@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)", date="2023-05-19T23:08:45.977Z") @Stability(value=Stable) public class ManagedPolicy extends Resource implements IManagedPolicy
Example:
Role myRole = Role.Builder.create(this, "My Role") .assumedBy(new ServicePrincipal("lambda.amazonaws.com")) .build(); Function fn = Function.Builder.create(this, "MyFunction") .runtime(Runtime.NODEJS_16_X) .handler("index.handler") .code(Code.fromAsset(join(__dirname, "lambda-handler"))) .role(myRole) .build(); myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaBasicExecutionRole")); myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaVPCAccessExecutionRole"));
Modifier and Type | Class and Description |
---|---|
static class |
ManagedPolicy.Builder
A fluent builder for
ManagedPolicy . |
software.amazon.jsii.JsiiObject.InitializationMode
IManagedPolicy.Jsii$Default, IManagedPolicy.Jsii$Proxy
IResource.Jsii$Default
Modifier | Constructor and Description |
---|---|
|
ManagedPolicy(software.constructs.Construct scope,
String id) |
|
ManagedPolicy(software.constructs.Construct scope,
String id,
ManagedPolicyProps props) |
protected |
ManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
ManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
void |
addStatements(PolicyStatement... statement)
Adds a statement to the policy document.
|
void |
attachToGroup(IGroup group)
Attaches this policy to a group.
|
void |
attachToRole(IRole role)
Attaches this policy to a role.
|
void |
attachToUser(IUser user)
Attaches this policy to a user.
|
static IManagedPolicy |
fromAwsManagedPolicyName(String managedPolicyName)
Import a managed policy from one of the policies that AWS manages.
|
static IManagedPolicy |
fromManagedPolicyArn(software.constructs.Construct scope,
String id,
String managedPolicyArn)
Import an external managed policy by ARN.
|
static IManagedPolicy |
fromManagedPolicyName(software.constructs.Construct scope,
String id,
String managedPolicyName)
Import a customer managed policy from the managedPolicyName.
|
String |
getDescription()
The description of this policy.
|
PolicyDocument |
getDocument()
The policy document.
|
String |
getManagedPolicyArn()
Returns the ARN of this managed policy.
|
String |
getManagedPolicyName()
The name of this policy.
|
String |
getPath()
The path of this policy.
|
protected List<String> |
validate()
Validate the current construct.
|
applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
getNode
protected ManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef)
protected ManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
@Stability(value=Stable) public ManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable ManagedPolicyProps props)
scope
- This parameter is required.id
- This parameter is required.props
- @Stability(value=Stable) public ManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id)
scope
- This parameter is required.id
- This parameter is required.@Stability(value=Stable) @NotNull public static IManagedPolicy fromAwsManagedPolicyName(@NotNull String managedPolicyName)
For this managed policy, you only need to know the name to be able to use it.
Some managed policy names start with "service-role/", some start with "job-function/", and some don't start with anything. Include the prefix when constructing this object.
managedPolicyName
- This parameter is required.@Stability(value=Stable) @NotNull public static IManagedPolicy fromManagedPolicyArn(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String managedPolicyArn)
For this managed policy, you only need to know the ARN to be able to use it. This can be useful if you got the ARN from a CloudFormation Export.
If the imported Managed Policy ARN is a Token (such as a
CfnParameter.valueAsString
or a Fn.importValue()
) and the referenced
managed policy has a path
(like arn:...:policy/AdminPolicy/AdminAllow
), the
managedPolicyName
property will not resolve to the correct value. Instead it
will resolve to the first path component. We unfortunately cannot express
the correct calculation of the full path name as a CloudFormation
expression. In this scenario the Managed Policy ARN should be supplied without the
path
in order to resolve the correct managed policy resource.
scope
- construct scope. This parameter is required.id
- construct id. This parameter is required.managedPolicyArn
- the ARN of the managed policy to import. This parameter is required.@Stability(value=Stable) @NotNull public static IManagedPolicy fromManagedPolicyName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String managedPolicyName)
For this managed policy, you only need to know the name to be able to use it.
scope
- This parameter is required.id
- This parameter is required.managedPolicyName
- This parameter is required.@Stability(value=Stable) public void addStatements(@NotNull PolicyStatement... statement)
statement
- This parameter is required.@Stability(value=Stable) public void attachToGroup(@NotNull IGroup group)
group
- This parameter is required.@Stability(value=Stable) public void attachToRole(@NotNull IRole role)
role
- This parameter is required.@Stability(value=Stable) public void attachToUser(@NotNull IUser user)
user
- This parameter is required.@Stability(value=Stable) @NotNull protected List<String> validate()
This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.
@Stability(value=Stable) @NotNull public String getDescription()
@Stability(value=Stable) @NotNull public PolicyDocument getDocument()
@Stability(value=Stable) @NotNull public String getManagedPolicyArn()
getManagedPolicyArn
in interface IManagedPolicy
@Stability(value=Stable) @NotNull public String getManagedPolicyName()
@Stability(value=Stable) @NotNull public String getPath()
Copyright © 2023. All rights reserved.