Class: Aws::RAM::Types::CreatePermissionVersionRequest

Inherits:

Struct

• Object
• Struct
• Aws::RAM::Types::CreatePermissionVersionRequest

Includes:

Structure

Defined in:

lib/aws-sdk-ram/types.rb

Overview

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #client_token ⇒ String

  Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

• #permission_arn ⇒ String

  Specifies the [Amazon Resource Name (ARN)] of the customer managed permission you’re creating a new version for.

• #policy_template ⇒ String

  A string in JSON format string that contains the following elements of a resource-based policy:.

Instance Attribute Details

#client_token ⇒ String

Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a [UUID type of value.].

If you don’t provide this value, then Amazon Web Services generates a random one for you.

If you retry the operation with the same ‘ClientToken`, but with different parameters, the retry fails with an `IdempotentParameterMismatch` error.

[1]: wikipedia.org/wiki/Universally_unique_identifier

Returns:

• (String)

# File 'lib/aws-sdk-ram/types.rb', line 560

class CreatePermissionVersionRequest < Struct.new(
  :permission_arn,
  :policy_template,
  :client_token)
  SENSITIVE = []
  include Aws::Structure
end

#permission_arn ⇒ String

Specifies the [Amazon Resource Name (ARN)] of the customer managed permission you’re creating a new version for.

[1]: docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html

Returns:

• (String)

# File 'lib/aws-sdk-ram/types.rb', line 560

class CreatePermissionVersionRequest < Struct.new(
  :permission_arn,
  :policy_template,
  :client_token)
  SENSITIVE = []
  include Aws::Structure
end

#policy_template ⇒ String

A string in JSON format string that contains the following elements of a resource-based policy:

• Effect: must be set to ‘ALLOW`.

• Action: specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for Amazon Web Services services] in the *Identity and Access Management User Guide*.

• Condition: (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element] in the *Identity and Access Management User Guide*.

This template can’t include either the ‘Resource` or `Principal` elements. Those are both filled in by RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.

[1]: docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html [2]: docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html

Returns:

• (String)

# File 'lib/aws-sdk-ram/types.rb', line 560

class CreatePermissionVersionRequest < Struct.new(
  :permission_arn,
  :policy_template,
  :client_token)
  SENSITIVE = []
  include Aws::Structure
end