GES Request Conditions
Request conditions are useful in determining when a custom policy takes effect. A request condition consists of a condition key and operator. Condition keys are either global or service-level and are used in the Condition element of a policy statement. Global condition keys (starting with g:) are available for operations of all services, while service-level condition keys (starting with a service name such as ges) are available only for operations of a specific service. An operator is used together with a condition key to form a complete condition statement.
GES has a group of predefined condition keys that can be used in IAM. For example, to define an allow permission, you can use the condition key hw:SourceIp to filter matching requesters by IP address. The following table shows the condition keys that apply to GES.
| Condition Key | Operator | Description |
|---|---|---|
| g:CurrentTime | Date and time | Time when an authentication request is received NOTE: The time is in ISO 8601 format, for example, 2012-11-11T23:59:59Z. |
| g:MFAPresent | Boolean | Whether multi-factor authentication is used during user login |
| g:UserId | String | User ID used for current login |
| g:UserName | String | Username used for current login |
| g:ProjectName | String | Project of the current login |
| g:DomainName | String | Domain of the current login |
Last Article: GES Resources
Next Article: Getting Started with GES
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.