aws-cdk-lib
Version 2 of the AWS Cloud Development Kit library
CfnUserPolicy
- Implements: IInspectable
Adds or updates an inline policy document that is embedded in the specified IAM user.
An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AWS::IAM::User . To create a new managed policy, use AWS::IAM::ManagedPolicy . For information about policies, see Managed policies and inline policies in the IAM User Guide .
For information about the maximum number of inline policies that you can embed in a user, see IAM and AWS STS quotas in the IAM User Guide .
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-userpolicy.html
Example
// The code below shows an example of how to instantiate this type.// The values are placeholders you should change.import software.amazon.awscdk.services.iam.*;Object policyDocument;CfnUserPolicy cfnUserPolicy = CfnUserPolicy.Builder.create(this, "MyCfnUserPolicy").policyName("policyName").userName("userName")// the properties below are optional.policyDocument(policyDocument).build();
import software.amazon.awscdk.services.iam.CfnUserPolicy;CfnUserPolicy.Builder.create(Construct scope, java.lang.String id).policyName(java.lang.String).userName(java.lang.String)// .policyDocument(java.lang.Object).build();
| Name | Type | Description |
|---|---|---|
scope | Construct | Scope in which this resource is defined. |
id | java.lang.String | Construct identifier for this resource (unique in its scope). |
policyName | java.lang.String | The name of the policy document. |
userName | java.lang.String | The name of the user to associate the policy with. |
policyDocument | java.lang.Object | The policy document. |
- Type: Construct
Scope in which this resource is defined.
- Type: java.lang.String
Construct identifier for this resource (unique in its scope).
- Type: java.lang.String
The name of the policy document.
This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
- Type: java.lang.String
The name of the user to associate the policy with.
This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
- Type: java.lang.Object
The policy document.
You must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.
The regex pattern used to validate this parameter is a string of characters consisting of the following:
- Any printable ASCII character ranging from the space character (
\u0020) through the end of the ASCII character range - The printable characters in the Basic Latin and Latin-1 Supplement character set (through
\u00FF) - The special characters tab (
\u0009), line feed (\u000A), and carriage return (\u000D)
| Name | Description |
|---|---|
toString | Returns a string representation of this construct. |
overrideLogicalId | Overrides the auto-generated logical ID with a specific ID. |
addDeletionOverride | Syntactic sugar for addOverride(path, undefined). |
addDependency | Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. |
addDependsOn | Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. |
addMetadata | Add a value to the CloudFormation Resource Metadata. |
addOverride | Adds an override to the synthesized CloudFormation resource. |
addPropertyDeletionOverride | Adds an override that deletes the value of a property from the resource definition. |
addPropertyOverride | Adds an override to a resource property. |
applyRemovalPolicy | Sets the deletion policy of the resource based on the removal policy specified. |
getAtt | Returns a token for an runtime attribute of this resource. |
getMetadata | Retrieve a value value from the CloudFormation Resource Metadata. |
obtainDependencies | Retrieves an array of resources this resource depends on. |
obtainResourceDependencies | Get a shallow copy of dependencies between this resource and other resources in the same stack. |
removeDependency | Indicates that this resource no longer depends on another resource. |
replaceDependency | Replaces one dependency with another. |
inspect | Examines the CloudFormation resource and discloses attributes. |
public java.lang.String toString()
Returns a string representation of this construct.
public void overrideLogicalId(java.lang.String newLogicalId)
Overrides the auto-generated logical ID with a specific ID.
- Type: java.lang.String
The new logical ID to use for this stack element.
public void addDeletionOverride(java.lang.String path)
Syntactic sugar for addOverride(path, undefined).
- Type: java.lang.String
The path of the value to delete.
public void addDependency(CfnResource target)
Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
This can be used for resources across stacks (or nested stack) boundaries and the dependency will automatically be transferred to the relevant scope.
- Type: CfnResource
public void addDependsOn(CfnResource target)
Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
- Type: CfnResource
public void addMetadata(java.lang.String key, java.lang.Object value)
Add a value to the CloudFormation Resource Metadata.
[https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.)
- Type: java.lang.String
- Type: java.lang.Object
public void addOverride(java.lang.String path, java.lang.Object value)
Adds an override to the synthesized CloudFormation resource.
To add a
property override, either use addPropertyOverride or prefix path with
"Properties." (i.e. Properties.TopicName).
If the override is nested, separate each nested level using a dot (.) in the path parameter. If there is an array as part of the nesting, specify the index in the path.
To include a literal . in the property name, prefix with a \. In most
programming languages you will need to write this as "\\." because the
\ itself will need to be escaped.
For example,
cfnResource.addOverride("Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes", List.of("myattribute"));cfnResource.addOverride("Properties.GlobalSecondaryIndexes.1.ProjectionType", "INCLUDE");
would add the overrides
"Properties": {"GlobalSecondaryIndexes": [{"Projection": {"NonKeyAttributes": [ "myattribute" ]...}...},{"ProjectionType": "INCLUDE"...},]...}
The value argument to addOverride will not be processed or translated
in any way. Pass raw JSON values in here with the correct capitalization
for CloudFormation. If you pass CDK classes or structs, they will be
rendered with lowercased key names, and CloudFormation will reject the
template.
- Type: java.lang.String
The path of the property, you can use dot notation to override values in complex types.
Any intermediate keys will be created as needed.
- Type: java.lang.Object
The value.
Could be primitive or complex.
public void addPropertyDeletionOverride(java.lang.String propertyPath)
Adds an override that deletes the value of a property from the resource definition.
- Type: java.lang.String
The path to the property.
public void addPropertyOverride(java.lang.String propertyPath, java.lang.Object value)
Adds an override to a resource property.
Syntactic sugar for addOverride("Properties.<...>", value).
- Type: java.lang.String
The path of the property.
- Type: java.lang.Object
The value.
public void applyRemovalPolicy()public void applyRemovalPolicy(RemovalPolicy policy)public void applyRemovalPolicy(RemovalPolicy policy, RemovalPolicyOptions options)
Sets the deletion policy of the resource based on the removal policy specified.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN). In some
cases, a snapshot can be taken of the resource prior to deletion
(RemovalPolicy.SNAPSHOT). A list of resources that support this policy
can be found in the following link:
- Type: RemovalPolicy
- Type: RemovalPolicyOptions
public Reference getAtt(java.lang.String attributeName)public Reference getAtt(java.lang.String attributeName, ResolutionTypeHint typeHint)
Returns a token for an runtime attribute of this resource.
Ideally, use generated attribute accessors (e.g. resource.arn), but this can be used for future compatibility
in case there is no generated attribute.
- Type: java.lang.String
The name of the attribute.
- Type: ResolutionTypeHint
public java.lang.Object getMetadata(java.lang.String key)
Retrieve a value value from the CloudFormation Resource Metadata.
[https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.)
- Type: java.lang.String
public java.util.List<Stack OR CfnResource> obtainDependencies()
Retrieves an array of resources this resource depends on.
This assembles dependencies on resources across stacks (including nested stacks) automatically.
public java.util.List<CfnResource> obtainResourceDependencies()
Get a shallow copy of dependencies between this resource and other resources in the same stack.
public void removeDependency(CfnResource target)
Indicates that this resource no longer depends on another resource.
This can be used for resources across stacks (including nested stacks) and the dependency will automatically be removed from the relevant scope.
- Type: CfnResource
public void replaceDependency(CfnResource target, CfnResource newTarget)
Replaces one dependency with another.
- Type: CfnResource
The dependency to replace.
- Type: CfnResource
The new dependency to add.
public void inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
- Type: TreeInspector
tree inspector to collect and process attributes.
| Name | Description |
|---|---|
isConstruct | Checks if x is a construct. |
isCfnElement | Returns true if a construct is a stack element (i.e. part of the synthesized cloudformation template). |
isCfnResource | Check whether the given object is a CfnResource. |
import software.amazon.awscdk.services.iam.CfnUserPolicy;CfnUserPolicy.isConstruct(java.lang.Object x)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
- Type: java.lang.Object
Any object.
import software.amazon.awscdk.services.iam.CfnUserPolicy;CfnUserPolicy.isCfnElement(java.lang.Object x)
Returns true if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of instanceof to allow stack elements from different
versions of this library to be included in the same stack.
- Type: java.lang.Object
import software.amazon.awscdk.services.iam.CfnUserPolicy;CfnUserPolicy.isCfnResource(java.lang.Object x)
Check whether the given object is a CfnResource.
- Type: java.lang.Object
| Name | Type | Description |
|---|---|---|
node | Node | The tree node. |
creationStack | java.util.List<java.lang.String> | No description. |
logicalId | java.lang.String | The logical ID for this CloudFormation stack element. |
stack | Stack | The stack in which this element is defined. |
ref | java.lang.String | Return a string that will be resolved to a CloudFormation { Ref } for this element. |
cfnOptions | ICfnResourceOptions | Options for this resource, such as condition, update policy etc. |
cfnResourceType | java.lang.String | AWS resource type. |
policyName | java.lang.String | The name of the policy document. |
userName | java.lang.String | The name of the user to associate the policy with. |
policyDocument | java.lang.Object | The policy document. |
public Node getNode();
- Type: Node
The tree node.
public java.util.List<java.lang.String> getCreationStack();
- Type: java.util.List<java.lang.String>
public java.lang.String getLogicalId();
- Type: java.lang.String
The logical ID for this CloudFormation stack element.
The logical ID of the element is calculated from the path of the resource node in the construct tree.
To override this value, use overrideLogicalId(newLogicalId).
public Stack getStack();
- Type: Stack
The stack in which this element is defined.
CfnElements must be defined within a stack scope (directly or indirectly).
public java.lang.String getRef();
- Type: java.lang.String
Return a string that will be resolved to a CloudFormation { Ref } for this element.
If, by any chance, the intrinsic reference of a resource is not a string, you could
coerce it to an IResolvable through Lazy.any({ produce: resource.ref }).
public ICfnResourceOptions getCfnOptions();
- Type: ICfnResourceOptions
Options for this resource, such as condition, update policy etc.
public java.lang.String getCfnResourceType();
- Type: java.lang.String
AWS resource type.
public java.lang.String getPolicyName();
- Type: java.lang.String
The name of the policy document.
public java.lang.String getUserName();
- Type: java.lang.String
The name of the user to associate the policy with.
public java.lang.Object getPolicyDocument();
- Type: java.lang.Object
The policy document.
| Name | Type | Description |
|---|---|---|
CFN_RESOURCE_TYPE_NAME | java.lang.String | The CloudFormation resource type name for this resource class. |
public java.lang.String getCfnResourceTypeName();
- Type: java.lang.String
The CloudFormation resource type name for this resource class.
Use the snippets below in your Git repositories or elsewhere to add a button that links to this package. The button will automatically update to light mode or dark mode based on whether the user's client has requested a light or dark theme.
[](https://construct-hub-testing.dev-tools.aws.dev/packages/aws-cdk-lib)
<a href="https://construct-hub-testing.dev-tools.aws.dev/packages/aws-cdk-lib"><img src="https://construct-hub-testing.dev-tools.aws.dev/badge?package=aws-cdk-lib" alt="View on Construct Hub"/></a>