Class CfnManagedPolicy
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.iam.CfnManagedPolicy
- All Implemented Interfaces:
IInspectable,IManagedPolicyRef,IEnvironmentAware,software.amazon.jsii.JsiiSerializable,software.constructs.IConstruct,software.constructs.IDependable
@Generated(value="jsii-pacmak/1.120.0 (build 192dc88)",
date="2025-12-12T17:54:14.795Z")
@Stability(Stable)
public class CfnManagedPolicy
extends CfnResource
implements IInspectable, IManagedPolicyRef
Creates a new managed policy for your AWS account .
This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's default version. For more information about policy versions, see Versioning for managed policies in the IAM User Guide .
As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide .
For more information about managed policies in general, see Managed policies and inline policies in the IAM User Guide .
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.iam.*;
Object policyDocument;
CfnManagedPolicy cfnManagedPolicy = CfnManagedPolicy.Builder.create(this, "MyCfnManagedPolicy")
.policyDocument(policyDocument)
// the properties below are optional
.description("description")
.groups(List.of("groups"))
.managedPolicyName("managedPolicyName")
.path("path")
.roles(List.of("roles"))
.users(List.of("users"))
.build();
- See Also:
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationModeNested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$DefaultNested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$ProxyNested classes/interfaces inherited from interface software.amazon.awscdk.interfaces.iam.IManagedPolicyRef
IManagedPolicyRef.Jsii$Default, IManagedPolicyRef.Jsii$Proxy -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringThe CloudFormation resource type name for this resource class. -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedCfnManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protectedCfnManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef) CfnManagedPolicy(software.constructs.Construct scope, String id, CfnManagedPolicyProps props) Create a newAWS::IAM::ManagedPolicy. -
Method Summary
Modifier and TypeMethodDescriptionThe number of principal entities (users, groups, and roles) that the policy is attached to.The date and time, in ISO 8601 date-time format , when the policy was created.The identifier for the version of the policy that is set as the default (operative) version.Specifies whether the policy can be attached to an IAM user, group, or role.The number of entities (users and roles) for which the policy is used as the permissions boundary.The Amazon Resource Name (ARN) of the managed policy that you want information about.The stable and unique string identifying the policy.The date and time, in ISO 8601 date-time format , when the policy was last updated.A friendly description of the policy.The name (friendly name, not ARN) of the group to attach the policy to.The friendly name of the policy.A reference to a ManagedPolicy resource.getPath()The path for the policy.The JSON policy document that you want to use as the content for the new policy.getRoles()The name (friendly name, not ARN) of the role to attach the policy to.getUsers()The name (friendly name, not ARN) of the IAM user to attach the policy to.voidinspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.static BooleanChecks whether the given object is a CfnManagedPolicy.renderProperties(Map<String, Object> props) voidsetDescription(String value) A friendly description of the policy.voidThe name (friendly name, not ARN) of the group to attach the policy to.voidsetManagedPolicyName(String value) The friendly name of the policy.voidThe path for the policy.voidsetPolicyDocument(Object value) The JSON policy document that you want to use as the content for the new policy.voidThe name (friendly name, not ARN) of the role to attach the policy to.voidThe name (friendly name, not ARN) of the IAM user to attach the policy to.Methods inherited from class software.amazon.awscdk.CfnResource
addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getEnv, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validatePropertiesMethods inherited from class software.amazon.awscdk.CfnRefElement
getRefMethods inherited from class software.amazon.awscdk.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdMethods inherited from class software.constructs.Construct
getNode, isConstructMethods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface software.constructs.IConstruct
getNodeMethods inherited from interface software.amazon.awscdk.interfaces.IEnvironmentAware
getEnvMethods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnManagedPolicy
protected CfnManagedPolicy(software.amazon.jsii.JsiiObjectRef objRef) -
CfnManagedPolicy
protected CfnManagedPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnManagedPolicy
@Stability(Stable) public CfnManagedPolicy(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnManagedPolicyProps props) Create a newAWS::IAM::ManagedPolicy.- Parameters:
scope- Scope in which this resource is defined. This parameter is required.id- Construct identifier for this resource (unique in its scope). This parameter is required.props- Resource properties. This parameter is required.
-
-
Method Details
-
isCfnManagedPolicy
Checks whether the given object is a CfnManagedPolicy.- Parameters:
x- This parameter is required.
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspectin interfaceIInspectable- Parameters:
inspector- tree inspector to collect and process attributes. This parameter is required.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderPropertiesin classCfnResource- Parameters:
props- This parameter is required.
-
getAttrAttachmentCount
The number of principal entities (users, groups, and roles) that the policy is attached to. -
getAttrCreateDate
The date and time, in ISO 8601 date-time format , when the policy was created. -
getAttrDefaultVersionId
The identifier for the version of the policy that is set as the default (operative) version.For more information about policy versions, see Versioning for managed policies in the IAM User Guide .
-
getAttrIsAttachable
Specifies whether the policy can be attached to an IAM user, group, or role. -
getAttrPermissionsBoundaryUsageCount
The number of entities (users and roles) for which the policy is used as the permissions boundary.For more information about permissions boundaries, see Permissions boundaries for IAM identities in the IAM User Guide .
-
getAttrPolicyArn
The Amazon Resource Name (ARN) of the managed policy that you want information about.For more information about ARNs, see Amazon Resource Names (ARNs) in the AWS General Reference .
-
getAttrPolicyId
The stable and unique string identifying the policy.For more information about IDs, see IAM identifiers in the IAM User Guide .
-
getAttrUpdateDate
The date and time, in ISO 8601 date-time format , when the policy was last updated.When a policy has only one version, this field contains the date and time when the policy was created. When a policy has more than one version, this field contains the date and time when the most recent policy version was created.
-
getCfnProperties
- Overrides:
getCfnPropertiesin classCfnResource
-
getManagedPolicyRef
A reference to a ManagedPolicy resource.- Specified by:
getManagedPolicyRefin interfaceIManagedPolicyRef
-
getPolicyDocument
The JSON policy document that you want to use as the content for the new policy. -
setPolicyDocument
The JSON policy document that you want to use as the content for the new policy. -
getDescription
A friendly description of the policy. -
setDescription
A friendly description of the policy. -
getGroups
The name (friendly name, not ARN) of the group to attach the policy to. -
setGroups
The name (friendly name, not ARN) of the group to attach the policy to. -
getManagedPolicyName
The friendly name of the policy. -
setManagedPolicyName
The friendly name of the policy. -
getPath
The path for the policy. -
setPath
The path for the policy. -
getRoles
The name (friendly name, not ARN) of the role to attach the policy to. -
setRoles
The name (friendly name, not ARN) of the role to attach the policy to. -
getUsers
The name (friendly name, not ARN) of the IAM user to attach the policy to. -
setUsers
The name (friendly name, not ARN) of the IAM user to attach the policy to.
-