airflow.providers.amazon.aws.auth_manager.avp.facade
¶
Module Contents¶
Classes¶
Represent the parameters of |
|
Facade for Amazon Verified Permissions. |
Attributes¶
- class airflow.providers.amazon.aws.auth_manager.avp.facade.IsAuthorizedRequest[source]¶
Bases:
TypedDict
Represent the parameters of
is_authorized
method in AVP facade.
- class airflow.providers.amazon.aws.auth_manager.avp.facade.AwsAuthManagerAmazonVerifiedPermissionsFacade(context=None)[source]¶
Bases:
airflow.utils.log.logging_mixin.LoggingMixin
Facade for Amazon Verified Permissions.
Used as an intermediate layer between AWS auth manager and Amazon Verified Permissions.
- is_authorized(*, method, entity_type, user, entity_id=None, context=None)[source]¶
Make an authorization decision against Amazon Verified Permissions.
Check whether the user has permissions to access given resource.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod | str) – the method to perform. The method can also be a string if the action has been defined in a plugin. In that case, the action can be anything (e.g. can_do). See https://github.com/apache/airflow/issues/39144
entity_type (airflow.providers.amazon.aws.auth_manager.avp.entities.AvpEntities) – the entity type the user accesses
user (airflow.providers.amazon.aws.auth_manager.user.AwsAuthManagerUser | None) – the user
entity_id (str | None) – the entity ID the user accesses. If not provided, all entities of the type will be considered.
context (dict | None) – optional additional context to pass to Amazon Verified Permissions.
- get_batch_is_authorized_results(*, requests, user)[source]¶
Make a batch authorization decision against Amazon Verified Permissions.
Return a list of results for each request.
- Parameters
requests (collections.abc.Sequence[IsAuthorizedRequest]) – the list of requests containing the method, the entity_type and the entity ID
user (airflow.providers.amazon.aws.auth_manager.user.AwsAuthManagerUser) – the user
- batch_is_authorized(*, requests, user)[source]¶
Make a batch authorization decision against Amazon Verified Permissions.
Check whether the user has permissions to access all resources.
- Parameters
requests (collections.abc.Sequence[IsAuthorizedRequest]) – the list of requests containing the method, the entity_type and the entity ID
user (airflow.providers.amazon.aws.auth_manager.user.AwsAuthManagerUser | None) – the user
- get_batch_is_authorized_single_result(*, batch_is_authorized_results, request, user)[source]¶
Get a specific authorization result from the output of
get_batch_is_authorized_results
.- Parameters
batch_is_authorized_results (list[dict]) – the response from the
batch_is_authorized
APIrequest (IsAuthorizedRequest) – the request information. Used to find the result in the response.
user (airflow.providers.amazon.aws.auth_manager.user.AwsAuthManagerUser) – the user