software.amazon.awscdk.services.iam

Interface ManagedPolicyProps

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

ManagedPolicyProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)",
           date="2022-09-19T20:26:39.776Z")
 @Stability(value=Stable)
public interface ManagedPolicyProps
extends software.amazon.jsii.JsiiSerializable

Properties for defining an IAM managed policy.

Example:

 Map<String, Object> policyDocument = Map.of(
         "Version", "2012-10-17",
         "Statement", List.of(Map.of(
                 "Sid", "FirstStatement",
                 "Effect", "Allow",
                 "Action", List.of("iam:ChangePassword"),
                 "Resource", "*"), Map.of(
                 "Sid", "SecondStatement",
                 "Effect", "Allow",
                 "Action", "s3:ListAllMyBuckets",
                 "Resource", "*"), Map.of(
                 "Sid", "ThirdStatement",
                 "Effect", "Allow",
                 "Action", List.of("s3:List*", "s3:Get*"),
                 "Resource", List.of("arn:aws:s3:::confidential-data", "arn:aws:s3:::confidential-data/*"),
                 "Condition", Map.of("Bool", Map.of("aws:MultiFactorAuthPresent", "true")))));
 PolicyDocument customPolicyDocument = PolicyDocument.fromJson(policyDocument);
 // You can pass this document as an initial document to a ManagedPolicy
 // or inline Policy.
 ManagedPolicy newManagedPolicy = ManagedPolicy.Builder.create(this, "MyNewManagedPolicy")
         .document(customPolicyDocument)
         .build();
 Policy newPolicy = Policy.Builder.create(this, "MyNewPolicy")
         .document(customPolicyDocument)
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	ManagedPolicyProps.Builder A builder for ManagedPolicyProps
static class	ManagedPolicyProps.Jsii$Proxy An implementation for ManagedPolicyProps

Method Summary

Modifier and Type	Method and Description
static ManagedPolicyProps.Builder	builder()
default String	getDescription() A description of the managed policy.
default PolicyDocument	getDocument() Initial PolicyDocument to use for this ManagedPolicy.
default List<IGroup>	getGroups() Groups to attach this policy to.
default String	getManagedPolicyName() The name of the managed policy.
default String	getPath() The path for the policy.
default List<IRole>	getRoles() Roles to attach this policy to.
default List<PolicyStatement>	getStatements() Initial set of permissions to add to this policy document.
default List<IUser>	getUsers() Users to attach this policy to.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Detail

getDescription

@Stability(value=Stable)
 @Nullable
default String getDescription()

A description of the managed policy.

Typically used to store information about the permissions defined in the policy. For example, "Grants access to production DynamoDB tables." The policy description is immutable. After a value is assigned, it cannot be changed.

Default: - empty

getDocument

@Stability(value=Stable)
 @Nullable
default PolicyDocument getDocument()

Initial PolicyDocument to use for this ManagedPolicy.

If omited, any PolicyStatement provided in the statements property will be applied against the empty default PolicyDocument.

Default: - An empty policy.

getGroups

@Stability(value=Stable)
 @Nullable
default List<IGroup> getGroups()

Groups to attach this policy to.

You can also use attachToGroup(group) to attach this policy to a group.

Default: - No groups.

getManagedPolicyName

@Stability(value=Stable)
 @Nullable
default String getManagedPolicyName()

The name of the managed policy.

If you specify multiple policies for an entity, specify unique names. For example, if you specify a list of policies for an IAM role, each policy must have a unique name.

Default: - A name is automatically generated.

getPath

@Stability(value=Stable)
 @Nullable
default String getPath()

The path for the policy.

This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (!) through the DEL character (), including most punctuation characters, digits, and upper and lowercased letters.

For more information about paths, see IAM Identifiers in the IAM User Guide.

Default: - "/"

getRoles

@Stability(value=Stable)
 @Nullable
default List<IRole> getRoles()

Roles to attach this policy to.

You can also use attachToRole(role) to attach this policy to a role.

Default: - No roles.

getStatements

@Stability(value=Stable)
 @Nullable
default List<PolicyStatement> getStatements()

Initial set of permissions to add to this policy document.

You can also use addPermission(statement) to add permissions later.

Default: - No statements.

getUsers

@Stability(value=Stable)
 @Nullable
default List<IUser> getUsers()

Users to attach this policy to.

You can also use attachToUser(user) to attach this policy to a user.

Default: - No users.

builder

@Stability(value=Stable)
static ManagedPolicyProps.Builder builder()

Returns:

a ManagedPolicyProps.Builder of ManagedPolicyProps