AWS::VerifiedPermissions::PolicyStore ValidationSettings

A structure that contains Cedar policy validation settings for the policy store. The validation mode determines which validation failures that Cedar considers serious enough to block acceptance of a new or edited static policy or policy template.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Mode" : String
}

YAML


  Mode: String

Properties

Mode

The validation mode currently configured for this policy store. The valid values are:

OFF – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.
STRICT – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.

Important

If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.

To submit a static policy or policy template without a schema, you must turn off validation.

Required: Yes

Type: String

Allowed values: OFF | STRICT

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

SchemaDefinition

AWS::VerifiedPermissions::PolicyTemplate