Class CfnPolicy
Creates or updates a Cedar policy and saves it in the specified policy store.
Inherited Members
Namespace: Amazon.CDK.AWS.VerifiedPermissions
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnPolicy : CfnResource, IInspectable, IPolicyRef, IConstruct, IDependable, IEnvironmentAwareSyntax (vb)
Public Class CfnPolicy Inherits CfnResource Implements IInspectable, IPolicyRef, IConstruct, IDependable, IEnvironmentAwareRemarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.VerifiedPermissions;
var cfnPolicy = new CfnPolicy(this, "MyCfnPolicy", new CfnPolicyProps {
Definition = new PolicyDefinitionProperty {
Static = new StaticPolicyDefinitionProperty {
Statement = "statement",
// the properties below are optional
Description = "description"
},
TemplateLinked = new TemplateLinkedPolicyDefinitionProperty {
PolicyTemplateId = "policyTemplateId",
// the properties below are optional
Principal = new EntityIdentifierProperty {
EntityId = "entityId",
EntityType = "entityType"
},
Resource = new EntityIdentifierProperty {
EntityId = "entityId",
EntityType = "entityType"
}
}
},
PolicyStoreId = "policyStoreId"
});Synopsis
Constructors
| CfnPolicy(Construct, string, ICfnPolicyProps) | Create a new |
Properties
| AttrPolicyId | The unique ID of the new or updated policy. |
| AttrPolicyType | The type of the policy. This is one of the following values:. |
| CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
| CfnProperties | Creates or updates a Cedar policy and saves it in the specified policy store. |
| Definition | Specifies the policy type and content to use for the new or updated policy. |
| PolicyRef | A reference to a Policy resource. |
| PolicyStoreId | Specifies the |
Methods
| Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
| IsCfnPolicy(object) | Checks whether the given object is a CfnPolicy. |
| RenderProperties(IDictionary<string, object>) | Creates or updates a Cedar policy and saves it in the specified policy store. |
Constructors
CfnPolicy(Construct, string, ICfnPolicyProps)
Create a new AWS::VerifiedPermissions::Policy.
public CfnPolicy(Construct scope, string id, ICfnPolicyProps props)Parameters
- scope Construct
Scope in which this resource is defined.
- id string
Construct identifier for this resource (unique in its scope).
- props ICfnPolicyProps
Resource properties.
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
Properties
AttrPolicyId
The unique ID of the new or updated policy.
public virtual string AttrPolicyId { get; }Property Value
Remarks
CloudformationAttribute: PolicyId
AttrPolicyType
The type of the policy. This is one of the following values:.
public virtual string AttrPolicyType { get; }Property Value
Remarks
CloudformationAttribute: PolicyType
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }Property Value
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
CfnProperties
Creates or updates a Cedar policy and saves it in the specified policy store.
protected override IDictionary<string, object> CfnProperties { get; }Property Value
Overrides
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
Definition
Specifies the policy type and content to use for the new or updated policy.
public virtual object Definition { get; set; }Property Value
Remarks
Type union: either IResolvable or CfnPolicy.IPolicyDefinitionProperty
PolicyRef
A reference to a Policy resource.
public virtual IPolicyReference PolicyRef { get; }Property Value
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
PolicyStoreId
Specifies the PolicyStoreId of the policy store you want to store the policy in.
public virtual string PolicyStoreId { get; set; }Property Value
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
IsCfnPolicy(object)
Checks whether the given object is a CfnPolicy.
public static bool IsCfnPolicy(object x)Parameters
- x object
Returns
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated
RenderProperties(IDictionary<string, object>)
Creates or updates a Cedar policy and saves it in the specified policy store.
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)Parameters
- props IDictionary<string, object>
Returns
Overrides
Remarks
You can create either a static policy or a policy linked to a policy template.
You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
<ul></ul>
You can't change these elements of a static policy:
CloudformationResource: AWS::VerifiedPermissions::Policy
ExampleMetadata: fixture=_generated