Module: Aws::VerifiedPermissions::Types

Defined in:
gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb

Defined Under Namespace

Classes: AccessDeniedException, ActionIdentifier, AttributeValue, BatchGetPolicyErrorItem, BatchGetPolicyInput, BatchGetPolicyInputItem, BatchGetPolicyOutput, BatchGetPolicyOutputItem, BatchIsAuthorizedInput, BatchIsAuthorizedInputItem, BatchIsAuthorizedOutput, BatchIsAuthorizedOutputItem, BatchIsAuthorizedWithTokenInput, BatchIsAuthorizedWithTokenInputItem, BatchIsAuthorizedWithTokenOutput, BatchIsAuthorizedWithTokenOutputItem, CognitoGroupConfiguration, CognitoGroupConfigurationDetail, CognitoGroupConfigurationItem, CognitoUserPoolConfiguration, CognitoUserPoolConfigurationDetail, CognitoUserPoolConfigurationItem, Configuration, ConfigurationDetail, ConfigurationItem, ConflictException, ContextDefinition, CreateIdentitySourceInput, CreateIdentitySourceOutput, CreatePolicyInput, CreatePolicyOutput, CreatePolicyStoreInput, CreatePolicyStoreOutput, CreatePolicyTemplateInput, CreatePolicyTemplateOutput, DeleteIdentitySourceInput, DeleteIdentitySourceOutput, DeletePolicyInput, DeletePolicyOutput, DeletePolicyStoreInput, DeletePolicyStoreOutput, DeletePolicyTemplateInput, DeletePolicyTemplateOutput, DeterminingPolicyItem, EntitiesDefinition, EntityIdentifier, EntityItem, EntityReference, EvaluationErrorItem, GetIdentitySourceInput, GetIdentitySourceOutput, GetPolicyInput, GetPolicyOutput, GetPolicyStoreInput, GetPolicyStoreOutput, GetPolicyTemplateInput, GetPolicyTemplateOutput, GetSchemaInput, GetSchemaOutput, IdentitySourceDetails, IdentitySourceFilter, IdentitySourceItem, IdentitySourceItemDetails, InternalServerException, IsAuthorizedInput, IsAuthorizedOutput, IsAuthorizedWithTokenInput, IsAuthorizedWithTokenOutput, ListIdentitySourcesInput, ListIdentitySourcesOutput, ListPoliciesInput, ListPoliciesOutput, ListPolicyStoresInput, ListPolicyStoresOutput, ListPolicyTemplatesInput, ListPolicyTemplatesOutput, OpenIdConnectAccessTokenConfiguration, OpenIdConnectAccessTokenConfigurationDetail, OpenIdConnectAccessTokenConfigurationItem, OpenIdConnectConfiguration, OpenIdConnectConfigurationDetail, OpenIdConnectConfigurationItem, OpenIdConnectGroupConfiguration, OpenIdConnectGroupConfigurationDetail, OpenIdConnectGroupConfigurationItem, OpenIdConnectIdentityTokenConfiguration, OpenIdConnectIdentityTokenConfigurationDetail, OpenIdConnectIdentityTokenConfigurationItem, OpenIdConnectTokenSelection, OpenIdConnectTokenSelectionDetail, OpenIdConnectTokenSelectionItem, PolicyDefinition, PolicyDefinitionDetail, PolicyDefinitionItem, PolicyFilter, PolicyItem, PolicyStoreItem, PolicyTemplateItem, PutSchemaInput, PutSchemaOutput, ResourceConflict, ResourceNotFoundException, SchemaDefinition, ServiceQuotaExceededException, StaticPolicyDefinition, StaticPolicyDefinitionDetail, StaticPolicyDefinitionItem, TemplateLinkedPolicyDefinition, TemplateLinkedPolicyDefinitionDetail, TemplateLinkedPolicyDefinitionItem, ThrottlingException, UpdateCognitoGroupConfiguration, UpdateCognitoUserPoolConfiguration, UpdateConfiguration, UpdateIdentitySourceInput, UpdateIdentitySourceOutput, UpdateOpenIdConnectAccessTokenConfiguration, UpdateOpenIdConnectConfiguration, UpdateOpenIdConnectGroupConfiguration, UpdateOpenIdConnectIdentityTokenConfiguration, UpdateOpenIdConnectTokenSelection, UpdatePolicyDefinition, UpdatePolicyInput, UpdatePolicyOutput, UpdatePolicyStoreInput, UpdatePolicyStoreOutput, UpdatePolicyTemplateInput, UpdatePolicyTemplateOutput, UpdateStaticPolicyDefinition, ValidationException, ValidationExceptionField, ValidationSettings

Instance Attribute Summary collapse

Instance Attribute Details

#access_token_onlyTypes::UpdateOpenIdConnectAccessTokenConfiguration

The OIDC configuration for processing access tokens. Contains allowed audience claims, for example https://auth.example.com, and the claim that you want to map to the principal, for example sub.



3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3105

class OpenIdConnectTokenSelection < Struct.new(
  :access_token_only,
  :identity_token_only,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class AccessTokenOnly < OpenIdConnectTokenSelection; end
  class IdentityTokenOnly < OpenIdConnectTokenSelection; end
  class Unknown < OpenIdConnectTokenSelection; end
end

#booleanBoolean

An attribute value of Boolean type.

Example: {"boolean": true}

Returns:

  • (Boolean)


162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#cedar_jsonString

A JSON string representation of the schema supported by applications that use this policy store. To delete the schema, run PutSchema with {} for this parameter. For more information, see Policy store schema in the Amazon Verified Permissions User Guide.

Returns:

  • (String)


3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3632

class SchemaDefinition < Struct.new(
  :cedar_json,
  :unknown)
  SENSITIVE = [:cedar_json]
  include Aws::Structure
  include Aws::Structure::Union

  class CedarJson < SchemaDefinition; end
  class Unknown < SchemaDefinition; end
end

#cognito_user_pool_configurationTypes::UpdateCognitoUserPoolConfiguration

Contains configuration details of a Amazon Cognito user pool.



864
865
866
867
868
869
870
871
872
873
874
875
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 864

class Configuration < Struct.new(
  :cognito_user_pool_configuration,
  :open_id_connect_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class CognitoUserPoolConfiguration < Configuration; end
  class OpenIdConnectConfiguration < Configuration; end
  class Unknown < Configuration; end
end

#context_mapHash<String,Types::AttributeValue>

An list of attributes that are needed to successfully evaluate an authorization request. Each attribute in this array must include a map of a data type and its value.

Example: "contextMap":{"<KeyName1>":{"boolean":true},"<KeyName2>":{"long":1234}}

Returns:



1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 1034

class ContextDefinition < Struct.new(
  :context_map,
  :unknown)
  SENSITIVE = [:context_map]
  include Aws::Structure
  include Aws::Structure::Union

  class ContextMap < ContextDefinition; end
  class Unknown < ContextDefinition; end
end

#decimalString

An attribute value of decimal type.

Example: {"decimal": "1.1"}

Returns:

  • (String)


162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#entity_identifierTypes::EntityIdentifier

An attribute value of type EntityIdentifier.

Example: "entityIdentifier": { "entityId": "<id>", "entityType": "<entity type>"}



162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#entity_listArray<Types::EntityItem>

An array of entities that are needed to successfully evaluate an authorization request. Each entity in this array must include an identifier for the entity, the attributes of the entity, and a list of any parent entities.

Returns:



1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 1539

class EntitiesDefinition < Struct.new(
  :entity_list,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EntityList < EntitiesDefinition; end
  class Unknown < EntitiesDefinition; end
end

#identifierTypes::EntityIdentifier

The identifier of the entity. It can consist of either an EntityType and EntityId, a principal, or a resource.



1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 1656

class EntityReference < Struct.new(
  :unspecified,
  :identifier,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Unspecified < EntityReference; end
  class Identifier < EntityReference; end
  class Unknown < EntityReference; end
end

#identity_token_onlyTypes::UpdateOpenIdConnectIdentityTokenConfiguration

The OIDC configuration for processing identity (ID) tokens. Contains allowed client ID claims, for example 1example23456789, and the claim that you want to map to the principal, for example sub.



3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3105

class OpenIdConnectTokenSelection < Struct.new(
  :access_token_only,
  :identity_token_only,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class AccessTokenOnly < OpenIdConnectTokenSelection; end
  class IdentityTokenOnly < OpenIdConnectTokenSelection; end
  class Unknown < OpenIdConnectTokenSelection; end
end

#ipaddrString

An attribute value of ipaddr type.

Example: {"ip": "192.168.1.100"}

Returns:

  • (String)


162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#longInteger

An attribute value of Long type.

Example: {"long": 0}

Returns:

  • (Integer)


162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#open_id_connect_configurationTypes::UpdateOpenIdConnectConfiguration

Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.



864
865
866
867
868
869
870
871
872
873
874
875
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 864

class Configuration < Struct.new(
  :cognito_user_pool_configuration,
  :open_id_connect_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class CognitoUserPoolConfiguration < Configuration; end
  class OpenIdConnectConfiguration < Configuration; end
  class Unknown < Configuration; end
end

#recordHash<String,Types::AttributeValue>

An attribute value of Record type.

Example: {"record": { "keyName": {} } }

Returns:



162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#setArray<Types::AttributeValue>

An attribute value of Set type.

Example: {"set": [ {} ] }

Returns:



162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#staticTypes::UpdateStaticPolicyDefinition

Contains details about the updates to be applied to a static policy.



3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3233

class PolicyDefinition < Struct.new(
  :static,
  :template_linked,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Static < PolicyDefinition; end
  class TemplateLinked < PolicyDefinition; end
  class Unknown < PolicyDefinition; end
end

#stringString

An attribute value of String type.

Example: {"string": "abc"}

Returns:

  • (String)


162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 162

class AttributeValue < Struct.new(
  :boolean,
  :entity_identifier,
  :long,
  :string,
  :set,
  :record,
  :ipaddr,
  :decimal,
  :unknown)
  SENSITIVE = [:boolean, :long, :string, :ipaddr, :decimal]
  include Aws::Structure
  include Aws::Structure::Union

  class Boolean < AttributeValue; end
  class EntityIdentifier < AttributeValue; end
  class Long < AttributeValue; end
  class String < AttributeValue; end
  class Set < AttributeValue; end
  class Record < AttributeValue; end
  class Ipaddr < AttributeValue; end
  class Decimal < AttributeValue; end
  class Unknown < AttributeValue; end
end

#template_linkedTypes::TemplateLinkedPolicyDefinitionItem

Information about a template-linked policy that was created by instantiating a policy template.



3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 3233

class PolicyDefinition < Struct.new(
  :static,
  :template_linked,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Static < PolicyDefinition; end
  class TemplateLinked < PolicyDefinition; end
  class Unknown < PolicyDefinition; end
end

#unspecifiedBoolean

Used to indicate that a principal or resource is not specified. This can be used to search for policies that are not associated with a specific principal or resource.

Returns:

  • (Boolean)


1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
# File 'gems/aws-sdk-verifiedpermissions/lib/aws-sdk-verifiedpermissions/types.rb', line 1656

class EntityReference < Struct.new(
  :unspecified,
  :identifier,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Unspecified < EntityReference; end
  class Identifier < EntityReference; end
  class Unknown < EntityReference; end
end