Class Policy

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
All Implemented Interfaces:
IConstruct, IDependable, IResource, IPolicy, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:29:57.353Z") @Stability(Stable) public class Policy extends Resource implements IPolicy
The AWS::IAM::Policy resource associates an IAM policy with IAM users, roles, or groups.

For more information about IAM policies, see Overview of IAM Policies in the IAM User Guide guide.

Example:

 Function postAuthFn;
 UserPool userpool = UserPool.Builder.create(this, "myuserpool")
         .lambdaTriggers(UserPoolTriggers.builder()
                 .postAuthentication(postAuthFn)
                 .build())
         .build();
 // provide permissions to describe the user pool scoped to the ARN the user pool
 postAuthFn.role.attachInlinePolicy(Policy.Builder.create(this, "userpool-policy")
         .statements(List.of(PolicyStatement.Builder.create()
                 .actions(List.of("cognito-idp:DescribeUserPool"))
                 .resources(List.of(userpool.getUserPoolArn()))
                 .build()))
         .build());
 
  • Constructor Details

    • Policy

      protected Policy(software.amazon.jsii.JsiiObjectRef objRef)
    • Policy

      protected Policy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • Policy

      @Stability(Stable) public Policy(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable PolicyProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props -
    • Policy

      @Stability(Stable) public Policy(@NotNull software.constructs.Construct scope, @NotNull String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
  • Method Details

    • fromPolicyName

      @Stability(Stable) @NotNull public static IPolicy fromPolicyName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String policyName)
      Import a policy in this app based on its name.

      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      policyName - This parameter is required.
    • addStatements

      @Stability(Stable) public void addStatements(@NotNull @NotNull PolicyStatement... statement)
      Adds a statement to the policy document.

      Parameters:
      statement - This parameter is required.
    • attachToGroup

      @Stability(Stable) public void attachToGroup(@NotNull IGroup group)
      Attaches this policy to a group.

      Parameters:
      group - This parameter is required.
    • attachToRole

      @Stability(Stable) public void attachToRole(@NotNull IRole role)
      Attaches this policy to a role.

      Parameters:
      role - This parameter is required.
    • attachToUser

      @Stability(Stable) public void attachToUser(@NotNull IUser user)
      Attaches this policy to a user.

      Parameters:
      user - This parameter is required.
    • validate

      @Stability(Stable) @NotNull protected List<String> validate()
      Validate the current construct.

      This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.

      Overrides:
      validate in class Construct
      Returns:
      An array of validation error messages, or an empty array if the construct is valid.
    • getDocument

      @Stability(Stable) @NotNull public PolicyDocument getDocument()
      The policy document.
    • getPolicyName

      @Stability(Stable) @NotNull public String getPolicyName()
      The name of this policy.
      Specified by:
      getPolicyName in interface IPolicy