]>
Commit | Line | Data |
---|---|---|
31f18b77 FG |
1 | // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- |
2 | // vim: ts=8 sw=2 smarttab | |
3 | %language=C++ | |
c07f9fc5 | 4 | %compare-strncmp |
31f18b77 FG |
5 | %define class-name keyword_hash |
6 | %define lookup-function-name lookup | |
7 | %struct-type | |
8 | struct Keyword { | |
9 | const char* name; | |
10 | TokenKind kind; | |
11 | TokenID id; | |
12 | uint64_t specific; | |
13 | bool arrayable; | |
14 | bool objectable; | |
15 | }; | |
16 | %% | |
17 | # Top-level | |
18 | # | |
19 | Version, TokenKind::top, TokenID::Version, 0, false, false | |
20 | Id, TokenKind::top, TokenID::Id, 0, false, false | |
21 | Statement, TokenKind::top, TokenID::Statement, 0, true, true | |
22 | # | |
23 | # Statement level | |
24 | # | |
25 | Sid, TokenKind::statement, TokenID::Sid, 0, false, false | |
26 | Effect, TokenKind::statement, TokenID::Effect, 0, false, false | |
27 | Principal, TokenKind::statement, TokenID::Principal, 0, false, true | |
28 | NotPrincipal, TokenKind::statement, TokenID::NotPrincipal, 0, true, true | |
29 | Action, TokenKind::statement, TokenID::Action, 0, true, false | |
30 | NotAction, TokenKind::statement, TokenID::NotAction, 0, true, false | |
31 | Resource, TokenKind::statement, TokenID::Resource, 0, true, false | |
32 | NotResource, TokenKind::statement, TokenID::NotResource, 0, true, false | |
33 | Condition, TokenKind::statement, TokenID::Condition, 0, true, true | |
34 | # | |
35 | # Condition operators | |
36 | # | |
37 | # String | |
38 | StringEquals, TokenKind::cond_op, TokenID::StringEquals, (uint64_t) Type::string, true, true | |
39 | StringNotEquals, TokenKind::cond_op, TokenID::StringNotEquals, (uint64_t) Type::string, true, true | |
40 | StringEqualsIgnoreCase, TokenKind::cond_op, TokenID::StringEqualsIgnoreCase, (uint64_t) Type::string, true, true | |
41 | StringNotEqualsIgnoreCase, TokenKind::cond_op, TokenID::StringNotEqualsIgnoreCase, (uint64_t) Type::string, true, true | |
42 | StringLike, TokenKind::cond_op, TokenID::StringLike, (uint64_t) Type::string, true, true, | |
43 | StringNotLike, TokenKind::cond_op, TokenID::StringNotLike, (uint64_t) Type::string, true, true | |
44 | # Numeric | |
45 | NumericEquals, TokenKind::cond_op, TokenID::NumericEquals, (uint64_t) Type::number, true, true | |
46 | NumericNotEquals, TokenKind::cond_op, TokenID::NumericNotEquals, (uint64_t) Type::number, true, true | |
47 | NumericLessThan, TokenKind::cond_op, TokenID::NumericLessThan, (uint64_t) Type::number, true, true | |
48 | NumericLessThanEquals, TokenKind::cond_op, TokenID::NumericLessThanEquals, (uint64_t) Type::number, true, true | |
49 | NumericGreaterThan, TokenKind::cond_op, TokenID::NumericGreaterThan, (uint64_t) Type::number, true, true | |
50 | NumericGreaterThanEquals, TokenKind::cond_op, TokenID::NumericGreaterThanEquals, (uint64_t) Type::number, true, true | |
51 | # Date | |
52 | DateEquals, TokenKind::cond_op, TokenID::DateEquals, (uint64_t) Type::date, true, true | |
53 | DateNotEquals, TokenKind::cond_op, TokenID::DateNotEquals, (uint64_t) Type::date, true, true | |
54 | DateLessThan, TokenKind::cond_op, TokenID::DateLessThan, (uint64_t) Type::date, true, true | |
55 | DateLessThanEquals, TokenKind::cond_op, TokenID::DateLessThanEquals, (uint64_t) Type::date, true, true | |
56 | DateGreaterThan, TokenKind::cond_op, TokenID::DateGreaterThan, (uint64_t) Type::date, true, true | |
57 | DateGreaterThanEquals, TokenKind::cond_op, TokenID::DateGreaterThanEquals, (uint64_t) Type::date, true, true | |
58 | # Bool | |
59 | Bool, TokenKind::cond_op, TokenID::Bool, (uint64_t) Type::boolean, true, true | |
60 | # Binary | |
61 | BinaryEquals, TokenKind::cond_op, TokenID::BinaryEquals, (uint64_t) Type::binary, true, true | |
62 | # IP Address | |
63 | IpAddress, TokenKind::cond_op, TokenID::IpAddress, (uint64_t) Type::ipaddr, true, true | |
64 | NotIpAddress, TokenKind::cond_op, TokenID::NotIpAddress, (uint64_t) Type::ipaddr, true, true | |
65 | # Amazon Resource Names | |
66 | ArnEquals, TokenKind::cond_op, TokenID::ArnEquals, (uint64_t) Type::arn, true, true | |
67 | ArnNotEquals, TokenKind::cond_op, TokenID::ArnNotEquals, (uint64_t) Type::arn, true, true | |
68 | ArnLike, TokenKind::cond_op, TokenID::ArnLike, (uint64_t) Type::arn, true, true | |
69 | ArnNotLike, TokenKind::cond_op, TokenID::ArnNotLike, (uint64_t) Type::arn, true, true | |
70 | # Null | |
71 | Null, TokenKind::cond_op, TokenID::Null, (uint64_t) Type::null, true, true | |
72 | # | |
73 | # Condition keys | |
74 | # | |
75 | # AWS | |
76 | #aws:CurrentTime, TokenKind::cond_key, TokenID::awsCurrentTime, (uint64_t) Type::date, true, false | |
77 | #aws:EpochTime, TokenKind::cond_key, TokenID::awsEpochTime, (uint64_t) Type::date, true, false | |
78 | #aws:TokenIssueTime, TokenKind::cond_key, TokenID::awsTokenIssueTime, (uint64_t) Type::date, true, false | |
79 | #aws:MultiFactorAuthPresent, TokenKind::cond_key, TokenID::awsMultiFactorAuthPresent, (uint64_t) Type::boolean, true, false | |
80 | #aws:MultiFactorAuthAge, TokenKind::cond_key, TokenID::awsMultiFactorAuthAge, (uint64_t) Type::number, true, false | |
81 | #aws:PrincipalType, TokenKind::cond_key, TokenID::awsPrincipalType, (uint64_t) Type::string, true, false | |
82 | #aws:Referer, TokenKind::cond_key, TokenID::awsReferer, (uint64_t) Type::string, true, false | |
83 | #aws:SecureTransport, TokenKind::cond_key, TokenID::awsSecureTransport, (uint64_t) Type::boolean, true, false | |
84 | #aws:SourceArn, TokenKind::cond_key, TokenID::awsSourceArn, (uint64_t) Type::arn, true, false | |
85 | #aws:SourceIp, TokenKind::cond_key, TokenID::awsSourceIp, (uint64_t) Type::ipaddr, true, false | |
86 | #aws:SourceVpc, TokenKind::cond_key, TokenID::awsSourceVpc, (uint64_t) Type::string, true, false | |
87 | #aws:SourceVpce, TokenKind::cond_key, TokenID::awsSourceVpce, (uint64_t) Type::string, true, false | |
88 | #aws:UserAgent, TokenKind::cond_key, TokenID::awsUserAgent, (uint64_t) Type::string, true, false | |
89 | #aws:userid, TokenKind::cond_key, TokenID::awsuserid, (uint64_t) Type::string, true, false | |
90 | #aws:username, TokenKind::cond_key, TokenID::awsusername, (uint64_t) Type::string, true, false | |
91 | # S3 | |
92 | #s3:x-amz-acl, TokenKind::cond_key, TokenID::s3x_amz_acl, (uint64_t) Type::string, true, false | |
93 | #s3:x-amz-grant-read, TokenKind::cond_key, TokenID::s3x_amz_grant_permission, (uint64_t) Type::boolean, true, false | |
94 | #s3:x-amz-grant-write, TokenKind::cond_key, TokenID::s3x_amz_grant_permission, (uint64_t) Type::boolean, true, false | |
95 | #s3:x-amz-grant-read-acp, TokenKind::cond_key, TokenID::s3x_amz_grant_permission, (uint64_t) Type::boolean, true, false | |
96 | #s3:x-amz-grant-write-acp, TokenKind::cond_key, TokenID::s3x_amz_grant_permission, (uint64_t) Type::boolean, true, false | |
97 | #s3:x-amz-grant-full-control, TokenKind::cond_key, TokenID::s3x_amz_grant_permission, (uint64_t) Type::boolean, true, false | |
98 | #s3:x-amz-copy-source, TokenKind::cond_key, TokenID::s3x_amz_copy_source, (uint64_t) Type::string, true, false | |
99 | #s3:x-amz-server-side-encryption, TokenKind::cond_key, TokenID::s3x_amz_server_side_encryption, (uint64_t) Type::boolean, true, false | |
100 | #s3:x-amz-server-side-encryption-aws-kms-key-id, TokenKind::cond_key, TokenID::s3x_amz_server_side_encryption_aws_kms_key_id, (uint64_t) Type::arn, true, false | |
101 | #s3:x-amz-metadata-directive, TokenKind::cond_key, TokenID::s3x_amz_metadata_directive, (uint64_t) Type::string, true, false | |
102 | #s3:x-amz-storage-class, TokenKind::cond_key, TokenID::s3x_amz_storage_class, (uint64_t) Type::string, true, false | |
103 | #s3:VersionId, TokenKind::cond_key, TokenID::s3VersionId, (uint64_t) Type::string, true, false | |
104 | #s3:LocationConstraint, TokenKind::cond_key, TokenID::s3LocationConstraint, (uint64_t) Type::string, true, false | |
105 | #s3:prefix, TokenKind::cond_key, TokenID::s3prefix, (uint64_t) Type::string, true, false | |
106 | #s3:delimiter, TokenKind::cond_key, TokenID::s3delimiter, (uint64_t) Type::string, true, false | |
107 | #s3:max-keys, TokenKind::cond_key, TokenID::s3max_keys, (uint64_t) Type::number, true, false | |
108 | #s3:signatureversion, TokenKind::cond_key, TokenID::s3signatureversion, (uint64_t) Type::string, true, false | |
109 | #s3:authType, TokenKind::cond_key, TokenID::s3authType, (uint64_t) Type::string, true, false | |
110 | #s3:signatureAge, TokenKind::cond_key, TokenID::s3signatureAge, (uint64_t) Type::number, true, false | |
111 | #s3:x-amz-content-sha256, TokenKind::cond_key, TokenID::s3x_amz_content_sha256, (uint64_t) Type::string, true, false | |
11fdf7f2 TL |
112 | # STS |
113 | #sts:authentication, TokenKind::cond_key, TokenID::stsauthentication, (uint64_t) Type::boolean, true, false | |
31f18b77 FG |
114 | # |
115 | # Version Keywords | |
116 | # | |
117 | 2008-10-17, TokenKind::version_key, TokenID::v2008_10_17, (uint64_t) Version::v2008_10_17, false, false | |
118 | 2012-10-17, TokenKind::version_key, TokenID::v2012_10_17, (uint64_t) Version::v2012_10_17, false, false | |
119 | # | |
120 | # Effect Keywords | |
121 | # | |
122 | Allow, TokenKind::effect_key, TokenID::Allow, (uint64_t) Effect::Allow, false, false | |
123 | Deny, TokenKind::effect_key, TokenID::Deny, (uint64_t) Effect::Deny, false, false | |
124 | # | |
125 | # Principal types | |
126 | # | |
127 | AWS, TokenKind::princ_type, TokenID::AWS, 0, true, false | |
128 | Federated, TokenKind::princ_type, TokenID::Federated, 0, true, false | |
129 | Service, TokenKind::princ_type, TokenID::Service, 0, true, false | |
130 | CanonicalUser, TokenKind::princ_type, TokenID::CanonicalUser, 0, true, false |