Condition
Statement Condition classes.
- class Condition(key, operator, values)
A representation of part of a statement condition in order to facilitate comparison.
- Parameters
operator (policyglass.condition.ConditionOperator) –
values (List[policyglass.condition.ConditionValue]) –
- Return type
- __init__(key, operator, values)
Create a new model by parsing and validating input data from keyword arguments.
Raises ValidationError if the input data cannot be parsed to form a valid model.
- Parameters
operator (policyglass.condition.ConditionOperator) –
values (List[policyglass.condition.ConditionValue]) –
- Return type
- classmethod factory(condition_collection)
- Parameters
condition_collection (policyglass.condition.RawConditionCollection) –
- Return type
FrozenSet[policyglass.condition.Condition]
- operator: policyglass.condition.ConditionOperator
- property reverse: policyglass.condition.Condition
Return a new condition which is the opposite of this condition.
- Raises
ValueError – If the operator is a type that cannot be reversed.
- values: List[policyglass.condition.ConditionValue]
- class ConditionKey
Condition Keys are case insensitive.
“Condition key names are not case-sensitive.” - IAM Reference Policy Elements
- class ConditionOperator
Condition Operator.
See IAM JSON policy elements: Condition operators for more.
- class ConditionValue
Condition values may or may not be case sensitive depending on the operator.
- class EffectiveCondition(inclusions, exclusions)
A pair of sets for inclusions and exclusion conditions.
- Parameters
inclusions (FrozenSet[policyglass.condition.Condition]) –
exclusions (FrozenSet[policyglass.condition.Condition]) –
- property exclusions
Conditions which must NOT be met
- classmethod factory(inclusions=None, exclusions=None)
Convert
not_conditions
toconditions
if possible.- Parameters
inclusions (Optional[FrozenSet[policyglass.condition.Condition]]) – The conditions that must be met.
exclusions (Optional[FrozenSet[policyglass.condition.Condition]]) – The conditions that must NOT be met.
- Return type
- property inclusions
Conditions which must be met
- OPERATOR_REVERSAL_INDEX = {ConditionOperator('ArnEquals'): ConditionOperator('ArnNotEquals'), ConditionOperator('ArnEqualsIfExists'): ConditionOperator('ArnNotEqualsIfExists'), ConditionOperator('ArnLike'): ConditionOperator('ArnNotLike'), ConditionOperator('ArnLikeIfExists'): ConditionOperator('ArnNotLikeIfExists'), ConditionOperator('ArnNotEquals'): ConditionOperator('ArnEquals'), ConditionOperator('ArnNotEqualsIfExists'): ConditionOperator('ArnEqualsIfExists'), ConditionOperator('ArnNotLike'): ConditionOperator('ArnLike'), ConditionOperator('ArnNotLikeIfExists'): ConditionOperator('ArnLikeIfExists'), ConditionOperator('DateEquals'): ConditionOperator('DateNotEquals'), ConditionOperator('DateEqualsIfExists'): ConditionOperator('DateNotEqualsIfExists'), ConditionOperator('DateGreaterThan'): ConditionOperator('DateLessThanEquals'), ConditionOperator('DateGreaterThanEquals'): ConditionOperator('DateLessThan'), ConditionOperator('DateGreaterThanEqualsIfExists'): ConditionOperator('DateLessThanIfExists'), ConditionOperator('DateGreaterThanIfExists'): ConditionOperator('DateLessThanEqualsIfExists'), ConditionOperator('DateLessThan'): ConditionOperator('DateGreaterThanEquals'), ConditionOperator('DateLessThanEquals'): ConditionOperator('DateGreaterThan'), ConditionOperator('DateLessThanEqualsIfExists'): ConditionOperator('DateGreaterThanIfExists'), ConditionOperator('DateLessThanIfExists'): ConditionOperator('DateGreaterThanEqualsIfExists'), ConditionOperator('DateNotEquals'): ConditionOperator('DateEquals'), ConditionOperator('DateNotEqualsIfExists'): ConditionOperator('DateEqualsIfExists'), ConditionOperator('IpAddress'): ConditionOperator('NotIpAddress'), ConditionOperator('IpAddressIfExists'): ConditionOperator('NotIpAddressIfExists'), ConditionOperator('NotIpAddress'): ConditionOperator('IpAddress'), ConditionOperator('NotIpAddressIfExists'): ConditionOperator('IpAddressIfExists'), ConditionOperator('NumericEquals'): ConditionOperator('NumericNotEquals'), ConditionOperator('NumericEqualsIfExists'): ConditionOperator('NumericNotEqualsIfExists'), ConditionOperator('NumericGreaterThan'): ConditionOperator('NumericLessThanEquals'), ConditionOperator('NumericGreaterThanEquals'): ConditionOperator('NumericLessThan'), ConditionOperator('NumericGreaterThanEqualsIfExists'): ConditionOperator('NumericLessThanIfExists'), ConditionOperator('NumericGreaterThanIfExists'): ConditionOperator('NumericLessThanEqualsIfExists'), ConditionOperator('NumericLessThan'): ConditionOperator('NumericGreaterThanEquals'), ConditionOperator('NumericLessThanEquals'): ConditionOperator('NumericGreaterThan'), ConditionOperator('NumericLessThanEqualsIfExists'): ConditionOperator('NumericGreaterThanIfExists'), ConditionOperator('NumericLessThanIfExists'): ConditionOperator('NumericGreaterThanEqualsIfExists'), ConditionOperator('NumericNotEquals'): ConditionOperator('NumericEquals'), ConditionOperator('NumericNotEqualsIfExists'): ConditionOperator('NumericEqualsIfExists'), ConditionOperator('StringEquals'): ConditionOperator('StringNotEquals'), ConditionOperator('StringEqualsIfExists'): ConditionOperator('StringNotEqualsIfExists'), ConditionOperator('StringEqualsIgnoreCase'): ConditionOperator('StringNotEqualsIgnoreCase'), ConditionOperator('StringEqualsIgnoreCaseIfExists'): ConditionOperator('StringNotEqualsIgnoreCaseIfExists'), ConditionOperator('StringLike'): ConditionOperator('StringNotLike'), ConditionOperator('StringLikeIfExists'): ConditionOperator('StringNotLikeIfExists'), ConditionOperator('StringNotEquals'): ConditionOperator('StringEquals'), ConditionOperator('StringNotEqualsIfExists'): ConditionOperator('StringEqualsIfExists'), ConditionOperator('StringNotEqualsIgnoreCase'): ConditionOperator('StringEqualsIgnoreCase'), ConditionOperator('StringNotEqualsIgnoreCaseIfExists'): ConditionOperator('StringEqualsIgnoreCaseIfExists'), ConditionOperator('StringNotLike'): ConditionOperator('StringLike'), ConditionOperator('StringNotLikeIfExists'): ConditionOperator('StringLikeIfExists')}
A list of operators and their opposite.
- class RawConditionCollection
A representation of a statement condition.
- property conditions: FrozenSet[policyglass.condition.Condition]
Return a list of Condition Shards.