Struct aws_sdk_verifiedpermissions::operation::is_authorized_with_token::builders::IsAuthorizedWithTokenFluentBuilder

source · 
pub struct IsAuthorizedWithTokenFluentBuilder { /* private fields */ }
Expand description

Fluent builder constructing a request to IsAuthorizedWithToken.

Makes an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source in the form of an identity token formatted as a JSON web token (JWT). The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

If you specify the identityToken parameter, then this operation derives the principal from that token. You must not also include that principal in the entities parameter or the operation fails and reports a conflict between the two entity sources.

If you provide only an accessToken, then you can include the entity as part of the entities parameter to provide additional attributes.

At this time, Verified Permissions accepts tokens from only Amazon Cognito.

Verified Permissions validates each token that is specified in a request by checking its expiration date and its signature.

If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.

Implementations§

source§

impl IsAuthorizedWithTokenFluentBuilder

source

pub fn as_input(&self) -> &IsAuthorizedWithTokenInputBuilder

Access the IsAuthorizedWithToken as a reference.

source

pub async fn send( self ) -> Result<IsAuthorizedWithTokenOutput, SdkError<IsAuthorizedWithTokenError, HttpResponse>>

Sends the request and returns the response.

If an error occurs, an SdkError will be returned with additional details that can be matched against.

By default, any retryable failures will be retried twice. Retry behavior is configurable with the RetryConfig, which can be set when configuring the client.

source

pub fn customize( self ) -> CustomizableOperation<IsAuthorizedWithTokenOutput, IsAuthorizedWithTokenError, Self>

Consumes this builder, creating a customizable operation that can be modified before being sent.

source

pub fn policy_store_id(self, input: impl Into<String>) -> Self

Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.

source

pub fn set_policy_store_id(self, input: Option<String>) -> Self

Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.

source

pub fn get_policy_store_id(&self) -> &Option<String>

Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.

source

pub fn identity_token(self, input: impl Into<String>) -> Self

Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, or both.

source

pub fn set_identity_token(self, input: Option<String>) -> Self

Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, or both.

source

pub fn get_identity_token(&self) -> &Option<String>

Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken or an IdentityToken, or both.

source

pub fn access_token(self, input: impl Into<String>) -> Self

Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken, or an IdentityToken, or both.

source

pub fn set_access_token(self, input: Option<String>) -> Self

Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken, or an IdentityToken, or both.

source

pub fn get_access_token(&self) -> &Option<String>

Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an AccessToken, or an IdentityToken, or both.

source

pub fn action(self, input: ActionIdentifier) -> Self

Specifies the requested action to be authorized. Is the specified principal authorized to perform this action on the specified resource.

source

pub fn set_action(self, input: Option<ActionIdentifier>) -> Self

Specifies the requested action to be authorized. Is the specified principal authorized to perform this action on the specified resource.

source

pub fn get_action(&self) -> &Option<ActionIdentifier>

Specifies the requested action to be authorized. Is the specified principal authorized to perform this action on the specified resource.

source

pub fn resource(self, input: EntityIdentifier) -> Self

Specifies the resource for which the authorization decision is made. For example, is the principal allowed to perform the action on the resource?

source

pub fn set_resource(self, input: Option<EntityIdentifier>) -> Self

Specifies the resource for which the authorization decision is made. For example, is the principal allowed to perform the action on the resource?

source

pub fn get_resource(&self) -> &Option<EntityIdentifier>

Specifies the resource for which the authorization decision is made. For example, is the principal allowed to perform the action on the resource?

source

pub fn context(self, input: ContextDefinition) -> Self

Specifies additional context that can be used to make more granular authorization decisions.

source

pub fn set_context(self, input: Option<ContextDefinition>) -> Self

Specifies additional context that can be used to make more granular authorization decisions.

source

pub fn get_context(&self) -> &Option<ContextDefinition>

Specifies additional context that can be used to make more granular authorization decisions.

source

pub fn entities(self, input: EntitiesDefinition) -> Self

Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.

You can include only resource and action entities in this parameter; you can't include principals.

  • The IsAuthorizedWithToken operation takes principal attributes from only the identityToken or accessToken passed to the operation.

  • For action entities, you can include only their Identifier and EntityType.

source

pub fn set_entities(self, input: Option<EntitiesDefinition>) -> Self

Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.

You can include only resource and action entities in this parameter; you can't include principals.

  • The IsAuthorizedWithToken operation takes principal attributes from only the identityToken or accessToken passed to the operation.

  • For action entities, you can include only their Identifier and EntityType.

source

pub fn get_entities(&self) -> &Option<EntitiesDefinition>

Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.

You can include only resource and action entities in this parameter; you can't include principals.

  • The IsAuthorizedWithToken operation takes principal attributes from only the identityToken or accessToken passed to the operation.

  • For action entities, you can include only their Identifier and EntityType.

Trait Implementations§

source§

impl Clone for IsAuthorizedWithTokenFluentBuilder

source§

fn clone(&self) -> IsAuthorizedWithTokenFluentBuilder

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for IsAuthorizedWithTokenFluentBuilder

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

source§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more