1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. verifiedpermissions
  5. getPolicyStore

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

aws-native.verifiedpermissions.getPolicyStore

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

    Represents a policy store that you can place schema, policies, and policy templates in to validate authorization requests

    Using getPolicyStore

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getPolicyStore(args: GetPolicyStoreArgs, opts?: InvokeOptions): Promise<GetPolicyStoreResult>
    function getPolicyStoreOutput(args: GetPolicyStoreOutputArgs, opts?: InvokeOptions): Output<GetPolicyStoreResult>
    def get_policy_store(policy_store_id: Optional[str] = None,
                         opts: Optional[InvokeOptions] = None) -> GetPolicyStoreResult
    def get_policy_store_output(policy_store_id: Optional[pulumi.Input[str]] = None,
                         opts: Optional[InvokeOptions] = None) -> Output[GetPolicyStoreResult]
    func LookupPolicyStore(ctx *Context, args *LookupPolicyStoreArgs, opts ...InvokeOption) (*LookupPolicyStoreResult, error)
    func LookupPolicyStoreOutput(ctx *Context, args *LookupPolicyStoreOutputArgs, opts ...InvokeOption) LookupPolicyStoreResultOutput

    > Note: This function is named LookupPolicyStore in the Go SDK.

    public static class GetPolicyStore 
    {
        public static Task<GetPolicyStoreResult> InvokeAsync(GetPolicyStoreArgs args, InvokeOptions? opts = null)
        public static Output<GetPolicyStoreResult> Invoke(GetPolicyStoreInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetPolicyStoreResult> getPolicyStore(GetPolicyStoreArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws-native:verifiedpermissions:getPolicyStore
      arguments:
        # arguments dictionary

    The following arguments are supported:

    PolicyStoreId string
    The unique ID of the new or updated policy store.
    PolicyStoreId string
    The unique ID of the new or updated policy store.
    policyStoreId String
    The unique ID of the new or updated policy store.
    policyStoreId string
    The unique ID of the new or updated policy store.
    policy_store_id str
    The unique ID of the new or updated policy store.
    policyStoreId String
    The unique ID of the new or updated policy store.

    getPolicyStore Result

    The following output properties are available:

    Arn string
    The Amazon Resource Name (ARN) of the new or updated policy store.
    Description string
    Descriptive text that you can provide to help with identification of the current policy store.
    PolicyStoreId string
    The unique ID of the new or updated policy store.
    Schema Pulumi.AwsNative.VerifiedPermissions.Outputs.PolicyStoreSchemaDefinition
    Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
    ValidationSettings Pulumi.AwsNative.VerifiedPermissions.Outputs.PolicyStoreValidationSettings

    Specifies the validation setting for this policy store.

    Currently, the only valid and required value is Mode .

    We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

    Arn string
    The Amazon Resource Name (ARN) of the new or updated policy store.
    Description string
    Descriptive text that you can provide to help with identification of the current policy store.
    PolicyStoreId string
    The unique ID of the new or updated policy store.
    Schema PolicyStoreSchemaDefinition
    Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
    ValidationSettings PolicyStoreValidationSettings

    Specifies the validation setting for this policy store.

    Currently, the only valid and required value is Mode .

    We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

    arn String
    The Amazon Resource Name (ARN) of the new or updated policy store.
    description String
    Descriptive text that you can provide to help with identification of the current policy store.
    policyStoreId String
    The unique ID of the new or updated policy store.
    schema PolicyStoreSchemaDefinition
    Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
    validationSettings PolicyStoreValidationSettings

    Specifies the validation setting for this policy store.

    Currently, the only valid and required value is Mode .

    We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

    arn string
    The Amazon Resource Name (ARN) of the new or updated policy store.
    description string
    Descriptive text that you can provide to help with identification of the current policy store.
    policyStoreId string
    The unique ID of the new or updated policy store.
    schema PolicyStoreSchemaDefinition
    Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
    validationSettings PolicyStoreValidationSettings

    Specifies the validation setting for this policy store.

    Currently, the only valid and required value is Mode .

    We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

    arn str
    The Amazon Resource Name (ARN) of the new or updated policy store.
    description str
    Descriptive text that you can provide to help with identification of the current policy store.
    policy_store_id str
    The unique ID of the new or updated policy store.
    schema PolicyStoreSchemaDefinition
    Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
    validation_settings PolicyStoreValidationSettings

    Specifies the validation setting for this policy store.

    Currently, the only valid and required value is Mode .

    We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

    arn String
    The Amazon Resource Name (ARN) of the new or updated policy store.
    description String
    Descriptive text that you can provide to help with identification of the current policy store.
    policyStoreId String
    The unique ID of the new or updated policy store.
    schema Property Map
    Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
    validationSettings Property Map

    Specifies the validation setting for this policy store.

    Currently, the only valid and required value is Mode .

    We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

    Supporting Types

    PolicyStoreSchemaDefinition

    CedarJson string
    A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the AVP User Guide.
    CedarJson string
    A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the AVP User Guide.
    cedarJson String
    A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the AVP User Guide.
    cedarJson string
    A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the AVP User Guide.
    cedar_json str
    A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the AVP User Guide.
    cedarJson String
    A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the AVP User Guide.

    PolicyStoreValidationMode

    PolicyStoreValidationSettings

    Mode Pulumi.AwsNative.VerifiedPermissions.PolicyStoreValidationMode

    The validation mode currently configured for this policy store. The valid values are:

    • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
    • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.

    If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

    To submit a static policy or policy template without a schema, you must turn off validation.

    Mode PolicyStoreValidationMode

    The validation mode currently configured for this policy store. The valid values are:

    • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
    • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.

    If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

    To submit a static policy or policy template without a schema, you must turn off validation.

    mode PolicyStoreValidationMode

    The validation mode currently configured for this policy store. The valid values are:

    • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
    • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.

    If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

    To submit a static policy or policy template without a schema, you must turn off validation.

    mode PolicyStoreValidationMode

    The validation mode currently configured for this policy store. The valid values are:

    • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
    • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.

    If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

    To submit a static policy or policy template without a schema, you must turn off validation.

    mode PolicyStoreValidationMode

    The validation mode currently configured for this policy store. The valid values are:

    • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
    • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.

    If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

    To submit a static policy or policy template without a schema, you must turn off validation.

    mode "OFF" | "STRICT"

    The validation mode currently configured for this policy store. The valid values are:

    • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
    • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.

    If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

    To submit a static policy or policy template without a schema, you must turn off validation.

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi