interface PolicyEngineProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Bedrock.Agentcore.Alpha.PolicyEngineProps |
 Go | github.com/aws/aws-cdk-go/awsbedrockagentcorealpha/v2#PolicyEngineProps |
 Java | software.amazon.awscdk.services.bedrock.agentcore.alpha.PolicyEngineProps |
 Python | aws_cdk.aws_bedrock_agentcore_alpha.PolicyEngineProps |
 TypeScript (source) | @aws-cdk/aws-bedrock-agentcore-alpha ยป PolicyEngineProps |
Properties for creating a PolicyEngine resource.
Example
const gateway = new agentcore.Gateway(this, "MyGateway", {
gatewayName: "my-gateway",
});
const policyEngine = new agentcore.PolicyEngine(this, "MyPolicyEngine", {
policyEngineName: "my_policy_engine",
});
const allowAllPolicy = new agentcore.Policy(this, "AllowAllPolicy", {
policyEngine: policyEngine,
policyName: "allow_all",
statement: agentcore.PolicyStatement.permit()
.forAllPrincipals() // ** This will give overly permission to all principals
.onAllActions()
.onResource('AgentCore::Gateway', gateway.gatewayArn),
description: "Allow all actions on specific gateway (development only)",
validationMode: agentcore.PolicyValidationMode.IGNORE_ALL_FINDINGS,
});
// Generated Cedar:
// permit(
// principal,
// action,
// resource == AgentCore::Gateway::"arn:aws:bedrock-agentcore:region:account:gateway/gateway-id"
// );
Properties
| Name | Type | Description |
|---|---|---|
| description? | string | Optional description for the policy engine. |
| kms | IKey | Custom KMS key for encryption. |
| policy | string | The name of the policy engine. |
| tags? | { [string]: string } | Tags for the policy engine. |
description?
Type:
string
(optional, default: No description)
Optional description for the policy engine.
Maximum 4,096 characters.
kmsKey?
Type:
IKey
(optional, default: AWS owned key)
Custom KMS key for encryption.
[disable-awslint:prefer-ref-interface]
policyEngineName?
Type:
string
(optional, default: Auto-generated unique name)
The name of the policy engine.
Valid characters: a-z, A-Z, 0-9, _ (underscore) Must start with a letter, 1-48 characters Pattern: ^[A-Za-z][A-Za-z0-9_]*$
tags?
Type:
{ [string]: string }
(optional, default: No tags)
Tags for the policy engine.
Maximum 50 tags.