PolicyStatementProps¶

class aws_cdk.aws_iam.PolicyStatementProps(*, actions=None, conditions=None, effect=None, not_actions=None, not_principals=None, not_resources=None, principals=None, resources=None, sid=None)¶

Bases: object

__init__(*, actions=None, conditions=None, effect=None, not_actions=None, not_principals=None, not_resources=None, principals=None, resources=None, sid=None)¶

Interface for creating a policy statement.

Parameters

actions (Optional[List[str]]) – List of actions to add to the statement. Default: - no actions
conditions (Optional[Mapping[str, Any]]) – Conditions to add to the statement. Default: - no condition
effect (Optional[Effect]) – Whether to allow or deny the actions in this statement. Default: Effect.ALLOW
not_actions (Optional[List[str]]) – List of not actions to add to the statement. Default: - no not-actions
not_principals (Optional[List[IPrincipal]]) – List of not principals to add to the statement. Default: - no not principals
not_resources (Optional[List[str]]) – NotResource ARNs to add to the statement. Default: - no not-resources
principals (Optional[List[IPrincipal]]) – List of principals to add to the statement. Default: - no principals
resources (Optional[List[str]]) – Resource ARNs to add to the statement. Default: - no resources
sid (Optional[str]) – The Sid (statement ID) is an optional identifier that you provide for the policy statement. You can assign a Sid value to each statement in a statement array. In services that let you specify an ID element, such as SQS and SNS, the Sid value is just a sub-ID of the policy document’s ID. In IAM, the Sid value must be unique within a JSON policy. Default: - no sid

Return type

None

Attributes

actions¶

List of actions to add to the statement.

default :default: - no actions

Return type: Optional[List[str]]

conditions¶

Conditions to add to the statement.

default :default: - no condition

Return type: Optional[Mapping[str, Any]]

effect¶

Whether to allow or deny the actions in this statement.

default :default: Effect.ALLOW

Return type: Optional[Effect]

not_actions¶

List of not actions to add to the statement.

default :default: - no not-actions

Return type: Optional[List[str]]

not_principals¶

List of not principals to add to the statement.

default :default: - no not principals

Return type: Optional[List[IPrincipal]]

not_resources¶

NotResource ARNs to add to the statement.

default :default: - no not-resources

Return type: Optional[List[str]]

principals¶

List of principals to add to the statement.

default :default: - no principals

Return type: Optional[List[IPrincipal]]

resources¶

Resource ARNs to add to the statement.

default :default: - no resources

Return type: Optional[List[str]]

sid¶

The Sid (statement ID) is an optional identifier that you provide for the policy statement.

You can assign a Sid value to each statement in a statement array. In services that let you specify an ID element, such as SQS and SNS, the Sid value is just a sub-ID of the policy document’s ID. In IAM, the Sid value must be unique within a JSON policy.

default :default: - no sid

Return type: Optional[str]