@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)",
date="2023-03-22T19:35:36.650Z")
public interface PolicyStatementProps
Example:
// Add gateway endpoints when creating the VPC
Vpc vpc = Vpc.Builder.create(this, "MyVpc")
.gatewayEndpoints(Map.of(
"S3", GatewayVpcEndpointOptions.builder()
.service(GatewayVpcEndpointAwsService.S3)
.build()))
.build();
// Alternatively gateway endpoints can be added on the VPC
GatewayVpcEndpoint dynamoDbEndpoint = vpc.addGatewayEndpoint("DynamoDbEndpoint", GatewayVpcEndpointOptions.builder()
.service(GatewayVpcEndpointAwsService.DYNAMODB)
.build());
// This allows to customize the endpoint policy
dynamoDbEndpoint.addToPolicy(
PolicyStatement.Builder.create() // Restrict to listing and describing tables
.principals(List.of(new AnyPrincipal()))
.actions(List.of("dynamodb:DescribeTable", "dynamodb:ListTables"))
.resources(List.of("*")).build());
// Add an interface endpoint
vpc.addInterfaceEndpoint("EcrDockerEndpoint", InterfaceVpcEndpointOptions.builder()
.service(InterfaceVpcEndpointAwsService.ECR_DOCKER)
.build());
| Modifier and Type | Interface and Description |
|---|---|
static class |
PolicyStatementProps.Builder
A builder for
PolicyStatementProps |
static class |
PolicyStatementProps.Jsii$Proxy
An implementation for
PolicyStatementProps |
| Modifier and Type | Method and Description |
|---|---|
static PolicyStatementProps.Builder |
builder() |
default java.util.List<java.lang.String> |
getActions()
List of actions to add to the statement.
|
default java.util.Map<java.lang.String,java.lang.Object> |
getConditions()
Conditions to add to the statement.
|
default Effect |
getEffect()
Whether to allow or deny the actions in this statement.
|
default java.util.List<java.lang.String> |
getNotActions()
List of not actions to add to the statement.
|
default java.util.List<IPrincipal> |
getNotPrincipals()
List of not principals to add to the statement.
|
default java.util.List<java.lang.String> |
getNotResources()
NotResource ARNs to add to the statement.
|
default java.util.List<IPrincipal> |
getPrincipals()
List of principals to add to the statement.
|
default java.util.List<java.lang.String> |
getResources()
Resource ARNs to add to the statement.
|
default java.lang.String |
getSid()
The Sid (statement ID) is an optional identifier that you provide for the policy statement.
|
default java.util.List<java.lang.String> getActions()
Default: - no actions
default java.util.Map<java.lang.String,java.lang.Object> getConditions()
Default: - no condition
default Effect getEffect()
Default: Effect.ALLOW
default java.util.List<java.lang.String> getNotActions()
Default: - no not-actions
default java.util.List<IPrincipal> getNotPrincipals()
Default: - no not principals
default java.util.List<java.lang.String> getNotResources()
Default: - no not-resources
default java.util.List<IPrincipal> getPrincipals()
Default: - no principals
default java.util.List<java.lang.String> getResources()
Default: - no resources
default java.lang.String getSid()
You can assign a Sid value to each statement in a statement array. In services that let you specify an ID element, such as SQS and SNS, the Sid value is just a sub-ID of the policy document's ID. In IAM, the Sid value must be unique within a JSON policy.
Default: - no sid
static PolicyStatementProps.Builder builder()
PolicyStatementProps.Builder of PolicyStatementProps