Package software.amazon.awscdk.services.iam

Class ManagedPolicy

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.Resource
software.amazon.awscdk.services.iam.ManagedPolicy
All Implemented Interfaces:
IResource, IGrantable, IManagedPolicy, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable
Direct Known Subclasses:
UntrustedCodeBoundaryPolicy
@Generated(value="jsii-pacmak/1.98.0 (build 00b106d)", date="2024-05-08T21:35:08.167Z") @Stability(Stable) public class ManagedPolicy extends Resource implements IManagedPolicy, IGrantable
Managed policy.

Example: 

 Build build;
 Role role = Role.Builder.create(this, "Role")
         .assumedBy(new CompositePrincipal(new ServicePrincipal("gamelift.amazonaws.com")))
         .build();
 role.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("CloudWatchAgentServerPolicy"));
 BuildFleet fleet = BuildFleet.Builder.create(this, "Game server fleet")
         .fleetName("test-fleet")
         .content(build)
         .instanceType(InstanceType.of(InstanceClass.C5, InstanceSize.LARGE))
         .runtimeConfiguration(RuntimeConfiguration.builder()
                 .serverProcesses(List.of(ServerProcess.builder()
                         .launchPath("/local/game/GameLiftExampleServer.x86_64")
                         .build()))
                 .build())
         .role(role)
         .build();
 // Actions can also be grantted through dedicated method
 fleet.grant(role, "gamelift:ListFleets");

  • Constructor Details

    • ManagedPolicy

      protected ManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef)

    • ManagedPolicy

      protected ManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • ManagedPolicy

      @Stability(Stable) public ManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable ManagedPolicyProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props -

    • ManagedPolicy

      @Stability(Stable) public ManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.

  • Method Details

    • fromAwsManagedPolicyName

      @Stability(Stable) @NotNull public static IManagedPolicy fromAwsManagedPolicyName(@NotNull String managedPolicyName)
      Import a managed policy from one of the policies that AWS manages.

      For this managed policy, you only need to know the name to be able to use it.

      Some managed policy names start with "service-role/", some start with "job-function/", and some don't start with anything. Include the prefix when constructing this object.

      Parameters:
      managedPolicyName - This parameter is required.

    • fromManagedPolicyArn

      @Stability(Stable) @NotNull public static IManagedPolicy fromManagedPolicyArn(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String managedPolicyArn)
      Import an external managed policy by ARN.

      For this managed policy, you only need to know the ARN to be able to use it. This can be useful if you got the ARN from a CloudFormation Export.

      If the imported Managed Policy ARN is a Token (such as a CfnParameter.valueAsString or a Fn.importValue()) and the referenced managed policy has a path (like arn:...:policy/AdminPolicy/AdminAllow), the managedPolicyName property will not resolve to the correct value. Instead it will resolve to the first path component. We unfortunately cannot express the correct calculation of the full path name as a CloudFormation expression. In this scenario the Managed Policy ARN should be supplied without the path in order to resolve the correct managed policy resource.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      managedPolicyArn - the ARN of the managed policy to import. This parameter is required.

    • fromManagedPolicyName

      @Stability(Stable) @NotNull public static IManagedPolicy fromManagedPolicyName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String managedPolicyName)
      Import a customer managed policy from the managedPolicyName.

      For this managed policy, you only need to know the name to be able to use it.

      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      managedPolicyName - This parameter is required.

    • addStatements

      @Stability(Stable) public void addStatements(@NotNull @NotNull PolicyStatement... statement)
      Adds a statement to the policy document.

      Parameters:
      statement - This parameter is required.

    • attachToGroup

      @Stability(Stable) public void attachToGroup(@NotNull IGroup group)
      Attaches this policy to a group.

      Parameters:
      group - This parameter is required.

    • attachToRole

      @Stability(Stable) public void attachToRole(@NotNull IRole role)
      Attaches this policy to a role.

      Parameters:
      role - This parameter is required.

    • attachToUser

      @Stability(Stable) public void attachToUser(@NotNull IUser user)
      Attaches this policy to a user.

      Parameters:
      user - This parameter is required.

    • getDescription

      @Stability(Stable) @NotNull public String getDescription()
      The description of this policy.

    • getDocument

      @Stability(Stable) @NotNull public PolicyDocument getDocument()
      The policy document.

    • getGrantPrincipal

      @Stability(Stable) @NotNull public IPrincipal getGrantPrincipal()
      The principal to grant permissions to.
      Specified by:
      getGrantPrincipal in interface IGrantable

    • getManagedPolicyArn

      @Stability(Stable) @NotNull public String getManagedPolicyArn()
      Returns the ARN of this managed policy.
      Specified by:
      getManagedPolicyArn in interface IManagedPolicy

    • getManagedPolicyName

      @Stability(Stable) @NotNull public String getManagedPolicyName()
      The name of this policy.

    • getPath

      @Stability(Stable) @NotNull public String getPath()
      The path of this policy.