Class: AWSCDK::IAM::CfnPolicyProps
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::IAM::CfnPolicyProps
- Defined in:
- iam/cfn_policy_props.rb
Overview
Properties for defining a CfnPolicy.
Instance Attribute Summary collapse
-
#groups ⇒ Array<String>?
readonly
The name of the group to associate the policy with.
-
#policy_document ⇒ Object
readonly
The policy document.
-
#policy_name ⇒ String
readonly
The name of the policy document.
-
#roles ⇒ Array<String>?
readonly
The name of the role to associate the policy with.
-
#users ⇒ Array<String>?
readonly
The name of the user to associate the policy with.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(policy_document:, policy_name:, groups: nil, roles: nil, users: nil) ⇒ CfnPolicyProps
constructor
A new instance of CfnPolicyProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(policy_document:, policy_name:, groups: nil, roles: nil, users: nil) ⇒ CfnPolicyProps
Returns a new instance of CfnPolicyProps.
14 15 16 17 18 19 20 21 22 23 24 25 |
# File 'iam/cfn_policy_props.rb', line 14 def initialize(policy_document:, policy_name:, groups: nil, roles: nil, users: nil) @policy_document = policy_document Jsii::Type.check_type(@policy_document, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "policyDocument") @policy_name = policy_name Jsii::Type.check_type(@policy_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "policyName") @groups = groups Jsii::Type.check_type(@groups, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "groups") unless @groups.nil? @roles = roles Jsii::Type.check_type(@roles, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "roles") unless @roles.nil? @users = users Jsii::Type.check_type(@users, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "users") unless @users.nil? end |
Instance Attribute Details
#groups ⇒ Array<String>? (readonly)
The name of the group to associate the policy with.
This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.
53 54 55 |
# File 'iam/cfn_policy_props.rb', line 53 def groups @groups end |
#policy_document ⇒ Object (readonly)
The policy document.
You must provide policies in JSON format in IAM. However, for CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.
The regex pattern used to validate this parameter is a string of characters consisting of the following:
- Any printable ASCII character ranging from the space character (
\u0020) through the end of the ASCII character range - The printable characters in the Basic Latin and Latin-1 Supplement character set (through
\u00FF) - The special characters tab (
\u0009), line feed (\u000A), and carriage return (\u000D)
39 40 41 |
# File 'iam/cfn_policy_props.rb', line 39 def policy_document @policy_document end |
#policy_name ⇒ String (readonly)
The name of the policy document.
This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
46 47 48 |
# File 'iam/cfn_policy_props.rb', line 46 def policy_name @policy_name end |
#roles ⇒ Array<String>? (readonly)
The name of the role to associate the policy with.
This parameter allows (per its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
If an external policy (such as
AWS::IAM::PolicyorAWS::IAM::ManagedPolicy) has aRefto a role and if a resource (such asAWS::ECS::Service) also has aRefto the same role, add aDependsOnattribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with anAWS::ECS::Serviceresource, theDependsOnattribute ensures that CloudFormation deletes theAWS::ECS::Serviceresource before deleting its role's policy.
62 63 64 |
# File 'iam/cfn_policy_props.rb', line 62 def roles @roles end |
#users ⇒ Array<String>? (readonly)
The name of the user to associate the policy with.
This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
69 70 71 |
# File 'iam/cfn_policy_props.rb', line 69 def users @users end |
Class Method Details
.jsii_properties ⇒ Object
71 72 73 74 75 76 77 78 79 |
# File 'iam/cfn_policy_props.rb', line 71 def self.jsii_properties { :policy_document => "policyDocument", :policy_name => "policyName", :groups => "groups", :roles => "roles", :users => "users", } end |
Instance Method Details
#to_jsii ⇒ Object
81 82 83 84 85 86 87 88 89 90 91 |
# File 'iam/cfn_policy_props.rb', line 81 def to_jsii result = {} result.merge!({ "policyDocument" => @policy_document, "policyName" => @policy_name, "groups" => @groups, "roles" => @roles, "users" => @users, }) result.compact end |