paws.security.identity
'Amazon Web Services' Security, Identity, & Compliance Services

Package index
Search the paws.security.identity package
Functions
6193
Source code
141
Man pages
1556
Home
/
CRAN
/
paws.security.identity
/
R/verifiedpermissions_service.R

R/verifiedpermissions_service.R
In paws.security.identity: 'Amazon Web Services' Security, Identity, & Compliance Services

Defines functions service verifiedpermissions

Documented in verifiedpermissions 

# This file is generated by make.paws. Please do not edit here.
#' @importFrom paws.common new_handlers new_service set_config merge_config
NULL

#' Amazon Verified Permissions
#'
#' @description
#' Amazon Verified Permissions is a permissions management service from
#' Amazon Web Services. You can use Verified Permissions to manage
#' permissions for your application, and authorize user access based on
#' those permissions. Using Verified Permissions, application developers
#' can grant access based on information about the users, resources, and
#' requested actions. You can also evaluate additional information like
#' group membership, attributes of the resources, and session context, such
#' as time of request and IP addresses. Verified Permissions manages these
#' permissions by letting you create and store authorization policies for
#' your applications, such as consumer-facing web sites and enterprise
#' business systems.
#' 
#' Verified Permissions uses Cedar as the policy language to express your
#' permission requirements. Cedar supports both role-based access control
#' (RBAC) and attribute-based access control (ABAC) authorization models.
#' 
#' For more information about configuring, administering, and using Amazon
#' Verified Permissions in your applications, see the [Amazon Verified
#' Permissions User
#' Guide](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/).
#' 
#' For more information about the Cedar policy language, see the [Cedar
#' Policy Language Guide](https://docs.cedarpolicy.com/).
#' 
#' When you write Cedar policies that reference principals, resources and
#' actions, you can define the unique identifiers used for each of those
#' elements. We strongly recommend that you follow these best practices:
#' 
#' -   **Use values like universally unique identifiers (UUIDs) for all
#'     principal and resource identifiers.**
#' 
#'     For example, if user `jane` leaves the company, and you later let
#'     someone else use the name `jane`, then that new user automatically
#'     gets access to everything granted by policies that still reference
#'     `User::"jane"`. Cedar can’t distinguish between the new user and the
#'     old. This applies to both principal and resource identifiers. Always
#'     use identifiers that are guaranteed unique and never reused to
#'     ensure that you don’t unintentionally grant access because of the
#'     presence of an old identifier in a policy.
#' 
#'     Where you use a UUID for an entity, we recommend that you follow it
#'     with the // comment specifier and the ‘friendly’ name of your
#'     entity. This helps to make your policies easier to understand. For
#'     example: principal == User::"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111",
#'     // alice
#' 
#' -   **Do not include personally identifying, confidential, or sensitive
#'     information as part of the unique identifier for your principals or
#'     resources.** These identifiers are included in log entries shared in
#'     CloudTrail trails.
#' 
#' Several operations return structures that appear similar, but have
#' different purposes. As new functionality is added to the product, the
#' structure used in a parameter of one operation might need to change in a
#' way that wouldn't make sense for the same parameter in a different
#' operation. To help you understand the purpose of each, the following
#' naming convention is used for the structures:
#' 
#' -   Parameter type structures that end in `Detail` are used in `Get`
#'     operations.
#' 
#' -   Parameter type structures that end in `Item` are used in `List`
#'     operations.
#' 
#' -   Parameter type structures that use neither suffix are used in the
#'     mutating (create and update) operations.
#'
#' @param
#' config
#' Optional configuration of credentials, endpoint, and/or region.
#' \itemize{
#' \item{\strong{credentials}: \itemize{
#' \item{\strong{creds}: \itemize{
#' \item{\strong{access_key_id}: AWS access key ID}
#' \item{\strong{secret_access_key}: AWS secret access key}
#' \item{\strong{session_token}: AWS temporary session token}
#' }}
#' \item{\strong{profile}: The name of a profile to use. If not given, then the default profile is used.}
#' \item{\strong{anonymous}: Set anonymous credentials.}
#' }}
#' \item{\strong{endpoint}: The complete URL to use for the constructed client.}
#' \item{\strong{region}: The AWS Region used in instantiating the client.}
#' \item{\strong{close_connection}: Immediately close all HTTP connections.}
#' \item{\strong{timeout}: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.}
#' \item{\strong{s3_force_path_style}: Set this to `true` to force the request to use path-style addressing, i.e. `http://s3.amazonaws.com/BUCKET/KEY`.}
#' \item{\strong{sts_regional_endpoint}: Set sts regional endpoint resolver to regional or legacy \url{https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html}}
#' }
#' @param
#' credentials
#' Optional credentials shorthand for the config parameter
#' \itemize{
#' \item{\strong{creds}: \itemize{
#' \item{\strong{access_key_id}: AWS access key ID}
#' \item{\strong{secret_access_key}: AWS secret access key}
#' \item{\strong{session_token}: AWS temporary session token}
#' }}
#' \item{\strong{profile}: The name of a profile to use. If not given, then the default profile is used.}
#' \item{\strong{anonymous}: Set anonymous credentials.}
#' }
#' @param
#' endpoint
#' Optional shorthand for complete URL to use for the constructed client.
#' @param
#' region
#' Optional shorthand for AWS Region used in instantiating the client.
#'
#' @section Service syntax:
#' ```
#' svc <- verifiedpermissions(
#'   config = list(
#'     credentials = list(
#'       creds = list(
#'         access_key_id = "string",
#'         secret_access_key = "string",
#'         session_token = "string"
#'       ),
#'       profile = "string",
#'       anonymous = "logical"
#'     ),
#'     endpoint = "string",
#'     region = "string",
#'     close_connection = "logical",
#'     timeout = "numeric",
#'     s3_force_path_style = "logical",
#'     sts_regional_endpoint = "string"
#'   ),
#'   credentials = list(
#'     creds = list(
#'       access_key_id = "string",
#'       secret_access_key = "string",
#'       session_token = "string"
#'     ),
#'     profile = "string",
#'     anonymous = "logical"
#'   ),
#'   endpoint = "string",
#'   region = "string"
#' )
#' ```
#'
#' @examples
#' \dontrun{
#' svc <- verifiedpermissions()
#' svc$batch_is_authorized(
#'   Foo = 123
#' )
#' }
#'
#' @section Operations:
#' \tabular{ll}{
#'  \link[=verifiedpermissions_batch_is_authorized]{batch_is_authorized} \tab Makes a series of decisions about multiple authorization requests for one principal or resource\cr
#'  \link[=verifiedpermissions_batch_is_authorized_with_token]{batch_is_authorized_with_token} \tab Makes a series of decisions about multiple authorization requests for one token\cr
#'  \link[=verifiedpermissions_create_identity_source]{create_identity_source} \tab Creates a reference to an Amazon Cognito user pool as an external identity provider (IdP)\cr
#'  \link[=verifiedpermissions_create_policy]{create_policy} \tab Creates a Cedar policy and saves it in the specified policy store\cr
#'  \link[=verifiedpermissions_create_policy_store]{create_policy_store} \tab Creates a policy store\cr
#'  \link[=verifiedpermissions_create_policy_template]{create_policy_template} \tab Creates a policy template\cr
#'  \link[=verifiedpermissions_delete_identity_source]{delete_identity_source} \tab Deletes an identity source that references an identity provider (IdP) such as Amazon Cognito\cr
#'  \link[=verifiedpermissions_delete_policy]{delete_policy} \tab Deletes the specified policy from the policy store\cr
#'  \link[=verifiedpermissions_delete_policy_store]{delete_policy_store} \tab Deletes the specified policy store\cr
#'  \link[=verifiedpermissions_delete_policy_template]{delete_policy_template} \tab Deletes the specified policy template from the policy store\cr
#'  \link[=verifiedpermissions_get_identity_source]{get_identity_source} \tab Retrieves the details about the specified identity source\cr
#'  \link[=verifiedpermissions_get_policy]{get_policy} \tab Retrieves information about the specified policy\cr
#'  \link[=verifiedpermissions_get_policy_store]{get_policy_store} \tab Retrieves details about a policy store\cr
#'  \link[=verifiedpermissions_get_policy_template]{get_policy_template} \tab Retrieve the details for the specified policy template in the specified policy store\cr
#'  \link[=verifiedpermissions_get_schema]{get_schema} \tab Retrieve the details for the specified schema in the specified policy store\cr
#'  \link[=verifiedpermissions_is_authorized]{is_authorized} \tab Makes an authorization decision about a service request described in the parameters\cr
#'  \link[=verifiedpermissions_is_authorized_with_token]{is_authorized_with_token} \tab Makes an authorization decision about a service request described in the parameters\cr
#'  \link[=verifiedpermissions_list_identity_sources]{list_identity_sources} \tab Returns a paginated list of all of the identity sources defined in the specified policy store\cr
#'  \link[=verifiedpermissions_list_policies]{list_policies} \tab Returns a paginated list of all policies stored in the specified policy store\cr
#'  \link[=verifiedpermissions_list_policy_stores]{list_policy_stores} \tab Returns a paginated list of all policy stores in the calling Amazon Web Services account\cr
#'  \link[=verifiedpermissions_list_policy_templates]{list_policy_templates} \tab Returns a paginated list of all policy templates in the specified policy store\cr
#'  \link[=verifiedpermissions_put_schema]{put_schema} \tab Creates or updates the policy schema in the specified policy store\cr
#'  \link[=verifiedpermissions_update_identity_source]{update_identity_source} \tab Updates the specified identity source to use a new identity provider (IdP) source, or to change the mapping of identities from the IdP to a different principal entity type\cr
#'  \link[=verifiedpermissions_update_policy]{update_policy} \tab Modifies a Cedar static policy in the specified policy store\cr
#'  \link[=verifiedpermissions_update_policy_store]{update_policy_store} \tab Modifies the validation setting for a policy store\cr
#'  \link[=verifiedpermissions_update_policy_template]{update_policy_template} \tab Updates the specified policy template
#' }
#'
#' @return
#' A client for the service. You can call the service's operations using
#' syntax like `svc$operation(...)`, where `svc` is the name you've assigned
#' to the client. The available operations are listed in the
#' Operations section.
#'
#' @rdname verifiedpermissions
#' @export
verifiedpermissions <- function(config = list(), credentials = list(), endpoint = NULL, region = NULL) {
  config <- merge_config(
    config,
    list(
      credentials = credentials,
      endpoint = endpoint,
      region = region
    )
  )
  svc <- .verifiedpermissions$operations
  svc <- set_config(svc, config)
  return(svc)
}

# Private API objects: metadata, handlers, interfaces, etc.
.verifiedpermissions <- list()

.verifiedpermissions$operations <- list()

.verifiedpermissions$metadata <- list(
  service_name = "verifiedpermissions",
  endpoints = list("*" = list(endpoint = "verifiedpermissions.{region}.amazonaws.com", global = FALSE), "cn-*" = list(endpoint = "verifiedpermissions.{region}.amazonaws.com.cn", global = FALSE), "eu-isoe-*" = list(endpoint = "verifiedpermissions.{region}.cloud.adc-e.uk", global = FALSE), "us-iso-*" = list(endpoint = "verifiedpermissions.{region}.c2s.ic.gov", global = FALSE), "us-isob-*" = list(endpoint = "verifiedpermissions.{region}.sc2s.sgov.gov", global = FALSE), "us-isof-*" = list(endpoint = "verifiedpermissions.{region}.csp.hci.ic.gov", global = FALSE)),
  service_id = "VerifiedPermissions",
  api_version = "2021-12-01",
  signing_name = "verifiedpermissions",
  json_version = "1.0",
  target_prefix = "VerifiedPermissions"
)

.verifiedpermissions$service <- function(config = list()) {
  handlers <- new_handlers("jsonrpc", "v4")
  new_service(.verifiedpermissions$metadata, handlers, config)
}

Try the paws.security.identity package in your browser

Any scripts or data that you put into this service are public.

paws.security.identity documentation built on May 29, 2024, 10:51 a.m.

R Package Documentation

rdrr.io home R language documentation Run R code online

Browse R Packages

CRAN packages Bioconductor packages R-Forge packages GitHub packages

We want your feedback!

Note that we can't provide technical support on individual packages. You should contact the package authors for that.
GitHub issue tracker
ian@mutexlabs.com
Personal blog

 
Embedding an R snippet on your website

Add the following code to your website.

For more information on customizing the embed code, read Embedding Snippets.

Close