Package software.amazon.awscdk.services.iam

Interface PolicyDocumentProps

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

PolicyDocumentProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
           date="2023-06-19T16:29:57.356Z")
@Stability(Stable)
public interface PolicyDocumentProps
extends software.amazon.jsii.JsiiSerializable

Properties for a new PolicyDocument.

Example:

 IRole myTrustedAdminRole = Role.fromRoleArn(this, "TrustedRole", "arn:aws:iam:....");
 // Creates a limited admin policy and assigns to the account root.
 PolicyDocument myCustomPolicy = PolicyDocument.Builder.create()
         .statements(List.of(PolicyStatement.Builder.create()
                 .actions(List.of("kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*"))
                 .principals(List.of(new AccountRootPrincipal()))
                 .resources(List.of("*"))
                 .build()))
         .build();
 Key key = Key.Builder.create(this, "MyKey")
         .policy(myCustomPolicy)
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	PolicyDocumentProps.Builder	A builder for PolicyDocumentProps
static final class	PolicyDocumentProps.Jsii$Proxy	An implementation for PolicyDocumentProps

Method Summary

Modifier and Type	Method	Description
static PolicyDocumentProps.Builder	builder()
default Boolean	getAssignSids()	Automatically assign Statement Ids to all statements.
default Boolean	getMinimize()	Try to minimize the policy by merging statements.
default List<PolicyStatement>	getStatements()	Initial statements to add to the policy document.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getAssignSids

@Stability(Stable)
@Nullable
default Boolean getAssignSids()

Automatically assign Statement Ids to all statements.

Default: false

getMinimize

@Stability(Stable)
@Nullable
default Boolean getMinimize()

Try to minimize the policy by merging statements.

To avoid overrunning the maximum policy size, combine statements if they produce the same result. Merging happens according to the following rules:

• The Effect of both statements is the same
• Neither of the statements have a 'Sid'
• Combine Principals if the rest of the statement is exactly the same.
• Combine Resources if the rest of the statement is exactly the same.
• Combine Actions if the rest of the statement is exactly the same.
• We will never combine NotPrincipals, NotResources or NotActions, because doing so would change the meaning of the policy document.

Default: - false, unless the feature flag `@aws-cdk/aws-iam:minimizePolicies` is set

getStatements

@Stability(Stable)
@Nullable
default List<PolicyStatement> getStatements()

Initial statements to add to the policy document.

Default: - No statements

builder

@Stability(Stable)
static PolicyDocumentProps.Builder builder()

Returns:

a PolicyDocumentProps.Builder of PolicyDocumentProps