software.amazon.awscdk.services.iam

Class Policy

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.Resource

software.amazon.awscdk.services.iam.Policy

All Implemented Interfaces:

IDependable, IResource, IPolicy, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct

@Generated(value="jsii-pacmak/1.70.0 (build 03c2f6f)",
           date="2022-11-01T13:16:50.132Z")
 @Stability(value=Experimental)
public class Policy
extends Resource
implements IPolicy

(experimental) The AWS::IAM::Policy resource associates an IAM policy with IAM users, roles, or groups.

For more information about IAM policies, see Overview of IAM Policies in the IAM User Guide guide.

Example:

 Function postAuthFn;
 UserPool userpool = UserPool.Builder.create(this, "myuserpool")
         .lambdaTriggers(UserPoolTriggers.builder()
                 .postAuthentication(postAuthFn)
                 .build())
         .build();
 // provide permissions to describe the user pool scoped to the ARN the user pool
 postAuthFn.role.attachInlinePolicy(Policy.Builder.create(this, "userpool-policy")
         .statements(List.of(PolicyStatement.Builder.create()
                 .actions(List.of("cognito-idp:DescribeUserPool"))
                 .resources(List.of(userpool.getUserPoolArn()))
                 .build()))
         .build());
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	Policy.Builder (experimental) A fluent builder for Policy.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IPolicy

IPolicy.Jsii$Default, IPolicy.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor and Description
	Policy(software.constructs.Construct scope, String id)
	Policy(software.constructs.Construct scope, String id, PolicyProps props)
protected	Policy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	Policy(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
void	addStatements(PolicyStatement... statement) (experimental) Adds a statement to the policy document.
void	attachToGroup(IGroup group) (experimental) Attaches this policy to a group.
void	attachToRole(IRole role) (experimental) Attaches this policy to a role.
void	attachToUser(IUser user) (experimental) Attaches this policy to a user.
static IPolicy	fromPolicyName(software.constructs.Construct scope, String id, String policyName) (experimental) Import a policy in this app based on its name.
PolicyDocument	getDocument() (experimental) The policy document.
String	getPolicyName() (experimental) The name of this policy.
protected List<String>	validate() (experimental) Validate the current construct.

Methods inherited from class software.amazon.awscdk.core.Resource

applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize

Methods inherited from class software.constructs.Construct

toString

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.core.IResource

applyRemovalPolicy, getEnv, getStack

Methods inherited from interface software.amazon.awscdk.core.IConstruct

getNode

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Constructor Detail

Policy

protected Policy(software.amazon.jsii.JsiiObjectRef objRef)

Policy

protected Policy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

Policy

@Stability(value=Experimental)
public Policy(@NotNull
                                             software.constructs.Construct scope,
                                             @NotNull
                                             String id,
                                             @Nullable
                                             PolicyProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props -

Policy

@Stability(value=Experimental)
public Policy(@NotNull
                                             software.constructs.Construct scope,
                                             @NotNull
                                             String id)

Parameters:

scope - This parameter is required.

id - This parameter is required.

Method Detail

fromPolicyName

@Stability(value=Experimental)
 @NotNull
public static IPolicy fromPolicyName(@NotNull
                                                                              software.constructs.Construct scope,
                                                                              @NotNull
                                                                              String id,
                                                                              @NotNull
                                                                              String policyName)

(experimental) Import a policy in this app based on its name.

Parameters:

scope - This parameter is required.

id - This parameter is required.

policyName - This parameter is required.

addStatements

@Stability(value=Experimental)
public void addStatements(@NotNull
                                                         PolicyStatement... statement)

(experimental) Adds a statement to the policy document.

Parameters:

statement - This parameter is required.

attachToGroup

@Stability(value=Experimental)
public void attachToGroup(@NotNull
                                                         IGroup group)

(experimental) Attaches this policy to a group.

Parameters:

group - This parameter is required.

attachToRole

@Stability(value=Experimental)
public void attachToRole(@NotNull
                                                        IRole role)

(experimental) Attaches this policy to a role.

Parameters:

role - This parameter is required.

attachToUser

@Stability(value=Experimental)
public void attachToUser(@NotNull
                                                        IUser user)

(experimental) Attaches this policy to a user.

Parameters:

user - This parameter is required.

validate

@Stability(value=Experimental)
 @NotNull
protected List<String> validate()

(experimental) Validate the current construct.

This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.

Overrides:

validate in class Construct

Returns:

An array of validation error messages, or an empty array if the construct is valid.

getDocument

@Stability(value=Experimental)
 @NotNull
public PolicyDocument getDocument()

(experimental) The policy document.

getPolicyName

@Stability(value=Experimental)
 @NotNull
public String getPolicyName()

(experimental) The name of this policy.

Specified by:

getPolicyName in interface IPolicy