Condition Class

AWS access control policy conditions are contained in Statement objects, and affect when a statement is applied. For example, a statement that allows access to an Amazon SQS queue could use a condition to only apply the effect of that statement for requests that are made before a certain date, or that originate from a range of IP addresses.

Multiple conditions can be included in a single statement, and all conditions must evaluate to true in order for the statement to take effect.

The set of conditions is D in the statement "A has permission to do B to C where D applies."

A condition is composed of three parts:

Condition Key: The condition key declares which value of a request to pull in and compare against when a policy is evaluated by AWS. For example, using SOURCE_IP_CONDITION_KEY will cause AWS to pull in the current request's source IP as the first value to compare against every time your policy is evaluated.
Comparison Type: This is a static value used as the second value in the comparison when your policy is evaluated. Depending on the comparison type, this value can optionally use wildcards. See the documentation for individual comparison types for more information.
Comparison Value: This is a static value used as the second value in the comparison when your policy is evaluated. Depending on the comparison type, this value can optionally use wildcards. See the documentation for individual comparison types for more information.

Declaration Syntax

public class Condition

Members

Icon	Member	Description
	Condition()()()()	Initializes a new instance of the Condition class
	Condition(String, String, array<String>[]()[][])	Initializes a new instance of the Condition class
	ConditionKey	Gets and Sets the name of the condition key involved in this condition. Condition keys are predefined values supported by AWS that provide input to a condition's evaluation, such as the current time, or the IP address of the incoming request. Your policy is evaluated for each incoming request, and condition keys specify what information to pull out of those incoming requests and plug into the conditions in your policy.
	Equals(Object)	Determines whether the specified Object is equal to the current Object. (Inherited from Object.)
	GetHashCode()()()()	Serves as a hash function for a particular type. (Inherited from Object.)
	GetType()()()()	Gets the type of the current instance. (Inherited from Object.)
	ToString()()()()	Returns a string that represents the current object. (Inherited from Object.)
	Type	Gets the type of this condition.
	Values	Gets and Sets the values specified for this access control policy condition. For example, in a condition that compares the incoming IP address of a request to a specified range of IP addresses, the range of IP addresses is the single value in the condition. Most conditions accept only one value, but multiple values are possible.

Inheritance Hierarchy

Object
	Condition

Assembly: AWSSDK (Module: AWSSDK) Version: 1.5.60.0 (1.5.60.0)

All Members	Constructors	Methods	Properties
Public Protected		Instance Static		Declared Inherited