Interface PolicyDocumentProps

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
PolicyDocumentProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.97.0 (build 729de35)", date="2024-04-18T17:54:18.112Z") @Stability(Stable) public interface PolicyDocumentProps extends software.amazon.jsii.JsiiSerializable
Properties for a new PolicyDocument.

Example:

 import software.amazon.awscdk.services.iam.*;
 PolicyDocument myFileSystemPolicy = PolicyDocument.Builder.create()
         .statements(List.of(PolicyStatement.Builder.create()
                 .actions(List.of("elasticfilesystem:ClientWrite", "elasticfilesystem:ClientMount"))
                 .principals(List.of(new AccountRootPrincipal()))
                 .resources(List.of("*"))
                 .conditions(Map.of(
                         "Bool", Map.of(
                                 "elasticfilesystem:AccessedViaMountTarget", "true")))
                 .build()))
         .build();
 FileSystem fileSystem = FileSystem.Builder.create(this, "MyEfsFileSystem")
         .vpc(new Vpc(this, "VPC"))
         .fileSystemPolicy(myFileSystemPolicy)
         .build();
 
  • Method Details

    • getAssignSids

      @Stability(Stable) @Nullable default Boolean getAssignSids()
      Automatically assign Statement Ids to all statements.

      Default: false

    • getMinimize

      @Stability(Stable) @Nullable default Boolean getMinimize()
      Try to minimize the policy by merging statements.

      To avoid overrunning the maximum policy size, combine statements if they produce the same result. Merging happens according to the following rules:

      • The Effect of both statements is the same
      • Neither of the statements have a 'Sid'
      • Combine Principals if the rest of the statement is exactly the same.
      • Combine Resources if the rest of the statement is exactly the same.
      • Combine Actions if the rest of the statement is exactly the same.
      • We will never combine NotPrincipals, NotResources or NotActions, because doing so would change the meaning of the policy document.

      Default: - false, unless the feature flag `@aws-cdk/aws-iam:minimizePolicies` is set

    • getStatements

      @Stability(Stable) @Nullable default List<PolicyStatement> getStatements()
      Initial statements to add to the policy document.

      Default: - No statements

    • builder

      @Stability(Stable) static PolicyDocumentProps.Builder builder()
      Returns:
      a PolicyDocumentProps.Builder of PolicyDocumentProps