Package software.amazon.awscdk.services.iam

Class Policy

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.Resource
software.amazon.awscdk.services.iam.Policy
All Implemented Interfaces:
IResource, IGrantable, IPolicy, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.92.0 (build db7f27d)", date="2023-12-06T04:49:39.572Z") @Stability(Stable) public class Policy extends Resource implements IPolicy, IGrantable
The AWS::IAM::Policy resource associates an IAM policy with IAM users, roles, or groups.

For more information about IAM policies, see Overview of IAM Policies in the IAM User Guide guide.

Example: 

 Resource books;
 User iamUser;
 Method getBooks = books.addMethod("GET", new HttpIntegration("http://amazon.com"), MethodOptions.builder()
         .authorizationType(AuthorizationType.IAM)
         .build());
 iamUser.attachInlinePolicy(Policy.Builder.create(this, "AllowBooks")
         .statements(List.of(
             PolicyStatement.Builder.create()
                     .actions(List.of("execute-api:Invoke"))
                     .effect(Effect.ALLOW)
                     .resources(List.of(getBooks.getMethodArn()))
                     .build()))
         .build());

  • Constructor Details

    • Policy

      protected Policy(software.amazon.jsii.JsiiObjectRef objRef)

    • Policy

      protected Policy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • Policy

      @Stability(Stable) public Policy(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable PolicyProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props -

    • Policy

      @Stability(Stable) public Policy(@NotNull software.constructs.Construct scope, @NotNull String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.

  • Method Details

    • fromPolicyName

      @Stability(Stable) @NotNull public static IPolicy fromPolicyName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String policyName)
      Import a policy in this app based on its name.

      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      policyName - This parameter is required.

    • addStatements

      @Stability(Stable) public void addStatements(@NotNull @NotNull PolicyStatement... statement)
      Adds a statement to the policy document.

      Parameters:
      statement - This parameter is required.

    • attachToGroup

      @Stability(Stable) public void attachToGroup(@NotNull IGroup group)
      Attaches this policy to a group.

      Parameters:
      group - This parameter is required.

    • attachToRole

      @Stability(Stable) public void attachToRole(@NotNull IRole role)
      Attaches this policy to a role.

      Parameters:
      role - This parameter is required.

    • attachToUser

      @Stability(Stable) public void attachToUser(@NotNull IUser user)
      Attaches this policy to a user.

      Parameters:
      user - This parameter is required.

    • getDocument

      @Stability(Stable) @NotNull public PolicyDocument getDocument()
      The policy document.

    • getGrantPrincipal

      @Stability(Stable) @NotNull public IPrincipal getGrantPrincipal()
      The principal to grant permissions to.
      Specified by:
      getGrantPrincipal in interface IGrantable

    • getPolicyName

      @Stability(Stable) @NotNull public String getPolicyName()
      The name of this policy.
      Specified by:
      getPolicyName in interface IPolicy