All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.github.cdklabs.cdk.verified.permissions.PolicyStore Maven / Gradle / Ivy

Go to download

L2 AWS CDK Constructs for Amazon Verified Permissions

There is a newer version: 0.1.4
Show newest version
package io.github.cdklabs.cdk.verified.permissions;

/**
 */
@javax.annotation.Generated(value = "jsii-pacmak/1.103.1 (build bef2dea)", date = "2024-09-09T15:44:54.913Z")
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
@software.amazon.jsii.Jsii(module = io.github.cdklabs.cdk.verified.permissions.$Module.class, fqn = "@cdklabs/cdk-verified-permissions.PolicyStore")
public class PolicyStore extends software.amazon.awscdk.Resource implements io.github.cdklabs.cdk.verified.permissions.IPolicyStore {

    protected PolicyStore(final software.amazon.jsii.JsiiObjectRef objRef) {
        super(objRef);
    }

    protected PolicyStore(final software.amazon.jsii.JsiiObject.InitializationMode initializationMode) {
        super(initializationMode);
    }

    /**
     * @param scope This parameter is required.
     * @param id This parameter is required.
     * @param props
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public PolicyStore(final @org.jetbrains.annotations.NotNull software.constructs.Construct scope, final @org.jetbrains.annotations.NotNull java.lang.String id, final @org.jetbrains.annotations.Nullable io.github.cdklabs.cdk.verified.permissions.PolicyStoreProps props) {
        super(software.amazon.jsii.JsiiObject.InitializationMode.JSII);
        software.amazon.jsii.JsiiEngine.getInstance().createNewObject(this, new Object[] { java.util.Objects.requireNonNull(scope, "scope is required"), java.util.Objects.requireNonNull(id, "id is required"), props });
    }

    /**
     * @param scope This parameter is required.
     * @param id This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public PolicyStore(final @org.jetbrains.annotations.NotNull software.constructs.Construct scope, final @org.jetbrains.annotations.NotNull java.lang.String id) {
        super(software.amazon.jsii.JsiiObject.InitializationMode.JSII);
        software.amazon.jsii.JsiiEngine.getInstance().createNewObject(this, new Object[] { java.util.Objects.requireNonNull(scope, "scope is required"), java.util.Objects.requireNonNull(id, "id is required") });
    }

    /**
     * (experimental) Create a PolicyStore construct that represents an external PolicyStore via policy store arn.
     * 

     * @param scope The parent creating construct (usually this). This parameter is required.
     * @param id The construct's name. This parameter is required.
     * @param policyStoreArn The PolicyStore's ARN. This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static @org.jetbrains.annotations.NotNull io.github.cdklabs.cdk.verified.permissions.IPolicyStore fromPolicyStoreArn(final @org.jetbrains.annotations.NotNull software.constructs.Construct scope, final @org.jetbrains.annotations.NotNull java.lang.String id, final @org.jetbrains.annotations.NotNull java.lang.String policyStoreArn) {
        return software.amazon.jsii.JsiiObject.jsiiStaticCall(io.github.cdklabs.cdk.verified.permissions.PolicyStore.class, "fromPolicyStoreArn", software.amazon.jsii.NativeType.forClass(io.github.cdklabs.cdk.verified.permissions.IPolicyStore.class), new Object[] { java.util.Objects.requireNonNull(scope, "scope is required"), java.util.Objects.requireNonNull(id, "id is required"), java.util.Objects.requireNonNull(policyStoreArn, "policyStoreArn is required") });
    }

    /**
     * (experimental) Creates a PolicyStore construct that represents an external Policy Store.
     * 

     * @param scope The parent creating construct (usually this). This parameter is required.
     * @param id The construct's name. This parameter is required.
     * @param attrs A PolicyStoreAttributes object. This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static @org.jetbrains.annotations.NotNull io.github.cdklabs.cdk.verified.permissions.IPolicyStore fromPolicyStoreAttributes(final @org.jetbrains.annotations.NotNull software.constructs.Construct scope, final @org.jetbrains.annotations.NotNull java.lang.String id, final @org.jetbrains.annotations.NotNull io.github.cdklabs.cdk.verified.permissions.PolicyStoreAttributes attrs) {
        return software.amazon.jsii.JsiiObject.jsiiStaticCall(io.github.cdklabs.cdk.verified.permissions.PolicyStore.class, "fromPolicyStoreAttributes", software.amazon.jsii.NativeType.forClass(io.github.cdklabs.cdk.verified.permissions.IPolicyStore.class), new Object[] { java.util.Objects.requireNonNull(scope, "scope is required"), java.util.Objects.requireNonNull(id, "id is required"), java.util.Objects.requireNonNull(attrs, "attrs is required") });
    }

    /**
     * (experimental) Create a PolicyStore construct that represents an external policy store via policy store id.
     * 

     * @param scope The parent creating construct (usually this). This parameter is required.
     * @param id The construct's name. This parameter is required.
     * @param policyStoreId The PolicyStore's id. This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static @org.jetbrains.annotations.NotNull io.github.cdklabs.cdk.verified.permissions.IPolicyStore fromPolicyStoreId(final @org.jetbrains.annotations.NotNull software.constructs.Construct scope, final @org.jetbrains.annotations.NotNull java.lang.String id, final @org.jetbrains.annotations.NotNull java.lang.String policyStoreId) {
        return software.amazon.jsii.JsiiObject.jsiiStaticCall(io.github.cdklabs.cdk.verified.permissions.PolicyStore.class, "fromPolicyStoreId", software.amazon.jsii.NativeType.forClass(io.github.cdklabs.cdk.verified.permissions.IPolicyStore.class), new Object[] { java.util.Objects.requireNonNull(scope, "scope is required"), java.util.Objects.requireNonNull(id, "id is required"), java.util.Objects.requireNonNull(policyStoreId, "policyStoreId is required") });
    }

    /**
     * (experimental) This method generates a schema based on an swagger file.
     * 

     * It makes the same assumptions and decisions
     * made in the Amazon Verified Permissions console. This feature is built for swagger files generated from an Amazon API Gateway
     * export. It's possible that some swagger files generated by other tools will not work. In that case, please
     * file an issue.
     * 

     * @param swaggerFilePath absolute path to a swagger file in the local directory structure, in json format. This parameter is required.
     * @param groupEntityTypeName optional parameter to specify the group entity type name.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static @org.jetbrains.annotations.NotNull java.util.Map> schemaFromOpenApiSpec(final @org.jetbrains.annotations.NotNull java.lang.String swaggerFilePath, final @org.jetbrains.annotations.Nullable java.lang.String groupEntityTypeName) {
        return java.util.Collections.unmodifiableMap(software.amazon.jsii.JsiiObject.jsiiStaticCall(io.github.cdklabs.cdk.verified.permissions.PolicyStore.class, "schemaFromOpenApiSpec", software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.forClass(java.lang.Object.class))), new Object[] { java.util.Objects.requireNonNull(swaggerFilePath, "swaggerFilePath is required"), groupEntityTypeName }));
    }

    /**
     * (experimental) This method generates a schema based on an swagger file.
     * 

     * It makes the same assumptions and decisions
     * made in the Amazon Verified Permissions console. This feature is built for swagger files generated from an Amazon API Gateway
     * export. It's possible that some swagger files generated by other tools will not work. In that case, please
     * file an issue.
     * 

     * @param swaggerFilePath absolute path to a swagger file in the local directory structure, in json format. This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static @org.jetbrains.annotations.NotNull java.util.Map> schemaFromOpenApiSpec(final @org.jetbrains.annotations.NotNull java.lang.String swaggerFilePath) {
        return java.util.Collections.unmodifiableMap(software.amazon.jsii.JsiiObject.jsiiStaticCall(io.github.cdklabs.cdk.verified.permissions.PolicyStore.class, "schemaFromOpenApiSpec", software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.forClass(java.lang.Object.class))), new Object[] { java.util.Objects.requireNonNull(swaggerFilePath, "swaggerFilePath is required") }));
    }

    /**
     * (experimental) This method generates a schema based on an AWS CDK RestApi construct.
     * 

     * It makes the same assumptions
     * and decisions made in the Amazon Verified Permissions console.
     * 

     * @param restApi The RestApi construct instance from which to generate the schema. This parameter is required.
     * @param groupEntityTypeName Specifies a group entity type name.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static @org.jetbrains.annotations.NotNull java.util.Map> schemaFromRestApi(final @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.apigateway.RestApi restApi, final @org.jetbrains.annotations.Nullable java.lang.String groupEntityTypeName) {
        return java.util.Collections.unmodifiableMap(software.amazon.jsii.JsiiObject.jsiiStaticCall(io.github.cdklabs.cdk.verified.permissions.PolicyStore.class, "schemaFromRestApi", software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.forClass(java.lang.Object.class))), new Object[] { java.util.Objects.requireNonNull(restApi, "restApi is required"), groupEntityTypeName }));
    }

    /**
     * (experimental) This method generates a schema based on an AWS CDK RestApi construct.
     * 

     * It makes the same assumptions
     * and decisions made in the Amazon Verified Permissions console.
     * 

     * @param restApi The RestApi construct instance from which to generate the schema. This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static @org.jetbrains.annotations.NotNull java.util.Map> schemaFromRestApi(final @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.apigateway.RestApi restApi) {
        return java.util.Collections.unmodifiableMap(software.amazon.jsii.JsiiObject.jsiiStaticCall(io.github.cdklabs.cdk.verified.permissions.PolicyStore.class, "schemaFromRestApi", software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.mapOf(software.amazon.jsii.NativeType.forClass(java.lang.Object.class))), new Object[] { java.util.Objects.requireNonNull(restApi, "restApi is required") }));
    }

    /**
     * (experimental) Add multiple policies to the policy store.
     * 

     * @return An array of created policy constructs.
     * @param policyDefinitions An array of policy options for the policy stores policies. This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.NotNull java.util.List addPolicies(final @org.jetbrains.annotations.NotNull java.util.List policyDefinitions) {
        return java.util.Collections.unmodifiableList(software.amazon.jsii.Kernel.call(this, "addPolicies", software.amazon.jsii.NativeType.listOf(software.amazon.jsii.NativeType.forClass(io.github.cdklabs.cdk.verified.permissions.Policy.class)), new Object[] { java.util.Objects.requireNonNull(policyDefinitions, "policyDefinitions is required") }));
    }

    /**
     * (experimental) Takes in an absolute path to a directory containing .cedar files and adds the contents of each .cedar file as policies to this policy store. Parses the policies with cedar-wasm and, if the policy store has a schema, performs semantic validation of the policies as well.
     * 

     * @return An array of created Policy constructs.
     * @param absolutePath a string representing an absolute path to the directory containing your policies. This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.NotNull java.util.List addPoliciesFromPath(final @org.jetbrains.annotations.NotNull java.lang.String absolutePath) {
        return java.util.Collections.unmodifiableList(software.amazon.jsii.Kernel.call(this, "addPoliciesFromPath", software.amazon.jsii.NativeType.listOf(software.amazon.jsii.NativeType.forClass(io.github.cdklabs.cdk.verified.permissions.Policy.class)), new Object[] { java.util.Objects.requireNonNull(absolutePath, "absolutePath is required") }));
    }

    /**
     * (experimental) Adds an IAM policy statement associated with this policy store to an IAM principal's policy.
     * 

     * @param grantee This parameter is required.
     * @param actions This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    @Override
    public @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.Grant grant(final @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.IGrantable grantee, final @org.jetbrains.annotations.NotNull java.lang.String... actions) {
        return software.amazon.jsii.Kernel.call(this, "grant", software.amazon.jsii.NativeType.forClass(software.amazon.awscdk.services.iam.Grant.class), java.util.stream.Stream.concat(java.util.Arrays.stream(new Object[] { java.util.Objects.requireNonNull(grantee, "grantee is required") }), java.util.Arrays.stream(actions)).toArray(Object[]::new));
    }

    /**
     * (experimental) Permits an IAM principal all auth operations on the policy store: IsAuthorized, IsAuthorizedWithToken.
     * 

     * @param grantee This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    @Override
    public @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.Grant grantAuth(final @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.IGrantable grantee) {
        return software.amazon.jsii.Kernel.call(this, "grantAuth", software.amazon.jsii.NativeType.forClass(software.amazon.awscdk.services.iam.Grant.class), new Object[] { java.util.Objects.requireNonNull(grantee, "grantee is required") });
    }

    /**
     * (experimental) Permits an IAM principal all read operations on the policy store: GetIdentitySource, GetPolicy, GetPolicyStore, GetPolicyTemplate, GetSchema, ListIdentitySources, ListPolicies, ListPolicyTemplates.
     * 

     * @param grantee This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    @Override
    public @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.Grant grantRead(final @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.IGrantable grantee) {
        return software.amazon.jsii.Kernel.call(this, "grantRead", software.amazon.jsii.NativeType.forClass(software.amazon.awscdk.services.iam.Grant.class), new Object[] { java.util.Objects.requireNonNull(grantee, "grantee is required") });
    }

    /**
     * (experimental) Permits an IAM principal all write & read operations on the policy store: CreateIdentitySource, CreatePolicy,CreatePolicyTemplate, DeleteIdentitySource, DeletePolicy, DeletePolicyTemplate, PutSchema, UpdateIdentitySource, UpdatePolicy, UpdatePolicyTemplate.
     * 

     * @param grantee This parameter is required.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    @Override
    public @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.Grant grantWrite(final @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.iam.IGrantable grantee) {
        return software.amazon.jsii.Kernel.call(this, "grantWrite", software.amazon.jsii.NativeType.forClass(software.amazon.awscdk.services.iam.Grant.class), new Object[] { java.util.Objects.requireNonNull(grantee, "grantee is required") });
    }

    /**
     * (experimental) ARN of the Policy Store.
     */
    @Override
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.NotNull java.lang.String getPolicyStoreArn() {
        return software.amazon.jsii.Kernel.get(this, "policyStoreArn", software.amazon.jsii.NativeType.forClass(java.lang.String.class));
    }

    /**
     * (experimental) ID of the Policy Store.
     */
    @Override
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.NotNull java.lang.String getPolicyStoreId() {
        return software.amazon.jsii.Kernel.get(this, "policyStoreId", software.amazon.jsii.NativeType.forClass(java.lang.String.class));
    }

    /**
     * (experimental) Name of the Policy Store.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.NotNull java.lang.String getPolicyStoreName() {
        return software.amazon.jsii.Kernel.get(this, "policyStoreName", software.amazon.jsii.NativeType.forClass(java.lang.String.class));
    }

    /**
     * (experimental) Validation Settings of the Policy Store.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.NotNull io.github.cdklabs.cdk.verified.permissions.ValidationSettings getValidationSettings() {
        return software.amazon.jsii.Kernel.get(this, "validationSettings", software.amazon.jsii.NativeType.forClass(io.github.cdklabs.cdk.verified.permissions.ValidationSettings.class));
    }

    /**
     * (experimental) Description of the Policy Store.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.Nullable java.lang.String getDescription() {
        return software.amazon.jsii.Kernel.get(this, "description", software.amazon.jsii.NativeType.forClass(java.lang.String.class));
    }

    /**
     * (experimental) Schema definition of the Policy Store.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public @org.jetbrains.annotations.Nullable io.github.cdklabs.cdk.verified.permissions.Schema getSchema() {
        return software.amazon.jsii.Kernel.get(this, "schema", software.amazon.jsii.NativeType.forClass(io.github.cdklabs.cdk.verified.permissions.Schema.class));
    }

    /**
     * (experimental) A fluent builder for {@link io.github.cdklabs.cdk.verified.permissions.PolicyStore}.
     */
    @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
    public static final class Builder implements software.amazon.jsii.Builder {
        /**
         * @return a new instance of {@link Builder}.
         * @param scope This parameter is required.
         * @param id This parameter is required.
         */
        @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
        public static Builder create(final software.constructs.Construct scope, final java.lang.String id) {
            return new Builder(scope, id);
        }

        private final software.constructs.Construct scope;
        private final java.lang.String id;
        private io.github.cdklabs.cdk.verified.permissions.PolicyStoreProps.Builder props;

        private Builder(final software.constructs.Construct scope, final java.lang.String id) {
            this.scope = scope;
            this.id = id;
        }

        /**
         * (experimental) The policy store's validation settings.
         * 

         * Default: - If not provided, the Policy store will be created with ValidationSettingsMode = "OFF"
         * 

         * @return {@code this}
         * @param validationSettings The policy store's validation settings. This parameter is required.
         */
        @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
        public Builder validationSettings(final io.github.cdklabs.cdk.verified.permissions.ValidationSettings validationSettings) {
            this.props().validationSettings(validationSettings);
            return this;
        }

        /**
         * (experimental) The policy store's description.
         * 

         * Default: - No description.
         * 

         * @return {@code this}
         * @param description The policy store's description. This parameter is required.
         */
        @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
        public Builder description(final java.lang.String description) {
            this.props().description(description);
            return this;
        }

        /**
         * (experimental) This attribute is not required from an API point of view.
         * 

         * It represents the schema (in Cedar) to be applied to the PolicyStore.
         * 

         * Default: - No schema.
         * 

         * @return {@code this}
         * @param schema This attribute is not required from an API point of view. This parameter is required.
         */
        @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
        public Builder schema(final io.github.cdklabs.cdk.verified.permissions.Schema schema) {
            this.props().schema(schema);
            return this;
        }

        /**
         * @return a newly built instance of {@link io.github.cdklabs.cdk.verified.permissions.PolicyStore}.
         */
        @software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Experimental)
        @Override
        public io.github.cdklabs.cdk.verified.permissions.PolicyStore build() {
            return new io.github.cdklabs.cdk.verified.permissions.PolicyStore(
                this.scope,
                this.id,
                this.props != null ? this.props.build() : null
            );
        }

        private io.github.cdklabs.cdk.verified.permissions.PolicyStoreProps.Builder props() {
            if (this.props == null) {
                this.props = new io.github.cdklabs.cdk.verified.permissions.PolicyStoreProps.Builder();
            }
            return this.props;
        }
    }
}
    

    

    

            

    

            



    
    






    
© 2015 - 2024 Weber Informatics LLC | Privacy Policy