Method: AWS::Policy::Statement#initialize

Defined in:

lib/aws/policy.rb

#initialize(opts = {}) {|_self| ... } ⇒ Statement

Constructs a new statement.

Parameters:

• opts (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (opts):

• :sid (String) —

  The statement ID. This is optional; if omitted, a UUID will be generated for the statement.

• :effect (String) —

  The statement effect, which must be either “Allow” or “Deny”. @see Policy#allow @see Policy#deny

• :principals (String or array of strings) —

  The account(s) affected by the statement. These should be AWS account IDs.

• :actions (Object) —

  The action or actions affected by the statement. These can be symbols or strings. If they are strings, you can use wildcard character “*” to match zero or more characters in the action name. Symbols are expected to match methods of S3::Client.

• :excluded_actions (Object) —

  Action or actions which are explicitly not affected by this statement. As with :actions, these may be symbols or strings.

• :resources (String or array of strings) —

  The resource(s) affected by the statement. These can be expressed as ARNs (e.g. arn:aws:s3:::mybucket/mykey) or you may omit the arn:aws:s3::: prefix and just give the path as bucket_name/key. You may use the wildcard character “*” to match zero or more characters in the resource name.

• :conditions (ConditionBlock or Hash) —

  Additional conditions that narrow the effect of the statement. It’s typically more convenient to use the ConditionBuilder instance returned from Policy#allow or Policy#deny to add conditions to a statement.

Yields:

• (_self)

Yield Parameters:

• _self (AWS::Policy::Statement) —

  the object that the method was called on

See Also:

• S3::Client

# File 'lib/aws/policy.rb', line 746

def initialize(opts = {})
  self.sid = UUIDTools::UUID.timestamp_create.to_s
  self.conditions = ConditionBlock.new

  parse_options(opts)

  yield(self) if block_given?
end