ManagedPolicy (AWS CDK 1.202.0 API)

java.lang.Object
- software.amazon.jsii.JsiiObject
- - software.constructs.Construct
  - - software.amazon.awscdk.core.Construct
    - - software.amazon.awscdk.core.Resource
      - software.amazon.awscdk.services.iam.ManagedPolicy

All Implemented Interfaces:: IDependable, IResource, IManagedPolicy, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct

Direct Known Subclasses:: UntrustedCodeBoundaryPolicy

@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)",
           date="2023-05-19T23:08:45.977Z")
 @Stability(value=Stable)
public class ManagedPolicy
extends Resource
implements IManagedPolicy

Managed policy.

Example:

 Role myRole = Role.Builder.create(this, "My Role")
         .assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
         .build();
 Function fn = Function.Builder.create(this, "MyFunction")
         .runtime(Runtime.NODEJS_16_X)
         .handler("index.handler")
         .code(Code.fromAsset(join(__dirname, "lambda-handler")))
         .role(myRole)
         .build();
 myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaBasicExecutionRole"));
 myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaVPCAccessExecutionRole"));

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class ManagedPolicy.Builder
A fluent builder for ManagedPolicy.
- Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
  software.amazon.jsii.JsiiObject.InitializationMode
- Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IManagedPolicy
  IManagedPolicy.Jsii$Default, IManagedPolicy.Jsii$Proxy
- Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IResource
  IResource.Jsii$Default

Nested Classes
Modifier and Type	Class and Description
`static class`	`ManagedPolicy.Builder` A fluent builder for `ManagedPolicy`.

Constructor Summary

Constructors
Modifier	Constructor and Description
	`ManagedPolicy(software.constructs.Construct scope, String id)`
	`ManagedPolicy(software.constructs.Construct scope, String id, ManagedPolicyProps props)`
`protected`	`ManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)`
`protected`	`ManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`addStatements(PolicyStatement... statement)` Adds a statement to the policy document.
`void`	`attachToGroup(IGroup group)` Attaches this policy to a group.
`void`	`attachToRole(IRole role)` Attaches this policy to a role.
`void`	`attachToUser(IUser user)` Attaches this policy to a user.
`static IManagedPolicy`	`fromAwsManagedPolicyName(String managedPolicyName)` Import a managed policy from one of the policies that AWS manages.
`static IManagedPolicy`	`fromManagedPolicyArn(software.constructs.Construct scope, String id, String managedPolicyArn)` Import an external managed policy by ARN.
`static IManagedPolicy`	`fromManagedPolicyName(software.constructs.Construct scope, String id, String managedPolicyName)` Import a customer managed policy from the managedPolicyName.
`String`	`getDescription()` The description of this policy.
`PolicyDocument`	`getDocument()` The policy document.
`String`	`getManagedPolicyArn()` Returns the ARN of this managed policy.
`String`	`getManagedPolicyName()` The name of this policy.
`String`	`getPath()` The path of this policy.
`protected List<String>`	`validate()` Validate the current construct.

Methods inherited from class software.amazon.awscdk.core.Resource
applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource

Methods inherited from class software.amazon.awscdk.core.Construct
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize

Methods inherited from class software.constructs.Construct
toString

Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson

Methods inherited from interface software.amazon.awscdk.core.IConstruct
getNode

Constructor Detail

ManagedPolicy

protected ManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef)

ManagedPolicy

protected ManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

ManagedPolicy

@Stability(value=Stable)
public ManagedPolicy(@NotNull
                                              software.constructs.Construct scope,
                                              @NotNull
                                              String id,
                                              @Nullable
                                              ManagedPolicyProps props)

Parameters:: scope - This parameter is required.; id - This parameter is required.; props -

ManagedPolicy

@Stability(value=Stable)
public ManagedPolicy(@NotNull
                                              software.constructs.Construct scope,
                                              @NotNull
                                              String id)

Parameters:: scope - This parameter is required.; id - This parameter is required.

Method Detail

fromAwsManagedPolicyName
```
@Stability(value=Stable)
 @NotNull
public static IManagedPolicy fromAwsManagedPolicyName(@NotNull
                                                                                         String managedPolicyName)
```
Import a managed policy from one of the policies that AWS manages.
For this managed policy, you only need to know the name to be able to use it.
Some managed policy names start with "service-role/", some start with "job-function/", and some don't start with anything. Include the prefix when constructing this object.

Parameters:

managedPolicyName - This parameter is required.

fromManagedPolicyArn
```
@Stability(value=Stable)
 @NotNull
public static IManagedPolicy fromManagedPolicyArn(@NotNull
                                                                                     software.constructs.Construct scope,
                                                                                     @NotNull
                                                                                     String id,
                                                                                     @NotNull
                                                                                     String managedPolicyArn)
```
Import an external managed policy by ARN.
For this managed policy, you only need to know the ARN to be able to use it. This can be useful if you got the ARN from a CloudFormation Export.
If the imported Managed Policy ARN is a Token (such as a CfnParameter.valueAsString or a Fn.importValue()) and the referenced managed policy has a path (like arn:...:policy/AdminPolicy/AdminAllow), the managedPolicyName property will not resolve to the correct value. Instead it will resolve to the first path component. We unfortunately cannot express the correct calculation of the full path name as a CloudFormation expression. In this scenario the Managed Policy ARN should be supplied without the path in order to resolve the correct managed policy resource.

Parameters:

scope - construct scope. This parameter is required.

id - construct id. This parameter is required.

managedPolicyArn - the ARN of the managed policy to import. This parameter is required.

fromManagedPolicyName

@Stability(value=Stable)
 @NotNull
public static IManagedPolicy fromManagedPolicyName(@NotNull
                                                                                      software.constructs.Construct scope,
                                                                                      @NotNull
                                                                                      String id,
                                                                                      @NotNull
                                                                                      String managedPolicyName)

Import a customer managed policy from the managedPolicyName.

For this managed policy, you only need to know the name to be able to use it.

Parameters:: scope - This parameter is required.; id - This parameter is required.; managedPolicyName - This parameter is required.

addStatements

@Stability(value=Stable)
public void addStatements(@NotNull
                                                   PolicyStatement... statement)

Adds a statement to the policy document.

Parameters:: statement - This parameter is required.

attachToGroup

@Stability(value=Stable)
public void attachToGroup(@NotNull
                                                   IGroup group)

Attaches this policy to a group.

Parameters:: group - This parameter is required.

attachToRole

@Stability(value=Stable)
public void attachToRole(@NotNull
                                                  IRole role)

Attaches this policy to a role.

Parameters:: role - This parameter is required.

attachToUser

@Stability(value=Stable)
public void attachToUser(@NotNull
                                                  IUser user)

Attaches this policy to a user.

Parameters:: user - This parameter is required.

validate
```
@Stability(value=Stable)
 @NotNull
protected List<String> validate()
```
Validate the current construct.
This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.

Overrides:

validate in class Construct

Returns:

An array of validation error messages, or an empty array if the construct is valid.

getDescription

@Stability(value=Stable)
 @NotNull
public String getDescription()

The description of this policy.

getDocument

@Stability(value=Stable)
 @NotNull
public PolicyDocument getDocument()

The policy document.

getManagedPolicyArn
```
@Stability(value=Stable)
 @NotNull
public String getManagedPolicyArn()
```
Returns the ARN of this managed policy.

Specified by:

getManagedPolicyArn in interface IManagedPolicy

getManagedPolicyName

@Stability(value=Stable)
 @NotNull
public String getManagedPolicyName()

The name of this policy.

getPath

@Stability(value=Stable)
 @NotNull
public String getPath()

The path of this policy.

Class ManagedPolicy

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IManagedPolicy

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IResource

Constructor Summary

Method Summary

Methods inherited from class software.amazon.awscdk.core.Resource

Methods inherited from class software.amazon.awscdk.core.Construct

Methods inherited from class software.constructs.Construct

Methods inherited from class software.amazon.jsii.JsiiObject

Methods inherited from class java.lang.Object

Methods inherited from interface software.amazon.jsii.JsiiSerializable

Methods inherited from interface software.amazon.awscdk.core.IConstruct

Constructor Detail

ManagedPolicy

ManagedPolicy

ManagedPolicy

ManagedPolicy

Method Detail

fromAwsManagedPolicyName

fromManagedPolicyArn

fromManagedPolicyName

addStatements

attachToGroup

attachToRole

attachToUser

validate

getDescription

getDocument

getManagedPolicyArn

getManagedPolicyName

getPath