Docs
PackagesAWS Native is in preview. AWS Classic is fully supported.
aws-native.verifiedpermissions.getPolicyStore
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
Represents a policy store that you can place schema, policies, and policy templates in to validate authorization requests
Using getPolicyStore
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getPolicyStore(args: GetPolicyStoreArgs, opts?: InvokeOptions): Promise<GetPolicyStoreResult>
function getPolicyStoreOutput(args: GetPolicyStoreOutputArgs, opts?: InvokeOptions): Output<GetPolicyStoreResult>def get_policy_store(policy_store_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetPolicyStoreResult
def get_policy_store_output(policy_store_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetPolicyStoreResult]func LookupPolicyStore(ctx *Context, args *LookupPolicyStoreArgs, opts ...InvokeOption) (*LookupPolicyStoreResult, error)
func LookupPolicyStoreOutput(ctx *Context, args *LookupPolicyStoreOutputArgs, opts ...InvokeOption) LookupPolicyStoreResultOutput> Note: This function is named LookupPolicyStore in the Go SDK.
public static class GetPolicyStore
{
public static Task<GetPolicyStoreResult> InvokeAsync(GetPolicyStoreArgs args, InvokeOptions? opts = null)
public static Output<GetPolicyStoreResult> Invoke(GetPolicyStoreInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetPolicyStoreResult> getPolicyStore(GetPolicyStoreArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws-native:verifiedpermissions:getPolicyStore
arguments:
# arguments dictionaryThe following arguments are supported:
- Policy
Store stringId - The unique ID of the new or updated policy store.
- Policy
Store stringId - The unique ID of the new or updated policy store.
- policy
Store StringId - The unique ID of the new or updated policy store.
- policy
Store stringId - The unique ID of the new or updated policy store.
- policy_
store_ strid - The unique ID of the new or updated policy store.
- policy
Store StringId - The unique ID of the new or updated policy store.
getPolicyStore Result
The following output properties are available:
- Arn string
- The Amazon Resource Name (ARN) of the new or updated policy store.
- Description string
- Descriptive text that you can provide to help with identification of the current policy store.
- Policy
Store stringId - The unique ID of the new or updated policy store.
- Schema
Pulumi.
Aws Native. Verified Permissions. Outputs. Policy Store Schema Definition - Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
- Validation
Settings Pulumi.Aws Native. Verified Permissions. Outputs. Policy Store Validation Settings Specifies the validation setting for this policy store.
Currently, the only valid and required value is
Mode.We recommend that you turn on
STRICTmode only after you define a schema. If a schema doesn't exist, thenSTRICTmode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
- Arn string
- The Amazon Resource Name (ARN) of the new or updated policy store.
- Description string
- Descriptive text that you can provide to help with identification of the current policy store.
- Policy
Store stringId - The unique ID of the new or updated policy store.
- Schema
Policy
Store Schema Definition - Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
- Validation
Settings PolicyStore Validation Settings Specifies the validation setting for this policy store.
Currently, the only valid and required value is
Mode.We recommend that you turn on
STRICTmode only after you define a schema. If a schema doesn't exist, thenSTRICTmode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
- arn String
- The Amazon Resource Name (ARN) of the new or updated policy store.
- description String
- Descriptive text that you can provide to help with identification of the current policy store.
- policy
Store StringId - The unique ID of the new or updated policy store.
- schema
Policy
Store Schema Definition - Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
- validation
Settings PolicyStore Validation Settings Specifies the validation setting for this policy store.
Currently, the only valid and required value is
Mode.We recommend that you turn on
STRICTmode only after you define a schema. If a schema doesn't exist, thenSTRICTmode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
- arn string
- The Amazon Resource Name (ARN) of the new or updated policy store.
- description string
- Descriptive text that you can provide to help with identification of the current policy store.
- policy
Store stringId - The unique ID of the new or updated policy store.
- schema
Policy
Store Schema Definition - Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
- validation
Settings PolicyStore Validation Settings Specifies the validation setting for this policy store.
Currently, the only valid and required value is
Mode.We recommend that you turn on
STRICTmode only after you define a schema. If a schema doesn't exist, thenSTRICTmode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
- arn str
- The Amazon Resource Name (ARN) of the new or updated policy store.
- description str
- Descriptive text that you can provide to help with identification of the current policy store.
- policy_
store_ strid - The unique ID of the new or updated policy store.
- schema
Policy
Store Schema Definition - Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
- validation_
settings PolicyStore Validation Settings Specifies the validation setting for this policy store.
Currently, the only valid and required value is
Mode.We recommend that you turn on
STRICTmode only after you define a schema. If a schema doesn't exist, thenSTRICTmode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
- arn String
- The Amazon Resource Name (ARN) of the new or updated policy store.
- description String
- Descriptive text that you can provide to help with identification of the current policy store.
- policy
Store StringId - The unique ID of the new or updated policy store.
- schema Property Map
- Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
- validation
Settings Property Map Specifies the validation setting for this policy store.
Currently, the only valid and required value is
Mode.We recommend that you turn on
STRICTmode only after you define a schema. If a schema doesn't exist, thenSTRICTmode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the UpdatePolicyStore . Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.
Supporting Types
PolicyStoreSchemaDefinition
- Cedar
Json string - A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the Amazon Verified Permissions User Guide .
- Cedar
Json string - A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the Amazon Verified Permissions User Guide .
- cedar
Json String - A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the Amazon Verified Permissions User Guide .
- cedar
Json string - A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the Amazon Verified Permissions User Guide .
- cedar_
json str - A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the Amazon Verified Permissions User Guide .
- cedar
Json String - A JSON string representation of the schema supported by applications that use this policy store. For more information, see Policy store schema in the Amazon Verified Permissions User Guide .
PolicyStoreValidationMode
PolicyStoreValidationSettings
- Mode
Pulumi.
Aws Native. Verified Permissions. Policy Store Validation Mode The validation mode currently configured for this policy store. The valid values are:
- OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
- STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.
If
Mode=STRICTand the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.To submit a static policy or policy template without a schema, you must turn off validation.
- Mode
Policy
Store Validation Mode The validation mode currently configured for this policy store. The valid values are:
- OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
- STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.
If
Mode=STRICTand the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.To submit a static policy or policy template without a schema, you must turn off validation.
- mode
Policy
Store Validation Mode The validation mode currently configured for this policy store. The valid values are:
- OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
- STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.
If
Mode=STRICTand the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.To submit a static policy or policy template without a schema, you must turn off validation.
- mode
Policy
Store Validation Mode The validation mode currently configured for this policy store. The valid values are:
- OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
- STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.
If
Mode=STRICTand the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.To submit a static policy or policy template without a schema, you must turn off validation.
- mode
Policy
Store Validation Mode The validation mode currently configured for this policy store. The valid values are:
- OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
- STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.
If
Mode=STRICTand the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.To submit a static policy or policy template without a schema, you must turn off validation.
- mode "OFF" | "STRICT"
The validation mode currently configured for this policy store. The valid values are:
- OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
- STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.
If
Mode=STRICTand the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.To submit a static policy or policy template without a schema, you must turn off validation.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.