Values.CreatePolicyOutputSourceCreates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a policy linked to a policy template. To create a static policy, provide the Cedar policy text in the StaticPolicy section of the PolicyDefinition. To create a policy that is dynamically linked to a policy template, specify the policy template ID and the principal and resource to associate with this policy in the templateLinked section of the PolicyDefinition. If the policy template is ever updated, any policies linked to the policy template automatically use the updated template. Creating a policy causes it to be validated against the schema in the policy store. If the policy doesn't pass validation, the operation fails and the policy isn't stored. Verified Permissions is eventually consistent . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.
type nonrec t = {policyStoreId : PolicyStoreId.t option;The ID of the policy store that contains the new policy.
*)policyId : PolicyId.t option;The unique ID of the new policy.
*)policyType : PolicyType.t option;The policy type of the new policy.
*)principal : EntityIdentifier.t option;The principal specified in the new policy's scope. This response element isn't present when principal isn't specified in the policy content.
*)resource : EntityIdentifier.t option;The resource specified in the new policy's scope. This response element isn't present when the resource isn't specified in the policy content.
*)actions : ActionIdentifierList.t option;The action that a policy permits or forbids. For example, {"actions": [{"actionId": "ViewPhoto", "actionType": "PhotoFlash::Action"}, {"entityID": "SharePhoto", "entityType": "PhotoFlash::Action"}]}.
*)createdDate : TimestampFormat.t option;The date and time the policy was originally created.
*)lastUpdatedDate : TimestampFormat.t option;The date and time the policy was last updated.
*)effect_ : PolicyEffect.t option;The effect of the decision that a policy returns to an authorization request. For example, "effect": "Permit".
*)}type nonrec error = [ | `AccessDeniedException of AccessDeniedException.t| `ConflictException of ConflictException.t| `InternalServerException of InternalServerException.t| `ResourceNotFoundException of ResourceNotFoundException.t| `ServiceQuotaExceededException of ServiceQuotaExceededException.t| `ThrottlingException of ThrottlingException.t| `ValidationException of ValidationException.t| `Unknown_operation_error of string * string option ]val error_of_json :
string ->
Yojson.Safe.t ->
[> `AccessDeniedException of AccessDeniedException.t
| `ConflictException of ConflictException.t
| `InternalServerException of InternalServerException.t
| `ResourceNotFoundException of ResourceNotFoundException.t
| `ServiceQuotaExceededException of ServiceQuotaExceededException.t
| `ThrottlingException of ThrottlingException.t
| `Unknown_operation_error of string * string option
| `ValidationException of ValidationException.t ]val error_of_xml :
string ->
Awso.Xml.t ->
[> `AccessDeniedException of AccessDeniedException.t
| `ConflictException of ConflictException.t
| `InternalServerException of InternalServerException.t
| `ResourceNotFoundException of ResourceNotFoundException.t
| `ServiceQuotaExceededException of ServiceQuotaExceededException.t
| `ThrottlingException of ThrottlingException.t
| `Unknown_operation_error of string * string option
| `ValidationException of ValidationException.t ]val to_value :
t ->
[> `Structure of
(string
* [> `Enum of string
| `List of
[> `Structure of (string * [> `String of ActionType.t ]) list ]
list
| `String of PolicyStoreId.t
| `Structure of (string * [> `String of EntityType.t ]) list
| `Timestamp of TimestampFormat.t ])
list ]