Package software.amazon.awscdk.services.iam

Class PolicyDocument

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.iam.PolicyDocument
All Implemented Interfaces:
IResolvable, software.amazon.jsii.JsiiSerializable
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:29:57.354Z") @Stability(Stable) public class PolicyDocument extends software.amazon.jsii.JsiiObject implements IResolvable
A PolicyDocument is a collection of statements.

Example: 

 IRole myTrustedAdminRole = Role.fromRoleArn(this, "TrustedRole", "arn:aws:iam:....");
 // Creates a limited admin policy and assigns to the account root.
 PolicyDocument myCustomPolicy = PolicyDocument.Builder.create()
         .statements(List.of(PolicyStatement.Builder.create()
                 .actions(List.of("kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*"))
                 .principals(List.of(new AccountRootPrincipal()))
                 .resources(List.of("*"))
                 .build()))
         .build();
 Key key = Key.Builder.create(this, "MyKey")
         .policy(myCustomPolicy)
         .build();

  • Constructor Details

    • PolicyDocument

      protected PolicyDocument(software.amazon.jsii.JsiiObjectRef objRef)

    • PolicyDocument

      protected PolicyDocument(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • PolicyDocument

      @Stability(Stable) public PolicyDocument(@Nullable PolicyDocumentProps props)
      Parameters:
      props -

    • PolicyDocument

      @Stability(Stable) public PolicyDocument()

  • Method Details

    • fromJson

      @Stability(Stable) @NotNull public static PolicyDocument fromJson(@NotNull Object obj)
      Creates a new PolicyDocument based on the object provided.

      This will accept an object created from the .toJSON() call

      Parameters:
      obj - the PolicyDocument in object form. This parameter is required.

    • addStatements

      @Stability(Stable) public void addStatements(@NotNull @NotNull PolicyStatement... statement)
      Adds a statement to the policy document.

      Parameters:
      statement - the statement to add. This parameter is required.

    • resolve

      @Stability(Stable) @NotNull public Object resolve(@NotNull IResolveContext context)
      Produce the Token's value at resolution time.

      Specified by:
      resolve in interface IResolvable
      Parameters:
      context - This parameter is required.

    • toJSON

      @Stability(Stable) @NotNull public Object toJSON()
      JSON-ify the document.

      Used when JSON.stringify() is called

    • toString

      @Stability(Stable) @NotNull public String toString()
      Encode the policy document as a string.
      Specified by:
      toString in interface IResolvable
      Overrides:
      toString in class Object

    • validateForAnyPolicy

      @Stability(Stable) @NotNull public List<String> validateForAnyPolicy()
      Validate that all policy statements in the policy document satisfies the requirements for any policy.

      Returns:
      An array of validation error messages, or an empty array if the document is valid.
      See Also:

    • validateForIdentityPolicy

      @Stability(Stable) @NotNull public List<String> validateForIdentityPolicy()
      Validate that all policy statements in the policy document satisfies the requirements for an identity-based policy.

      Returns:
      An array of validation error messages, or an empty array if the document is valid.
      See Also:

    • validateForResourcePolicy

      @Stability(Stable) @NotNull public List<String> validateForResourcePolicy()
      Validate that all policy statements in the policy document satisfies the requirements for a resource-based policy.

      Returns:
      An array of validation error messages, or an empty array if the document is valid.
      See Also:

    • getCreationStack

      @Stability(Stable) @NotNull public List<String> getCreationStack()
      The creation stack of this resolvable which will be appended to errors thrown during resolution.

      This may return an array with a single informational element indicating how to get this property populated, if it was skipped for performance reasons.

      Specified by:
      getCreationStack in interface IResolvable

    • getIsEmpty

      @Stability(Stable) @NotNull public Boolean getIsEmpty()
      Whether the policy document contains any statements.

    • getStatementCount

      @Stability(Stable) @NotNull public Number getStatementCount()
      The number of statements already added to this policy.

      Can be used, for example, to generate unique "sid"s within the policy.