@Generated(value="jsii-pacmak/1.29.0 (build 41df200)", date="2021-06-02T09:55:31.424Z") @Stability(value=Experimental) public class PolicyStatement extends software.amazon.jsii.JsiiObject
| Modifier and Type | Class and Description |
|---|---|
static class |
PolicyStatement.Builder
(experimental) A fluent builder for
PolicyStatement. |
| Modifier | Constructor and Description |
|---|---|
|
PolicyStatement() |
protected |
PolicyStatement(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
PolicyStatement(software.amazon.jsii.JsiiObjectRef objRef) |
|
PolicyStatement(PolicyStatementProps props) |
| Modifier and Type | Method and Description |
|---|---|
void |
addAccountCondition(String accountId)
(experimental) Add a condition that limits to a given account.
|
void |
addAccountRootPrincipal()
(experimental) Adds an AWS account root user principal to this policy statement.
|
void |
addActions(String... actions)
(experimental) Specify allowed actions into the "Action" section of the policy statement.
|
void |
addAllResources()
(experimental) Adds a ``"*"`` resource to this statement.
|
void |
addAnyPrincipal()
(experimental) Adds all identities in all accounts ("*") to this policy statement.
|
void |
addArnPrincipal(String arn)
(experimental) Specify a principal using the ARN identifier of the principal.
|
void |
addAwsAccountPrincipal(String accountId)
(experimental) Specify AWS account ID as the principal entity to the "Principal" section of a policy statement.
|
void |
addCanonicalUserPrincipal(String canonicalUserId)
(experimental) Adds a canonical user ID principal to this policy document.
|
void |
addCondition(String key,
Object value)
(experimental) Add a condition to the Policy.
|
void |
addConditions(Map<String,Object> conditions)
(experimental) Add multiple conditions to the Policy.
|
void |
addFederatedPrincipal(Object federated,
Map<String,Object> conditions)
(experimental) Adds a federated identity provider such as Amazon Cognito to this policy statement.
|
void |
addNotActions(String... notActions)
(experimental) Explicitly allow all actions except the specified list of actions into the "NotAction" section of the policy document.
|
void |
addNotPrincipals(IPrincipal... notPrincipals)
(experimental) Specify principals that is not allowed or denied access to the "NotPrincipal" section of a policy statement.
|
void |
addNotResources(String... arns)
(experimental) Specify resources that this policy statement will not apply to in the "NotResource" section of this policy statement.
|
void |
addPrincipals(IPrincipal... principals)
(experimental) Adds principals to the "Principal" section of a policy statement.
|
void |
addResources(String... arns)
(experimental) Specify resources that this policy statement applies into the "Resource" section of this policy statement.
|
void |
addServicePrincipal(String service)
(experimental) Adds a service principal to this policy statement.
|
void |
addServicePrincipal(String service,
ServicePrincipalOpts opts)
(experimental) Adds a service principal to this policy statement.
|
static PolicyStatement |
fromJson(Object obj)
(experimental) Creates a new PolicyStatement based on the object provided.
|
Effect |
getEffect()
(experimental) Whether to allow or deny the actions in this statement.
|
Boolean |
getHasPrincipal()
(experimental) Indicates if this permission has a "Principal" section.
|
Boolean |
getHasResource()
(experimental) Indicates if this permission has at least one resource associated with it.
|
String |
getSid()
(experimental) Statement ID for this statement.
|
void |
setEffect(Effect value)
(experimental) Whether to allow or deny the actions in this statement.
|
void |
setSid(String value)
(experimental) Statement ID for this statement.
|
Object |
toJSON()
(experimental) JSON-ify the statement.
|
Object |
toStatementJson()
(experimental) JSON-ify the policy statement.
|
String |
toString()
(experimental) String representation of this policy statement.
|
List<String> |
validateForAnyPolicy()
(experimental) Validate that the policy statement satisfies base requirements for a policy.
|
List<String> |
validateForIdentityPolicy()
(experimental) Validate that the policy statement satisfies all requirements for an identity-based policy.
|
List<String> |
validateForResourcePolicy()
(experimental) Validate that the policy statement satisfies all requirements for a resource-based policy.
|
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetprotected PolicyStatement(software.amazon.jsii.JsiiObjectRef objRef)
protected PolicyStatement(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
@Stability(value=Experimental)
public PolicyStatement(@Nullable
PolicyStatementProps props)
props - @Stability(value=Experimental) public PolicyStatement()
@Stability(value=Experimental) @NotNull public static PolicyStatement fromJson(@NotNull Object obj)
This will accept an object created from the .toJSON() call
obj - the PolicyStatement in object form. This parameter is required.@Stability(value=Experimental)
public void addAccountCondition(@NotNull
String accountId)
accountId - This parameter is required.@Stability(value=Experimental) public void addAccountRootPrincipal()
@Stability(value=Experimental)
public void addActions(@NotNull
String... actions)
actions - actions that will be allowed. This parameter is required.https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_action.html@Stability(value=Experimental) public void addAllResources()
@Stability(value=Experimental) public void addAnyPrincipal()
@Stability(value=Experimental)
public void addArnPrincipal(@NotNull
String arn)
You cannot specify IAM groups and instance profiles as principals.
arn - ARN identifier of AWS account, IAM user, or IAM role (i.e. arn:aws:iam::123456789012:user/user-name). This parameter is required.@Stability(value=Experimental)
public void addAwsAccountPrincipal(@NotNull
String accountId)
accountId - This parameter is required.@Stability(value=Experimental)
public void addCanonicalUserPrincipal(@NotNull
String canonicalUserId)
canonicalUserId - unique identifier assigned by AWS for every account. This parameter is required.@Stability(value=Experimental)
public void addCondition(@NotNull
String key,
@NotNull
Object value)
key - This parameter is required.value - This parameter is required.@Stability(value=Experimental)
public void addConditions(@NotNull
Map<String,Object> conditions)
conditions - This parameter is required.@Stability(value=Experimental)
public void addFederatedPrincipal(@NotNull
Object federated,
@NotNull
Map<String,Object> conditions)
federated - federated identity provider (i.e. 'cognito-identity.amazonaws.com'). This parameter is required.conditions - The conditions under which the policy is in effect. This parameter is required.@Stability(value=Experimental)
public void addNotActions(@NotNull
String... notActions)
notActions - actions that will be denied. This parameter is required.https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notaction.html@Stability(value=Experimental)
public void addNotPrincipals(@NotNull
IPrincipal... notPrincipals)
notPrincipals - IAM principals that will be denied access. This parameter is required.https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notprincipal.html@Stability(value=Experimental)
public void addNotResources(@NotNull
String... arns)
All resources except the specified list will be matched.
arns - Amazon Resource Names (ARNs) of the resources that this policy statement does not apply to. This parameter is required.https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notresource.html@Stability(value=Experimental)
public void addPrincipals(@NotNull
IPrincipal... principals)
principals - IAM principals that will be added. This parameter is required.https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html@Stability(value=Experimental)
public void addResources(@NotNull
String... arns)
arns - Amazon Resource Names (ARNs) of the resources that this policy statement applies to. This parameter is required.https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html@Stability(value=Experimental)
public void addServicePrincipal(@NotNull
String service,
@Nullable
ServicePrincipalOpts opts)
service - the service name for which a service principal is requested (e.g: `s3.amazonaws.com`). This parameter is required.opts - options for adding the service principal (such as specifying a principal in a different region).@Stability(value=Experimental)
public void addServicePrincipal(@NotNull
String service)
service - the service name for which a service principal is requested (e.g: `s3.amazonaws.com`). This parameter is required.@Stability(value=Experimental) @NotNull public Object toJSON()
Used when JSON.stringify() is called
@Stability(value=Experimental) @NotNull public Object toStatementJson()
Used when JSON.stringify() is called
@Stability(value=Experimental) @NotNull public String toString()
@Stability(value=Experimental) @NotNull public List<String> validateForAnyPolicy()
@Stability(value=Experimental) @NotNull public List<String> validateForIdentityPolicy()
@Stability(value=Experimental) @NotNull public List<String> validateForResourcePolicy()
@Stability(value=Experimental) @NotNull public Boolean getHasPrincipal()
@Stability(value=Experimental) @NotNull public Boolean getHasResource()
@Stability(value=Experimental) @NotNull public Effect getEffect()
@Stability(value=Experimental)
public void setEffect(@NotNull
Effect value)
@Stability(value=Experimental) @Nullable public String getSid()
@Stability(value=Experimental)
public void setSid(@Nullable
String value)
Copyright © 2021. All rights reserved.