Class: Aws::VerifiedPermissions::Types::BatchIsAuthorizedWithTokenInput
- Inherits:
-
Struct
- Object
- Struct
- Aws::VerifiedPermissions::Types::BatchIsAuthorizedWithTokenInput
- Includes:
- Structure
- Defined in:
- lib/aws-sdk-verifiedpermissions/types.rb
Overview
Constant Summary collapse
- SENSITIVE =
[:identity_token, :access_token]
Instance Attribute Summary collapse
-
#access_token ⇒ String
Specifies an access token for the principal that you want to authorize in each request.
-
#entities ⇒ Types::EntitiesDefinition
(Optional) Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.
-
#identity_token ⇒ String
Specifies an identity (ID) token for the principal that you want to authorize in each request.
-
#policy_store_id ⇒ String
Specifies the ID of the policy store.
-
#requests ⇒ Array<Types::BatchIsAuthorizedWithTokenInputItem>
An array of up to 30 requests that you want Verified Permissions to evaluate.
Instance Attribute Details
#access_token ⇒ String
Specifies an access token for the principal that you want to
authorize in each request. This token is provided to you by the
identity provider (IdP) associated with the specified identity
source. You must specify either an accessToken, an
identityToken, or both.
Must be an access token. Verified Permissions returns an error if
the token_use claim in the submitted token isn't access.
554 555 556 557 558 559 560 561 562 |
# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 554 class BatchIsAuthorizedWithTokenInput < Struct.new( :policy_store_id, :identity_token, :access_token, :entities, :requests) SENSITIVE = [:identity_token, :access_token] include Aws::Structure end |
#entities ⇒ Types::EntitiesDefinition
(Optional) Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies. These additional entities and their attributes can be referenced and checked by conditional elements in the policies in the specified policy store.
You can't include principals in this parameter, only resource and action entities. This parameter can't include any entities of a type that matches the user or group entity types that you defined in your identity source.
-
The
BatchIsAuthorizedWithTokenoperation takes principal attributes from only theidentityTokenoraccessTokenpassed to the operation. -
For action entities, you can include only their
IdentifierandEntityType.
554 555 556 557 558 559 560 561 562 |
# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 554 class BatchIsAuthorizedWithTokenInput < Struct.new( :policy_store_id, :identity_token, :access_token, :entities, :requests) SENSITIVE = [:identity_token, :access_token] include Aws::Structure end |
#identity_token ⇒ String
Specifies an identity (ID) token for the principal that you want to
authorize in each request. This token is provided to you by the
identity provider (IdP) associated with the specified identity
source. You must specify either an accessToken, an
identityToken, or both.
Must be an ID token. Verified Permissions returns an error if the
token_use claim in the submitted token isn't id.
554 555 556 557 558 559 560 561 562 |
# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 554 class BatchIsAuthorizedWithTokenInput < Struct.new( :policy_store_id, :identity_token, :access_token, :entities, :requests) SENSITIVE = [:identity_token, :access_token] include Aws::Structure end |
#policy_store_id ⇒ String
Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.
To specify a policy store, use its ID or alias name. When using an
alias name, prefix it with policy-store-alias/. For example:
-
ID:
PSEXAMPLEabcdefg111111 -
Alias name:
policy-store-alias/example-policy-store
To view aliases, use ListPolicyStoreAliases.
554 555 556 557 558 559 560 561 562 |
# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 554 class BatchIsAuthorizedWithTokenInput < Struct.new( :policy_store_id, :identity_token, :access_token, :entities, :requests) SENSITIVE = [:identity_token, :access_token] include Aws::Structure end |
#requests ⇒ Array<Types::BatchIsAuthorizedWithTokenInputItem>
An array of up to 30 requests that you want Verified Permissions to evaluate.
554 555 556 557 558 559 560 561 562 |
# File 'lib/aws-sdk-verifiedpermissions/types.rb', line 554 class BatchIsAuthorizedWithTokenInput < Struct.new( :policy_store_id, :identity_token, :access_token, :entities, :requests) SENSITIVE = [:identity_token, :access_token] include Aws::Structure end |