WORKERS AHEAD!
You are viewing the development documentation for the Apereo CAS server. The functionality presented here is not officially released yet. This is a work in progress and will be continually updated as development moves forward. You are most encouraged to test the changes presented.
Service Access Strategy - AWS Verified Permissions
Amazon Verified Permissions is a scalable permissions management and fine-grained authorization service for the applications that you build.
This access strategy builds an authorization request and submits it to Amazon Verified Permissions. The specifics of the authorization request are taught to CAS using the settings typically defined within the access strategy itself:
1
2
3
4
5
6
7
8
9
10
11
12
{
"@class": "org.apereo.cas.aws.authz.AmazonVerifiedPermissionsRegisteredServiceAccessStrategy",
"credentialAccessKey": "...",
"credentialSecretKey": "...",
"region": "us-east-1",
"policyStoreId": "...",
"actionId": "read",
"context": {
"@class": "java.util.LinkedHashMap",
"key": "value"
}
}
The following fields are available to this access strategy:
| Field | Purpose |
|---|---|
credentialAccessKey |
[1] (Optional) The access key used to authenticate the request. |
credentialSecretKey |
[1] (Optional) The secret key used to authenticate the request. |
region |
[1] (Optional) AWS region to use for authorization API requests. |
policyStoreId |
[1] (Optional) Policies in this policy store to use authorizations |
context |
(Optional) Additional context used for granular authorization decisions. |
actionId |
[1] Specifies the requested action to be authorized. |
[1] This field supports the Spring Expression Language syntax.