ListPoliciesOutput, ListPolicyStoresInput, ListPolicyStoresOutput, ListPolicyTemplatesInput, ListPolicyTemplatesOutput, OpenIdConnectAccessTokenConfiguration, OpenIdConnectAccessTokenConfigurationDetail, OpenIdConnectAccessTokenConfigurationItem, OpenIdConnectConfiguration, OpenIdConnectConfigurationDetail, OpenIdConnectConfigurationItem, OpenIdConnectGroupConfiguration, OpenIdConnectGroupConfigurationDetail, OpenIdConnectGroupConfigurationItem, OpenIdConnectIdentityTokenConfiguration, OpenIdConnectIdentityTokenConfigurationDetail, OpenIdConnectIdentityTokenConfigurationItem, OpenIdConnectTokenSelection, OpenIdConnectTokenSelectionDetail, OpenIdConnectTokenSelectionItem, PolicyDefinition, PolicyDefinitionDetail, PolicyDefinitionItem, PolicyFilter, PolicyItem, PolicyStoreItem, PolicyTemplateItem, PutSchemaInput, PutSchemaOutput, ResourceConflict, ResourceNotFoundException, SchemaDefinition, ServiceQuotaExceededException, StaticPolicyDefinition, StaticPolicyDefinitionDetail, StaticPolicyDefinitionItem, TemplateLinkedPolicyDefinition, TemplateLinkedPolicyDefinitionDetail, TemplateLinkedPolicyDefinitionItem, ThrottlingException, UpdateCognitoGroupConfiguration, UpdateCognitoUserPoolConfiguration, UpdateConfiguration, UpdateIdentitySourceInput, UpdateIdentitySourceOutput, UpdateOpenIdConnectAccessTokenConfiguration, UpdateOpenIdConnectConfiguration, UpdateOpenIdConnectGroupConfiguration, UpdateOpenIdConnectIdentityTokenConfiguration, UpdateOpenIdConnectTokenSelection, UpdatePolicyDefinition, UpdatePolicyInput, UpdatePolicyOutput, UpdatePolicyStoreInput, UpdatePolicyStoreOutput, UpdatePolicyTemplateInput, UpdatePolicyTemplateOutput, UpdateStaticPolicyDefinition, ValidationException, ValidationExceptionField, ValidationSettings

Instance Attribute Summary

• #access_token_only ⇒ Types::UpdateOpenIdConnectAccessTokenConfiguration

  The OIDC configuration for processing access tokens.

• #boolean ⇒ Boolean

  An attribute value of [Boolean] type.

• #cedar_json ⇒ String

  A JSON string representation of the schema supported by applications that use this policy store.

• #cognito_user_pool_configuration ⇒ Types::UpdateCognitoUserPoolConfiguration

  Contains configuration details of a Amazon Cognito user pool.

• #context_map ⇒ Hash<String,Types::AttributeValue>

  An list of attributes that are needed to successfully evaluate an authorization request.

• #decimal ⇒ String

  An attribute value of [decimal] type.

• #entity_identifier ⇒ Types::EntityIdentifier

  An attribute value of type [EntityIdentifier].

• #entity_list ⇒ Array<Types::EntityItem>

  An array of entities that are needed to successfully evaluate an authorization request.

• #identifier ⇒ Types::EntityIdentifier

  The identifier of the entity.

• #identity_token_only ⇒ Types::UpdateOpenIdConnectIdentityTokenConfiguration

  The OIDC configuration for processing identity (ID) tokens.

• #ipaddr ⇒ String

  An attribute value of [ipaddr] type.

• #long ⇒ Integer

  An attribute value of [Long] type.

• #open_id_connect_configuration ⇒ Types::UpdateOpenIdConnectConfiguration

  Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities.

• #record ⇒ Hash<String,Types::AttributeValue>

  An attribute value of [Record] type.

• #set ⇒ Array<Types::AttributeValue>

  An attribute value of [Set] type.

• #static ⇒ Types::UpdateStaticPolicyDefinition

  Contains details about the updates to be applied to a static policy.

• #string ⇒ String

  An attribute value of [String] type.

• #template_linked ⇒ Types::TemplateLinkedPolicyDefinitionItem

  Information about a template-linked policy that was created by instantiating a policy template.

• #unspecified ⇒ Boolean

  Used to indicate that a principal or resource is not specified.

Instance Attribute Details

#access_token_only ⇒ Types::UpdateOpenIdConnectAccessTokenConfiguration

The OIDC configuration for processing access tokens. Contains allowed audience claims, for example ‘auth.example.com`, and the claim that you want to map to the principal, for example `sub`.

Returns:

• (Types::UpdateOpenIdConnectAccessTokenConfiguration)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 3105

class OpenIdConnectTokenSelection < Struct.new(
  :access_token_only,
  :identity_token_only,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class AccessTokenOnly < OpenIdConnectTokenSelection; end
  class IdentityTokenOnly < OpenIdConnectTokenSelection; end
  class Unknown < OpenIdConnectTokenSelection; end
end

#boolean ⇒ Boolean

An attribute value of [Boolean] type.

Example: ‘true`

[1]: docs.cedarpolicy.com/policies/syntax-datatypes.html#boolean

Returns:

• (Boolean)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#cedar_json ⇒ String

A JSON string representation of the schema supported by applications that use this policy store. To delete the schema, run [PutSchema] with ‘{}` for this parameter. For more information, see [Policy store schema] in the *Amazon Verified Permissions User Guide*.

[1]: docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PutSchema.html [2]: docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html

Returns:

• (String)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 3632

class SchemaDefinition < Struct.new(
  :cedar_json,
  :unknown)
  SENSITIVE = [:cedar_json]
  include Aws::Structure
  include Aws::Structure::Union

  class CedarJson < SchemaDefinition; end
  class Unknown < SchemaDefinition; end
end

#cognito_user_pool_configuration ⇒ Types::UpdateCognitoUserPoolConfiguration

Contains configuration details of a Amazon Cognito user pool.

Returns:

• (Types::UpdateCognitoUserPoolConfiguration)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 864

class Configuration < Struct.new(
  :cognito_user_pool_configuration,
  :open_id_connect_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class CognitoUserPoolConfiguration < Configuration; end
  class OpenIdConnectConfiguration < Configuration; end
  class Unknown < Configuration; end
end

#context_map ⇒ Hash<String,Types::AttributeValue>

An list of attributes that are needed to successfully evaluate an authorization request. Each attribute in this array must include a map of a data type and its value.

Example: ‘“contextMap”:“<KeyName1>”:{“boolean”:true,“<KeyName2>”:“long”:1234}`

Returns:

• (Hash<String,Types::AttributeValue>)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 1034

class ContextDefinition < Struct.new(
  :context_map,
  :unknown)
  SENSITIVE = [:context_map]
  include Aws::Structure
  include Aws::Structure::Union

  class ContextMap < ContextDefinition; end
  class Unknown < ContextDefinition; end
end

#decimal ⇒ String

An attribute value of [decimal] type.

Example: ‘“1.1”`

[1]: docs.cedarpolicy.com/policies/syntax-datatypes.html#datatype-decimal

Returns:

• (String)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#entity_identifier ⇒ Types::EntityIdentifier

An attribute value of type [EntityIdentifier].

Example: ‘“entityIdentifier”: { “entityId”: “<id>”, “entityType”: “<entity type>”}`

[1]: docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html

Returns:

• (Types::EntityIdentifier)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#entity_list ⇒ Array<Types::EntityItem>

An array of entities that are needed to successfully evaluate an authorization request. Each entity in this array must include an identifier for the entity, the attributes of the entity, and a list of any parent entities.

Returns:

• (Array<Types::EntityItem>)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 1539

class EntitiesDefinition < Struct.new(
  :entity_list,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EntityList < EntitiesDefinition; end
  class Unknown < EntitiesDefinition; end
end

#identifier ⇒ Types::EntityIdentifier

The identifier of the entity. It can consist of either an EntityType and EntityId, a principal, or a resource.

Returns:

• (Types::EntityIdentifier)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 1656

class EntityReference < Struct.new(
  :unspecified,
  :identifier,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Unspecified < EntityReference; end
  class Identifier < EntityReference; end
  class Unknown < EntityReference; end
end

#identity_token_only ⇒ Types::UpdateOpenIdConnectIdentityTokenConfiguration

The OIDC configuration for processing identity (ID) tokens. Contains allowed client ID claims, for example ‘1example23456789`, and the claim that you want to map to the principal, for example `sub`.

Returns:

• (Types::UpdateOpenIdConnectIdentityTokenConfiguration)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 3105

class OpenIdConnectTokenSelection < Struct.new(
  :access_token_only,
  :identity_token_only,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class AccessTokenOnly < OpenIdConnectTokenSelection; end
  class IdentityTokenOnly < OpenIdConnectTokenSelection; end
  class Unknown < OpenIdConnectTokenSelection; end
end

#ipaddr ⇒ String

An attribute value of [ipaddr] type.

Example: ‘“192.168.1.100”`

[1]: docs.cedarpolicy.com/policies/syntax-datatypes.html#datatype-ipaddr

Returns:

• (String)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#long ⇒ Integer

An attribute value of [Long] type.

Example: ‘0`

[1]: docs.cedarpolicy.com/policies/syntax-datatypes.html#long

Returns:

• (Integer)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#open_id_connect_configuration ⇒ Types::UpdateOpenIdConnectConfiguration

Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.

Returns:

• (Types::UpdateOpenIdConnectConfiguration)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 864

class Configuration < Struct.new(
  :cognito_user_pool_configuration,
  :open_id_connect_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class CognitoUserPoolConfiguration < Configuration; end
  class OpenIdConnectConfiguration < Configuration; end
  class Unknown < Configuration; end
end

#record ⇒ Hash<String,Types::AttributeValue>

An attribute value of [Record] type.

Example: ‘{ “keyName”: { } }`

[1]: docs.cedarpolicy.com/policies/syntax-datatypes.html#record

Returns:

• (Hash<String,Types::AttributeValue>)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#set ⇒ Array<Types::AttributeValue>

An attribute value of [Set] type.

Example: ‘[ { ] }`

[1]: docs.cedarpolicy.com/policies/syntax-datatypes.html#set

Returns:

• (Array<Types::AttributeValue>)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#static ⇒ Types::UpdateStaticPolicyDefinition

Contains details about the updates to be applied to a static policy.

Returns:

• (Types::UpdateStaticPolicyDefinition)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 3233

class PolicyDefinition < Struct.new(
  :static,
  :template_linked,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Static < PolicyDefinition; end
  class TemplateLinked < PolicyDefinition; end
  class Unknown < PolicyDefinition; end
end

#string ⇒ String

An attribute value of [String] type.

Example: ‘“abc”`

[1]: docs.cedarpolicy.com/policies/syntax-datatypes.html#string

Returns:

• (String)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#template_linked ⇒ Types::TemplateLinkedPolicyDefinitionItem

Information about a template-linked policy that was created by instantiating a policy template.

Returns:

• (Types::TemplateLinkedPolicyDefinitionItem)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 3233

class PolicyDefinition < Struct.new(
  :static,
  :template_linked,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Static < PolicyDefinition; end
  class TemplateLinked < PolicyDefinition; end
  class Unknown < PolicyDefinition; end
end

#unspecified ⇒ Boolean

Used to indicate that a principal or resource is not specified. This can be used to search for policies that are not associated with a specific principal or resource.

Returns:

• (Boolean)

# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 1656

class EntityReference < Struct.new(
  :unspecified,
  :identifier,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Unspecified < EntityReference; end
  class Identifier < EntityReference; end
  class Unknown < EntityReference; end
end