Class: AWS::Core::Policy::Statement
- Inherits:
-
Object
- Object
- AWS::Core::Policy::Statement
- Defined in:
- lib/aws/core/policy.rb,
lib/aws/core/policy.rb
Overview
Represents a statement in a policy.
Direct Known Subclasses
IAM::Policy::Statement, S3::Policy::Statement, SNS::Policy::Statement, SQS::Policy::Statement
Instance Attribute Summary collapse
-
#actions ⇒ Array
Returns an array of statement actions included by this policy statement.
-
#conditions ⇒ Array
Returns an array of conditions for this policy.
-
#effect ⇒ String
Returns the statement effect, either “Allow” or “Deny”.
-
#excluded_actions ⇒ Array
Returns an array of actions excluded by this policy statement.
-
#principals ⇒ Array
Returns an array of principals.
-
#resources ⇒ Array
Returns an array of resources affected by this policy statement.
-
#sid ⇒ String
Returns the statement id.
Instance Method Summary collapse
-
#exclude_actions(*actions) ⇒ Object
(also: #exclude_action)
Convenience method to add to the list of actions explicitly not affected by this statement.
-
#include_actions(*actions) ⇒ Object
(also: #include_action)
Convenience method to add to the list of actions affected by this statement.
-
#initialize(opts = {}) {|_self| ... } ⇒ Statement
constructor
Constructs a new statement.
- #to_h ⇒ Object
Constructor Details
#initialize(opts = {}) {|_self| ... } ⇒ Statement
Constructs a new statement.
748 749 750 751 752 753 754 755 |
# File 'lib/aws/core/policy.rb', line 748 def initialize(opts = {}) self.sid = UUIDTools::UUID..to_s.tr('-','') self.conditions = ConditionBlock.new (opts) yield(self) if block_given? end |
Instance Attribute Details
#actions ⇒ Array
Returns an array of statement actions included by this policy statement.
704 705 706 |
# File 'lib/aws/core/policy.rb', line 704 def actions @actions end |
#conditions ⇒ Array
Returns an array of conditions for this policy.
715 716 717 |
# File 'lib/aws/core/policy.rb', line 715 def conditions @conditions end |
#effect ⇒ String
Returns the statement effect, either “Allow” or “Deny”
697 698 699 |
# File 'lib/aws/core/policy.rb', line 697 def effect @effect end |
#excluded_actions ⇒ Array
Returns an array of actions excluded by this policy statement.
708 709 710 |
# File 'lib/aws/core/policy.rb', line 708 def excluded_actions @excluded_actions end |
#principals ⇒ Array
Returns an array of principals.
700 701 702 |
# File 'lib/aws/core/policy.rb', line 700 def principals @principals end |
#resources ⇒ Array
Returns an array of resources affected by this policy statement.
712 713 714 |
# File 'lib/aws/core/policy.rb', line 712 def resources @resources end |
#sid ⇒ String
Returns the statement id
693 694 695 |
# File 'lib/aws/core/policy.rb', line 693 def sid @sid end |
Instance Method Details
#exclude_actions(*actions) ⇒ Object Also known as: exclude_action
Convenience method to add to the list of actions explicitly not affected by this statement.
767 768 769 770 |
# File 'lib/aws/core/policy.rb', line 767 def exclude_actions(*actions) self.excluded_actions ||= [] self.excluded_actions.push(*actions) end |
#include_actions(*actions) ⇒ Object Also known as: include_action
Convenience method to add to the list of actions affected by this statement.
759 760 761 762 |
# File 'lib/aws/core/policy.rb', line 759 def include_actions(*actions) self.actions ||= [] self.actions.push(*actions) end |
#to_h ⇒ Object
774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 |
# File 'lib/aws/core/policy.rb', line 774 def to_h stmt = { "Sid" => sid, "Effect" => Inflection.class_name(effect.to_s), "Principal" => principals_hash, "Resource" => resource_arns, "Condition" => (conditions.to_h if conditions) } stmt.delete("Condition") if !conditions || conditions.to_h.empty? stmt.delete("Principal") unless principals_hash if !translated_actions || translated_actions.empty? stmt["NotAction"] = translated_excluded_actions else stmt["Action"] = translated_actions end stmt end |