/AWS1/CL_VPS=>BATCHISAUTHORIZED()
¶
About BatchIsAuthorized¶
Makes a series of decisions about multiple authorization requests for one principal or
resource. Each request contains the equivalent content of an IsAuthorized
request: principal, action, resource, and context. Either the principal
or
the resource
parameter must be identical across all requests. For example,
Verified Permissions won't evaluate a pair of requests where bob
views
photo1
and alice
views photo2
. Authorization
of bob
to view photo1
and photo2
, or
bob
and alice
to view photo1
, are valid
batches.
The request is evaluated against all policies in the specified policy store that match the
entities that you declare. The result of the decisions is a series of Allow
or Deny
responses, along with the IDs of the policies that produced each
decision.
The entities
of a BatchIsAuthorized
API request can contain
up to 100 principals and up to 100 resources. The requests
of a
BatchIsAuthorized
API request can contain up to 30 requests.
The BatchIsAuthorized
operation doesn't have its own IAM
permission. To authorize this operation for Amazon Web Services principals, include the permission
verifiedpermissions:IsAuthorized
in their IAM policies.
Method Signature¶
IMPORTING¶
Required arguments:¶
IV_POLICYSTOREID
TYPE /AWS1/VPSPOLICYSTOREID
/AWS1/VPSPOLICYSTOREID
¶
Specifies the ID of the policy store. Policies in this policy store will be used to make the authorization decisions for the input.
IT_REQUESTS
TYPE /AWS1/CL_VPSBTCISAUTHDINPITEM=>TT_BATCHISAUTHORIZEDINPUTLIST
TT_BATCHISAUTHORIZEDINPUTLIST
¶
An array of up to 30 requests that you want Verified Permissions to evaluate.
Optional arguments:¶
IO_ENTITIES
TYPE REF TO /AWS1/CL_VPSENTITIESDEFINITION
/AWS1/CL_VPSENTITIESDEFINITION
¶
Specifies the list of resources and principals and their associated attributes that Verified Permissions can examine when evaluating the policies.
You can include only principal and resource entities in this parameter; you can't include actions. You must specify actions in the schema.