@Generated(value="jsii-pacmak/1.63.2 (build a8a8833)",
date="2022-08-02T20:25:25.882Z")
public class PolicyDocument
extends software.amazon.jsii.JsiiObject
implements IResolvable
Example:
IRole myTrustedAdminRole = Role.fromRoleArn(this, "TrustedRole", "arn:aws:iam:....");
// Creates a limited admin policy and assigns to the account root.
PolicyDocument myCustomPolicy = PolicyDocument.Builder.create()
.statements(List.of(PolicyStatement.Builder.create()
.actions(List.of("kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*"))
.principals(List.of(new AccountRootPrincipal()))
.resources(List.of("*"))
.build()))
.build();
Key key = Key.Builder.create(this, "MyKey")
.policy(myCustomPolicy)
.build();
| Modifier and Type | Class and Description |
|---|---|
static class |
PolicyDocument.Builder
A fluent builder for
PolicyDocument. |
IResolvable.Jsii$Default, IResolvable.Jsii$Proxy| Modifier | Constructor and Description |
|---|---|
|
PolicyDocument() |
protected |
PolicyDocument(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
PolicyDocument(software.amazon.jsii.JsiiObjectRef objRef) |
| Modifier and Type | Method and Description |
|---|---|
void |
addStatements(PolicyStatement... statement)
Adds a statement to the policy document.
|
static PolicyDocument |
fromJson(java.lang.Object obj)
Creates a new PolicyDocument based on the object provided.
|
java.util.List<java.lang.String> |
getCreationStack()
The creation stack of this resolvable which will be appended to errors thrown during resolution.
|
java.lang.Boolean |
getIsEmpty()
Whether the policy document contains any statements.
|
java.lang.Number |
getStatementCount()
The number of statements already added to this policy.
|
java.lang.Object |
resolve(IResolveContext context)
Produce the Token's value at resolution time.
|
java.lang.Object |
toJSON()
JSON-ify the document.
|
java.lang.String |
toString()
Encode the policy document as a string.
|
java.util.List<java.lang.String> |
validateForAnyPolicy()
Validate that all policy statements in the policy document satisfies the requirements for any policy.
|
java.util.List<java.lang.String> |
validateForIdentityPolicy()
Validate that all policy statements in the policy document satisfies the requirements for an identity-based policy.
|
java.util.List<java.lang.String> |
validateForResourcePolicy()
Validate that all policy statements in the policy document satisfies the requirements for a resource-based policy.
|
protected PolicyDocument(software.amazon.jsii.JsiiObjectRef objRef)
protected PolicyDocument(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public PolicyDocument()
public static PolicyDocument fromJson(java.lang.Object obj)
This will accept an object created from the .toJSON() call
obj - the PolicyDocument in object form. This parameter is required.public void addStatements(PolicyStatement... statement)
statement - the statement to add. This parameter is required.public java.lang.Object resolve(IResolveContext context)
resolve in interface IResolvablecontext - This parameter is required.public java.lang.Object toJSON()
Used when JSON.stringify() is called
public java.lang.String toString()
toString in interface IResolvablepublic java.util.List<java.lang.String> validateForAnyPolicy()
public java.util.List<java.lang.String> validateForIdentityPolicy()
public java.util.List<java.lang.String> validateForResourcePolicy()
public java.util.List<java.lang.String> getCreationStack()
This may return an array with a single informational element indicating how to get this property populated, if it was skipped for performance reasons.
getCreationStack in interface IResolvablepublic java.lang.Boolean getIsEmpty()
public java.lang.Number getStatementCount()
Can be used, for example, to generate unique "sid"s within the policy.