Class PolicyStatementProps
Interface for creating a policy statement.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class PolicyStatementProps : Object, IPolicyStatementProps
Syntax (vb)
Public Class PolicyStatementProps
Inherits Object
Implements IPolicyStatementProps
Remarks
ExampleMetadata: infused
Examples
var accessLogsBucket = new Bucket(this, "AccessLogsBucket", new BucketProps {
ObjectOwnership = ObjectOwnership.BUCKET_OWNER_ENFORCED
});
accessLogsBucket.AddToResourcePolicy(
new PolicyStatement(new PolicyStatementProps {
Actions = new [] { "s3:*" },
Resources = new [] { accessLogsBucket.BucketArn, accessLogsBucket.ArnForObjects("*") },
Principals = new [] { new AnyPrincipal() }
}));
var bucket = new Bucket(this, "MyBucket", new BucketProps {
ServerAccessLogsBucket = accessLogsBucket,
ServerAccessLogsPrefix = "logs"
});
Synopsis
Constructors
PolicyStatementProps() |
Properties
Actions | List of actions to add to the statement. |
Conditions | Conditions to add to the statement. |
Effect | Whether to allow or deny the actions in this statement. |
NotActions | List of not actions to add to the statement. |
NotPrincipals | List of not principals to add to the statement. |
NotResources | NotResource ARNs to add to the statement. |
Principals | List of principals to add to the statement. |
Resources | Resource ARNs to add to the statement. |
Sid | The Sid (statement ID) is an optional identifier that you provide for the policy statement. |
Constructors
PolicyStatementProps()
public PolicyStatementProps()
Properties
Actions
List of actions to add to the statement.
public string[] Actions { get; set; }
Property Value
System.String[]
Remarks
Default: - no actions
Conditions
Conditions to add to the statement.
public IDictionary<string, object> Conditions { get; set; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Remarks
Default: - no condition
Effect
Whether to allow or deny the actions in this statement.
public Nullable<Effect> Effect { get; set; }
Property Value
System.Nullable<Effect>
Remarks
Default: Effect.ALLOW
NotActions
List of not actions to add to the statement.
public string[] NotActions { get; set; }
Property Value
System.String[]
Remarks
Default: - no not-actions
NotPrincipals
List of not principals to add to the statement.
public IPrincipal[] NotPrincipals { get; set; }
Property Value
Remarks
Default: - no not principals
NotResources
NotResource ARNs to add to the statement.
public string[] NotResources { get; set; }
Property Value
System.String[]
Remarks
Default: - no not-resources
Principals
List of principals to add to the statement.
public IPrincipal[] Principals { get; set; }
Property Value
Remarks
Default: - no principals
Resources
Resource ARNs to add to the statement.
public string[] Resources { get; set; }
Property Value
System.String[]
Remarks
Default: - no resources
Sid
The Sid (statement ID) is an optional identifier that you provide for the policy statement.
public string Sid { get; set; }
Property Value
System.String
Remarks
You can assign a Sid value to each statement in a statement array. In services that let you specify an ID element, such as SQS and SNS, the Sid value is just a sub-ID of the policy document's ID. In IAM, the Sid value must be unique within a JSON policy.
Default: - no sid