VerifiedPermissions / Client / get_policy_store

get_policy_store

VerifiedPermissions.Client.get_policy_store(**kwargs)

Retrieves details about a policy store.

See also: AWS API Documentation

Request Syntax

response = client.get_policy_store(
    policyStoreId='string',
    tags=True|False
)

Parameters:

• policyStoreId (string) –

  [REQUIRED]

  Specifies the ID of the policy store that you want information about.

• tags (boolean) –

  Specifies whether to return the tags that are attached to the policy store. If this parameter is included in the API call, the tags are returned, otherwise they are not returned.

  Note

  If this parameter is included in the API call but there are no tags attached to the policy store, the tags response parameter is omitted from the response.

Return type:

dict

Returns:

Response Syntax

{
    'policyStoreId': 'string',
    'arn': 'string',
    'validationSettings': {
        'mode': 'OFF'|'STRICT'
    },
    'createdDate': datetime(2015, 1, 1),
    'lastUpdatedDate': datetime(2015, 1, 1),
    'description': 'string',
    'deletionProtection': 'ENABLED'|'DISABLED',
    'cedarVersion': 'CEDAR_2'|'CEDAR_4',
    'tags': {
        'string': 'string'
    }
}

Response Structure

• (dict) –

  • policyStoreId (string) –

    The ID of the policy store;

  • arn (string) –

    The Amazon Resource Name (ARN) of the policy store.

  • validationSettings (dict) –

    The current validation settings for the policy store.

    • mode (string) –

      The validation mode currently configured for this policy store. The valid values are:

      • OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.

      • STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn’t store them in the policy store.

      Warning

      If Mode=STRICT and the policy store doesn’t contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

      To submit a static policy or policy template without a schema, you must turn off validation.

  • createdDate (datetime) –

    The date and time that the policy store was originally created.

  • lastUpdatedDate (datetime) –

    The date and time that the policy store was last updated.

  • description (string) –

    Descriptive text that you can provide to help with identification of the current policy store.

  • deletionProtection (string) –

    Specifies whether the policy store can be deleted. If enabled, the policy store can’t be deleted.

    The default state is DISABLED.

  • cedarVersion (string) –

    The version of the Cedar language used with policies, policy templates, and schemas in this policy store. For more information, see Amazon Verified Permissions upgrade to Cedar v4 FAQ.

  • tags (dict) –

    The list of tags associated with the policy store.

    • (string) –

      • (string) –

Exceptions

• VerifiedPermissions.Client.exceptions.ValidationException

• VerifiedPermissions.Client.exceptions.AccessDeniedException

• VerifiedPermissions.Client.exceptions.ResourceNotFoundException

• VerifiedPermissions.Client.exceptions.ThrottlingException

• VerifiedPermissions.Client.exceptions.InternalServerException