Class Policy
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.Resource
software.amazon.awscdk.services.iam.Policy
- All Implemented Interfaces:
IConstruct
,IDependable
,IResource
,IPolicy
,software.amazon.jsii.JsiiSerializable
,software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:29:57.353Z")
@Stability(Stable)
public class Policy
extends Resource
implements IPolicy
The AWS::IAM::Policy resource associates an IAM policy with IAM users, roles, or groups.
For more information about IAM policies, see Overview of IAM Policies in the IAM User Guide guide.
Example:
Function postAuthFn; UserPool userpool = UserPool.Builder.create(this, "myuserpool") .lambdaTriggers(UserPoolTriggers.builder() .postAuthentication(postAuthFn) .build()) .build(); // provide permissions to describe the user pool scoped to the ARN the user pool postAuthFn.role.attachInlinePolicy(Policy.Builder.create(this, "userpool-policy") .statements(List.of(PolicyStatement.Builder.create() .actions(List.of("cognito-idp:DescribeUserPool")) .resources(List.of(userpool.getUserPoolArn())) .build())) .build());
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct
IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IPolicy
IPolicy.Jsii$Default, IPolicy.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IResource
IResource.Jsii$Default
-
Constructor Summary
ModifierConstructorDescriptionprotected
Policy
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
Policy
(software.amazon.jsii.JsiiObjectRef objRef) Policy
(software.constructs.Construct scope, String id, PolicyProps props) -
Method Summary
Modifier and TypeMethodDescriptionvoid
addStatements
(@NotNull PolicyStatement... statement) Adds a statement to the policy document.void
attachToGroup
(IGroup group) Attaches this policy to a group.void
attachToRole
(IRole role) Attaches this policy to a role.void
attachToUser
(IUser user) Attaches this policy to a user.static IPolicy
fromPolicyName
(software.constructs.Construct scope, String id, String policyName) Import a policy in this app based on its name.The policy document.The name of this policy.validate()
Validate the current construct.Methods inherited from class software.amazon.awscdk.core.Resource
applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource
Methods inherited from class software.amazon.awscdk.core.Construct
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize
Methods inherited from class software.constructs.Construct
toString
Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.awscdk.core.IConstruct
getNode
Methods inherited from interface software.amazon.awscdk.core.IResource
applyRemovalPolicy, getEnv, getStack
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Constructor Details
-
Policy
protected Policy(software.amazon.jsii.JsiiObjectRef objRef) -
Policy
protected Policy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
Policy
@Stability(Stable) public Policy(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable PolicyProps props) - Parameters:
scope
- This parameter is required.id
- This parameter is required.props
-
-
Policy
- Parameters:
scope
- This parameter is required.id
- This parameter is required.
-
-
Method Details
-
fromPolicyName
@Stability(Stable) @NotNull public static IPolicy fromPolicyName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String policyName) Import a policy in this app based on its name.- Parameters:
scope
- This parameter is required.id
- This parameter is required.policyName
- This parameter is required.
-
addStatements
Adds a statement to the policy document.- Parameters:
statement
- This parameter is required.
-
attachToGroup
Attaches this policy to a group.- Parameters:
group
- This parameter is required.
-
attachToRole
Attaches this policy to a role.- Parameters:
role
- This parameter is required.
-
attachToUser
Attaches this policy to a user.- Parameters:
user
- This parameter is required.
-
validate
Validate the current construct.This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.
-
getDocument
The policy document. -
getPolicyName
The name of this policy.- Specified by:
getPolicyName
in interfaceIPolicy
-