policy

Documentation

Index

• func AddExpiryCondition(p *Policy, expiresAt time.Time)
• type AWSTime
• type ConditionEntry
• type Policy
  • func (p Policy) String() string
• type Statement
• type Value
  • func (value *Value) UnmarshalJSON(b []byte) error

Functions

func AddExpiryCondition

func AddExpiryCondition(p *Policy, expiresAt time.Time)

Types

type AWSTime

type AWSTime struct {
	Time time.Time `json:"aws:CurrentTime"`
}

type ConditionEntry

type ConditionEntry struct {
	DateGreaterThan AWSTime
	DateLessThan    AWSTime
}

type Policy

type Policy struct {
	// 2012-10-17 or 2008-10-17 old policies, do NOT use this for new policies
	Version    string      `json:"Version"`
	Id         *string     `json:"Id,omitempty"`
	Statements []Statement `json:"Statement"`
}

func (Policy) String

func (p Policy) String() string

type Statement

type Statement struct {
	Sid          string           `json:"Sid,omitempty"`          // statement ID, service specific
	Effect       string           `json:"Effect"`                 // Allow or Deny
	Principal    map[string]Value `json:"Principal,omitempty"`    // principal that is allowed or denied
	NotPrincipal map[string]Value `json:"NotPrincipal,omitempty"` // exception to a list of principals
	Action       Value            `json:"Action,omitempty"`       // allowed or denied action
	NotAction    Value            `json:"NotAction,omitempty"`    // matches everything except
	Resource     Value            `json:"Resource,omitempty"`     // object or objects that the statement covers
	NotResource  Value            `json:"NotResource,omitempty"`  // matches everything except
	Condition    *ConditionEntry  `json:"Condition,omitempty"`    // conditions for when a policy is in effect
}

type Value

type Value []string

AWS allows string or []string as value, we convert everything to []string to avoid casting

func (*Value) UnmarshalJSON

func (value *Value) UnmarshalJSON(b []byte) error