Class CfnPolicy
Adds or updates an inline policy document that is embedded in the specified IAM group, user or role.
Inherited Members
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnPolicy : CfnResource, IInspectable, IPolicyRef, IConstruct, IDependable, IEnvironmentAwareSyntax (vb)
Public Class CfnPolicy Inherits CfnResource Implements IInspectable, IPolicyRef, IConstruct, IDependable, IEnvironmentAwareRemarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.IAM;
var policyDocument;
var cfnPolicy = new CfnPolicy(this, "MyCfnPolicy", new CfnPolicyProps {
PolicyDocument = policyDocument,
PolicyName = "policyName",
// the properties below are optional
Groups = new [] { "groups" },
Roles = new [] { "roles" },
Users = new [] { "users" }
});Synopsis
Constructors
| CfnPolicy(Construct, string, ICfnPolicyProps) | Create a new |
Properties
| AttrId | The stable and unique string identifying the policy. |
| CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
| CfnProperties | Adds or updates an inline policy document that is embedded in the specified IAM group, user or role. |
| Groups | The name of the group to associate the policy with. |
| PolicyDocument | The policy document. |
| PolicyName | The name of the policy document. |
| PolicyRef | A reference to a Policy resource. |
| Roles | The name of the role to associate the policy with. |
| Users | The name of the user to associate the policy with. |
Methods
| Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
| IsCfnPolicy(object) | Checks whether the given object is a CfnPolicy. |
| RenderProperties(IDictionary<string, object>) | Adds or updates an inline policy document that is embedded in the specified IAM group, user or role. |
Constructors
CfnPolicy(Construct, string, ICfnPolicyProps)
Create a new AWS::IAM::Policy.
public CfnPolicy(Construct scope, string id, ICfnPolicyProps props)Parameters
- scope Construct
Scope in which this resource is defined.
- id string
Construct identifier for this resource (unique in its scope).
- props ICfnPolicyProps
Resource properties.
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
Properties
AttrId
The stable and unique string identifying the policy.
public virtual string AttrId { get; }Property Value
Remarks
For more information about IDs, see IAM identifiers in the IAM User Guide .
CloudformationAttribute: Id
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }Property Value
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
CfnProperties
Adds or updates an inline policy document that is embedded in the specified IAM group, user or role.
protected override IDictionary<string, object> CfnProperties { get; }Property Value
Overrides
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
Groups
The name of the group to associate the policy with.
public virtual string[]? Groups { get; set; }Property Value
string[]
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
PolicyDocument
The policy document.
public virtual object PolicyDocument { get; set; }Property Value
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
PolicyName
The name of the policy document.
public virtual string PolicyName { get; set; }Property Value
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
PolicyRef
A reference to a Policy resource.
public virtual IPolicyReference PolicyRef { get; }Property Value
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
Roles
The name of the role to associate the policy with.
public virtual string[]? Roles { get; set; }Property Value
string[]
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
Users
The name of the user to associate the policy with.
public virtual string[]? Users { get; set; }Property Value
string[]
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
IsCfnPolicy(object)
Checks whether the given object is a CfnPolicy.
public static bool IsCfnPolicy(object x)Parameters
- x object
Returns
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated
RenderProperties(IDictionary<string, object>)
Adds or updates an inline policy document that is embedded in the specified IAM group, user or role.
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)Parameters
- props IDictionary<string, object>
Returns
Overrides
Remarks
An IAM user can also have a managed policy attached to it. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide .
The Groups, Roles, and Users properties are optional. However, you must specify at least one of these properties.
For information about policy documents, see Creating IAM policies in the IAM User Guide .
For information about limits on the number of inline policies that you can embed in an identity, see Limitations on IAM Entities in the IAM User Guide .
This resource does not support <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html">drift detection</a> . The following inline policy resource types support drift detection:
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html
CloudformationResource: AWS::IAM::Policy
ExampleMetadata: fixture=_generated