io.cloudshiftdev.awscdk.services.iam.CfnRolePolicy.kt Maven / Gradle / Ivy
The newest version!
@file:Suppress("RedundantVisibilityModifier","RedundantUnitReturnType","RemoveRedundantQualifierName","unused","UnusedImport","ClassName","REDUNDANT_PROJECTION","DEPRECATION")
package io.cloudshiftdev.awscdk.services.iam
import io.cloudshiftdev.awscdk.CfnResource
import io.cloudshiftdev.awscdk.IInspectable
import io.cloudshiftdev.awscdk.TreeInspector
import io.cloudshiftdev.awscdk.common.CdkDslMarker
import kotlin.Any
import kotlin.String
import kotlin.Unit
import io.cloudshiftdev.constructs.Construct as CloudshiftdevConstructsConstruct
import software.constructs.Construct as SoftwareConstructsConstruct
/**
* Adds or updates an inline policy document that is embedded in the specified IAM role.
*
* When you embed an inline policy in a role, the inline policy is used as part of the role's access
* (permissions) policy. The role's trust policy is created at the same time as the role, using
* [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) . You can
* update a role's trust policy using
* [`UpdateAssumeRolePolicy`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html)
* . For information about roles, see [IAM
* roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) in the *IAM User Guide*
* .
*
* A role can also have a managed policy attached to it. To attach a managed policy to a role, use
* [`AWS::IAM::Role`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html)
* . To create a new managed policy, use
* [`AWS::IAM::ManagedPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html)
* . For information about policies, see [Managed policies and inline
* policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the
* *IAM User Guide* .
*
* For information about the maximum number of inline policies that you can embed with a role, see
* [IAM and AWS STS quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html)
* in the *IAM User Guide* .
*
* Example:
*
* ```
* // The code below shows an example of how to instantiate this type.
* // The values are placeholders you should change.
* import io.cloudshiftdev.awscdk.services.iam.*;
* Object policyDocument;
* CfnRolePolicy cfnRolePolicy = CfnRolePolicy.Builder.create(this, "MyCfnRolePolicy")
* .policyName("policyName")
* .roleName("roleName")
* // the properties below are optional
* .policyDocument(policyDocument)
* .build();
* ```
*
* [Documentation](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-rolepolicy.html)
*/
public open class CfnRolePolicy(
cdkObject: software.amazon.awscdk.services.iam.CfnRolePolicy,
) : CfnResource(cdkObject),
IInspectable {
public constructor(
scope: CloudshiftdevConstructsConstruct,
id: String,
props: CfnRolePolicyProps,
) :
this(software.amazon.awscdk.services.iam.CfnRolePolicy(scope.let(CloudshiftdevConstructsConstruct.Companion::unwrap),
id, props.let(CfnRolePolicyProps.Companion::unwrap))
)
public constructor(
scope: CloudshiftdevConstructsConstruct,
id: String,
props: CfnRolePolicyProps.Builder.() -> Unit,
) : this(scope, id, CfnRolePolicyProps(props)
)
/**
* Examines the CloudFormation resource and discloses attributes.
*
* @param inspector tree inspector to collect and process attributes.
*/
public override fun inspect(inspector: TreeInspector) {
unwrap(this).inspect(inspector.let(TreeInspector.Companion::unwrap))
}
/**
* The policy document.
*/
public open fun policyDocument(): Any? = unwrap(this).getPolicyDocument()
/**
* The policy document.
*/
public open fun policyDocument(`value`: Any) {
unwrap(this).setPolicyDocument(`value`)
}
/**
* The name of the policy document.
*/
public open fun policyName(): String = unwrap(this).getPolicyName()
/**
* The name of the policy document.
*/
public open fun policyName(`value`: String) {
unwrap(this).setPolicyName(`value`)
}
/**
* The name of the role to associate the policy with.
*/
public open fun roleName(): String = unwrap(this).getRoleName()
/**
* The name of the role to associate the policy with.
*/
public open fun roleName(`value`: String) {
unwrap(this).setRoleName(`value`)
}
/**
* A fluent builder for [io.cloudshiftdev.awscdk.services.iam.CfnRolePolicy].
*/
@CdkDslMarker
public interface Builder {
/**
* The policy document.
*
* You must provide policies in JSON format in IAM. However, for AWS CloudFormation templates
* formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always
* converts a YAML policy to JSON format before submitting it to IAM.
*
* The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to
* validate this parameter is a string of characters consisting of the following:
*
* * Any printable ASCII character ranging from the space character ( `\u0020` ) through the end
* of the ASCII character range
* * The printable characters in the Basic Latin and Latin-1 Supplement character set (through
* `\u00FF` )
* * The special characters tab ( `\u0009` ), line feed ( `\u000A` ), and carriage return (
* `\u000D` )
*
* [Documentation](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-rolepolicy.html#cfn-iam-rolepolicy-policydocument)
* @param policyDocument The policy document.
*/
public fun policyDocument(policyDocument: Any)
/**
* The name of the policy document.
*
* This parameter allows (through its [regex
* pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters
* consisting of upper and lowercase alphanumeric characters with no spaces. You can also include
* any of the following characters: _+=,.@-
*
* [Documentation](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-rolepolicy.html#cfn-iam-rolepolicy-policyname)
* @param policyName The name of the policy document.
*/
public fun policyName(policyName: String)
/**
* The name of the role to associate the policy with.
*
* This parameter allows (through its [regex
* pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters
* consisting of upper and lowercase alphanumeric characters with no spaces. You can also include
* any of the following characters: _+=,.@-
*
* [Documentation](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-rolepolicy.html#cfn-iam-rolepolicy-rolename)
* @param roleName The name of the role to associate the policy with.
*/
public fun roleName(roleName: String)
}
private class BuilderImpl(
scope: SoftwareConstructsConstruct,
id: String,
) : Builder {
private val cdkBuilder: software.amazon.awscdk.services.iam.CfnRolePolicy.Builder =
software.amazon.awscdk.services.iam.CfnRolePolicy.Builder.create(scope, id)
/**
* The policy document.
*
* You must provide policies in JSON format in IAM. However, for AWS CloudFormation templates
* formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always
* converts a YAML policy to JSON format before submitting it to IAM.
*
* The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to
* validate this parameter is a string of characters consisting of the following:
*
* * Any printable ASCII character ranging from the space character ( `\u0020` ) through the end
* of the ASCII character range
* * The printable characters in the Basic Latin and Latin-1 Supplement character set (through
* `\u00FF` )
* * The special characters tab ( `\u0009` ), line feed ( `\u000A` ), and carriage return (
* `\u000D` )
*
* [Documentation](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-rolepolicy.html#cfn-iam-rolepolicy-policydocument)
* @param policyDocument The policy document.
*/
override fun policyDocument(policyDocument: Any) {
cdkBuilder.policyDocument(policyDocument)
}
/**
* The name of the policy document.
*
* This parameter allows (through its [regex
* pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters
* consisting of upper and lowercase alphanumeric characters with no spaces. You can also include
* any of the following characters: _+=,.@-
*
* [Documentation](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-rolepolicy.html#cfn-iam-rolepolicy-policyname)
* @param policyName The name of the policy document.
*/
override fun policyName(policyName: String) {
cdkBuilder.policyName(policyName)
}
/**
* The name of the role to associate the policy with.
*
* This parameter allows (through its [regex
* pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters
* consisting of upper and lowercase alphanumeric characters with no spaces. You can also include
* any of the following characters: _+=,.@-
*
* [Documentation](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-rolepolicy.html#cfn-iam-rolepolicy-rolename)
* @param roleName The name of the role to associate the policy with.
*/
override fun roleName(roleName: String) {
cdkBuilder.roleName(roleName)
}
public fun build(): software.amazon.awscdk.services.iam.CfnRolePolicy = cdkBuilder.build()
}
public companion object {
public val CFN_RESOURCE_TYPE_NAME: String =
software.amazon.awscdk.services.iam.CfnRolePolicy.CFN_RESOURCE_TYPE_NAME
public operator fun invoke(
scope: CloudshiftdevConstructsConstruct,
id: String,
block: Builder.() -> Unit = {},
): CfnRolePolicy {
val builderImpl = BuilderImpl(CloudshiftdevConstructsConstruct.unwrap(scope), id)
return CfnRolePolicy(builderImpl.apply(block).build())
}
internal fun wrap(cdkObject: software.amazon.awscdk.services.iam.CfnRolePolicy): CfnRolePolicy =
CfnRolePolicy(cdkObject)
internal fun unwrap(wrapped: CfnRolePolicy): software.amazon.awscdk.services.iam.CfnRolePolicy =
wrapped.cdkObject as software.amazon.awscdk.services.iam.CfnRolePolicy
}
}