Group

class aws_cdk.aws_iam.Group(scope, id, *, group_name=None, managed_policies=None, path=None)

Bases: aws_cdk.core.Resource

__init__(scope, id, *, group_name=None, managed_policies=None, path=None)
Parameters
  • scope (Construct) –

  • id (str) –

  • group_name (Optional[str]) – A name for the IAM group. For valid values, see the GroupName parameter for the CreateGroup action in the IAM API Reference. If you don’t specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name. If you specify a name, you must specify the CAPABILITY_NAMED_IAM value to acknowledge your template’s capabilities. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates. Default: Generated by CloudFormation (recommended)

  • managed_policies (Optional[List[IManagedPolicy]]) – A list of managed policies associated with this role. You can add managed policies later using addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName(policyName)). Default: - No managed policies.

  • path (Optional[str]) – The path to the group. For more information about paths, see IAM Identifiers in the IAM User Guide. Default: /

Return type

None

Methods

add_managed_policy(policy)

Attaches a managed policy to this group.

Parameters

policy (IManagedPolicy) – The managed policy to attach.

Return type

None

add_to_policy(statement)

Adds an IAM statement to the default policy.

Parameters

statement (PolicyStatement) –

Return type

bool

add_user(user)

Adds a user to this group.

Parameters

user (IUser) –

Return type

None

attach_inline_policy(policy)

Attaches a policy to this group.

Parameters

policy (Policy) – The policy to attach.

Return type

None

to_string()

Returns a string representation of this construct.

Return type

str

Attributes

assume_role_action

When this Principal is used in an AssumeRole policy, the action to use.

Return type

str

grant_principal

The principal to grant permissions to.

Return type

IPrincipal

group_arn

Returns the IAM Group ARN.

Return type

str

group_name

Returns the IAM Group Name.

Return type

str

node

The construct tree node associated with this construct.

Return type

ConstructNode

policy_fragment

Return the policy fragment that identifies this principal in a Policy.

Return type

PrincipalPolicyFragment

stack

The stack in which this resource is defined.

Return type

Stack

Static Methods

classmethod from_group_arn(scope, id, group_arn)

Imports a group from ARN.

Parameters
  • scope (Construct) –

  • id (str) –

  • group_arn (str) – (e.g. arn:aws:iam::account-id:group/group-name).

Return type

IGroup

classmethod is_construct(x)

Return whether the given object is a Construct.

Parameters

x (Any) –

Return type

bool