Package software.amazon.awscdk.services.iam

Class ManagedPolicy

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.Resource
software.amazon.awscdk.services.iam.ManagedPolicy
All Implemented Interfaces:
IConstruct, IDependable, IResource, IManagedPolicy, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct
Direct Known Subclasses:
UntrustedCodeBoundaryPolicy
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:29:57.328Z") @Stability(Stable) public class ManagedPolicy extends Resource implements IManagedPolicy
Managed policy.

Example: 

 Role myRole = Role.Builder.create(this, "My Role")
         .assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
         .build();
 Function fn = Function.Builder.create(this, "MyFunction")
         .runtime(Runtime.NODEJS_16_X)
         .handler("index.handler")
         .code(Code.fromAsset(join(__dirname, "lambda-handler")))
         .role(myRole)
         .build();
 myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaBasicExecutionRole"));
 myRole.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaVPCAccessExecutionRole"));

  • Constructor Details

    • ManagedPolicy

      protected ManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef)

    • ManagedPolicy

      protected ManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • ManagedPolicy

      @Stability(Stable) public ManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable ManagedPolicyProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props -

    • ManagedPolicy

      @Stability(Stable) public ManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.

  • Method Details

    • fromAwsManagedPolicyName

      @Stability(Stable) @NotNull public static IManagedPolicy fromAwsManagedPolicyName(@NotNull String managedPolicyName)
      Import a managed policy from one of the policies that AWS manages.

      For this managed policy, you only need to know the name to be able to use it.

      Some managed policy names start with "service-role/", some start with "job-function/", and some don't start with anything. Include the prefix when constructing this object.

      Parameters:
      managedPolicyName - This parameter is required.

    • fromManagedPolicyArn

      @Stability(Stable) @NotNull public static IManagedPolicy fromManagedPolicyArn(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String managedPolicyArn)
      Import an external managed policy by ARN.

      For this managed policy, you only need to know the ARN to be able to use it. This can be useful if you got the ARN from a CloudFormation Export.

      If the imported Managed Policy ARN is a Token (such as a CfnParameter.valueAsString or a Fn.importValue()) and the referenced managed policy has a path (like arn:...:policy/AdminPolicy/AdminAllow), the managedPolicyName property will not resolve to the correct value. Instead it will resolve to the first path component. We unfortunately cannot express the correct calculation of the full path name as a CloudFormation expression. In this scenario the Managed Policy ARN should be supplied without the path in order to resolve the correct managed policy resource.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      managedPolicyArn - the ARN of the managed policy to import. This parameter is required.

    • fromManagedPolicyName

      @Stability(Stable) @NotNull public static IManagedPolicy fromManagedPolicyName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String managedPolicyName)
      Import a customer managed policy from the managedPolicyName.

      For this managed policy, you only need to know the name to be able to use it.

      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      managedPolicyName - This parameter is required.

    • addStatements

      @Stability(Stable) public void addStatements(@NotNull @NotNull PolicyStatement... statement)
      Adds a statement to the policy document.

      Parameters:
      statement - This parameter is required.

    • attachToGroup

      @Stability(Stable) public void attachToGroup(@NotNull IGroup group)
      Attaches this policy to a group.

      Parameters:
      group - This parameter is required.

    • attachToRole

      @Stability(Stable) public void attachToRole(@NotNull IRole role)
      Attaches this policy to a role.

      Parameters:
      role - This parameter is required.

    • attachToUser

      @Stability(Stable) public void attachToUser(@NotNull IUser user)
      Attaches this policy to a user.

      Parameters:
      user - This parameter is required.

    • validate

      @Stability(Stable) @NotNull protected List<String> validate()
      Validate the current construct.

      This method can be implemented by derived constructs in order to perform validation logic. It is called on all constructs before synthesis.

      Overrides:
      validate in class Construct
      Returns:
      An array of validation error messages, or an empty array if the construct is valid.

    • getDescription

      @Stability(Stable) @NotNull public String getDescription()
      The description of this policy.

    • getDocument

      @Stability(Stable) @NotNull public PolicyDocument getDocument()
      The policy document.

    • getManagedPolicyArn

      @Stability(Stable) @NotNull public String getManagedPolicyArn()
      Returns the ARN of this managed policy.
      Specified by:
      getManagedPolicyArn in interface IManagedPolicy

    • getManagedPolicyName

      @Stability(Stable) @NotNull public String getManagedPolicyName()
      The name of this policy.

    • getPath

      @Stability(Stable) @NotNull public String getPath()
      The path of this policy.