You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::IAM::Policy
- Inherits:
-
Resources::Resource
- Object
- Resources::Resource
- Aws::IAM::Policy
- Defined in:
- (unknown)
Instance Attribute Summary collapse
-
#arn ⇒ String
readonly
-
#attachment_count ⇒ Integer
readonly
The number of entities (users, groups, and roles) that the policy is attached to.
-
#create_date ⇒ Time
readonly
The date and time, in [ISO 8601 date-time format][1], when the policy was created.
-
#default_version_id ⇒ String
readonly
The identifier for the version of the policy that is set as the default version.
-
#description ⇒ String
readonly
A friendly description of the policy.
-
#is_attachable ⇒ Boolean
readonly
Specifies whether the policy can be attached to an IAM user, group, or role.
-
#path ⇒ String
readonly
The path to the policy.
-
#permissions_boundary_usage_count ⇒ Integer
readonly
The number of entities (users and roles) for which the policy is used to set the permissions boundary.
-
#policy_id ⇒ String
readonly
The stable and unique string identifying the policy.
-
#policy_name ⇒ String
readonly
The friendly name (not ARN) identifying the policy.
-
#update_date ⇒ Time
readonly
The date and time, in [ISO 8601 date-time format][1], when the policy was last updated.
Attributes inherited from Resources::Resource
Instance Method Summary collapse
-
#attach_group(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified IAM group.
You use this API to attach a managed policy to a group.
-
#attach_role(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified IAM role.
-
#attach_user(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified user.
You use this API to attach a managed policy to a user.
-
#attached_groups(options = {}) ⇒ Collection<Group>
Returns a Collection of Group resources.
-
#attached_roles(options = {}) ⇒ Collection<Role>
Returns a Collection of Role resources.
-
#attached_users(options = {}) ⇒ Collection<User>
Returns a Collection of User resources.
-
#create_version(options = {}) ⇒ PolicyVersion
-
#default_version ⇒ PolicyVersion?
-
#delete ⇒ Struct
Deletes the specified managed policy.
Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that it is attached to.
-
#detach_group(options = {}) ⇒ Struct
Removes the specified managed policy from the specified IAM group.
A group can also have inline policies embedded with it.
-
#detach_role(options = {}) ⇒ Struct
Removes the specified managed policy from the specified role.
A role can also have inline policies embedded with it.
-
#detach_user(options = {}) ⇒ Struct
Removes the specified managed policy from the specified user.
A user can also have inline policies embedded with it.
-
#initialize ⇒ Object
constructor
-
#versions(options = {}) ⇒ Collection<PolicyVersion>
Returns a Collection of PolicyVersion resources.
Methods inherited from Resources::Resource
add_data_attribute, add_identifier, #data, data_attributes, #data_loaded?, identifiers, #load, #wait_until
Methods included from Resources::OperationMethods
#add_batch_operation, #add_operation, #batch_operation, #batch_operation_names, #batch_operations, #operation, #operation_names, #operations
Constructor Details
#initialize(arn, options = {}) ⇒ Object #initialize(options = {}) ⇒ Object
Instance Attribute Details
#arn ⇒ String (readonly)
#attachment_count ⇒ Integer (readonly)
The number of entities (users, groups, and roles) that the policy is attached to.
#create_date ⇒ Time (readonly)
The date and time, in ISO 8601 date-time format, when the policy was created.
#default_version_id ⇒ String (readonly)
The identifier for the version of the policy that is set as the default version.
#description ⇒ String (readonly)
A friendly description of the policy.
This element is included in the response to the GetPolicy operation. It is not included in the response to the ListPolicies operation.
#is_attachable ⇒ Boolean (readonly)
Specifies whether the policy can be attached to an IAM user, group, or role.
#path ⇒ String (readonly)
The path to the policy.
For more information about paths, see IAM Identifiers in the IAM User Guide.
#permissions_boundary_usage_count ⇒ Integer (readonly)
The number of entities (users and roles) for which the policy is used to set the permissions boundary.
For more information about permissions boundaries, see Permissions Boundaries for IAM Identities in the IAM User Guide.
#policy_id ⇒ String (readonly)
The stable and unique string identifying the policy.
For more information about IDs, see IAM Identifiers in the IAM User Guide.
#policy_name ⇒ String (readonly)
The friendly name (not ARN) identifying the policy.
#update_date ⇒ Time (readonly)
The date and time, in ISO 8601 date-time format, when the policy was last updated.
When a policy has only one version, this field contains the date and time when the policy was created. When a policy has more than one version, this field contains the date and time when the most recent policy version was created.
Instance Method Details
#attach_group(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified IAM group.
You use this API to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy.
For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#attach_role(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.
You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.
Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#attach_user(options = {}) ⇒ Struct
Attaches the specified managed policy to the specified user.
You use this API to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy.
For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#attached_groups(options = {}) ⇒ Collection<Group>
Returns a Collection of Group resources. No API requests are made until you call an enumerable method on the collection. Client#list_entities_for_policy will be called multiple times until every Group has been yielded.
#attached_roles(options = {}) ⇒ Collection<Role>
Returns a Collection of Role resources. No API requests are made until you call an enumerable method on the collection. Client#list_entities_for_policy will be called multiple times until every Role has been yielded.
#attached_users(options = {}) ⇒ Collection<User>
Returns a Collection of User resources. No API requests are made until you call an enumerable method on the collection. Client#list_entities_for_policy will be called multiple times until every User has been yielded.
#create_version(options = {}) ⇒ PolicyVersion
#default_version ⇒ PolicyVersion?
#delete ⇒ Struct
Deletes the specified managed policy.
Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that it is attached to. In addition, you must delete all the policy's versions. The following steps describe the process for deleting a managed policy:
-
Detach the policy from all users, groups, and roles that the policy is attached to, using the DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy API operations. To list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.
-
Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the default version. You delete the policy's default version in the next step of the process.
-
Delete the policy (this automatically deletes the policy's default version) using this API.
For information about managed policies, see Managed Policies and Inline Policies in the IAM User Guide.
#detach_group(options = {}) ⇒ Struct
Removes the specified managed policy from the specified IAM group.
A group can also have inline policies embedded with it. To delete an inline policy, use the DeleteGroupPolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#detach_role(options = {}) ⇒ Struct
Removes the specified managed policy from the specified role.
A role can also have inline policies embedded with it. To delete an inline policy, use the DeleteRolePolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#detach_user(options = {}) ⇒ Struct
Removes the specified managed policy from the specified user.
A user can also have inline policies embedded with it. To delete an inline policy, use the DeleteUserPolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide.
#versions(options = {}) ⇒ Collection<PolicyVersion>
Returns a Collection of Aws::IAM::PolicyVersion resources. No API requests are made until you call an enumerable method on the collection. Client#list_policy_versions will be called multiple times until every Aws::IAM::PolicyVersion has been yielded.