Skip to content

Create Policy Store

verifiedpermissions_create_policy_store R Documentation

Creates a policy store

Description

Creates a policy store. A policy store is a container for policy resources.

Although Cedar supports multiple namespaces, Verified Permissions currently supports only one namespace per policy store.

Verified Permissions is eventually consistent . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Usage

verifiedpermissions_create_policy_store(clientToken, validationSettings,
  description)

Arguments

clientToken

Specifies a unique, case-sensitive ID that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value..

If you don't provide this value, then Amazon Web Services generates a random one for you.

If you retry the operation with the same ClientToken, but with different parameters, the retry fails with an ConflictException error.

Verified Permissions recognizes a ClientToken for eight hours. After eight hours, the next request with the same parameters performs the operation again regardless of the value of ClientToken.

validationSettings

[required] Specifies the validation setting for this policy store.

Currently, the only valid and required value is Mode.

We recommend that you turn on STRICT mode only after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the update_policy_store. Then, when you have a schema defined, use update_policy_store again to turn validation back on.

description

Descriptive text that you can provide to help with identification of the current policy store.

Value

A list with the following syntax:

list(
  policyStoreId = "string",
  arn = "string",
  createdDate = as.POSIXct(
    "2015-01-01"
  ),
  lastUpdatedDate = as.POSIXct(
    "2015-01-01"
  )
)

Request syntax

svc$create_policy_store(
  clientToken = "string",
  validationSettings = list(
    mode = "OFF"|"STRICT"
  ),
  description = "string"
)