File Coverage

blib/lib/Paws/IAM/SimulatePrincipalPolicy.pm
Criterion Covered Total %
statement 6 6 100.0
branch n/a
condition n/a
subroutine 2 2 100.0
pod n/a
total 8 8 100.0


line stmt bran cond sub pod time code
1              
2             package Paws::IAM::SimulatePrincipalPolicy;
3 1     1   454 use Moose;
  1         2  
  1         7  
4             has ActionNames => (is => 'ro', isa => 'ArrayRef[Str|Undef]', required => 1);
5             has CallerArn => (is => 'ro', isa => 'Str');
6             has ContextEntries => (is => 'ro', isa => 'ArrayRef[Paws::IAM::ContextEntry]');
7             has Marker => (is => 'ro', isa => 'Str');
8             has MaxItems => (is => 'ro', isa => 'Int');
9             has PolicyInputList => (is => 'ro', isa => 'ArrayRef[Str|Undef]');
10             has PolicySourceArn => (is => 'ro', isa => 'Str', required => 1);
11             has ResourceArns => (is => 'ro', isa => 'ArrayRef[Str|Undef]');
12             has ResourceHandlingOption => (is => 'ro', isa => 'Str');
13             has ResourceOwner => (is => 'ro', isa => 'Str');
14             has ResourcePolicy => (is => 'ro', isa => 'Str');
15              
16 1     1   5993 use MooseX::ClassAttribute;
  1         6  
  1         9  
17              
18             class_has _api_call => (isa => 'Str', is => 'ro', default => 'SimulatePrincipalPolicy');
19             class_has _returns => (isa => 'Str', is => 'ro', default => 'Paws::IAM::SimulatePolicyResponse');
20             class_has _result_key => (isa => 'Str', is => 'ro', default => 'SimulatePrincipalPolicyResult');
21             1;
22              
23             ### main pod documentation begin ###
24              
25             =head1 NAME
26              
27             Paws::IAM::SimulatePrincipalPolicy - Arguments for method SimulatePrincipalPolicy on Paws::IAM
28              
29             =head1 DESCRIPTION
30              
31             This class represents the parameters used for calling the method SimulatePrincipalPolicy on the
32             AWS Identity and Access Management service. Use the attributes of this class
33             as arguments to method SimulatePrincipalPolicy.
34              
35             You shouldn't make instances of this class. Each attribute should be used as a named argument in the call to SimulatePrincipalPolicy.
36              
37             As an example:
38              
39             $service_obj->SimulatePrincipalPolicy(Att1 => $value1, Att2 => $value2, ...);
40              
41             Values for attributes that are native types (Int, String, Float, etc) can passed as-is (scalar values). Values for complex Types (objects) can be passed as a HashRef. The keys and values of the hashref will be used to instance the underlying object.
42              
43             =head1 ATTRIBUTES
44              
45              
46             =head2 B<REQUIRED> ActionNames => ArrayRef[Str|Undef]
47              
48             A list of names of API actions to evaluate in the simulation. Each
49             action is evaluated for each resource. Each action must include the
50             service identifier, such as C<iam:CreateUser>.
51              
52              
53              
54             =head2 CallerArn => Str
55              
56             The ARN of the IAM user that you want to specify as the simulated
57             caller of the APIs. If you do not specify a C<CallerArn>, it defaults
58             to the ARN of the user that you specify in C<PolicySourceArn>, if you
59             specified a user. If you include both a C<PolicySourceArn> (for
60             example, C<arn:aws:iam::123456789012:user/David>) and a C<CallerArn>
61             (for example, C<arn:aws:iam::123456789012:user/Bob>), the result is
62             that you simulate calling the APIs as Bob, as if Bob had David's
63             policies.
64              
65             You can specify only the ARN of an IAM user. You cannot specify the ARN
66             of an assumed role, federated user, or a service principal.
67              
68             C<CallerArn> is required if you include a C<ResourcePolicy> and the
69             C<PolicySourceArn> is not the ARN for an IAM user. This is required so
70             that the resource-based policy's C<Principal> element has a value to
71             use in evaluating the policy.
72              
73             For more information about ARNs, see Amazon Resource Names (ARNs) and
74             AWS Service Namespaces in the I<AWS General Reference>.
75              
76              
77              
78             =head2 ContextEntries => ArrayRef[L<Paws::IAM::ContextEntry>]
79              
80             A list of context keys and corresponding values for the simulation to
81             use. Whenever a context key is evaluated in one of the simulated IAM
82             permission policies, the corresponding value is supplied.
83              
84              
85              
86             =head2 Marker => Str
87              
88             Use this parameter only when paginating results and only after you
89             receive a response indicating that the results are truncated. Set it to
90             the value of the C<Marker> element in the response that you received to
91             indicate where the next call should start.
92              
93              
94              
95             =head2 MaxItems => Int
96              
97             (Optional) Use this only when paginating results to indicate the
98             maximum number of items you want in the response. If additional items
99             exist beyond the maximum you specify, the C<IsTruncated> response
100             element is C<true>.
101              
102             If you do not include this parameter, it defaults to 100. Note that IAM
103             might return fewer results, even when there are more results available.
104             In that case, the C<IsTruncated> response element returns C<true> and
105             C<Marker> contains a value to include in the subsequent call that tells
106             the service where to continue from.
107              
108              
109              
110             =head2 PolicyInputList => ArrayRef[Str|Undef]
111              
112             An optional list of additional policy documents to include in the
113             simulation. Each document is specified as a string containing the
114             complete, valid JSON text of an IAM policy.
115              
116             The regex pattern used to validate this parameter is a string of
117             characters consisting of any printable ASCII character ranging from the
118             space character (\u0020) through end of the ASCII character range as
119             well as the printable characters in the Basic Latin and Latin-1
120             Supplement character set (through \u00FF). It also includes the special
121             characters tab (\u0009), line feed (\u000A), and carriage return
122             (\u000D).
123              
124              
125              
126             =head2 B<REQUIRED> PolicySourceArn => Str
127              
128             The Amazon Resource Name (ARN) of a user, group, or role whose policies
129             you want to include in the simulation. If you specify a user, group, or
130             role, the simulation includes all policies that are associated with
131             that entity. If you specify a user, the simulation also includes all
132             policies that are attached to any groups the user belongs to.
133              
134             For more information about ARNs, see Amazon Resource Names (ARNs) and
135             AWS Service Namespaces in the I<AWS General Reference>.
136              
137              
138              
139             =head2 ResourceArns => ArrayRef[Str|Undef]
140              
141             A list of ARNs of AWS resources to include in the simulation. If this
142             parameter is not provided then the value defaults to C<*> (all
143             resources). Each API in the C<ActionNames> parameter is evaluated for
144             each resource in this list. The simulation determines the access result
145             (allowed or denied) of each combination and reports it in the response.
146              
147             The simulation does not automatically retrieve policies for the
148             specified resources. If you want to include a resource policy in the
149             simulation, then you must include the policy as a string in the
150             C<ResourcePolicy> parameter.
151              
152             For more information about ARNs, see Amazon Resource Names (ARNs) and
153             AWS Service Namespaces in the I<AWS General Reference>.
154              
155              
156              
157             =head2 ResourceHandlingOption => Str
158              
159             Specifies the type of simulation to run. Different APIs that support
160             resource-based policies require different combinations of resources. By
161             specifying the type of simulation to run, you enable the policy
162             simulator to enforce the presence of the required resources to ensure
163             reliable simulation results. If your simulation does not match one of
164             the following scenarios, then you can omit this parameter. The
165             following list shows each of the supported scenario values and the
166             resources that you must define to run the simulation.
167              
168             Each of the EC2 scenarios requires that you specify instance, image,
169             and security-group resources. If your scenario includes an EBS volume,
170             then you must specify that volume as a resource. If the EC2 scenario
171             includes VPC, then you must supply the network-interface resource. If
172             it includes an IP subnet, then you must specify the subnet resource.
173             For more information on the EC2 scenario options, see Supported
174             Platforms in the I<AWS EC2 User Guide>.
175              
176             =over
177              
178             =item *
179              
180             B<EC2-Classic-InstanceStore>
181              
182             instance, image, security-group
183              
184             =item *
185              
186             B<EC2-Classic-EBS>
187              
188             instance, image, security-group, volume
189              
190             =item *
191              
192             B<EC2-VPC-InstanceStore>
193              
194             instance, image, security-group, network-interface
195              
196             =item *
197              
198             B<EC2-VPC-InstanceStore-Subnet>
199              
200             instance, image, security-group, network-interface, subnet
201              
202             =item *
203              
204             B<EC2-VPC-EBS>
205              
206             instance, image, security-group, network-interface, volume
207              
208             =item *
209              
210             B<EC2-VPC-EBS-Subnet>
211              
212             instance, image, security-group, network-interface, subnet, volume
213              
214             =back
215              
216              
217              
218              
219             =head2 ResourceOwner => Str
220              
221             An AWS account ID that specifies the owner of any simulated resource
222             that does not identify its owner in the resource ARN, such as an S3
223             bucket or object. If C<ResourceOwner> is specified, it is also used as
224             the account owner of any C<ResourcePolicy> included in the simulation.
225             If the C<ResourceOwner> parameter is not specified, then the owner of
226             the resources and the resource policy defaults to the account of the
227             identity provided in C<CallerArn>. This parameter is required only if
228             you specify a resource-based policy and account that owns the resource
229             is different from the account that owns the simulated calling user
230             C<CallerArn>.
231              
232              
233              
234             =head2 ResourcePolicy => Str
235              
236             A resource-based policy to include in the simulation provided as a
237             string. Each resource in the simulation is treated as if it had this
238             policy attached. You can include only one resource-based policy in a
239             simulation.
240              
241             The regex pattern used to validate this parameter is a string of
242             characters consisting of any printable ASCII character ranging from the
243             space character (\u0020) through end of the ASCII character range as
244             well as the printable characters in the Basic Latin and Latin-1
245             Supplement character set (through \u00FF). It also includes the special
246             characters tab (\u0009), line feed (\u000A), and carriage return
247             (\u000D).
248              
249              
250              
251              
252             =head1 SEE ALSO
253              
254             This class forms part of L<Paws>, documenting arguments for method SimulatePrincipalPolicy in L<Paws::IAM>
255              
256             =head1 BUGS and CONTRIBUTIONS
257              
258             The source code is located here: https://github.com/pplu/aws-sdk-perl
259              
260             Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues
261              
262             =cut
263