AWS SDK for C++  1.8.20
AWS SDK for C++
Public Member Functions | List of all members
Aws::IAM::Model::EvaluationResult Class Reference

#include <EvaluationResult.h>

Public Member Functions

 EvaluationResult ()
 
 EvaluationResult (const Aws::Utils::Xml::XmlNode &xmlNode)
 
EvaluationResultoperator= (const Aws::Utils::Xml::XmlNode &xmlNode)
 
void OutputToStream (Aws::OStream &ostream, const char *location, unsigned index, const char *locationValue) const
 
void OutputToStream (Aws::OStream &oStream, const char *location) const
 
const Aws::StringGetEvalActionName () const
 
bool EvalActionNameHasBeenSet () const
 
void SetEvalActionName (const Aws::String &value)
 
void SetEvalActionName (Aws::String &&value)
 
void SetEvalActionName (const char *value)
 
EvaluationResultWithEvalActionName (const Aws::String &value)
 
EvaluationResultWithEvalActionName (Aws::String &&value)
 
EvaluationResultWithEvalActionName (const char *value)
 
const Aws::StringGetEvalResourceName () const
 
bool EvalResourceNameHasBeenSet () const
 
void SetEvalResourceName (const Aws::String &value)
 
void SetEvalResourceName (Aws::String &&value)
 
void SetEvalResourceName (const char *value)
 
EvaluationResultWithEvalResourceName (const Aws::String &value)
 
EvaluationResultWithEvalResourceName (Aws::String &&value)
 
EvaluationResultWithEvalResourceName (const char *value)
 
const PolicyEvaluationDecisionTypeGetEvalDecision () const
 
bool EvalDecisionHasBeenSet () const
 
void SetEvalDecision (const PolicyEvaluationDecisionType &value)
 
void SetEvalDecision (PolicyEvaluationDecisionType &&value)
 
EvaluationResultWithEvalDecision (const PolicyEvaluationDecisionType &value)
 
EvaluationResultWithEvalDecision (PolicyEvaluationDecisionType &&value)
 
const Aws::Vector< Statement > & GetMatchedStatements () const
 
bool MatchedStatementsHasBeenSet () const
 
void SetMatchedStatements (const Aws::Vector< Statement > &value)
 
void SetMatchedStatements (Aws::Vector< Statement > &&value)
 
EvaluationResultWithMatchedStatements (const Aws::Vector< Statement > &value)
 
EvaluationResultWithMatchedStatements (Aws::Vector< Statement > &&value)
 
EvaluationResultAddMatchedStatements (const Statement &value)
 
EvaluationResultAddMatchedStatements (Statement &&value)
 
const Aws::Vector< Aws::String > & GetMissingContextValues () const
 
bool MissingContextValuesHasBeenSet () const
 
void SetMissingContextValues (const Aws::Vector< Aws::String > &value)
 
void SetMissingContextValues (Aws::Vector< Aws::String > &&value)
 
EvaluationResultWithMissingContextValues (const Aws::Vector< Aws::String > &value)
 
EvaluationResultWithMissingContextValues (Aws::Vector< Aws::String > &&value)
 
EvaluationResultAddMissingContextValues (const Aws::String &value)
 
EvaluationResultAddMissingContextValues (Aws::String &&value)
 
EvaluationResultAddMissingContextValues (const char *value)
 
const OrganizationsDecisionDetailGetOrganizationsDecisionDetail () const
 
bool OrganizationsDecisionDetailHasBeenSet () const
 
void SetOrganizationsDecisionDetail (const OrganizationsDecisionDetail &value)
 
void SetOrganizationsDecisionDetail (OrganizationsDecisionDetail &&value)
 
EvaluationResultWithOrganizationsDecisionDetail (const OrganizationsDecisionDetail &value)
 
EvaluationResultWithOrganizationsDecisionDetail (OrganizationsDecisionDetail &&value)
 
const PermissionsBoundaryDecisionDetailGetPermissionsBoundaryDecisionDetail () const
 
bool PermissionsBoundaryDecisionDetailHasBeenSet () const
 
void SetPermissionsBoundaryDecisionDetail (const PermissionsBoundaryDecisionDetail &value)
 
void SetPermissionsBoundaryDecisionDetail (PermissionsBoundaryDecisionDetail &&value)
 
EvaluationResultWithPermissionsBoundaryDecisionDetail (const PermissionsBoundaryDecisionDetail &value)
 
EvaluationResultWithPermissionsBoundaryDecisionDetail (PermissionsBoundaryDecisionDetail &&value)
 
const Aws::Map< Aws::String, PolicyEvaluationDecisionType > & GetEvalDecisionDetails () const
 
bool EvalDecisionDetailsHasBeenSet () const
 
void SetEvalDecisionDetails (const Aws::Map< Aws::String, PolicyEvaluationDecisionType > &value)
 
void SetEvalDecisionDetails (Aws::Map< Aws::String, PolicyEvaluationDecisionType > &&value)
 
EvaluationResultWithEvalDecisionDetails (const Aws::Map< Aws::String, PolicyEvaluationDecisionType > &value)
 
EvaluationResultWithEvalDecisionDetails (Aws::Map< Aws::String, PolicyEvaluationDecisionType > &&value)
 
EvaluationResultAddEvalDecisionDetails (const Aws::String &key, const PolicyEvaluationDecisionType &value)
 
EvaluationResultAddEvalDecisionDetails (Aws::String &&key, const PolicyEvaluationDecisionType &value)
 
EvaluationResultAddEvalDecisionDetails (const Aws::String &key, PolicyEvaluationDecisionType &&value)
 
EvaluationResultAddEvalDecisionDetails (Aws::String &&key, PolicyEvaluationDecisionType &&value)
 
EvaluationResultAddEvalDecisionDetails (const char *key, PolicyEvaluationDecisionType &&value)
 
EvaluationResultAddEvalDecisionDetails (const char *key, const PolicyEvaluationDecisionType &value)
 
const Aws::Vector< ResourceSpecificResult > & GetResourceSpecificResults () const
 
bool ResourceSpecificResultsHasBeenSet () const
 
void SetResourceSpecificResults (const Aws::Vector< ResourceSpecificResult > &value)
 
void SetResourceSpecificResults (Aws::Vector< ResourceSpecificResult > &&value)
 
EvaluationResultWithResourceSpecificResults (const Aws::Vector< ResourceSpecificResult > &value)
 
EvaluationResultWithResourceSpecificResults (Aws::Vector< ResourceSpecificResult > &&value)
 
EvaluationResultAddResourceSpecificResults (const ResourceSpecificResult &value)
 
EvaluationResultAddResourceSpecificResults (ResourceSpecificResult &&value)
 

Detailed Description

Contains the results of a simulation.

This data type is used by the return parameter of SimulateCustomPolicy and SimulatePrincipalPolicy .

See Also:

AWS API Reference

Definition at line 40 of file EvaluationResult.h.

Constructor & Destructor Documentation

◆ EvaluationResult() [1/2]

Aws::IAM::Model::EvaluationResult::EvaluationResult ( )

◆ EvaluationResult() [2/2]

Aws::IAM::Model::EvaluationResult::EvaluationResult ( const Aws::Utils::Xml::XmlNode xmlNode)

Member Function Documentation

◆ AddEvalDecisionDetails() [1/6]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddEvalDecisionDetails ( const Aws::String key,
const PolicyEvaluationDecisionType value 
)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 564 of file EvaluationResult.h.

◆ AddEvalDecisionDetails() [2/6]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddEvalDecisionDetails ( Aws::String &&  key,
const PolicyEvaluationDecisionType value 
)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 584 of file EvaluationResult.h.

◆ AddEvalDecisionDetails() [3/6]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddEvalDecisionDetails ( const Aws::String key,
PolicyEvaluationDecisionType &&  value 
)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 604 of file EvaluationResult.h.

◆ AddEvalDecisionDetails() [4/6]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddEvalDecisionDetails ( Aws::String &&  key,
PolicyEvaluationDecisionType &&  value 
)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 624 of file EvaluationResult.h.

◆ AddEvalDecisionDetails() [5/6]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddEvalDecisionDetails ( const char *  key,
PolicyEvaluationDecisionType &&  value 
)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 644 of file EvaluationResult.h.

◆ AddEvalDecisionDetails() [6/6]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddEvalDecisionDetails ( const char *  key,
const PolicyEvaluationDecisionType value 
)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 664 of file EvaluationResult.h.

◆ AddMatchedStatements() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddMatchedStatements ( const Statement value)
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 225 of file EvaluationResult.h.

◆ AddMatchedStatements() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddMatchedStatements ( Statement &&  value)
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 234 of file EvaluationResult.h.

◆ AddMissingContextValues() [1/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddMissingContextValues ( const Aws::String value)
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 319 of file EvaluationResult.h.

◆ AddMissingContextValues() [2/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddMissingContextValues ( Aws::String &&  value)
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 331 of file EvaluationResult.h.

◆ AddMissingContextValues() [3/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddMissingContextValues ( const char *  value)
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 343 of file EvaluationResult.h.

◆ AddResourceSpecificResults() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddResourceSpecificResults ( const ResourceSpecificResult value)
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 707 of file EvaluationResult.h.

◆ AddResourceSpecificResults() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::AddResourceSpecificResults ( ResourceSpecificResult &&  value)
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 713 of file EvaluationResult.h.

◆ EvalActionNameHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::EvalActionNameHasBeenSet ( ) const
inline

The name of the API operation tested on the indicated resource.

Definition at line 59 of file EvaluationResult.h.

◆ EvalDecisionDetailsHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::EvalDecisionDetailsHasBeenSet ( ) const
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 464 of file EvaluationResult.h.

◆ EvalDecisionHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::EvalDecisionHasBeenSet ( ) const
inline

The result of the simulation.

Definition at line 141 of file EvaluationResult.h.

◆ EvalResourceNameHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::EvalResourceNameHasBeenSet ( ) const
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 100 of file EvaluationResult.h.

◆ GetEvalActionName()

const Aws::String& Aws::IAM::Model::EvaluationResult::GetEvalActionName ( ) const
inline

The name of the API operation tested on the indicated resource.

Definition at line 54 of file EvaluationResult.h.

◆ GetEvalDecision()

const PolicyEvaluationDecisionType& Aws::IAM::Model::EvaluationResult::GetEvalDecision ( ) const
inline

The result of the simulation.

Definition at line 136 of file EvaluationResult.h.

◆ GetEvalDecisionDetails()

const Aws::Map<Aws::String, PolicyEvaluationDecisionType>& Aws::IAM::Model::EvaluationResult::GetEvalDecisionDetails ( ) const
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 444 of file EvaluationResult.h.

◆ GetEvalResourceName()

const Aws::String& Aws::IAM::Model::EvaluationResult::GetEvalResourceName ( ) const
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 95 of file EvaluationResult.h.

◆ GetMatchedStatements()

const Aws::Vector<Statement>& Aws::IAM::Model::EvaluationResult::GetMatchedStatements ( ) const
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 171 of file EvaluationResult.h.

◆ GetMissingContextValues()

const Aws::Vector<Aws::String>& Aws::IAM::Model::EvaluationResult::GetMissingContextValues ( ) const
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 247 of file EvaluationResult.h.

◆ GetOrganizationsDecisionDetail()

const OrganizationsDecisionDetail& Aws::IAM::Model::EvaluationResult::GetOrganizationsDecisionDetail ( ) const
inline

A structure that details how Organizations and its service control policies affect the results of the simulation. Only applies if the simulated user's account is part of an organization.

Definition at line 351 of file EvaluationResult.h.

◆ GetPermissionsBoundaryDecisionDetail()

const PermissionsBoundaryDecisionDetail& Aws::IAM::Model::EvaluationResult::GetPermissionsBoundaryDecisionDetail ( ) const
inline

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

Definition at line 393 of file EvaluationResult.h.

◆ GetResourceSpecificResults()

const Aws::Vector<ResourceSpecificResult>& Aws::IAM::Model::EvaluationResult::GetResourceSpecificResults ( ) const
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 671 of file EvaluationResult.h.

◆ MatchedStatementsHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::MatchedStatementsHasBeenSet ( ) const
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 180 of file EvaluationResult.h.

◆ MissingContextValuesHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::MissingContextValuesHasBeenSet ( ) const
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 259 of file EvaluationResult.h.

◆ operator=()

EvaluationResult& Aws::IAM::Model::EvaluationResult::operator= ( const Aws::Utils::Xml::XmlNode xmlNode)

◆ OrganizationsDecisionDetailHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::OrganizationsDecisionDetailHasBeenSet ( ) const
inline

A structure that details how Organizations and its service control policies affect the results of the simulation. Only applies if the simulated user's account is part of an organization.

Definition at line 358 of file EvaluationResult.h.

◆ OutputToStream() [1/2]

void Aws::IAM::Model::EvaluationResult::OutputToStream ( Aws::OStream ostream,
const char *  location,
unsigned  index,
const char *  locationValue 
) const

◆ OutputToStream() [2/2]

void Aws::IAM::Model::EvaluationResult::OutputToStream ( Aws::OStream oStream,
const char *  location 
) const

◆ PermissionsBoundaryDecisionDetailHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::PermissionsBoundaryDecisionDetailHasBeenSet ( ) const
inline

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

Definition at line 399 of file EvaluationResult.h.

◆ ResourceSpecificResultsHasBeenSet()

bool Aws::IAM::Model::EvaluationResult::ResourceSpecificResultsHasBeenSet ( ) const
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 677 of file EvaluationResult.h.

◆ SetEvalActionName() [1/3]

void Aws::IAM::Model::EvaluationResult::SetEvalActionName ( const Aws::String value)
inline

The name of the API operation tested on the indicated resource.

Definition at line 64 of file EvaluationResult.h.

◆ SetEvalActionName() [2/3]

void Aws::IAM::Model::EvaluationResult::SetEvalActionName ( Aws::String &&  value)
inline

The name of the API operation tested on the indicated resource.

Definition at line 69 of file EvaluationResult.h.

◆ SetEvalActionName() [3/3]

void Aws::IAM::Model::EvaluationResult::SetEvalActionName ( const char *  value)
inline

The name of the API operation tested on the indicated resource.

Definition at line 74 of file EvaluationResult.h.

◆ SetEvalDecision() [1/2]

void Aws::IAM::Model::EvaluationResult::SetEvalDecision ( const PolicyEvaluationDecisionType value)
inline

The result of the simulation.

Definition at line 146 of file EvaluationResult.h.

◆ SetEvalDecision() [2/2]

void Aws::IAM::Model::EvaluationResult::SetEvalDecision ( PolicyEvaluationDecisionType &&  value)
inline

The result of the simulation.

Definition at line 151 of file EvaluationResult.h.

◆ SetEvalDecisionDetails() [1/2]

void Aws::IAM::Model::EvaluationResult::SetEvalDecisionDetails ( const Aws::Map< Aws::String, PolicyEvaluationDecisionType > &  value)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 484 of file EvaluationResult.h.

◆ SetEvalDecisionDetails() [2/2]

void Aws::IAM::Model::EvaluationResult::SetEvalDecisionDetails ( Aws::Map< Aws::String, PolicyEvaluationDecisionType > &&  value)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 504 of file EvaluationResult.h.

◆ SetEvalResourceName() [1/3]

void Aws::IAM::Model::EvaluationResult::SetEvalResourceName ( const Aws::String value)
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 105 of file EvaluationResult.h.

◆ SetEvalResourceName() [2/3]

void Aws::IAM::Model::EvaluationResult::SetEvalResourceName ( Aws::String &&  value)
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 110 of file EvaluationResult.h.

◆ SetEvalResourceName() [3/3]

void Aws::IAM::Model::EvaluationResult::SetEvalResourceName ( const char *  value)
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 115 of file EvaluationResult.h.

◆ SetMatchedStatements() [1/2]

void Aws::IAM::Model::EvaluationResult::SetMatchedStatements ( const Aws::Vector< Statement > &  value)
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 189 of file EvaluationResult.h.

◆ SetMatchedStatements() [2/2]

void Aws::IAM::Model::EvaluationResult::SetMatchedStatements ( Aws::Vector< Statement > &&  value)
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 198 of file EvaluationResult.h.

◆ SetMissingContextValues() [1/2]

void Aws::IAM::Model::EvaluationResult::SetMissingContextValues ( const Aws::Vector< Aws::String > &  value)
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 271 of file EvaluationResult.h.

◆ SetMissingContextValues() [2/2]

void Aws::IAM::Model::EvaluationResult::SetMissingContextValues ( Aws::Vector< Aws::String > &&  value)
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 283 of file EvaluationResult.h.

◆ SetOrganizationsDecisionDetail() [1/2]

void Aws::IAM::Model::EvaluationResult::SetOrganizationsDecisionDetail ( const OrganizationsDecisionDetail value)
inline

A structure that details how Organizations and its service control policies affect the results of the simulation. Only applies if the simulated user's account is part of an organization.

Definition at line 365 of file EvaluationResult.h.

◆ SetOrganizationsDecisionDetail() [2/2]

void Aws::IAM::Model::EvaluationResult::SetOrganizationsDecisionDetail ( OrganizationsDecisionDetail &&  value)
inline

A structure that details how Organizations and its service control policies affect the results of the simulation. Only applies if the simulated user's account is part of an organization.

Definition at line 372 of file EvaluationResult.h.

◆ SetPermissionsBoundaryDecisionDetail() [1/2]

void Aws::IAM::Model::EvaluationResult::SetPermissionsBoundaryDecisionDetail ( const PermissionsBoundaryDecisionDetail value)
inline

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

Definition at line 405 of file EvaluationResult.h.

◆ SetPermissionsBoundaryDecisionDetail() [2/2]

void Aws::IAM::Model::EvaluationResult::SetPermissionsBoundaryDecisionDetail ( PermissionsBoundaryDecisionDetail &&  value)
inline

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

Definition at line 411 of file EvaluationResult.h.

◆ SetResourceSpecificResults() [1/2]

void Aws::IAM::Model::EvaluationResult::SetResourceSpecificResults ( const Aws::Vector< ResourceSpecificResult > &  value)
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 683 of file EvaluationResult.h.

◆ SetResourceSpecificResults() [2/2]

void Aws::IAM::Model::EvaluationResult::SetResourceSpecificResults ( Aws::Vector< ResourceSpecificResult > &&  value)
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 689 of file EvaluationResult.h.

◆ WithEvalActionName() [1/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalActionName ( const Aws::String value)
inline

The name of the API operation tested on the indicated resource.

Definition at line 79 of file EvaluationResult.h.

◆ WithEvalActionName() [2/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalActionName ( Aws::String &&  value)
inline

The name of the API operation tested on the indicated resource.

Definition at line 84 of file EvaluationResult.h.

◆ WithEvalActionName() [3/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalActionName ( const char *  value)
inline

The name of the API operation tested on the indicated resource.

Definition at line 89 of file EvaluationResult.h.

◆ WithEvalDecision() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalDecision ( const PolicyEvaluationDecisionType value)
inline

The result of the simulation.

Definition at line 156 of file EvaluationResult.h.

◆ WithEvalDecision() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalDecision ( PolicyEvaluationDecisionType &&  value)
inline

The result of the simulation.

Definition at line 161 of file EvaluationResult.h.

◆ WithEvalDecisionDetails() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalDecisionDetails ( const Aws::Map< Aws::String, PolicyEvaluationDecisionType > &  value)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 524 of file EvaluationResult.h.

◆ WithEvalDecisionDetails() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalDecisionDetails ( Aws::Map< Aws::String, PolicyEvaluationDecisionType > &&  value)
inline

Additional details about the results of the cross-account evaluation decision. This parameter is populated for only cross-account simulations. It contains a brief summary of how each policy type contributes to the final evaluation decision.

If the simulation evaluates policies within the same account and includes a resource ARN, then the parameter is present but the response is empty. If the simulation evaluates policies within the same account and specifies all resources (*), then the parameter is not returned.

When you make a cross-account request, AWS evaluates the request in the trusting account and the trusted account. The request is allowed only if both evaluations return true. For more information about how policies are evaluated, see Evaluating Policies Within a Single Account.

If an AWS Organizations SCP included in the evaluation denies access, the simulation ends. In this case, policy evaluation does not proceed any further and this parameter is not returned.

Definition at line 544 of file EvaluationResult.h.

◆ WithEvalResourceName() [1/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalResourceName ( const Aws::String value)
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 120 of file EvaluationResult.h.

◆ WithEvalResourceName() [2/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalResourceName ( Aws::String &&  value)
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 125 of file EvaluationResult.h.

◆ WithEvalResourceName() [3/3]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithEvalResourceName ( const char *  value)
inline

The ARN of the resource that the indicated API operation was tested on.

Definition at line 130 of file EvaluationResult.h.

◆ WithMatchedStatements() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithMatchedStatements ( const Aws::Vector< Statement > &  value)
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 207 of file EvaluationResult.h.

◆ WithMatchedStatements() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithMatchedStatements ( Aws::Vector< Statement > &&  value)
inline

A list of the statements in the input policies that determine the result for this scenario. Remember that even if multiple statements allow the operation on the resource, if only one statement denies that operation, then the explicit deny overrides any allow. In addition, the deny statement is the only entry included in the result.

Definition at line 216 of file EvaluationResult.h.

◆ WithMissingContextValues() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithMissingContextValues ( const Aws::Vector< Aws::String > &  value)
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 295 of file EvaluationResult.h.

◆ WithMissingContextValues() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithMissingContextValues ( Aws::Vector< Aws::String > &&  value)
inline

A list of context keys that are required by the included input policies but that were not provided by one of the input parameters. This list is used when the resource in a simulation is "*", either explicitly, or when the ResourceArns parameter blank. If you include a list of resources, then any missing context values are instead included under the ResourceSpecificResults section. To discover the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.

Definition at line 307 of file EvaluationResult.h.

◆ WithOrganizationsDecisionDetail() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithOrganizationsDecisionDetail ( const OrganizationsDecisionDetail value)
inline

A structure that details how Organizations and its service control policies affect the results of the simulation. Only applies if the simulated user's account is part of an organization.

Definition at line 379 of file EvaluationResult.h.

◆ WithOrganizationsDecisionDetail() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithOrganizationsDecisionDetail ( OrganizationsDecisionDetail &&  value)
inline

A structure that details how Organizations and its service control policies affect the results of the simulation. Only applies if the simulated user's account is part of an organization.

Definition at line 386 of file EvaluationResult.h.

◆ WithPermissionsBoundaryDecisionDetail() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithPermissionsBoundaryDecisionDetail ( const PermissionsBoundaryDecisionDetail value)
inline

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

Definition at line 417 of file EvaluationResult.h.

◆ WithPermissionsBoundaryDecisionDetail() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithPermissionsBoundaryDecisionDetail ( PermissionsBoundaryDecisionDetail &&  value)
inline

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

Definition at line 423 of file EvaluationResult.h.

◆ WithResourceSpecificResults() [1/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithResourceSpecificResults ( const Aws::Vector< ResourceSpecificResult > &  value)
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 695 of file EvaluationResult.h.

◆ WithResourceSpecificResults() [2/2]

EvaluationResult& Aws::IAM::Model::EvaluationResult::WithResourceSpecificResults ( Aws::Vector< ResourceSpecificResult > &&  value)
inline

The individual results of the simulation of the API operation specified in EvalActionName on each resource.

Definition at line 701 of file EvaluationResult.h.


The documentation for this class was generated from the following file: