Class: Aws::RAM::Types::CreatePermissionRequest

Inherits:

Struct

• Object
• Struct
• Aws::RAM::Types::CreatePermissionRequest

Includes:

Structure

Defined in:

lib/aws-sdk-ram/types.rb

Overview

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #client_token ⇒ String

  Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

• #name ⇒ String

  Specifies the name of the customer managed permission.

• #policy_template ⇒ String

  A string in JSON format string that contains the following elements of a resource-based policy:.

• #resource_type ⇒ String

  Specifies the name of the resource type that this customer managed permission applies to.

• #tags ⇒ Array<Types::Tag>

  Specifies a list of one or more tag key and value pairs to attach to the permission.

Instance Attribute Details

#client_token ⇒ String

Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a [UUID type of value.].

If you don’t provide this value, then Amazon Web Services generates a random one for you.

If you retry the operation with the same ‘ClientToken`, but with different parameters, the retry fails with an `IdempotentParameterMismatch` error.

[1]: wikipedia.org/wiki/Universally_unique_identifier

Returns:

• (String)

# File 'lib/aws-sdk-ram/types.rb', line 466

class CreatePermissionRequest < Struct.new(
  :name,
  :resource_type,
  :policy_template,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#name ⇒ String

Specifies the name of the customer managed permission. The name must be unique within the Amazon Web Services Region.

Returns:

• (String)

# File 'lib/aws-sdk-ram/types.rb', line 466

class CreatePermissionRequest < Struct.new(
  :name,
  :resource_type,
  :policy_template,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#policy_template ⇒ String

A string in JSON format string that contains the following elements of a resource-based policy:

• Effect: must be set to ‘ALLOW`.

• Action: specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for Amazon Web Services services] in the *Identity and Access Management User Guide*.

• Condition: (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element] in the *Identity and Access Management User Guide*.

This template can’t include either the ‘Resource` or `Principal` elements. Those are both filled in by RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.

[1]: docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html [2]: docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html

Returns:

• (String)

# File 'lib/aws-sdk-ram/types.rb', line 466

class CreatePermissionRequest < Struct.new(
  :name,
  :resource_type,
  :policy_template,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#resource_type ⇒ String

Specifies the name of the resource type that this customer managed permission applies to.

The format is ‘ <service-code>:<resource-type> ` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet`. To see the list of valid values for this parameter, query the ListResourceTypes operation.

Returns:

• (String)

# File 'lib/aws-sdk-ram/types.rb', line 466

class CreatePermissionRequest < Struct.new(
  :name,
  :resource_type,
  :policy_template,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#tags ⇒ Array<Types::Tag>

Specifies a list of one or more tag key and value pairs to attach to the permission.

Returns:

• (Array<Types::Tag>)

# File 'lib/aws-sdk-ram/types.rb', line 466

class CreatePermissionRequest < Struct.new(
  :name,
  :resource_type,
  :policy_template,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end