ManagedPolicyProps

class aws_cdk.aws_iam.ManagedPolicyProps(*, description=None, document=None, groups=None, managed_policy_name=None, path=None, roles=None, statements=None, users=None)

Bases: object

Properties for defining an IAM managed policy.

Parameters
  • description (Optional[str]) – A description of the managed policy. Typically used to store information about the permissions defined in the policy. For example, “Grants access to production DynamoDB tables.” The policy description is immutable. After a value is assigned, it cannot be changed. Default: - empty

  • document (Optional[PolicyDocument]) – Initial PolicyDocument to use for this ManagedPolicy. If omited, any PolicyStatement provided in the statements property will be applied against the empty default PolicyDocument. Default: - An empty policy.

  • groups (Optional[List[IGroup]]) – Groups to attach this policy to. You can also use attachToGroup(group) to attach this policy to a group. Default: - No groups.

  • managed_policy_name (Optional[str]) – The name of the managed policy. If you specify multiple policies for an entity, specify unique names. For example, if you specify a list of policies for an IAM role, each policy must have a unique name. Default: - A name is automatically generated.

  • path (Optional[str]) – The path for the policy. This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (!) through the DEL character (), including most punctuation characters, digits, and upper and lowercased letters. For more information about paths, see IAM Identifiers in the IAM User Guide. Default: - “/”

  • roles (Optional[List[IRole]]) – Roles to attach this policy to. You can also use attachToRole(role) to attach this policy to a role. Default: - No roles.

  • statements (Optional[List[PolicyStatement]]) – Initial set of permissions to add to this policy document. You can also use addPermission(statement) to add permissions later. Default: - No statements.

  • users (Optional[List[IUser]]) – Users to attach this policy to. You can also use attachToUser(user) to attach this policy to a user. Default: - No users.

Attributes

description

A description of the managed policy.

Typically used to store information about the permissions defined in the policy. For example, “Grants access to production DynamoDB tables.” The policy description is immutable. After a value is assigned, it cannot be changed.

Default
  • empty

Return type

Optional[str]

document

Initial PolicyDocument to use for this ManagedPolicy.

If omited, any PolicyStatement provided in the statements property will be applied against the empty default PolicyDocument.

Default
  • An empty policy.

Return type

Optional[PolicyDocument]

groups

Groups to attach this policy to.

You can also use attachToGroup(group) to attach this policy to a group.

Default
  • No groups.

Return type

Optional[List[IGroup]]

managed_policy_name

The name of the managed policy.

If you specify multiple policies for an entity, specify unique names. For example, if you specify a list of policies for an IAM role, each policy must have a unique name.

Default
  • A name is automatically generated.

Return type

Optional[str]

path

The path for the policy.

This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (!) through the DEL character (), including most punctuation characters, digits, and upper and lowercased letters.

For more information about paths, see IAM Identifiers in the IAM User Guide.

Default
  • “/”

Return type

Optional[str]

roles

Roles to attach this policy to.

You can also use attachToRole(role) to attach this policy to a role.

Default
  • No roles.

Return type

Optional[List[IRole]]

statements

Initial set of permissions to add to this policy document.

You can also use addPermission(statement) to add permissions later.

Default
  • No statements.

Return type

Optional[List[PolicyStatement]]

users

Users to attach this policy to.

You can also use attachToUser(user) to attach this policy to a user.

Default
  • No users.

Return type

Optional[List[IUser]]