package policydocument

okctl – github.com/oslokommune/okctl/pkg/cfn/components/policydocument Index | Files

package policydocument

import "github.com/oslokommune/okctl/pkg/cfn/components/policydocument"

Package policydocument implements the IAM policy document: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html Note: we have not attempted to implement the complete logic, this functionality only covers the subset we require

func (d *PolicyDocument) JSON() ([]byte, error)

type Principal
type StatementEntry

Constants ¶

const (
	// Version is the current version of the policy language,
	// and you should always include a Version element and set it to 2012-10-17:
	// - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html
	Version = "2012-10-17"

	// EffectTypeAllow allows access to a resource
	EffectTypeAllow EffectType = "Allow"
	// EffectTypeDeny denies access to a resource
	EffectTypeDeny EffectType = "Deny"

	// ConditionOperatorTypeStringEquals checks if the string matches exactly
	ConditionOperatorTypeStringEquals ConditionOperatorType = "StringEquals"
	// ConditionOperatorTypeNull checks if the key value exists
	ConditionOperatorTypeNull ConditionOperatorType = "Null"

	// PseudoParamRegion will return a string representing the AWS region
	PseudoParamRegion string = "AWS::Region"
	// PseudoParamAccountID will return a string containing the AWS account id
	PseudoParamAccountID string = "AWS::AccountId"
)

Functions ¶

func AwsAccountIDRef ¶

func AwsAccountIDRef() string

AwsAccountIDRef returns a reference to the AWS account ID pseudo parameter

func AwsRegionRef ¶

func AwsRegionRef() string

AwsRegionRef returns a reference to the AWS region pseudo parameter

func ID ¶

func ID() string

ID creates a UUID for use with the policy document id field: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_id.html

Types ¶

type ConditionOperatorType ¶

type ConditionOperatorType string

ConditionOperatorType enumerates valid condition operators: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html

type EffectType ¶

type EffectType string

EffectType enumerates valid effects a policy has on a resource: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_effect.html

type PolicyDocument ¶

type PolicyDocument struct {
	Version   string           `json:"Version"`
	ID        string           `json:"Id,omitempty"`
	Statement []StatementEntry `json:"Statement"`
}

PolicyDocument provides some structure around IAM policy documents: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html

func (*PolicyDocument) JSON ¶

func (d *PolicyDocument) JSON() ([]byte, error)

JSON returns the json marshalled version of the policy document

type Principal ¶

type Principal struct {
	Service []string `json:"Service"`
}

Principal provides a subset of the principal policy element: - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html

type StatementEntry ¶

type StatementEntry struct {
	Sid       string                                      `json:"Sid,omitempty"`
	Effect    EffectType                                  `json:"Effect"`
	Action    []string                                    `json:"Action"`
	Resource  []string                                    `json:"Resource,omitempty"`
	Condition map[ConditionOperatorType]map[string]string `json:"Condition,omitempty"`
	Principal *Principal                                  `json:"Principal,omitempty"`
}

StatementEntry ...

Source Files ¶

policydocument.go

Version: v0.0.106 (latest)
Published: Oct 21, 2022
Platform: linux/amd64
Imports: 3 packages
Last checked: 18 hours ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples