Class: AWSCDK::IAM::ManagedPolicyProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
iam/managed_policy_props.rb

Overview

Properties for defining an IAM managed policy.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(description: nil, document: nil, groups: nil, managed_policy_name: nil, path: nil, roles: nil, statements: nil, users: nil) ⇒ ManagedPolicyProps

Returns a new instance of ManagedPolicyProps.

Parameters:

  • description (String, nil) (defaults to: nil)

    A description of the managed policy.

  • document (AWSCDK::IAM::PolicyDocument, nil) (defaults to: nil)

    Initial PolicyDocument to use for this ManagedPolicy.

  • groups (Array<AWSCDK::Interfaces::AWSIAM::IGroupRef>, nil) (defaults to: nil)

    Groups to attach this policy to.

  • managed_policy_name (String, nil) (defaults to: nil)

    The name of the managed policy.

  • path (String, nil) (defaults to: nil)

    The path for the policy.

  • roles (Array<AWSCDK::IAM::IRole>, nil) (defaults to: nil)

    Roles to attach this policy to.

  • statements (Array<AWSCDK::IAM::PolicyStatement>, nil) (defaults to: nil)

    Initial set of permissions to add to this policy document.

  • users (Array<AWSCDK::IAM::IUser>, nil) (defaults to: nil)

    Users to attach this policy to.



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# File 'iam/managed_policy_props.rb', line 15

def initialize(description: nil, document: nil, groups: nil, managed_policy_name: nil, path: nil, roles: nil, statements: nil, users: nil)
  @description = description
  Jsii::Type.check_type(@description, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "description") unless @description.nil?
  @document = document
  Jsii::Type.check_type(@document, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLlBvbGljeURvY3VtZW50In0=")), "document") unless @document.nil?
  @groups = groups
  Jsii::Type.check_type(@groups, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmludGVyZmFjZXMuYXdzX2lhbS5JR3JvdXBSZWYifSwia2luZCI6ImFycmF5In19")), "groups") unless @groups.nil?
  @managed_policy_name = managed_policy_name
  Jsii::Type.check_type(@managed_policy_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "managedPolicyName") unless @managed_policy_name.nil?
  @path = path
  Jsii::Type.check_type(@path, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "path") unless @path.nil?
  @roles = roles
  Jsii::Type.check_type(@roles, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19pYW0uSVJvbGUifSwia2luZCI6ImFycmF5In19")), "roles") unless @roles.nil?
  @statements = statements
  Jsii::Type.check_type(@statements, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19pYW0uUG9saWN5U3RhdGVtZW50In0sImtpbmQiOiJhcnJheSJ9fQ==")), "statements") unless @statements.nil?
  @users = users
  Jsii::Type.check_type(@users, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19pYW0uSVVzZXIifSwia2luZCI6ImFycmF5In19")), "users") unless @users.nil?
end

Instance Attribute Details

#descriptionString? (readonly)

Note:

Default: - empty

A description of the managed policy.

Typically used to store information about the permissions defined in the policy. For example, "Grants access to production DynamoDB tables." The policy description is immutable. After a value is assigned, it cannot be changed.

Returns:

  • (String, nil)


42
43
44
# File 'iam/managed_policy_props.rb', line 42

def description
  @description
end

#documentAWSCDK::IAM::PolicyDocument? (readonly)

Note:

Default: - An empty policy.

Initial PolicyDocument to use for this ManagedPolicy.

If omited, any PolicyStatement provided in the statements property will be applied against the empty default PolicyDocument.

Returns:



51
52
53
# File 'iam/managed_policy_props.rb', line 51

def document
  @document
end

#groupsArray<AWSCDK::Interfaces::AWSIAM::IGroupRef>? (readonly)

Note:

Default: - No groups.

Groups to attach this policy to.

You can also use attach_to_group(group) to attach this policy to a group.

Returns:



58
59
60
# File 'iam/managed_policy_props.rb', line 58

def groups
  @groups
end

#managed_policy_nameString? (readonly)

Note:

Default: - A name is automatically generated.

The name of the managed policy.

If you specify multiple policies for an entity, specify unique names. For example, if you specify a list of policies for an IAM role, each policy must have a unique name.

Returns:

  • (String, nil)


67
68
69
# File 'iam/managed_policy_props.rb', line 67

def managed_policy_name
  @managed_policy_name
end

#pathString? (readonly)

Note:

Default: - "/"

The path for the policy.

This parameter allows (through its regex pattern) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (\u0021) through the DEL character (\u007F), including most punctuation characters, digits, and upper and lowercased letters.

For more information about paths, see IAM Identifiers in the IAM User Guide.

Returns:

  • (String, nil)


79
80
81
# File 'iam/managed_policy_props.rb', line 79

def path
  @path
end

#rolesArray<AWSCDK::IAM::IRole>? (readonly)

Note:

Default: - No roles.

Roles to attach this policy to.

You can also use attach_to_role(role) to attach this policy to a role.

Returns:



86
87
88
# File 'iam/managed_policy_props.rb', line 86

def roles
  @roles
end

#statementsArray<AWSCDK::IAM::PolicyStatement>? (readonly)

Note:

Default: - No statements.

Initial set of permissions to add to this policy document.

You can also use add_permission(statement) to add permissions later.

Returns:



93
94
95
# File 'iam/managed_policy_props.rb', line 93

def statements
  @statements
end

#usersArray<AWSCDK::IAM::IUser>? (readonly)

Note:

Default: - No users.

Users to attach this policy to.

You can also use attach_to_user(user) to attach this policy to a user.

Returns:



100
101
102
# File 'iam/managed_policy_props.rb', line 100

def users
  @users
end

Class Method Details

.jsii_propertiesObject



102
103
104
105
106
107
108
109
110
111
112
113
# File 'iam/managed_policy_props.rb', line 102

def self.jsii_properties
  {
    :description => "description",
    :document => "document",
    :groups => "groups",
    :managed_policy_name => "managedPolicyName",
    :path => "path",
    :roles => "roles",
    :statements => "statements",
    :users => "users",
  }
end

Instance Method Details

#to_jsiiObject



115
116
117
118
119
120
121
122
123
124
125
126
127
128
# File 'iam/managed_policy_props.rb', line 115

def to_jsii
  result = {}
  result.merge!({
    "description" => @description,
    "document" => @document,
    "groups" => @groups,
    "managedPolicyName" => @managed_policy_name,
    "path" => @path,
    "roles" => @roles,
    "statements" => @statements,
    "users" => @users,
  })
  result.compact
end