Package software.amazon.awscdk.services.iam

Class CfnManagedPolicy

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.iam.CfnManagedPolicy
All Implemented Interfaces:
IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
@Generated(value="jsii-pacmak/1.101.0 (build b95fe5d)", date="2024-07-12T19:34:02.902Z") @Stability(Stable) public class CfnManagedPolicy extends CfnResource implements IInspectable
Creates a new managed policy for your AWS account .

This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's default version. For more information about policy versions, see Versioning for managed policies in the IAM User Guide .

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide .

For more information about managed policies in general, see Managed policies and inline policies in the IAM User Guide .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.iam.*;
 Object policyDocument;
 CfnManagedPolicy cfnManagedPolicy = CfnManagedPolicy.Builder.create(this, "MyCfnManagedPolicy")
         .policyDocument(policyDocument)
         // the properties below are optional
         .description("description")
         .groups(List.of("groups"))
         .managedPolicyName("managedPolicyName")
         .path("path")
         .roles(List.of("roles"))
         .users(List.of("users"))
         .build();

See Also:

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnManagedPolicy

      protected CfnManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnManagedPolicy

      protected CfnManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnManagedPolicy

      @Stability(Stable) public CfnManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnManagedPolicyProps props)
      Parameters:
      scope - Scope in which this resource is defined. This parameter is required.
      id - Construct identifier for this resource (unique in its scope). This parameter is required.
      props - Resource properties. This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector - tree inspector to collect and process attributes. This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrAttachmentCount

      @Stability(Stable) @NotNull public Number getAttrAttachmentCount()
      The number of principal entities (users, groups, and roles) that the policy is attached to.

    • getAttrCreateDate

      @Stability(Stable) @NotNull public String getAttrCreateDate()
      The date and time, in ISO 8601 date-time format , when the policy was created.

    • getAttrDefaultVersionId

      @Stability(Stable) @NotNull public String getAttrDefaultVersionId()
      The identifier for the version of the policy that is set as the default (operative) version.

      For more information about policy versions, see Versioning for managed policies in the IAM User Guide .

    • getAttrIsAttachable

      @Stability(Stable) @NotNull public IResolvable getAttrIsAttachable()
      Specifies whether the policy can be attached to an IAM user, group, or role.

    • getAttrPermissionsBoundaryUsageCount

      @Stability(Stable) @NotNull public Number getAttrPermissionsBoundaryUsageCount()
      The number of entities (users and roles) for which the policy is used as the permissions boundary.

      For more information about permissions boundaries, see Permissions boundaries for IAM identities in the IAM User Guide .

    • getAttrPolicyArn

      @Stability(Stable) @NotNull public String getAttrPolicyArn()

    • getAttrPolicyId

      @Stability(Stable) @NotNull public String getAttrPolicyId()
      The stable and unique string identifying the policy.

      For more information about IDs, see IAM identifiers in the IAM User Guide .

    • getAttrUpdateDate

      @Stability(Stable) @NotNull public String getAttrUpdateDate()
      The date and time, in ISO 8601 date-time format , when the policy was last updated.

      When a policy has only one version, this field contains the date and time when the policy was created. When a policy has more than one version, this field contains the date and time when the most recent policy version was created.

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getPolicyDocument

      @Stability(Stable) @NotNull public Object getPolicyDocument()
      The JSON policy document that you want to use as the content for the new policy.

    • setPolicyDocument

      @Stability(Stable) public void setPolicyDocument(@NotNull Object value)
      The JSON policy document that you want to use as the content for the new policy.

    • getDescription

      @Stability(Stable) @Nullable public String getDescription()
      A friendly description of the policy.

    • setDescription

      @Stability(Stable) public void setDescription(@Nullable String value)
      A friendly description of the policy.

    • getGroups

      @Stability(Stable) @Nullable public List<String> getGroups()
      The name (friendly name, not ARN) of the group to attach the policy to.

    • setGroups

      @Stability(Stable) public void setGroups(@Nullable List<String> value)
      The name (friendly name, not ARN) of the group to attach the policy to.

    • getManagedPolicyName

      @Stability(Stable) @Nullable public String getManagedPolicyName()
      The friendly name of the policy.

    • setManagedPolicyName

      @Stability(Stable) public void setManagedPolicyName(@Nullable String value)
      The friendly name of the policy.

    • getPath

      @Stability(Stable) @Nullable public String getPath()
      The path for the policy.

    • setPath

      @Stability(Stable) public void setPath(@Nullable String value)
      The path for the policy.

    • getRoles

      @Stability(Stable) @Nullable public List<String> getRoles()
      The name (friendly name, not ARN) of the role to attach the policy to.

    • setRoles

      @Stability(Stable) public void setRoles(@Nullable List<String> value)
      The name (friendly name, not ARN) of the role to attach the policy to.

    • getUsers

      @Stability(Stable) @Nullable public List<String> getUsers()
      The name (friendly name, not ARN) of the IAM user to attach the policy to.

    • setUsers

      @Stability(Stable) public void setUsers(@Nullable List<String> value)
      The name (friendly name, not ARN) of the IAM user to attach the policy to.