Method: AWS::Policy::ConditionBlock#add

Defined in:
lib/aws/policy.rb

#add(operator, key, *values) ⇒ Object

Adds a condition to the block. This method defines a convenient set of abbreviations for operators based on the type of value passed in. For example:

conditions.add(:is, :secure_transport, true)

Maps to:

{ "Bool": { "aws:SecureTransport": true } }

While:

conditions.add(:is, :s3_prefix, "photos/")

Maps to:

{ "StringEquals": { "s3:prefix": "photos/" } }

The following list shows which operators are accepted as symbols and how they are represented in the JSON policy:

  • :is (StringEquals, NumericEquals, DateEquals, or Bool)

  • :like (StringLike)

  • :not_like (StringNotLike)

  • :not (StringNotEquals, NumericNotEquals, or DateNotEquals)

  • :greater_than, :gt (NumericGreaterThan or DateGreaterThan)

  • :greater_than_equals, :gte (NumericGreaterThanEquals or DateGreaterThanEquals)

  • :less_than, :lt (NumericLessThan or DateLessThan)

  • :less_than_equals, :lte (NumericLessThanEquals or DateLessThanEquals)

  • :is_ip_address (IpAddress)

  • :not_ip_address (NotIpAddress)

  • :is_arn (ArnEquals)

  • :not_arn (ArnNotEquals)

  • :is_arn_like (ArnLike)

  • :not_arn_like (ArnNotLike)

Parameters:

  • operator (Symbol or String)

    The operator used to compare the key with the value. See above for valid values and their interpretations.

  • key (Symbol or String)

    The key to compare. Symbol keys are inflected to match AWS conventions. By default, the key is assumed to be in the “aws” namespace, but if you prefix the symbol name with “s3_” it will be sent in the “s3” namespace. For example, :s3_prefix is sent as “s3:prefix” while :secure_transport is sent as “aws:SecureTransport”. See docs.amazonwebservices.com/AmazonS3/latest/dev/UsingResOpsConditions.html for a list of the available keys for each action in S3.

  • value

    The value to compare against. This can be:

    • a String

    • a number

    • a Date, DateTime, or Time

    • a boolean value

    This method does not attempt to validate that the values are valid for the operators or keys they are used with.



364
365
366
367
368
369
370
371
372
373
374
 
# File 'lib/aws/policy.rb', line 364

def add(operator, key, *values)
  if operator.kind_of?(Symbol)
    converted_values = values.map { |v| convert_value(v) }
  else
    converted_values = values
  end
  operator = translate_operator(operator, values.first)
  op = (@conditions[operator] ||= {})
  raise "duplicate #{operator} conditions for #{key}" if op[key]
  op[translate_key(key)] = converted_values
end