ceph/src/rgw/rgw_iam_policy_keywords.h

   1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
   2 // vim: ts=8 sw=2 smarttab
   3
   4 #ifndef CEPH_RGW_POLICY_S3V2_KEYWORDS_H
   5 #define CEPH_RGW_POLICY_S3V2_KEYWORDS_H
   6
   7 namespace rgw {
   8 namespace IAM {
   9
  10 enum class TokenKind {
  11   pseudo, top, statement, cond_op, cond_key, version_key, effect_key,
  12   princ_type
  13 };
  14
  15 enum class TokenID {
  16   /// Pseudo-token
  17   Top,
  18
  19   /// Top-level tokens
  20   Version, Id, Statement,
  21
  22   /// Statement level tokens
  23   Sid, Effect, Principal, NotPrincipal, Action, NotAction,
  24   Resource, NotResource, Condition,
  25
  26   /// Condition Operators!
  27   /// Any of these, except Null, can have an IfExists variant.
  28
  29   // String!
  30   StringEquals, StringNotEquals, StringEqualsIgnoreCase,
  31   StringNotEqualsIgnoreCase, StringLike, StringNotLike,
  32
  33   // Numeric!
  34   NumericEquals, NumericNotEquals, NumericLessThan, NumericLessThanEquals,
  35   NumericGreaterThan, NumericGreaterThanEquals,
  36
  37   // Date!
  38   DateEquals, DateNotEquals, DateLessThan, DateLessThanEquals,
  39   DateGreaterThan, DateGreaterThanEquals,
  40
  41   // Bool!
  42   Bool,
  43
  44   // Binary!
  45   BinaryEquals,
  46
  47   // IP Address!
  48   IpAddress, NotIpAddress,
  49
  50   // Amazon Resource Names! (Does S3 need this?)
  51   ArnEquals, ArnNotEquals, ArnLike, ArnNotLike,
  52
  53   // Null!
  54   Null,
  55
  56 #if 0 // Keys are done at runtime now
  57
  58       /// Condition Keys!
  59   awsCurrentTime,
  60   awsEpochTime,
  61   awsTokenIssueTime,
  62   awsMultiFactorAuthPresent,
  63   awsMultiFactorAuthAge,
  64   awsPrincipalType,
  65   awsReferer,
  66   awsSecureTransport,
  67   awsSourceArn,
  68   awsSourceIp,
  69   awsSourceVpc,
  70   awsSourceVpce,
  71   awsUserAgent,
  72   awsuserid,
  73   awsusername,
  74   s3x_amz_acl,
  75   s3x_amz_grant_permission,
  76   s3x_amz_copy_source,
  77   s3x_amz_server_side_encryption,
  78   s3x_amz_server_side_encryption_aws_kms_key_id,
  79   s3x_amz_metadata_directive,
  80   s3x_amz_storage_class,
  81   s3VersionId,
  82   s3LocationConstraint,
  83   s3prefix,
  84   s3delimiter,
  85   s3max_keys,
  86   s3signatureversion,
  87   s3authType,
  88   s3signatureAge,
  89   s3x_amz_content_sha256,
  90 #else
  91   CondKey,
  92 #endif
  93
  94   ///
  95   /// Versions!
  96   ///
  97   v2008_10_17,
  98   v2012_10_17,
  99
 100   ///
 101   /// Effects!
 102   ///
 103   Allow,
 104   Deny,
 105
 106   /// Principal Types!
 107   AWS,
 108   Federated,
 109   Service,
 110   CanonicalUser
 111 };
 112
 113
 114 enum class Version {
 115   v2008_10_17,
 116   v2012_10_17
 117 };
 118
 119
 120 enum class Effect {
 121   Allow,
 122   Deny,
 123   Pass
 124 };
 125
 126 enum class Type {
 127   string,
 128   number,
 129   date,
 130   boolean,
 131   binary,
 132   ipaddr,
 133   arn,
 134   null
 135 };
 136 }
 137 }
 138
 139 #endif // CEPH_RGW_POLICY_S3V2_KEYWORDS_H