cdk_iam_utilities

package module
v0.0.33 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 9, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

README

CDK IAM Utilities

Example implementation of this library exist in catnekaise/actions-constructs.

Developer Notes

The general idea is that the utilities in this library can serve as building blocks for composing other utilities that ideally should aid the existing aws-iam library in certain situations.

Documentation

Overview

Experimental utilities intended for AWS CDK IAM

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewBoolConditionKey_Override 

func NewBoolConditionKey_Override(b BoolConditionKey, name *string, settings *ConditionKeySettings)

Experimental.

func NewClaimConstraint_Override 

func NewClaimConstraint_Override(c ClaimConstraint, operator ConditionOperator, claim *string, values *[]*string)

Experimental.

func NewClaimsIamResourcePathBuilder_Override 

func NewClaimsIamResourcePathBuilder_Override(c ClaimsIamResourcePathBuilder, options *ClaimsIamResourcePathBuilderSettings, path *[]*string)

Experimental.

func NewConditionKey_Override 

func NewConditionKey_Override(c ConditionKey, name *string, settings *ConditionKeySettings)

Experimental.

func NewConstraint_Override 

func NewConstraint_Override(c Constraint)

Experimental.

func NewConstraintsBuilder_Override 

func NewConstraintsBuilder_Override(c ConstraintsBuilder, settings *ConstraintsBuilderSettings)

Experimental.

func NewGenericConstraint_Override 

func NewGenericConstraint_Override(g GenericConstraint, operator ConditionOperator, key ConditionKey, value *string, additionalValues ...*string)

Experimental.

func NewIamResourcePathBuilder_Override 

func NewIamResourcePathBuilder_Override(i IamResourcePathBuilder, path *[]*string)

Experimental.

func NewNullConstraint_Override 

func NewNullConstraint_Override(n NullConstraint, key ConditionKey, isNull *bool)

Experimental.

func NewTagConstraint_Override 

func NewTagConstraint_Override(t TagConstraint)

Experimental.

func OperatorUtils_Arn 

func OperatorUtils_Arn() *[]*string

func OperatorUtils_ArraySupport 

func OperatorUtils_ArraySupport(value ConditionOperator) *bool

Experimental.

func OperatorUtils_Binary 

func OperatorUtils_Binary() *[]*string

func OperatorUtils_Bool 

func OperatorUtils_Bool() *[]*string

func OperatorUtils_Date 

func OperatorUtils_Date() *[]*string

func OperatorUtils_IpAddress 

func OperatorUtils_IpAddress() *[]*string

func OperatorUtils_Many 

func OperatorUtils_Many() *[]*string

func OperatorUtils_Numeric 

func OperatorUtils_Numeric() *[]*string

func OperatorUtils_OperatorIsSupported 

func OperatorUtils_OperatorIsSupported(supportedOperators *[]*string, operator ConditionOperator) *bool

Experimental.

func OperatorUtils_OperatorShortName 

func OperatorUtils_OperatorShortName(operator ConditionOperator) *string

Experimental.

func OperatorUtils_String 

func OperatorUtils_String() *[]*string

Types

type ArnConditionOperator 

type ArnConditionOperator string

Experimental. 

const (
	// Experimental.
	ArnConditionOperator_ARN_EQUALS ArnConditionOperator = "ARN_EQUALS"
	// Experimental.
	ArnConditionOperator_ARN_LIKE ArnConditionOperator = "ARN_LIKE"
	// Experimental.
	ArnConditionOperator_ARN_NOT_EQUALS ArnConditionOperator = "ARN_NOT_EQUALS"
	// Experimental.
	ArnConditionOperator_ARN_NOT_LIKE ArnConditionOperator = "ARN_NOT_LIKE"
	// Experimental.
	ArnConditionOperator_ARN_EQUALS_IFEXISTS ArnConditionOperator = "ARN_EQUALS_IFEXISTS"
	// Experimental.
	ArnConditionOperator_ARN_LIKE_IFEXISTS ArnConditionOperator = "ARN_LIKE_IFEXISTS"
	// Experimental.
	ArnConditionOperator_ARN_NOT_EQUALS_IFEXISTS ArnConditionOperator = "ARN_NOT_EQUALS_IFEXISTS"
	// Experimental.
	ArnConditionOperator_ARN_NOT_LIKE_IFEXISTS ArnConditionOperator = "ARN_NOT_LIKE_IFEXISTS"
)

type AwsFederatedProviderConditionKey 

type AwsFederatedProviderConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToCognitoIdentityConstraint() Constraint
	// Experimental.
	ToConstraint(operator ConditionOperator, value *string, additionalValues ...*string) GenericConstraint
	// Experimental.
	ToString() *string
}

Experimental.

func AwsFederatedProviderConditionKey_Create 

func AwsFederatedProviderConditionKey_Create() AwsFederatedProviderConditionKey

func GlobalConditionKey_FederatedProvider 

func GlobalConditionKey_FederatedProvider() AwsFederatedProviderConditionKey

type AwsPrincipalTagConditionKey 

type AwsPrincipalTagConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

func AwsPrincipalTagConditionKey_Tag 

func AwsPrincipalTagConditionKey_Tag(tagName *string) AwsPrincipalTagConditionKey

Experimental.

func GlobalConditionKey_PrincipalTag 

func GlobalConditionKey_PrincipalTag(tagName *string) AwsPrincipalTagConditionKey

Use this key to compare the tag attached to the principal making the request with the tag that you specify in the policy. Experimental.

type AwsRequestTagConditionKey 

type AwsRequestTagConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

func AwsRequestTagConditionKey_Tag 

func AwsRequestTagConditionKey_Tag(tagName *string) AwsRequestTagConditionKey

Experimental.

func GlobalConditionKey_RequestTag 

func GlobalConditionKey_RequestTag(tagName *string) AwsRequestTagConditionKey

Use this key to compare the tag key-value pair that was passed in the request with the tag pair that you specify in the policy. Experimental.

type AwsResourceTagConditionKey 

type AwsResourceTagConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

func AwsResourceTagConditionKey_Tag 

func AwsResourceTagConditionKey_Tag(tagName *string) AwsResourceTagConditionKey

Experimental.

func GlobalConditionKey_ResourceTag 

func GlobalConditionKey_ResourceTag(tagName *string) AwsResourceTagConditionKey

Use this key to compare the tag key-value pair that you specify in the policy with the key-value pair attached to the resource. Experimental.

type AwsSourceVpcConditionKey 

type AwsSourceVpcConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
	// Experimental.
	ToVpcConstraint(vpc awsec2.IVpc) GenericConstraint
}

Experimental.

func AwsSourceVpcConditionKey_Create 

func AwsSourceVpcConditionKey_Create() AwsSourceVpcConditionKey

func GlobalConditionKey_SourceVpc 

func GlobalConditionKey_SourceVpc() AwsSourceVpcConditionKey

type BoolConditionKey 

type BoolConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

type BoolConstraint 

type BoolConstraint interface {
	Constraint
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func BoolConstraint_WhenFalse 

func BoolConstraint_WhenFalse(key ConditionKey, ifExists *bool) BoolConstraint

Experimental.

func BoolConstraint_WhenTrue 

func BoolConstraint_WhenTrue(key ConditionKey, ifExists *bool) BoolConstraint

Experimental.

type CalledViaConstraint 

type CalledViaConstraint interface {
	Constraint
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func CalledViaConstraint_CalledVia 

func CalledViaConstraint_CalledVia(service CalledViaServicePrincipal) CalledViaConstraint

Experimental.

func CalledViaConstraint_CalledViaFirst 

func CalledViaConstraint_CalledViaFirst(service CalledViaServicePrincipal) CalledViaConstraint

Experimental.

func CalledViaConstraint_CalledViaFirstAndLast 

func CalledViaConstraint_CalledViaFirstAndLast(firstService CalledViaServicePrincipal, lastService CalledViaServicePrincipal) CalledViaConstraint

Experimental.

func CalledViaConstraint_CalledViaLast 

func CalledViaConstraint_CalledViaLast(service CalledViaServicePrincipal) CalledViaConstraint

Experimental.

type CalledViaServicePrincipal 

type CalledViaServicePrincipal string

Experimental. 

const (
	// Experimental.
	CalledViaServicePrincipal_AOSS CalledViaServicePrincipal = "AOSS"
	// Experimental.
	CalledViaServicePrincipal_ATHENA CalledViaServicePrincipal = "ATHENA"
	// Experimental.
	CalledViaServicePrincipal_BACKUP CalledViaServicePrincipal = "BACKUP"
	// Experimental.
	CalledViaServicePrincipal_CLOUD9 CalledViaServicePrincipal = "CLOUD9"
	// Experimental.
	CalledViaServicePrincipal_CLOUDFORMATION CalledViaServicePrincipal = "CLOUDFORMATION"
	// Experimental.
	CalledViaServicePrincipal_DATABREW CalledViaServicePrincipal = "DATABREW"
	// Experimental.
	CalledViaServicePrincipal_DATAEXCHANGE CalledViaServicePrincipal = "DATAEXCHANGE"
	// Experimental.
	CalledViaServicePrincipal_DYNAMODB CalledViaServicePrincipal = "DYNAMODB"
	// Experimental.
	CalledViaServicePrincipal_IMAGEBUILDER CalledViaServicePrincipal = "IMAGEBUILDER"
	// Experimental.
	CalledViaServicePrincipal_KMS CalledViaServicePrincipal = "KMS"
	// Experimental.
	CalledViaServicePrincipal_MGN CalledViaServicePrincipal = "MGN"
	// Experimental.
	CalledViaServicePrincipal_NIMBLE CalledViaServicePrincipal = "NIMBLE"
	// Experimental.
	CalledViaServicePrincipal_OMICS CalledViaServicePrincipal = "OMICS"
	// Experimental.
	CalledViaServicePrincipal_RAM CalledViaServicePrincipal = "RAM"
	// Experimental.
	CalledViaServicePrincipal_ROBOMAKER CalledViaServicePrincipal = "ROBOMAKER"
	// Experimental.
	CalledViaServicePrincipal_SERVICECATALOG_APPREGISTRY CalledViaServicePrincipal = "SERVICECATALOG_APPREGISTRY"
	// Experimental.
	CalledViaServicePrincipal_SQLWORKBENCH CalledViaServicePrincipal = "SQLWORKBENCH"
)

type Claim 

type Claim struct {
	// Name represents the original value of the claim/attribute.
	// Experimental.
	Name *string `field:"required" json:"name" yaml:"name"`
	// Tag Name is name of the tag corresponding to name.
	//
	// It can either match name or be a different value.
	// Experimental.
	TagName *string `field:"required" json:"tagName" yaml:"tagName"`
}

Experimental.

type ClaimConstraint 

type ClaimConstraint interface {
	Constraint
	// Experimental.
	Claim() *string
	// Experimental.
	Operator() ConditionOperator
	// Experimental.
	Values() *[]*string
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

type ClaimsIamResourcePathBuilder 

type ClaimsIamResourcePathBuilder interface {
	IamResourcePathBuilder
	// Experimental.
	Options() *ClaimsIamResourcePathBuilderSettings
	// Experimental.
	Path() *[]*string
	// Experimental.
	AppendClaim(claims ...*string) *[]*string
	// Experimental.
	AppendPolicyVariable(policyVariable PolicyVariable) *[]*string
	// Experimental.
	AppendText(values ...*string) *[]*string
	// Experimental.
	AppendValue(values ...*string) *[]*string
	// Experimental.
	ToString() *string
}

Experimental.

type ClaimsIamResourcePathBuilderSettings 

type ClaimsIamResourcePathBuilderSettings struct {
	// Experimental.
	ClaimsContext IClaimsContext `field:"required" json:"claimsContext" yaml:"claimsContext"`
}

Experimental.

type ClaimsUtility 

type ClaimsUtility interface {
	// Experimental.
	KnownClaims() *[]*string
	// Experimental.
	MappedClaims() IMappedClaims
	// Experimental.
	PrincipalTagCondition(claim *string) AwsPrincipalTagConditionKey
	// Experimental.
	RequestTagCondition(claim *string) AwsRequestTagConditionKey
	// Experimental.
	TagName(scope constructs.Construct, claim *string) *string
	// Experimental.
	TagNameForClaim(claim *string) *string
}

Experimental.

func ClaimsUtility_ForContext 

func ClaimsUtility_ForContext(context IClaimsContext) ClaimsUtility

Experimental.

type ConditionKey 

type ConditionKey interface {
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

type ConditionKeySettings 

type ConditionKeySettings struct {
	// Experimental.
	SupportedOperators *[]*string `field:"required" json:"supportedOperators" yaml:"supportedOperators"`
}

Experimental.

type ConditionOperator 

type ConditionOperator string

Experimental. 

const (
	// Experimental.
	ConditionOperator_STRING_EQUALS ConditionOperator = "STRING_EQUALS"
	// Experimental.
	ConditionOperator_STRING_NOT_EQUALS ConditionOperator = "STRING_NOT_EQUALS"
	// Experimental.
	ConditionOperator_STRING_EQUALS_IGNORECASE ConditionOperator = "STRING_EQUALS_IGNORECASE"
	// Experimental.
	ConditionOperator_STRING_NOT_EQUALS_IGNORECASE ConditionOperator = "STRING_NOT_EQUALS_IGNORECASE"
	// Experimental.
	ConditionOperator_STRING_LIKE ConditionOperator = "STRING_LIKE"
	// Experimental.
	ConditionOperator_STRING_NOT_LIKE ConditionOperator = "STRING_NOT_LIKE"
	// Experimental.
	ConditionOperator_STRING_EQUALS_IFEXISTS ConditionOperator = "STRING_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_STRING_NOT_EQUALS_IFEXISTS ConditionOperator = "STRING_NOT_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_STRING_EQUALS_IGNORECASE_IFEXISTS ConditionOperator = "STRING_EQUALS_IGNORECASE_IFEXISTS"
	// Experimental.
	ConditionOperator_STRING_NOT_EQUALS_IGNORECASE_IFEXISTS ConditionOperator = "STRING_NOT_EQUALS_IGNORECASE_IFEXISTS"
	// Experimental.
	ConditionOperator_STRING_LIKE_IFEXISTS ConditionOperator = "STRING_LIKE_IFEXISTS"
	// Experimental.
	ConditionOperator_STRING_NOT_LIKE_IFEXISTS ConditionOperator = "STRING_NOT_LIKE_IFEXISTS"
	// Experimental.
	ConditionOperator_DATE_EQUALS ConditionOperator = "DATE_EQUALS"
	// Experimental.
	ConditionOperator_DATE_NOT_EQUALS ConditionOperator = "DATE_NOT_EQUALS"
	// Experimental.
	ConditionOperator_DATE_LESS_THAN ConditionOperator = "DATE_LESS_THAN"
	// Experimental.
	ConditionOperator_DATE_LESS_THAN_EQUALS ConditionOperator = "DATE_LESS_THAN_EQUALS"
	// Experimental.
	ConditionOperator_DATE_GREATER_THAN ConditionOperator = "DATE_GREATER_THAN"
	// Experimental.
	ConditionOperator_DATE_GREATER_THAN_EQUALS ConditionOperator = "DATE_GREATER_THAN_EQUALS"
	// Experimental.
	ConditionOperator_DATE_EQUALS_IFEXISTS ConditionOperator = "DATE_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_DATE_NOT_EQUALS_IFEXISTS ConditionOperator = "DATE_NOT_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_DATE_LESS_THAN_IFEXISTS ConditionOperator = "DATE_LESS_THAN_IFEXISTS"
	// Experimental.
	ConditionOperator_DATE_LESS_THAN_EQUALS_IFEXISTS ConditionOperator = "DATE_LESS_THAN_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_DATE_GREATER_THAN_IFEXISTS ConditionOperator = "DATE_GREATER_THAN_IFEXISTS"
	// Experimental.
	ConditionOperator_DATE_GREATER_THAN_EQUALS_IFEXISTS ConditionOperator = "DATE_GREATER_THAN_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_NUMERIC_EQUALS ConditionOperator = "NUMERIC_EQUALS"
	// Experimental.
	ConditionOperator_NUMERIC_NOT_EQUALS ConditionOperator = "NUMERIC_NOT_EQUALS"
	// Experimental.
	ConditionOperator_NUMERIC_LESS_THAN ConditionOperator = "NUMERIC_LESS_THAN"
	// Experimental.
	ConditionOperator_NUMERIC_LESS_THAN_EQUALS ConditionOperator = "NUMERIC_LESS_THAN_EQUALS"
	// Experimental.
	ConditionOperator_NUMERIC_GREATER_THAN ConditionOperator = "NUMERIC_GREATER_THAN"
	// Experimental.
	ConditionOperator_NUMERIC_GREATER_THAN_EQUALS ConditionOperator = "NUMERIC_GREATER_THAN_EQUALS"
	// Experimental.
	ConditionOperator_NUMERIC_EQUALS_IFEXISTS ConditionOperator = "NUMERIC_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_NUMERIC_NOT_EQUALS_IFEXISTS ConditionOperator = "NUMERIC_NOT_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_NUMERIC_LESS_THAN_IFEXISTS ConditionOperator = "NUMERIC_LESS_THAN_IFEXISTS"
	// Experimental.
	ConditionOperator_NUMERIC_LESS_THAN_EQUALS_IFEXISTS ConditionOperator = "NUMERIC_LESS_THAN_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_NUMERIC_GREATER_THAN_IFEXISTS ConditionOperator = "NUMERIC_GREATER_THAN_IFEXISTS"
	// Experimental.
	ConditionOperator_NUMERIC_GREATER_THAN_EQUALS_IFEXISTS ConditionOperator = "NUMERIC_GREATER_THAN_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_FOR_ANY_VALUE_STRING_LIKE ConditionOperator = "FOR_ANY_VALUE_STRING_LIKE"
	// Experimental.
	ConditionOperator_FOR_ANY_VALUE_STRING_EQUALS ConditionOperator = "FOR_ANY_VALUE_STRING_EQUALS"
	// Experimental.
	ConditionOperator_FOR_ALL_VALUES_STRING_LIKE ConditionOperator = "FOR_ALL_VALUES_STRING_LIKE"
	// Experimental.
	ConditionOperator_FOR_ALL_VALUES_STRING_EQUALS ConditionOperator = "FOR_ALL_VALUES_STRING_EQUALS"
	// Experimental.
	ConditionOperator_FOR_ALL_VALUES_STRING_EQUALS_IGNORECASE ConditionOperator = "FOR_ALL_VALUES_STRING_EQUALS_IGNORECASE"
	// Experimental.
	ConditionOperator_BOOL ConditionOperator = "BOOL"
	// Experimental.
	ConditionOperator_BOOL_IFEXISTS ConditionOperator = "BOOL_IFEXISTS"
	// Experimental.
	ConditionOperator_BINARY_EQUALS ConditionOperator = "BINARY_EQUALS"
	// Experimental.
	ConditionOperator_ARN_EQUALS ConditionOperator = "ARN_EQUALS"
	// Experimental.
	ConditionOperator_ARN_LIKE ConditionOperator = "ARN_LIKE"
	// Experimental.
	ConditionOperator_ARN_NOT_EQUALS ConditionOperator = "ARN_NOT_EQUALS"
	// Experimental.
	ConditionOperator_ARN_NOT_LIKE ConditionOperator = "ARN_NOT_LIKE"
	// Experimental.
	ConditionOperator_ARN_EQUALS_IFEXISTS ConditionOperator = "ARN_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_ARN_LIKE_IFEXISTS ConditionOperator = "ARN_LIKE_IFEXISTS"
	// Experimental.
	ConditionOperator_ARN_NOT_EQUALS_IFEXISTS ConditionOperator = "ARN_NOT_EQUALS_IFEXISTS"
	// Experimental.
	ConditionOperator_ARN_NOT_LIKE_IFEXISTS ConditionOperator = "ARN_NOT_LIKE_IFEXISTS"
	// Experimental.
	ConditionOperator_IP_ADDRESS ConditionOperator = "IP_ADDRESS"
	// Experimental.
	ConditionOperator_IP_ADDRESS_IFEXISTS ConditionOperator = "IP_ADDRESS_IFEXISTS"
	// Experimental.
	ConditionOperator_NOT_IP_ADDRESS ConditionOperator = "NOT_IP_ADDRESS"
	// Experimental.
	ConditionOperator_NOT_IP_ADDRESS_IFEXISTS ConditionOperator = "NOT_IP_ADDRESS_IFEXISTS"
	// Experimental.
	ConditionOperator_NULL ConditionOperator = "NULL"
)

func OperatorUtils_Convert 

func OperatorUtils_Convert(value interface{}) ConditionOperator

Experimental.

type Constraint 

type Constraint interface {
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

type ConstraintAssembleContext 

type ConstraintAssembleContext struct {
	// Experimental.
	Effect awsiam.Effect `field:"required" json:"effect" yaml:"effect"`
	// Experimental.
	PolicyType PolicyType `field:"required" json:"policyType" yaml:"policyType"`
	// Experimental.
	ClaimsContext IClaimsContext `field:"optional" json:"claimsContext" yaml:"claimsContext"`
}

Experimental.

type ConstraintPolicyMutation 

type ConstraintPolicyMutation struct {
	// Experimental.
	Key ConditionKey `field:"required" json:"key" yaml:"key"`
	// Experimental.
	Operator ConditionOperator `field:"required" json:"operator" yaml:"operator"`
	// Experimental.
	Type ConstraintPolicyMutationType `field:"required" json:"type" yaml:"type"`
	// Experimental.
	Value *[]interface{} `field:"required" json:"value" yaml:"value"`
	// Experimental.
	ActionsMatchService *string `field:"optional" json:"actionsMatchService" yaml:"actionsMatchService"`
	// Experimental.
	Order *float64 `field:"optional" json:"order" yaml:"order"`
	// Experimental.
	Strategy *string `field:"optional" json:"strategy" yaml:"strategy"`
}

Experimental.

type ConstraintPolicyMutationType 

type ConstraintPolicyMutationType string

Experimental. 

const (
	// Experimental.
	ConstraintPolicyMutationType_CONDITION ConstraintPolicyMutationType = "CONDITION"
)

type ConstraintUtilitySettings 

type ConstraintUtilitySettings struct {
	// Experimental.
	PolicyType PolicyType `field:"required" json:"policyType" yaml:"policyType"`
	// Experimental.
	AppendConditionValues *bool `field:"optional" json:"appendConditionValues" yaml:"appendConditionValues"`
	// Experimental.
	ClaimsContext IClaimsContext `field:"optional" json:"claimsContext" yaml:"claimsContext"`
}

Experimental.

type ConstraintsBuilder 

type ConstraintsBuilder interface {
	IConstraintsBuilder
	// Experimental.
	Constraints() *[]Constraint
	// Experimental.
	Settings() *ConstraintsBuilderSettings
	// Experimental.
	Add(constraint Constraint, additionalConstraints ...Constraint) ConstraintsBuilder
}

Experimental.

type ConstraintsBuilderSettings 

type ConstraintsBuilderSettings struct {
	// Experimental.
	ClaimsContext IClaimsContext `field:"optional" json:"claimsContext" yaml:"claimsContext"`
}

Experimental.

type ConstraintsUtility 

type ConstraintsUtility interface {
	// Experimental.
	AppendGrant(scope constructs.Construct, settings *ConstraintUtilitySettings, grant awsiam.Grant)
	// Experimental.
	AppendPolicy(scope constructs.Construct, settings *ConstraintUtilitySettings, policyStatement awsiam.PolicyStatement)
}

Experimental.

func ConstraintsUtility_ForConstraints 

func ConstraintsUtility_ForConstraints(constraints *[]Constraint) ConstraintsUtility

Experimental.

type DateConstraint 

type DateConstraint interface {
	Constraint
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func DateConstraint_BetweenDates 

func DateConstraint_BetweenDates(key ConditionKey, from *time.Time, to *time.Time) DateConstraint

Experimental.

func DateConstraint_GreaterThan 

func DateConstraint_GreaterThan(key ConditionKey, date *time.Time) DateConstraint

Experimental.

func DateConstraint_LessThan 

func DateConstraint_LessThan(key ConditionKey, date *time.Time) DateConstraint

Experimental.

type GenericClaimsIamResourcePathBuilder 

type GenericClaimsIamResourcePathBuilder interface {
	ClaimsIamResourcePathBuilder
	// Experimental.
	Options() *ClaimsIamResourcePathBuilderSettings
	// Experimental.
	Path() *[]*string
	// Experimental.
	AppendClaim(claims ...*string) *[]*string
	// Experimental.
	AppendPolicyVariable(policyVariable PolicyVariable) *[]*string
	// Experimental.
	AppendText(values ...*string) *[]*string
	// Experimental.
	AppendValue(values ...*string) *[]*string
	// Experimental.
	Claim(claim *string, additionalClaims ...*string) GenericClaimsIamResourcePathBuilder
	// Experimental.
	PolicyVariable(value PolicyVariable) GenericClaimsIamResourcePathBuilder
	// Experimental.
	Text(value *string, additionalValues ...*string) GenericClaimsIamResourcePathBuilder
	// Experimental.
	ToString() *string
	// Experimental.
	Value(value *string, additionalValues ...*string) GenericClaimsIamResourcePathBuilder
}

Experimental.

func GenericClaimsIamResourcePathBuilder_Create 

func GenericClaimsIamResourcePathBuilder_Create(claimsContext IClaimsContext) GenericClaimsIamResourcePathBuilder

Experimental.

type GenericConditionKey 

type GenericConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

func GenericConditionKey_Custom 

func GenericConditionKey_Custom(name *string, settings *ConditionKeySettings) GenericConditionKey

Experimental.

type GenericConstraint 

type GenericConstraint interface {
	Constraint
	// Experimental.
	Key() ConditionKey
	// Experimental.
	Operator() ConditionOperator
	// Experimental.
	Value() *[]*string
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func NewGenericConstraint 

func NewGenericConstraint(operator ConditionOperator, key ConditionKey, value *string, additionalValues ...*string) GenericConstraint

Experimental.

type GlobalBoolConditionKey 

type GlobalBoolConditionKey interface {
	BoolConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToBoolFalseConstraint(ifExists *bool) BoolConstraint
	// Experimental.
	ToBoolTrueConstraint(ifExists *bool) BoolConstraint
	// Experimental.
	ToString() *string
}

Experimental.

func GlobalBoolConditionKey_MultiFactorAuthPresent 

func GlobalBoolConditionKey_MultiFactorAuthPresent() GlobalBoolConditionKey

func GlobalBoolConditionKey_PrincipalIsAWSService 

func GlobalBoolConditionKey_PrincipalIsAWSService() GlobalBoolConditionKey

func GlobalBoolConditionKey_SecureTransport 

func GlobalBoolConditionKey_SecureTransport() GlobalBoolConditionKey

func GlobalBoolConditionKey_ViaAWSService 

func GlobalBoolConditionKey_ViaAWSService() GlobalBoolConditionKey

func GlobalConditionKey_MultiFactorAuthPresent 

func GlobalConditionKey_MultiFactorAuthPresent() GlobalBoolConditionKey

func GlobalConditionKey_PrincipalIsAWSService 

func GlobalConditionKey_PrincipalIsAWSService() GlobalBoolConditionKey

func GlobalConditionKey_SecureTransport 

func GlobalConditionKey_SecureTransport() GlobalBoolConditionKey

func GlobalConditionKey_ViaAWSService 

func GlobalConditionKey_ViaAWSService() GlobalBoolConditionKey

type GlobalConditionKey 

type GlobalConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToConstraint(operator ConditionOperator, value *string, additionalValues ...*string) GenericConstraint
	// Experimental.
	ToString() *string
}

Experimental.

func GlobalConditionKey_CalledVia 

func GlobalConditionKey_CalledVia() GlobalConditionKey

func GlobalConditionKey_CalledViaFirst 

func GlobalConditionKey_CalledViaFirst() GlobalConditionKey

func GlobalConditionKey_CalledViaLast 

func GlobalConditionKey_CalledViaLast() GlobalConditionKey

func GlobalConditionKey_CurrentTime 

func GlobalConditionKey_CurrentTime() GlobalConditionKey

func GlobalConditionKey_Ec2InstanceSourcePrivateIPv4 

func GlobalConditionKey_Ec2InstanceSourcePrivateIPv4() GlobalConditionKey

func GlobalConditionKey_Ec2InstanceSourceVpc 

func GlobalConditionKey_Ec2InstanceSourceVpc() GlobalConditionKey

func GlobalConditionKey_EpochTime 

func GlobalConditionKey_EpochTime() GlobalConditionKey

func GlobalConditionKey_MultiFactorAuthAge 

func GlobalConditionKey_MultiFactorAuthAge() GlobalConditionKey

func GlobalConditionKey_PrincipalAccount 

func GlobalConditionKey_PrincipalAccount() GlobalConditionKey

func GlobalConditionKey_PrincipalArn 

func GlobalConditionKey_PrincipalArn() GlobalConditionKey

func GlobalConditionKey_PrincipalOrgID 

func GlobalConditionKey_PrincipalOrgID() GlobalConditionKey

func GlobalConditionKey_PrincipalOrgPaths 

func GlobalConditionKey_PrincipalOrgPaths() GlobalConditionKey

func GlobalConditionKey_PrincipalServiceName 

func GlobalConditionKey_PrincipalServiceName() GlobalConditionKey

func GlobalConditionKey_PrincipalServiceNamesList 

func GlobalConditionKey_PrincipalServiceNamesList() GlobalConditionKey

func GlobalConditionKey_PrincipalType 

func GlobalConditionKey_PrincipalType() GlobalConditionKey

func GlobalConditionKey_Referer 

func GlobalConditionKey_Referer() GlobalConditionKey

func GlobalConditionKey_RequestedRegion 

func GlobalConditionKey_RequestedRegion() GlobalConditionKey

func GlobalConditionKey_ResourceAccount 

func GlobalConditionKey_ResourceAccount() GlobalConditionKey

func GlobalConditionKey_ResourceOrgID 

func GlobalConditionKey_ResourceOrgID() GlobalConditionKey

func GlobalConditionKey_ResourceOrgPaths 

func GlobalConditionKey_ResourceOrgPaths() GlobalConditionKey

func GlobalConditionKey_SourceAccount 

func GlobalConditionKey_SourceAccount() GlobalConditionKey

func GlobalConditionKey_SourceArn 

func GlobalConditionKey_SourceArn() GlobalConditionKey

func GlobalConditionKey_SourceIdentity 

func GlobalConditionKey_SourceIdentity() GlobalConditionKey

func GlobalConditionKey_SourceIp 

func GlobalConditionKey_SourceIp() GlobalConditionKey

func GlobalConditionKey_SourceOrgID 

func GlobalConditionKey_SourceOrgID() GlobalConditionKey

func GlobalConditionKey_SourceOrgPaths 

func GlobalConditionKey_SourceOrgPaths() GlobalConditionKey

func GlobalConditionKey_SourceVpce 

func GlobalConditionKey_SourceVpce() GlobalConditionKey

func GlobalConditionKey_TagKeys 

func GlobalConditionKey_TagKeys() GlobalConditionKey

func GlobalConditionKey_TokenIssueTime 

func GlobalConditionKey_TokenIssueTime() GlobalConditionKey

func GlobalConditionKey_UserAgent 

func GlobalConditionKey_UserAgent() GlobalConditionKey

func GlobalConditionKey_Userid 

func GlobalConditionKey_Userid() GlobalConditionKey

func GlobalConditionKey_Username 

func GlobalConditionKey_Username() GlobalConditionKey

func GlobalConditionKey_VpcSourceIp 

func GlobalConditionKey_VpcSourceIp() GlobalConditionKey

type IClaimsContext 

type IClaimsContext interface {
	// Experimental.
	KnownClaims() *[]*string
	// Experimental.
	MappedClaims() IMappedClaims
}

Experimental.

type IConstraintsBuilder 

type IConstraintsBuilder interface {
	// Experimental.
	Constraints() *[]Constraint
}

Experimental.

type IIamResourcePath 

type IIamResourcePath interface {
	// Experimental.
	ToString() *string
}

Experimental.

type IMappedClaims 

type IMappedClaims interface {
	// Experimental.
	Claims() *[]*Claim
}

Experimental.

type IamResourcePathBuilder 

type IamResourcePathBuilder interface {
	IIamResourcePath
	// Experimental.
	Path() *[]*string
	// Experimental.
	AppendPolicyVariable(policyVariable PolicyVariable) *[]*string
	// Experimental.
	AppendText(values ...*string) *[]*string
	// Experimental.
	ToString() *string
}

Experimental.

type IamResourceTagConditionKey 

type IamResourceTagConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

func IamResourceTagConditionKey_Tag 

func IamResourceTagConditionKey_Tag(tagName *string) IamResourceTagConditionKey

Experimental.

func StsServiceConditionKey_IamResourceTag 

func StsServiceConditionKey_IamResourceTag(tagName *string) IamResourceTagConditionKey

Filters access by the tags that are attached to the role that is being assumed. Experimental.

type IpAddressConditionOperator 

type IpAddressConditionOperator string

Experimental. 

const (
	// Experimental.
	IpAddressConditionOperator_IP_ADDRESS IpAddressConditionOperator = "IP_ADDRESS"
	// Experimental.
	IpAddressConditionOperator_IP_ADDRESS_IFEXISTS IpAddressConditionOperator = "IP_ADDRESS_IFEXISTS"
	// Experimental.
	IpAddressConditionOperator_NOT_IP_ADDRESS IpAddressConditionOperator = "NOT_IP_ADDRESS"
	// Experimental.
	IpAddressConditionOperator_NOT_IP_ADDRESS_IFEXISTS IpAddressConditionOperator = "NOT_IP_ADDRESS_IFEXISTS"
)

type MappedClaims 

type MappedClaims interface {
	IMappedClaims
	// Experimental.
	Claims() *[]*Claim
}

Experimental.

func MappedClaims_Create 

func MappedClaims_Create(claim *string, additionalClaims ...*string) MappedClaims

Experimental.

func MappedClaims_CreateMapped 

func MappedClaims_CreateMapped(claims *map[string]*string) MappedClaims

Experimental.

type NullConstraint 

type NullConstraint interface {
	Constraint
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func NewNullConstraint 

func NewNullConstraint(key ConditionKey, isNull *bool) NullConstraint

Experimental.

func NullConstraint_IsNotNull 

func NullConstraint_IsNotNull(key ConditionKey) NullConstraint

Experimental.

func NullConstraint_IsNull 

func NullConstraint_IsNull(key ConditionKey) NullConstraint

Experimental.

type OperatorUtils 

type OperatorUtils interface {
}

Experimental.

type PassClaimsConstraint 

type PassClaimsConstraint interface {
	Constraint
	// Experimental.
	Settings() *PassClaimsConstraintSettings
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func PassClaimsConstraint_Create 

func PassClaimsConstraint_Create(claims *PassClaimsConstraintSettings) PassClaimsConstraint

Experimental.

type PassClaimsConstraintSettings 

type PassClaimsConstraintSettings struct {
	// Experimental.
	AllowAnyTags *bool `field:"required" json:"allowAnyTags" yaml:"allowAnyTags"`
	// Experimental.
	Claims *map[string]*string `field:"required" json:"claims" yaml:"claims"`
	// Experimental.
	SpecificallyAllowedTags *[]*string `field:"optional" json:"specificallyAllowedTags" yaml:"specificallyAllowedTags"`
}

Experimental.

type PolicyType 

type PolicyType interface {
	// Experimental.
	IsIdentityPolicy() *bool
	// Experimental.
	IsResourcePolicy() *bool
	// Experimental.
	IsTrustPolicy() *bool
	// Experimental.
	PrincipalType() PrincipalType
	// Experimental.
	Service() ResourcePolicyType
	// Experimental.
	Type() *string
	// Experimental.
	IsResourcePolicyForService(service ResourcePolicyType) *bool
}

Experimental.

func PolicyType_IdentityPolicy 

func PolicyType_IdentityPolicy() PolicyType

func PolicyType_NonSpecific 

func PolicyType_NonSpecific() PolicyType

func PolicyType_ResourcePolicy 

func PolicyType_ResourcePolicy(type_ ResourcePolicyType) PolicyType

Experimental.

func PolicyType_TrustPolicy 

func PolicyType_TrustPolicy(principalType PrincipalType) PolicyType

Experimental.

type PolicyVariable 

type PolicyVariable interface {
	// Experimental.
	DefaultValue() *string
	// Experimental.
	IsTag() *bool
	// Experimental.
	TagName() *string
	// Experimental.
	Type() *string
	// Experimental.
	ToString() *string
}

Experimental.

func PolicyVariable_PrincipalOrgId 

func PolicyVariable_PrincipalOrgId(defaultValue *string) PolicyVariable

Experimental.

func PolicyVariable_PrincipalTag 

func PolicyVariable_PrincipalTag(tagName *string, defaultValue *string) PolicyVariable

Experimental.

func PolicyVariable_PrincipalType 

func PolicyVariable_PrincipalType(defaultValue *string) PolicyVariable

Experimental.

func PolicyVariable_RequestTag 

func PolicyVariable_RequestTag(tagName *string, defaultValue *string) PolicyVariable

Experimental.

func PolicyVariable_ResourceTag 

func PolicyVariable_ResourceTag(tagName *string, defaultValue *string) PolicyVariable

Experimental.

func PolicyVariable_UserId 

func PolicyVariable_UserId(defaultValue *string) PolicyVariable

Experimental.

func PolicyVariable_Username 

func PolicyVariable_Username(defaultValue *string) PolicyVariable

Experimental.

type PrincipalTagConstraint 

type PrincipalTagConstraint interface {
	TagConstraint
	// Experimental.
	TagName() *string
	// Experimental.
	Values() *[]*string
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func PrincipalTagConstraint_StringEquals 

func PrincipalTagConstraint_StringEquals(tagName *string, value *string, values ...*string) PrincipalTagConstraint

Experimental.

type PrincipalType 

type PrincipalType interface {
	// Experimental.
	IsAws() *bool
	// Experimental.
	IsFederated() *bool
	// Experimental.
	IsSaml() *bool
	// Experimental.
	IsService() *bool
	// Experimental.
	Type() *string
}

Experimental.

func PrincipalType_Aws 

func PrincipalType_Aws() PrincipalType

func PrincipalType_Federated 

func PrincipalType_Federated() PrincipalType

func PrincipalType_Saml 

func PrincipalType_Saml() PrincipalType

func PrincipalType_Service 

func PrincipalType_Service() PrincipalType

type RequestTagConstraint 

type RequestTagConstraint interface {
	TagConstraint
	// Experimental.
	TagName() *string
	// Experimental.
	Values() *[]*string
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func RequestTagConstraint_StringEquals 

func RequestTagConstraint_StringEquals(tagName *string, value *string, values ...*string) RequestTagConstraint

Experimental.

func RequestTagConstraint_StringLike 

func RequestTagConstraint_StringLike(tagName *string, value *string, values ...*string) RequestTagConstraint

Experimental.

type ResourcePolicyType 

type ResourcePolicyType interface {
	// Experimental.
	Name() *string
}

Experimental.

func ResourcePolicyType_API_GATEWAY 

func ResourcePolicyType_API_GATEWAY() ResourcePolicyType

func ResourcePolicyType_BACKUP 

func ResourcePolicyType_BACKUP() ResourcePolicyType

func ResourcePolicyType_CODE_BUILD 

func ResourcePolicyType_CODE_BUILD() ResourcePolicyType

func ResourcePolicyType_ECR 

func ResourcePolicyType_ECR() ResourcePolicyType

func ResourcePolicyType_EVENTBRIDGE 

func ResourcePolicyType_EVENTBRIDGE() ResourcePolicyType

func ResourcePolicyType_GLUE 

func ResourcePolicyType_GLUE() ResourcePolicyType

func ResourcePolicyType_KMS 

func ResourcePolicyType_KMS() ResourcePolicyType

func ResourcePolicyType_LAMBDA 

func ResourcePolicyType_LAMBDA() ResourcePolicyType

func ResourcePolicyType_S3 

func ResourcePolicyType_S3() ResourcePolicyType

func ResourcePolicyType_SECRETS_MANAGER 

func ResourcePolicyType_SECRETS_MANAGER() ResourcePolicyType

func ResourcePolicyType_SNS 

func ResourcePolicyType_SNS() ResourcePolicyType

func ResourcePolicyType_SQS 

func ResourcePolicyType_SQS() ResourcePolicyType

func ResourcePolicyType_STS 

func ResourcePolicyType_STS() ResourcePolicyType

type ResourceTagConstraint 

type ResourceTagConstraint interface {
	TagConstraint
	// Experimental.
	TagName() *string
	// Experimental.
	Values() *[]*string
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func ResourceTagConstraint_Create 

func ResourceTagConstraint_Create(operator StringConditionOperator, tagName *string, value *string, values ...*string) ResourceTagConstraint

Experimental.

func ResourceTagConstraint_StringEquals 

func ResourceTagConstraint_StringEquals(tagName *string, value *string, values ...*string) ResourceTagConstraint

Experimental.

type StringConditionOperator 

type StringConditionOperator string

Experimental. 

const (
	// Experimental.
	StringConditionOperator_STRING_EQUALS StringConditionOperator = "STRING_EQUALS"
	// Experimental.
	StringConditionOperator_STRING_NOT_EQUALS StringConditionOperator = "STRING_NOT_EQUALS"
	// Experimental.
	StringConditionOperator_STRING_EQUALS_IGNORECASE StringConditionOperator = "STRING_EQUALS_IGNORECASE"
	// Experimental.
	StringConditionOperator_STRING_NOT_EQUALS_IGNORECASE StringConditionOperator = "STRING_NOT_EQUALS_IGNORECASE"
	// Experimental.
	StringConditionOperator_STRING_LIKE StringConditionOperator = "STRING_LIKE"
	// Experimental.
	StringConditionOperator_STRING_NOT_LIKE StringConditionOperator = "STRING_NOT_LIKE"
	// Experimental.
	StringConditionOperator_STRING_EQUALS_IFEXISTS StringConditionOperator = "STRING_EQUALS_IFEXISTS"
	// Experimental.
	StringConditionOperator_STRING_NOT_EQUALS_IFEXISTS StringConditionOperator = "STRING_NOT_EQUALS_IFEXISTS"
	// Experimental.
	StringConditionOperator_STRING_EQUALS_IGNORECASE_IFEXISTS StringConditionOperator = "STRING_EQUALS_IGNORECASE_IFEXISTS"
	// Experimental.
	StringConditionOperator_STRING_NOT_EQUALS_IGNORECASE_IFEXISTS StringConditionOperator = "STRING_NOT_EQUALS_IGNORECASE_IFEXISTS"
	// Experimental.
	StringConditionOperator_STRING_LIKE_IFEXISTS StringConditionOperator = "STRING_LIKE_IFEXISTS"
	// Experimental.
	StringConditionOperator_STRING_NOT_LIKE_IFEXISTS StringConditionOperator = "STRING_NOT_LIKE_IFEXISTS"
)

type StringMultiValueConditionOperator 

type StringMultiValueConditionOperator string

Experimental. 

const (
	// Experimental.
	StringMultiValueConditionOperator_FOR_ANY_VALUE_STRING_LIKE StringMultiValueConditionOperator = "FOR_ANY_VALUE_STRING_LIKE"
	// Experimental.
	StringMultiValueConditionOperator_FOR_ALL_VALUES_STRING_LIKE StringMultiValueConditionOperator = "FOR_ALL_VALUES_STRING_LIKE"
	// Experimental.
	StringMultiValueConditionOperator_FOR_ALL_VALUES_STRING_EQUALS StringMultiValueConditionOperator = "FOR_ALL_VALUES_STRING_EQUALS"
	// Experimental.
	StringMultiValueConditionOperator_FOR_ALL_VALUES_STRING_EQUALS_IGNORECASE StringMultiValueConditionOperator = "FOR_ALL_VALUES_STRING_EQUALS_IGNORECASE"
	// Experimental.
	StringMultiValueConditionOperator_FOR_ANY_VALUE_STRING_EQUALS StringMultiValueConditionOperator = "FOR_ANY_VALUE_STRING_EQUALS"
)

type StsCognitoIdentityConstraint 

type StsCognitoIdentityConstraint interface {
	Constraint
	// Experimental.
	Amr() *string
	// Experimental.
	IdentityPoolId() *string
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func StsCognitoIdentityConstraint_IdentityPool 

func StsCognitoIdentityConstraint_IdentityPool(identityPoolId *string, amr *string) StsCognitoIdentityConstraint

Experimental.

type StsServiceConditionKey 

type StsServiceConditionKey interface {
	ConditionKey
	// Experimental.
	Name() *string
	// Experimental.
	Settings() *ConditionKeySettings
	// Experimental.
	ToString() *string
}

Experimental.

func StsServiceConditionKey_AWSServiceName 

func StsServiceConditionKey_AWSServiceName() StsServiceConditionKey

func StsServiceConditionKey_CognitoIdentityAmr 

func StsServiceConditionKey_CognitoIdentityAmr() StsServiceConditionKey

func StsServiceConditionKey_CognitoIdentityAud 

func StsServiceConditionKey_CognitoIdentityAud() StsServiceConditionKey

func StsServiceConditionKey_CognitoIdentitySub 

func StsServiceConditionKey_CognitoIdentitySub() StsServiceConditionKey

func StsServiceConditionKey_DurationSeconds 

func StsServiceConditionKey_DurationSeconds() StsServiceConditionKey

func StsServiceConditionKey_ExternalId 

func StsServiceConditionKey_ExternalId() StsServiceConditionKey

func StsServiceConditionKey_RoleSessionName 

func StsServiceConditionKey_RoleSessionName() StsServiceConditionKey

func StsServiceConditionKey_SourceIdentity 

func StsServiceConditionKey_SourceIdentity() StsServiceConditionKey

func StsServiceConditionKey_TransitiveTagKeys 

func StsServiceConditionKey_TransitiveTagKeys() StsServiceConditionKey

type StsTransitiveTagKeysConstraint 

type StsTransitiveTagKeysConstraint interface {
	Constraint
	// Experimental.
	Values() *[]*string
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func StsTransitiveTagKeysConstraint_TagsEqualsAndPresent 

func StsTransitiveTagKeysConstraint_TagsEqualsAndPresent(value *string, values ...*string) StsTransitiveTagKeysConstraint

Limit transitive tags to those specified and check for null. Experimental.

type TagConstraint 

type TagConstraint interface {
	Constraint
	// Experimental.
	Assemble(scope constructs.Construct, context *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

type TagKeysConstraint 

type TagKeysConstraint interface {
	Constraint
	// Experimental.
	Operator() StringMultiValueConditionOperator
	// Experimental.
	Values() *[]*string
	// Experimental.
	Assemble(scope constructs.Construct, _arg *ConstraintAssembleContext) *[]*ConstraintPolicyMutation
	// Experimental.
	IsNotNullCondition(key ConditionKey) *ConstraintPolicyMutation
}

Experimental.

func TagKeysConstraint_Create 

func TagKeysConstraint_Create(operator StringMultiValueConditionOperator, isNotNull *bool, value *string, values ...*string) TagKeysConstraint

Experimental.

func TagKeysConstraint_RequireTagsEquals 

func TagKeysConstraint_RequireTagsEquals(value *string, values ...*string) TagKeysConstraint

Limit request tags to those specified and check for null. Experimental.

Source Files

View all Source files

Directories

Path Synopsis
Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.
 Package jsii contains the functionaility needed for jsii packages to initialize their dependencies and themselves.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.