> For the complete documentation index, see [llms.txt](/llms.txt)
# GS2-Identifier Deploy/CDK Reference
The template format used when creating stacks with GS2-Deploy, and implementation examples of template output in various languages using CDK
## Entities
Resources managed by the Deploy operation
### Identifier
Credential
Credentials used to access the GS2 API.
A credential consists of a client ID and a client secret, and access using the credential is restricted based on the privileges of the user who owns the credential.
#### Request
Resource creation and update requests
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this credential. The credential inherits the permissions of this user based on the security policies attached to them. |
#### GetAttr
Resource creation results that can be retrieved using the [!GetAttr](/articles/tech/deploy/#getattr) tag
| | Type | Description |
| --- | --- | --- |
| Item | [Identifier](../sdk#identifier) | Created Credential
| ClientSecret | string | Client Secret
#### Implementation Example
**GS2-Deploy(YAML)**
```yaml
Type: GS2::Identifier::Identifier
Properties:
UserName: user-0001
```
**Go**
```go
import (
"github.com/gs2io/gs2-golang-cdk/core"
"github.com/gs2io/gs2-golang-cdk/identifier"
)
SampleStack := core.NewStack()
identifier.NewIdentifier(
&SampleStack,
"user-0001",
identifier.IdentifierOptions{},
)
println(SampleStack.Yaml()) // Generate Template
```
**PHP**
```php
class SampleStack extends \Gs2Cdk\Core\Model\Stack
{
function __construct() {
parent::__construct();
new \Gs2Cdk\Identifier\Model\Identifier(
stack: $this,
userName: "user-0001"
);
}
}
print((new SampleStack())->yaml()); // Generate Template
```
**Java**
```java
class SampleStack extends io.gs2.cdk.core.model.Stack
{
public SampleStack() {
super();
new io.gs2.cdk.identifier.model.Identifier(
this,
"user-0001"
);
}
}
System.out.println(new SampleStack().yaml()); // Generate Template
```
**C#**
```csharp
public class SampleStack : Gs2Cdk.Core.Model.Stack
{
public SampleStack() {
new Gs2Cdk.Gs2Identifier.Model.Identifier(
stack: this,
userName: "user-0001"
);
}
}
Debug.Log(new SampleStack().Yaml()); // Generate Template
```
**TypeScript**
```typescript
import core from "@/gs2cdk/core";
import identifier from "@/gs2cdk/identifier";
class SampleStack extends core.Stack
{
public constructor() {
super();
new identifier.model.Identifier(
this,
"user-0001"
);
}
}
console.log(new SampleStack().yaml()); // Generate Template
```
**Python**
```python
from gs2_cdk import Stack, core, identifier
class SampleStack(Stack):
def __init__(self):
super().__init__()
identifier.Identifier(
stack=self,
user_name='user-0001',
)
print(SampleStack().yaml()) # Generate Template
```
---
### Password
Password
Password for logging into the Management Console based on user permissions.
A password allows different accounts to log in to a single project and still limit the information they have access to.
#### Request
Resource creation and update requests
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | User Name
The name of the GS2-Identifier user who owns this password. The user logs into the management console with this user name and the corresponding password, and access is restricted based on the security policies attached to the user. |
| password | string | | ✓| | ~ 1024 chars | Password
The hashed password used for management console authentication. Set during password creation and verified against user input at login time. Stored internally and never returned through the API. |
#### GetAttr
Resource creation results that can be retrieved using the [!GetAttr](/articles/tech/deploy/#getattr) tag
| | Type | Description |
| --- | --- | --- |
| Item | [Password](../sdk#password) | Created Password
#### Implementation Example
**GS2-Deploy(YAML)**
```yaml
Type: GS2::Identifier::Password
Properties:
UserName: user-0001
Password: password-0001
```
**Go**
```go
import (
"github.com/gs2io/gs2-golang-cdk/core"
"github.com/gs2io/gs2-golang-cdk/identifier"
)
SampleStack := core.NewStack()
identifier.NewPassword(
&SampleStack,
"user-0001",
"password-0001",
identifier.PasswordOptions{},
)
println(SampleStack.Yaml()) // Generate Template
```
**PHP**
```php
class SampleStack extends \Gs2Cdk\Core\Model\Stack
{
function __construct() {
parent::__construct();
new \Gs2Cdk\Identifier\Model\Password(
stack: $this,
userName: "user-0001",
password: "password-0001"
);
}
}
print((new SampleStack())->yaml()); // Generate Template
```
**Java**
```java
class SampleStack extends io.gs2.cdk.core.model.Stack
{
public SampleStack() {
super();
new io.gs2.cdk.identifier.model.Password(
this,
"user-0001",
"password-0001"
);
}
}
System.out.println(new SampleStack().yaml()); // Generate Template
```
**C#**
```csharp
public class SampleStack : Gs2Cdk.Core.Model.Stack
{
public SampleStack() {
new Gs2Cdk.Gs2Identifier.Model.Password(
stack: this,
userName: "user-0001",
password: "password-0001"
);
}
}
Debug.Log(new SampleStack().Yaml()); // Generate Template
```
**TypeScript**
```typescript
import core from "@/gs2cdk/core";
import identifier from "@/gs2cdk/identifier";
class SampleStack extends core.Stack
{
public constructor() {
super();
new identifier.model.Password(
this,
"user-0001",
"password-0001"
);
}
}
console.log(new SampleStack().yaml()); // Generate Template
```
**Python**
```python
from gs2_cdk import Stack, core, identifier
class SampleStack(Stack):
def __init__(self):
super().__init__()
identifier.Password(
stack=self,
user_name='user-0001',
password='password-0001',
)
print(SampleStack().yaml()) # Generate Template
```
---
### AttachSecurityPolicy
Attached Security Policy
Manages the association between a GS2-Identifier user and their security policies. Each user has one attachment record that contains the list of security policy GRNs applied to that user. When the user's credentials are used for API access, all attached policies are evaluated to determine whether the requested operation is allowed or denied.
#### Request
Resource creation and update requests
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| userName | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| securityPolicyId | string | | ✓| | ~ 1024 chars | GRN of the Security Policy to assign |
#### GetAttr
Resource creation results that can be retrieved using the [!GetAttr](/articles/tech/deploy/#getattr) tag
| | Type | Description |
| --- | --- | --- |
| Items | [SecurityPolicy[]](../sdk#securitypolicy) | List of Security Policies assigned to a user
#### Implementation Example
**GS2-Deploy(YAML)**
```yaml
Type: GS2::Identifier::AttachSecurityPolicy
Properties:
UserName: user-0001
SecurityPolicyId: securityPolicyId-0001
```
**Go**
```go
import (
"github.com/gs2io/gs2-golang-cdk/core"
"github.com/gs2io/gs2-golang-cdk/identifier"
)
SampleStack := core.NewStack()
identifier.NewAttachSecurityPolicy(
&SampleStack,
"user-0001",
"securityPolicyId-0001",
identifier.AttachSecurityPolicyOptions{},
)
println(SampleStack.Yaml()) // Generate Template
```
**PHP**
```php
class SampleStack extends \Gs2Cdk\Core\Model\Stack
{
function __construct() {
parent::__construct();
new \Gs2Cdk\Identifier\Model\AttachSecurityPolicy(
stack: $this,
userName: "user-0001",
securityPolicyId: "securityPolicyId-0001"
);
}
}
print((new SampleStack())->yaml()); // Generate Template
```
**Java**
```java
class SampleStack extends io.gs2.cdk.core.model.Stack
{
public SampleStack() {
super();
new io.gs2.cdk.identifier.model.AttachSecurityPolicy(
this,
"user-0001",
"securityPolicyId-0001"
);
}
}
System.out.println(new SampleStack().yaml()); // Generate Template
```
**C#**
```csharp
public class SampleStack : Gs2Cdk.Core.Model.Stack
{
public SampleStack() {
new Gs2Cdk.Gs2Identifier.Model.AttachSecurityPolicy(
stack: this,
userName: "user-0001",
securityPolicyId: "securityPolicyId-0001"
);
}
}
Debug.Log(new SampleStack().Yaml()); // Generate Template
```
**TypeScript**
```typescript
import core from "@/gs2cdk/core";
import identifier from "@/gs2cdk/identifier";
class SampleStack extends core.Stack
{
public constructor() {
super();
new identifier.model.AttachSecurityPolicy(
this,
"user-0001",
"securityPolicyId-0001"
);
}
}
console.log(new SampleStack().yaml()); // Generate Template
```
**Python**
```python
from gs2_cdk import Stack, core, identifier
class SampleStack(Stack):
def __init__(self):
super().__init__()
identifier.AttachSecurityPolicy(
stack=self,
user_name='user-0001',
security_policy_id='securityPolicyId-0001',
)
print(SampleStack().yaml()) # Generate Template
```
---
### User
GS2-Identifier User
This entity represents a game developer who has access to the project.
The user has credentials for programmatic access and
A password can be registered that allows the user to log into the Management Console and manage the project based on the user's permissions.
#### Request
Resource creation and update requests
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| name | string | | ✓| | ~ 128 chars | GS2-Identifier User name
GS2-Unique Identifier User name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
#### GetAttr
Resource creation results that can be retrieved using the [!GetAttr](/articles/tech/deploy/#getattr) tag
| | Type | Description |
| --- | --- | --- |
| Item | [User](../sdk#user) | Created User
#### Implementation Example
**GS2-Deploy(YAML)**
```yaml
Type: GS2::Identifier::User
Properties:
Name: user-0001
Description: null
```
**Go**
```go
import (
"github.com/gs2io/gs2-golang-cdk/core"
"github.com/gs2io/gs2-golang-cdk/identifier"
)
SampleStack := core.NewStack()
identifier.NewUser(
&SampleStack,
"user-0001",
identifier.UserOptions{},
)
println(SampleStack.Yaml()) // Generate Template
```
**PHP**
```php
class SampleStack extends \Gs2Cdk\Core\Model\Stack
{
function __construct() {
parent::__construct();
new \Gs2Cdk\Identifier\Model\User(
stack: $this,
name: "user-0001"
);
}
}
print((new SampleStack())->yaml()); // Generate Template
```
**Java**
```java
class SampleStack extends io.gs2.cdk.core.model.Stack
{
public SampleStack() {
super();
new io.gs2.cdk.identifier.model.User(
this,
"user-0001"
);
}
}
System.out.println(new SampleStack().yaml()); // Generate Template
```
**C#**
```csharp
public class SampleStack : Gs2Cdk.Core.Model.Stack
{
public SampleStack() {
new Gs2Cdk.Gs2Identifier.Model.User(
stack: this,
name: "user-0001"
);
}
}
Debug.Log(new SampleStack().Yaml()); // Generate Template
```
**TypeScript**
```typescript
import core from "@/gs2cdk/core";
import identifier from "@/gs2cdk/identifier";
class SampleStack extends core.Stack
{
public constructor() {
super();
new identifier.model.User(
this,
"user-0001"
);
}
}
console.log(new SampleStack().yaml()); // Generate Template
```
**Python**
```python
from gs2_cdk import Stack, core, identifier
class SampleStack(Stack):
def __init__(self):
super().__init__()
identifier.User(
stack=self,
name='user-0001',
)
print(SampleStack().yaml()) # Generate Template
```
---
### SecurityPolicy
Security Policy
Define restrictions on the types of APIs that users can use and the resources they can access.
Access restriction rules are defined using JSON format definition data called policy documents.
For the specifications of policy documents, please refer to [the explanation page](/articles/tech/identifier/#security-policy) on policy documents in the development documents.
#### Request
Resource creation and update requests
| | Type | Condition | Required | Default | Value Limits | Description |
| --- | --- | --- | --- | --- | --- | --- |
| name | string | | ✓| | ~ 128 chars | Security Policy Name
Unique Security Policy name. Specified using alphanumeric characters, hyphens (-), underscores (_), and periods (.). |
| description | string | | | | ~ 1024 chars | Description |
| policy | string | | ✓| | ~ 524288 chars | Policy Document
A JSON document that defines the access control rules for this security policy. The document specifies which GS2 API actions are allowed or denied, and which resources (identified by GRN patterns) the rules apply to. Multiple statements can be combined to create fine-grained access control. Maximum 512KB. |
#### GetAttr
Resource creation results that can be retrieved using the [!GetAttr](/articles/tech/deploy/#getattr) tag
| | Type | Description |
| --- | --- | --- |
| Item | [SecurityPolicy](../sdk#securitypolicy) | Created security policy
#### Implementation Example
**GS2-Deploy(YAML)**
```yaml
Type: GS2::Identifier::SecurityPolicy
Properties:
Name: policy-0001
Description: null
Policy:
Version: "2016-04-01"
Statements:
- Effect: Allow
Actions:
- "*"
Resources:
- "*"
```
**Go**
```go
import (
"github.com/gs2io/gs2-golang-cdk/core"
"github.com/gs2io/gs2-golang-cdk/identifier"
)
SampleStack := core.NewStack()
identifier.NewSecurityPolicy(
&SampleStack,
"policy-0001",
identifier.NewPolicy(
[]identifier.Statement{
identifier.NewAllowAllStatement(),
},
),
identifier.SecurityPolicyOptions{},
)
println(SampleStack.Yaml()) // Generate Template
```
**PHP**
```php
class SampleStack extends \Gs2Cdk\Core\Model\Stack
{
function __construct() {
parent::__construct();
new \Gs2Cdk\Identifier\Model\SecurityPolicy(
stack: $this,
name: "policy-0001",
policy: new \Gs2Cdk\Identifier\Model\Policy([
\Gs2Cdk\Identifier\Model\Statement::allowAll()
])
);
}
}
print((new SampleStack())->yaml()); // Generate Template
```
**Java**
```java
class SampleStack extends io.gs2.cdk.core.model.Stack
{
public SampleStack() {
super();
new io.gs2.cdk.identifier.model.SecurityPolicy(
this,
"policy-0001",
new io.gs2.cdk.identifier.model.Policy(
Arrays.asList(
io.gs2.cdk.identifier.model.Statement.allowAll()
)
)
);
}
}
System.out.println(new SampleStack().yaml()); // Generate Template
```
**C#**
```csharp
public class SampleStack : Gs2Cdk.Core.Model.Stack
{
public SampleStack() {
new Gs2Cdk.Gs2Identifier.Model.SecurityPolicy(
stack: this,
name: "policy-0001",
policy: new Gs2Cdk.Gs2Identifier.Model.Policy(
new [] {
Gs2Cdk.Gs2Identifier.Model.Statement.AllowAll()
}
)
);
}
}
Debug.Log(new SampleStack().Yaml()); // Generate Template
```
**TypeScript**
```typescript
import core from "@/gs2cdk/core";
import identifier from "@/gs2cdk/identifier";
import Policy from "@/gs2cdk/identifier/model/Policy";
import Statement from "@/gs2cdk/identifier/model/Statement";
class SampleStack extends core.Stack
{
public constructor() {
super();
new identifier.model.SecurityPolicy(
this,
"policy-0001",
new Policy(
[
Statement.allowAll()
]
)
);
}
}
console.log(new SampleStack().yaml()); // Generate Template
```
**Python**
```python
from gs2_cdk import Stack, core, identifier
class SampleStack(Stack):
def __init__(self):
super().__init__()
identifier.SecurityPolicy(
stack=self,
name='policy-0001',
policy=identifier.Policy([
identifier.Statement.allow_all(),
]),
)
print(SampleStack().yaml()) # Generate Template
```
---