@Generated(value="jsii-pacmak/1.63.2 (build a8a8833)", date="2022-08-02T20:25:25.882Z") public class PolicyDocument extends software.amazon.jsii.JsiiObject implements IResolvable
Example:
IRole myTrustedAdminRole = Role.fromRoleArn(this, "TrustedRole", "arn:aws:iam:...."); // Creates a limited admin policy and assigns to the account root. PolicyDocument myCustomPolicy = PolicyDocument.Builder.create() .statements(List.of(PolicyStatement.Builder.create() .actions(List.of("kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*")) .principals(List.of(new AccountRootPrincipal())) .resources(List.of("*")) .build())) .build(); Key key = Key.Builder.create(this, "MyKey") .policy(myCustomPolicy) .build();
Modifier and Type | Class and Description |
---|---|
static class |
PolicyDocument.Builder
A fluent builder for
PolicyDocument . |
IResolvable.Jsii$Default, IResolvable.Jsii$Proxy
Modifier | Constructor and Description |
---|---|
|
PolicyDocument() |
protected |
PolicyDocument(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
PolicyDocument(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
void |
addStatements(PolicyStatement... statement)
Adds a statement to the policy document.
|
static PolicyDocument |
fromJson(java.lang.Object obj)
Creates a new PolicyDocument based on the object provided.
|
java.util.List<java.lang.String> |
getCreationStack()
The creation stack of this resolvable which will be appended to errors thrown during resolution.
|
java.lang.Boolean |
getIsEmpty()
Whether the policy document contains any statements.
|
java.lang.Number |
getStatementCount()
The number of statements already added to this policy.
|
java.lang.Object |
resolve(IResolveContext context)
Produce the Token's value at resolution time.
|
java.lang.Object |
toJSON()
JSON-ify the document.
|
java.lang.String |
toString()
Encode the policy document as a string.
|
java.util.List<java.lang.String> |
validateForAnyPolicy()
Validate that all policy statements in the policy document satisfies the requirements for any policy.
|
java.util.List<java.lang.String> |
validateForIdentityPolicy()
Validate that all policy statements in the policy document satisfies the requirements for an identity-based policy.
|
java.util.List<java.lang.String> |
validateForResourcePolicy()
Validate that all policy statements in the policy document satisfies the requirements for a resource-based policy.
|
protected PolicyDocument(software.amazon.jsii.JsiiObjectRef objRef)
protected PolicyDocument(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public PolicyDocument()
public static PolicyDocument fromJson(java.lang.Object obj)
This will accept an object created from the .toJSON()
call
obj
- the PolicyDocument in object form. This parameter is required.public void addStatements(PolicyStatement... statement)
statement
- the statement to add. This parameter is required.public java.lang.Object resolve(IResolveContext context)
resolve
in interface IResolvable
context
- This parameter is required.public java.lang.Object toJSON()
Used when JSON.stringify() is called
public java.lang.String toString()
toString
in interface IResolvable
public java.util.List<java.lang.String> validateForAnyPolicy()
public java.util.List<java.lang.String> validateForIdentityPolicy()
public java.util.List<java.lang.String> validateForResourcePolicy()
public java.util.List<java.lang.String> getCreationStack()
This may return an array with a single informational element indicating how to get this property populated, if it was skipped for performance reasons.
getCreationStack
in interface IResolvable
public java.lang.Boolean getIsEmpty()
public java.lang.Number getStatementCount()
Can be used, for example, to generate unique "sid"s within the policy.