{ "fingerprint": "cko8kC8CJtEvlfHShkKJ4HGaqUW6D8UrQph49+lijj4=", "author": { "name": "Amazon Web Services", "organization": true, "roles": [ "author" ], "url": "https://aws.amazon.com" }, "dependencies": { "@aws-cdk/cdk": { "dependencies": { "@aws-cdk/cx-api": { "targets": { "java": { "maven": { "artifactId": "cdk-cx-api", "groupId": "software.amazon.awscdk" }, "package": "software.amazon.awscdk.cxapi" }, "js": { "npm": "@aws-cdk/cx-api" } }, "version": "0.8.2" } }, "targets": { "java": { "maven": { "artifactId": "cdk", "groupId": "software.amazon.awscdk" }, "package": "software.amazon.awscdk" }, "js": { "npm": "@aws-cdk/cdk" } }, "version": "0.8.2" } }, "description": "CDK routines for easily assigning correct and minimal IAM permissions", "homepage": "https://github.com/awslabs/aws-cdk", "license": "Apache-2.0", "name": "@aws-cdk/aws-iam", "readme": { "markdown": "## AWS IAM Construct Library\n\nDefine a role and add permissions to it. This will automatically create and\nattach an IAM policy to the role:\n\n```ts\nconst role = new Role(this, 'MyRole', {\n assumedBy: new ServicePrincipal('sns.amazonaws.com')\n});\nrole.addPermission(new Permission('*', 'lambda:InvokeFunction'));\n```\n\nDefine a policy and attach it to groups, users and roles. Note that it is possible to attach\nthe policy either by calling `xxx.attachPolicy(policy)` or `policy.attachToXxx(xxx)`.\n\n```ts\nconst user = new User(this, 'MyUser', { password: '1234' });\nconst group = new Group(this, 'MyGroup');\n\nconst policy = new Policy(this, 'MyPolicy');\npolicy.attachToUser(user);\ngroup.attachPolicy(policy);\n```\n\nManaged policies can be attached using `xxx.attachManagedPolicy(arn)`:\n\n```ts\nconst group = new Group(this, 'MyGroup');\ngroup.attachManagedPolicy('arn:aws:iam::aws:policy/AdministratorAccess');\n```\n\n### Features\n\n * Policy name uniqueness is enforced. If two policies by the same name are attached to the same\n principal, the attachment will fail.\n * Policy names are not required - the CDK logical ID will be used and ensured to be unique.\n" }, "repository": { "type": "git", "url": "https://github.com/awslabs/aws-cdk.git" }, "schema": "jsii/1.0", "targets": { "java": { "maven": { "artifactId": "iam", "groupId": "software.amazon.awscdk" }, "package": "software.amazon.awscdk.services.iam" }, "js": { "npm": "@aws-cdk/aws-iam" } }, "types": { "@aws-cdk/aws-iam.AccessKeySecretAccessKey": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Token" }, "fqn": "@aws-cdk/aws-iam.AccessKeySecretAccessKey", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "AccessKeySecretAccessKey", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.Group": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Construct" }, "fqn": "@aws-cdk/aws-iam.Group", "initializer": { "initializer": true, "parameters": [ { "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "name": "name", "type": { "primitive": "string" } }, { "name": "props", "type": { "fqn": "@aws-cdk/aws-iam.GroupProps", "optional": true } } ] }, "interfaces": [ { "fqn": "@aws-cdk/aws-iam.IIdentityResource" }, { "fqn": "@aws-cdk/aws-iam.IPrincipal" } ], "kind": "class", "methods": [ { "docs": { "comment": "Attaches a managed policy to this group." }, "name": "attachManagedPolicy", "parameters": [ { "docs": { "comment": "The ARN of the managed policy to attach." }, "name": "arn", "type": { "primitive": "any" } } ] }, { "docs": { "comment": "Attaches a policy to this group." }, "name": "attachInlinePolicy", "parameters": [ { "docs": { "comment": "The policy to attach." }, "name": "policy", "type": { "fqn": "@aws-cdk/aws-iam.Policy" } } ] }, { "docs": { "comment": "Adds a user to this group." }, "name": "addUser", "parameters": [ { "name": "user", "type": { "fqn": "@aws-cdk/aws-iam.User" } } ] }, { "docs": { "comment": "Adds an IAM statement to the default policy." }, "name": "addToPolicy", "parameters": [ { "name": "statement", "type": { "fqn": "@aws-cdk/cdk.PolicyStatement" } } ] } ], "name": "Group", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "The runtime name of this group." }, "immutable": true, "name": "groupName", "type": { "fqn": "@aws-cdk/aws-iam.GroupName" } }, { "docs": { "comment": "The ARN of this group." }, "immutable": true, "name": "groupArn", "type": { "fqn": "@aws-cdk/aws-iam.GroupArn" } }, { "docs": { "comment": "An \"AWS\" policy principal that represents this group." }, "immutable": true, "name": "principal", "type": { "fqn": "@aws-cdk/cdk.PolicyPrincipal" } } ] }, "@aws-cdk/aws-iam.GroupArn": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Arn" }, "fqn": "@aws-cdk/aws-iam.GroupArn", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "GroupArn", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.GroupName": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Token" }, "fqn": "@aws-cdk/aws-iam.GroupName", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "GroupName", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.GroupProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "fqn": "@aws-cdk/aws-iam.GroupProps", "kind": "interface", "name": "GroupProps", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "A name for the IAM group. For valid values, see the GroupName parameter\nfor the CreateGroup action in the IAM API Reference. If you don't specify\na name, AWS CloudFormation generates a unique physical ID and uses that\nID for the group name.\n\nIf you specify a name, you must specify the CAPABILITY_NAMED_IAM value to\nacknowledge your template's capabilities. For more information, see\nAcknowledging IAM Resources in AWS CloudFormation Templates.", "default": "Generated by CloudFormation (recommended)" }, "name": "groupName", "type": { "optional": true, "primitive": "string" } }, { "docs": { "comment": "A list of ARNs for managed policies associated with group.", "default": "No managed policies." }, "name": "managedPolicyArns", "type": { "collection": { "elementtype": { "primitive": "any" }, "kind": "array" }, "optional": true } }, { "docs": { "comment": "The path to the group. For more information about paths, see [IAM\nIdentifiers](http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html?Using_Identifiers.html)\nin the IAM User Guide." }, "name": "path", "type": { "optional": true, "primitive": "string" } } ] }, "@aws-cdk/aws-iam.IIdentityResource": { "assembly": "@aws-cdk/aws-iam", "docs": { "deprecated": "Use IPrincipal" }, "fqn": "@aws-cdk/aws-iam.IIdentityResource", "interfaces": [ { "fqn": "@aws-cdk/aws-iam.IPrincipal" } ], "kind": "interface", "name": "IIdentityResource", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.IPrincipal": { "assembly": "@aws-cdk/aws-iam", "docs": { "comment": "A construct that represents an IAM principal, such as a user, group or role." }, "fqn": "@aws-cdk/aws-iam.IPrincipal", "kind": "interface", "methods": [ { "docs": { "comment": "Adds an IAM statement to the default inline policy associated with this\nprincipal. If a policy doesn't exist, it is created." }, "name": "addToPolicy", "parameters": [ { "name": "statement", "type": { "fqn": "@aws-cdk/cdk.PolicyStatement" } } ] }, { "docs": { "comment": "Attaches an inline policy to this principal.\nThis is the same as calling `policy.addToXxx(principal)`." }, "name": "attachInlinePolicy", "parameters": [ { "docs": { "comment": "The policy resource to attach to this principal." }, "name": "policy", "type": { "fqn": "@aws-cdk/aws-iam.Policy" } } ] }, { "docs": { "comment": "Attaches a managed policy to this principal." }, "name": "attachManagedPolicy", "parameters": [ { "docs": { "comment": "The ARN of the managed policy" }, "name": "arn", "type": { "primitive": "any" } } ] } ], "name": "IPrincipal", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "The IAM principal of this identity (i.e. AWS principal, service principal, etc)." }, "immutable": true, "name": "principal", "type": { "fqn": "@aws-cdk/cdk.PolicyPrincipal" } } ] }, "@aws-cdk/aws-iam.InstanceProfileArn": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Arn" }, "fqn": "@aws-cdk/aws-iam.InstanceProfileArn", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "InstanceProfileArn", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.Policy": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Construct" }, "docs": { "comment": "The AWS::IAM::Policy resource associates an IAM policy with IAM users, roles,\nor groups. For more information about IAM policies, see [Overview of IAM\nPolicies](http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html)\nin the IAM User Guide guide." }, "fqn": "@aws-cdk/aws-iam.Policy", "initializer": { "initializer": true, "parameters": [ { "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "name": "name", "type": { "primitive": "string" } }, { "name": "props", "type": { "fqn": "@aws-cdk/aws-iam.PolicyProps", "optional": true } } ] }, "interfaces": [ { "fqn": "@aws-cdk/cdk.IDependable" } ], "kind": "class", "methods": [ { "docs": { "comment": "Adds a statement to the policy document." }, "name": "addStatement", "parameters": [ { "name": "statement", "type": { "fqn": "@aws-cdk/cdk.PolicyStatement" } } ] }, { "docs": { "comment": "Attaches this policy to a user." }, "name": "attachToUser", "parameters": [ { "name": "user", "type": { "fqn": "@aws-cdk/aws-iam.User" } } ] }, { "docs": { "comment": "Attaches this policy to a role." }, "name": "attachToRole", "parameters": [ { "name": "role", "type": { "fqn": "@aws-cdk/aws-iam.Role" } } ] }, { "docs": { "comment": "Attaches this policy to a group." }, "name": "attachToGroup", "parameters": [ { "name": "group", "type": { "fqn": "@aws-cdk/aws-iam.Group" } } ] }, { "docs": { "comment": "This method can be implemented by derived constructs in order to perform\nvalidation logic. It is called on all constructs before synthesis." }, "name": "validate", "returns": { "collection": { "elementtype": { "primitive": "string" }, "kind": "array" } } } ], "name": "Policy", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "The policy document." }, "immutable": true, "name": "document", "type": { "fqn": "@aws-cdk/cdk.PolicyDocument" } }, { "docs": { "comment": "The name of this policy." }, "immutable": true, "name": "policyName", "type": { "primitive": "string" } }, { "docs": { "comment": "Lists all the elements consumers should \"depend-on\"." }, "immutable": true, "name": "dependencyElements", "type": { "collection": { "elementtype": { "fqn": "@aws-cdk/cdk.IDependable" }, "kind": "array" } } } ] }, "@aws-cdk/aws-iam.PolicyProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "fqn": "@aws-cdk/aws-iam.PolicyProps", "kind": "interface", "name": "PolicyProps", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "The name of the policy. If you specify multiple policies for an entity,\nspecify unique names. For example, if you specify a list of policies for\nan IAM role, each policy must have a unique name.", "default": "Uses the logical ID of the policy resource, which is ensured to\nbe unique within the stack." }, "name": "policyName", "type": { "optional": true, "primitive": "string" } }, { "docs": { "comment": "Users to attach this policy to.\nYou can also use `attachToUser(user)` to attach this policy to a user." }, "name": "users", "type": { "collection": { "elementtype": { "fqn": "@aws-cdk/aws-iam.User" }, "kind": "array" }, "optional": true } }, { "docs": { "comment": "Roles to attach this policy to.\nYou can also use `attachToRole(role)` to attach this policy to a role." }, "name": "roles", "type": { "collection": { "elementtype": { "fqn": "@aws-cdk/aws-iam.Role" }, "kind": "array" }, "optional": true } }, { "docs": { "comment": "Groups to attach this policy to.\nYou can also use `attachToGroup(group)` to attach this policy to a group." }, "name": "groups", "type": { "collection": { "elementtype": { "fqn": "@aws-cdk/aws-iam.Group" }, "kind": "array" }, "optional": true } }, { "docs": { "comment": "Initial set of permissions to add to this policy document.\nYou can also use `addPermission(statement)` to add permissions later." }, "name": "statements", "type": { "collection": { "elementtype": { "fqn": "@aws-cdk/cdk.PolicyStatement" }, "kind": "array" }, "optional": true } } ] }, "@aws-cdk/aws-iam.Role": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Construct" }, "docs": { "comment": "IAM Role\n\nDefines an IAM role. The role is created with an assume policy document associated with\nthe specified AWS service principal defined in `serviceAssumeRole`." }, "fqn": "@aws-cdk/aws-iam.Role", "initializer": { "initializer": true, "parameters": [ { "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "name": "name", "type": { "primitive": "string" } }, { "name": "props", "type": { "fqn": "@aws-cdk/aws-iam.RoleProps" } } ] }, "interfaces": [ { "fqn": "@aws-cdk/aws-iam.IIdentityResource" }, { "fqn": "@aws-cdk/aws-iam.IPrincipal" }, { "fqn": "@aws-cdk/cdk.IDependable" } ], "kind": "class", "methods": [ { "docs": { "comment": "Adds a permission to the role's default policy document.\nIf there is no default policy attached to this role, it will be created." }, "name": "addToPolicy", "parameters": [ { "name": "statement", "type": { "fqn": "@aws-cdk/cdk.PolicyStatement" } } ] }, { "docs": { "comment": "Attaches a managed policy to this role." }, "name": "attachManagedPolicy", "parameters": [ { "docs": { "comment": "The ARN of the managed policy to attach." }, "name": "arn", "type": { "primitive": "any" } } ] }, { "docs": { "comment": "Attaches a policy to this role." }, "name": "attachInlinePolicy", "parameters": [ { "docs": { "comment": "The policy to attach" }, "name": "policy", "type": { "fqn": "@aws-cdk/aws-iam.Policy" } } ] } ], "name": "Role", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "The assume role policy document associated with this role." }, "immutable": true, "name": "assumeRolePolicy", "type": { "fqn": "@aws-cdk/cdk.PolicyDocument", "optional": true } }, { "docs": { "comment": "Returns the ARN of this role." }, "immutable": true, "name": "roleArn", "type": { "fqn": "@aws-cdk/aws-iam.RoleArn" } }, { "docs": { "comment": "Returns the name of the role." }, "immutable": true, "name": "roleName", "type": { "fqn": "@aws-cdk/aws-iam.RoleName" } }, { "docs": { "comment": "Returns the ARN of this role." }, "immutable": true, "name": "principal", "type": { "fqn": "@aws-cdk/cdk.PolicyPrincipal" } }, { "docs": { "comment": "Returns the role." }, "immutable": true, "name": "dependencyElements", "type": { "collection": { "elementtype": { "fqn": "@aws-cdk/cdk.IDependable" }, "kind": "array" } } } ] }, "@aws-cdk/aws-iam.RoleArn": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Arn" }, "fqn": "@aws-cdk/aws-iam.RoleArn", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "RoleArn", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.RoleId": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Token" }, "fqn": "@aws-cdk/aws-iam.RoleId", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "RoleId", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.RoleName": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Token" }, "fqn": "@aws-cdk/aws-iam.RoleName", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "RoleName", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.RoleProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "fqn": "@aws-cdk/aws-iam.RoleProps", "kind": "interface", "name": "RoleProps", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "The IAM principal (i.e. `new ServicePrincipal('sns.amazonaws.com')`)\nwhich can assume this role.\n\nYou can later modify the assume role policy document by accessing it via\nthe `assumeRolePolicy` property." }, "name": "assumedBy", "type": { "fqn": "@aws-cdk/cdk.PolicyPrincipal" } }, { "docs": { "comment": "A list of ARNs for managed policies associated with this role.\nYou can add managed policies later using `addManagedPolicy(arn)`.", "default": "No managed policies." }, "name": "managedPolicyArns", "type": { "collection": { "elementtype": { "primitive": "any" }, "kind": "array" }, "optional": true } }, { "docs": { "comment": "The path associated with this role. For information about IAM paths, see\nFriendly Names and Paths in IAM User Guide." }, "name": "path", "type": { "optional": true, "primitive": "string" } }, { "docs": { "comment": "A name for the IAM role. For valid values, see the RoleName parameter for\nthe CreateRole action in the IAM API Reference. If you don't specify a\nname, AWS CloudFormation generates a unique physical ID and uses that ID\nfor the group name.\n\nIMPORTANT: If you specify a name, you cannot perform updates that require\nreplacement of this resource. You can perform updates that require no or\nsome interruption. If you must replace the resource, specify a new name.\n\nIf you specify a name, you must specify the CAPABILITY_NAMED_IAM value to\nacknowledge your template's capabilities. For more information, see\nAcknowledging IAM Resources in AWS CloudFormation Templates." }, "name": "roleName", "type": { "optional": true, "primitive": "string" } }, { "docs": { "comment": "The maximum session duration (in seconds) that you want to set for the\nspecified role. If you do not specify a value for this setting, the\ndefault maximum of one hour is applied. This setting can have a value\nfrom 1 hour (3600sec) to 12 (43200sec) hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the\nDurationSeconds API parameter or the duration-seconds CLI parameter to\nrequest a longer session. The MaxSessionDuration setting determines the\nmaximum duration that can be requested using the DurationSeconds\nparameter.\n\nIf users don't specify a value for the DurationSeconds parameter, their\nsecurity credentials are valid for one hour by default. This applies when\nyou use the AssumeRole* API operations or the assume-role* CLI operations\nbut does not apply when you use those operations to create a console URL.", "link": "https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html" }, "name": "maxSessionDurationSec", "type": { "optional": true, "primitive": "number" } } ] }, "@aws-cdk/aws-iam.User": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Construct" }, "fqn": "@aws-cdk/aws-iam.User", "initializer": { "initializer": true, "parameters": [ { "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "name": "name", "type": { "primitive": "string" } }, { "name": "props", "type": { "fqn": "@aws-cdk/aws-iam.UserProps", "optional": true } } ] }, "interfaces": [ { "fqn": "@aws-cdk/aws-iam.IIdentityResource" }, { "fqn": "@aws-cdk/aws-iam.IPrincipal" } ], "kind": "class", "methods": [ { "docs": { "comment": "Adds this user to a group." }, "name": "addToGroup", "parameters": [ { "name": "group", "type": { "fqn": "@aws-cdk/aws-iam.Group" } } ] }, { "docs": { "comment": "Attaches a managed policy to the user." }, "name": "attachManagedPolicy", "parameters": [ { "docs": { "comment": "The ARN of the managed policy to attach." }, "name": "arn", "type": { "primitive": "any" } } ] }, { "docs": { "comment": "Attaches a policy to this user." }, "name": "attachInlinePolicy", "parameters": [ { "name": "policy", "type": { "fqn": "@aws-cdk/aws-iam.Policy" } } ] }, { "docs": { "comment": "Adds an IAM statement to the default policy." }, "name": "addToPolicy", "parameters": [ { "name": "statement", "type": { "fqn": "@aws-cdk/cdk.PolicyStatement" } } ] } ], "name": "User", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "An attribute that represents the user name." }, "immutable": true, "name": "userName", "type": { "fqn": "@aws-cdk/aws-iam.UserName" } }, { "docs": { "comment": "An attribute that represents the user's ARN." }, "immutable": true, "name": "userArn", "type": { "fqn": "@aws-cdk/aws-iam.UserArn" } }, { "docs": { "comment": "Returns the ARN of this user." }, "immutable": true, "name": "principal", "type": { "fqn": "@aws-cdk/cdk.PolicyPrincipal" } } ] }, "@aws-cdk/aws-iam.UserArn": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Arn" }, "fqn": "@aws-cdk/aws-iam.UserArn", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "UserArn", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.UserName": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Token" }, "fqn": "@aws-cdk/aws-iam.UserName", "initializer": { "docs": { "comment": "Creates a token that resolves to `value`.\n\nIf value is a function, the function is evaluated upon resolution and\nthe value it returns will be used as the token's value.\n\ndisplayName is used to represent the Token when it's embedded into a string; it\nwill look something like this:\n\n \"embedded in a larger string is ${Token[DISPLAY_NAME.123]}\"\n\nThis value is used as a hint to humans what the meaning of the Token is,\nand does not have any effect on the evaluation.\n\nMust contain only alphanumeric and simple separator characters (_.:-)." }, "initializer": true, "parameters": [ { "docs": { "comment": "What this token will evaluate to, literal or function." }, "name": "valueOrFunction", "type": { "optional": true, "primitive": "any" } }, { "docs": { "comment": "A human-readable display hint for this Token" }, "name": "displayName", "type": { "optional": true, "primitive": "string" } } ] }, "kind": "class", "name": "UserName", "namespace": "@aws-cdk/aws-iam" }, "@aws-cdk/aws-iam.UserProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "fqn": "@aws-cdk/aws-iam.UserProps", "kind": "interface", "name": "UserProps", "namespace": "@aws-cdk/aws-iam", "properties": [ { "docs": { "comment": "Groups to add this user to. You can also use `addToGroup` to add this\nuser to a group." }, "name": "groups", "type": { "collection": { "elementtype": { "fqn": "@aws-cdk/aws-iam.Group" }, "kind": "array" }, "optional": true } }, { "docs": { "comment": "A list of ARNs for managed policies attacherd to this user.\nYou can use `addManagedPolicy(arn)` to attach a managed policy to this user.", "default": "No managed policies." }, "name": "managedPolicyArns", "type": { "collection": { "elementtype": { "primitive": "any" }, "kind": "array" }, "optional": true } }, { "docs": { "comment": "The path for the user name. For more information about paths, see IAM\nIdentifiers in the IAM User Guide." }, "name": "path", "type": { "optional": true, "primitive": "string" } }, { "docs": { "comment": "A name for the IAM user. For valid values, see the UserName parameter for\nthe CreateUser action in the IAM API Reference. If you don't specify a\nname, AWS CloudFormation generates a unique physical ID and uses that ID\nfor the user name.\n\nIf you specify a name, you cannot perform updates that require\nreplacement of this resource. You can perform updates that require no or\nsome interruption. If you must replace the resource, specify a new name.\n\nIf you specify a name, you must specify the CAPABILITY_NAMED_IAM value to\nacknowledge your template's capabilities. For more information, see\nAcknowledging IAM Resources in AWS CloudFormation Templates.", "default": "Generated by CloudFormation (recommended)" }, "name": "userName", "type": { "optional": true, "primitive": "string" } }, { "docs": { "comment": "The password for the user. This is required so the user can access the\nAWS Management Console.", "default": "User won't be able to access the management console without a password." }, "name": "password", "type": { "optional": true, "primitive": "string" } }, { "docs": { "comment": "Specifies whether the user is required to set a new password the next\ntime the user logs in to the AWS Management Console.\n\nIf this is set to 'true', you must also specify \"initialPassword\".", "default": "false" }, "name": "passwordResetRequired", "type": { "optional": true, "primitive": "boolean" } } ] }, "@aws-cdk/aws-iam.cloudformation.AccessKeyResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.AccessKeyResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::AccessKey``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``AccessKeyResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``AccessKeyResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.AccessKeyResourceProps" } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "AccessKeyResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } }, { "docs": { "cloudformation_attribute": "SecretAccessKey" }, "immutable": true, "name": "accessKeySecretAccessKey", "type": { "fqn": "@aws-cdk/aws-iam.AccessKeySecretAccessKey" } } ] }, "@aws-cdk/aws-iam.cloudformation.AccessKeyResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.AccessKeyResourceProps", "kind": "interface", "name": "AccessKeyResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::AccessKey.UserName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html#cfn-iam-accesskey-username" }, "name": "userName", "type": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::AccessKey.Serial``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html#cfn-iam-accesskey-serial" }, "name": "serial", "type": { "optional": true, "union": { "types": [ { "primitive": "number" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::AccessKey.Status``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html#cfn-iam-accesskey-status" }, "name": "status", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.GroupResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.GroupResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::Group``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``GroupResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``GroupResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.GroupResourceProps", "optional": true } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "GroupResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } }, { "docs": { "cloudformation_attribute": "Arn" }, "immutable": true, "name": "groupArn", "type": { "fqn": "@aws-cdk/aws-iam.GroupArn" } } ], "subtypes": [ "@aws-cdk/aws-iam.cloudformation.GroupResource.PolicyProperty" ] }, "@aws-cdk/aws-iam.cloudformation.GroupResource.PolicyProperty": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.GroupResource.PolicyProperty", "kind": "interface", "name": "PolicyProperty", "namespace": "@aws-cdk/aws-iam.cloudformation.GroupResource", "parenttype": "@aws-cdk/aws-iam.cloudformation.GroupResource", "properties": [ { "docs": { "comment": "``GroupResource.PolicyProperty.PolicyDocument``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html#cfn-iam-policies-policydocument" }, "name": "policyDocument", "type": { "union": { "types": [ { "primitive": "json" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``GroupResource.PolicyProperty.PolicyName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html#cfn-iam-policies-policyname" }, "name": "policyName", "type": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.GroupResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.GroupResourceProps", "kind": "interface", "name": "GroupResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::Group.GroupName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html#cfn-iam-group-groupname" }, "name": "groupName", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::Group.ManagedPolicyArns``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html#cfn-iam-group-managepolicyarns" }, "name": "managedPolicyArns", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::Group.Path``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html#cfn-iam-group-path" }, "name": "path", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::Group.Policies``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html#cfn-iam-group-policies" }, "name": "policies", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "fqn": "@aws-cdk/aws-iam.cloudformation.GroupResource.PolicyProperty" } ] } }, "kind": "array" } } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.InstanceProfileResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.InstanceProfileResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::InstanceProfile``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``InstanceProfileResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``InstanceProfileResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.InstanceProfileResourceProps" } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "InstanceProfileResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } }, { "docs": { "cloudformation_attribute": "Arn" }, "immutable": true, "name": "instanceProfileArn", "type": { "fqn": "@aws-cdk/aws-iam.InstanceProfileArn" } } ] }, "@aws-cdk/aws-iam.cloudformation.InstanceProfileResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.InstanceProfileResourceProps", "kind": "interface", "name": "InstanceProfileResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::InstanceProfile.Roles``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html#cfn-iam-instanceprofile-roles" }, "name": "roles", "type": { "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::InstanceProfile.InstanceProfileName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html#cfn-iam-instanceprofile-instanceprofilename" }, "name": "instanceProfileName", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::InstanceProfile.Path``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html#cfn-iam-instanceprofile-path" }, "name": "path", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.ManagedPolicyResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.ManagedPolicyResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::ManagedPolicy``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``ManagedPolicyResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``ManagedPolicyResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.ManagedPolicyResourceProps" } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "ManagedPolicyResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } } ] }, "@aws-cdk/aws-iam.cloudformation.ManagedPolicyResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.ManagedPolicyResourceProps", "kind": "interface", "name": "ManagedPolicyResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::ManagedPolicy.PolicyDocument``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-policydocument" }, "name": "policyDocument", "type": { "union": { "types": [ { "primitive": "json" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::ManagedPolicy.Description``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-description" }, "name": "description", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::ManagedPolicy.Groups``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-groups" }, "name": "groups", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::ManagedPolicy.ManagedPolicyName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-managedpolicyname" }, "name": "managedPolicyName", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::ManagedPolicy.Path``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-ec2-dhcpoptions-path" }, "name": "path", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::ManagedPolicy.Roles``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-roles" }, "name": "roles", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::ManagedPolicy.Users``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-managedpolicy.html#cfn-iam-managedpolicy-users" }, "name": "users", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.PolicyResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.PolicyResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::Policy``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``PolicyResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``PolicyResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.PolicyResourceProps" } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "PolicyResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } } ] }, "@aws-cdk/aws-iam.cloudformation.PolicyResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.PolicyResourceProps", "kind": "interface", "name": "PolicyResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::Policy.PolicyDocument``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument" }, "name": "policyDocument", "type": { "union": { "types": [ { "primitive": "json" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::Policy.PolicyName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policyname" }, "name": "policyName", "type": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::Policy.Groups``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-groups" }, "name": "groups", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::Policy.Roles``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-roles" }, "name": "roles", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::Policy.Users``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-users" }, "name": "users", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.RoleResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.RoleResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::Role``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``RoleResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``RoleResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.RoleResourceProps" } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "RoleResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } }, { "docs": { "cloudformation_attribute": "Arn" }, "immutable": true, "name": "roleArn", "type": { "fqn": "@aws-cdk/aws-iam.RoleArn" } }, { "docs": { "cloudformation_attribute": "RoleId" }, "immutable": true, "name": "roleId", "type": { "fqn": "@aws-cdk/aws-iam.RoleId" } } ], "subtypes": [ "@aws-cdk/aws-iam.cloudformation.RoleResource.PolicyProperty" ] }, "@aws-cdk/aws-iam.cloudformation.RoleResource.PolicyProperty": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.RoleResource.PolicyProperty", "kind": "interface", "name": "PolicyProperty", "namespace": "@aws-cdk/aws-iam.cloudformation.RoleResource", "parenttype": "@aws-cdk/aws-iam.cloudformation.RoleResource", "properties": [ { "docs": { "comment": "``RoleResource.PolicyProperty.PolicyDocument``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html#cfn-iam-policies-policydocument" }, "name": "policyDocument", "type": { "union": { "types": [ { "primitive": "json" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``RoleResource.PolicyProperty.PolicyName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html#cfn-iam-policies-policyname" }, "name": "policyName", "type": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.RoleResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.RoleResourceProps", "kind": "interface", "name": "RoleResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::Role.AssumeRolePolicyDocument``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument" }, "name": "assumeRolePolicyDocument", "type": { "union": { "types": [ { "primitive": "json" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::Role.ManagedPolicyArns``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-managepolicyarns" }, "name": "managedPolicyArns", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::Role.MaxSessionDuration``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-maxsessionduration" }, "name": "maxSessionDuration", "type": { "optional": true, "union": { "types": [ { "primitive": "number" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::Role.Path``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-path" }, "name": "path", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::Role.Policies``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-policies" }, "name": "policies", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "fqn": "@aws-cdk/aws-iam.cloudformation.RoleResource.PolicyProperty" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::Role.RoleName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-rolename" }, "name": "roleName", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.UserResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.UserResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::User``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``UserResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``UserResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.UserResourceProps", "optional": true } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "UserResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } }, { "docs": { "cloudformation_attribute": "Arn" }, "immutable": true, "name": "userArn", "type": { "fqn": "@aws-cdk/aws-iam.UserArn" } } ], "subtypes": [ "@aws-cdk/aws-iam.cloudformation.UserResource.LoginProfileProperty", "@aws-cdk/aws-iam.cloudformation.UserResource.PolicyProperty" ] }, "@aws-cdk/aws-iam.cloudformation.UserResource.LoginProfileProperty": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user-loginprofile.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.UserResource.LoginProfileProperty", "kind": "interface", "name": "LoginProfileProperty", "namespace": "@aws-cdk/aws-iam.cloudformation.UserResource", "parenttype": "@aws-cdk/aws-iam.cloudformation.UserResource", "properties": [ { "docs": { "comment": "``UserResource.LoginProfileProperty.Password``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user-loginprofile.html#cfn-iam-user-loginprofile-password" }, "name": "password", "type": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``UserResource.LoginProfileProperty.PasswordResetRequired``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user-loginprofile.html#cfn-iam-user-loginprofile-passwordresetrequired" }, "name": "passwordResetRequired", "type": { "optional": true, "union": { "types": [ { "primitive": "boolean" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.UserResource.PolicyProperty": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.UserResource.PolicyProperty", "kind": "interface", "name": "PolicyProperty", "namespace": "@aws-cdk/aws-iam.cloudformation.UserResource", "parenttype": "@aws-cdk/aws-iam.cloudformation.UserResource", "properties": [ { "docs": { "comment": "``UserResource.PolicyProperty.PolicyDocument``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html#cfn-iam-policies-policydocument" }, "name": "policyDocument", "type": { "union": { "types": [ { "primitive": "json" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``UserResource.PolicyProperty.PolicyName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html#cfn-iam-policies-policyname" }, "name": "policyName", "type": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.UserResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.UserResourceProps", "kind": "interface", "name": "UserResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::User.Groups``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html#cfn-iam-user-groups" }, "name": "groups", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::User.LoginProfile``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html#cfn-iam-user-loginprofile" }, "name": "loginProfile", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "fqn": "@aws-cdk/aws-iam.cloudformation.UserResource.LoginProfileProperty" } ] } } }, { "docs": { "comment": "``AWS::IAM::User.ManagedPolicyArns``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html#cfn-iam-user-managepolicyarns" }, "name": "managedPolicyArns", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::User.Path``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html#cfn-iam-user-path" }, "name": "path", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::User.Policies``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html#cfn-iam-user-policies" }, "name": "policies", "type": { "optional": true, "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "fqn": "@aws-cdk/aws-iam.cloudformation.UserResource.PolicyProperty" } ] } }, "kind": "array" } } ] } } }, { "docs": { "comment": "``AWS::IAM::User.UserName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html#cfn-iam-user-username" }, "name": "userName", "type": { "optional": true, "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } } ] }, "@aws-cdk/aws-iam.cloudformation.UserToGroupAdditionResource": { "assembly": "@aws-cdk/aws-iam", "base": { "fqn": "@aws-cdk/cdk.Resource" }, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-addusertogroup.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.UserToGroupAdditionResource", "initializer": { "docs": { "comment": "Creates a new ``AWS::IAM::UserToGroupAddition``." }, "initializer": true, "parameters": [ { "docs": { "comment": "the ``cdk.Construct`` this ``UserToGroupAdditionResource`` is a part of" }, "name": "parent", "type": { "fqn": "@aws-cdk/cdk.Construct" } }, { "docs": { "comment": "the name of the resource in the ``cdk.Construct`` tree" }, "name": "name", "type": { "primitive": "string" } }, { "docs": { "comment": "the properties of this ``UserToGroupAdditionResource``" }, "name": "properties", "type": { "fqn": "@aws-cdk/aws-iam.cloudformation.UserToGroupAdditionResourceProps" } } ] }, "kind": "class", "methods": [ { "name": "renderProperties", "protected": true, "returns": { "collection": { "elementtype": { "primitive": "any" }, "kind": "map" } } } ], "name": "UserToGroupAdditionResource", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "const": true, "docs": { "comment": "The CloudFormation resource type name for this resource class." }, "immutable": true, "name": "resourceTypeName", "static": true, "type": { "primitive": "string" } } ] }, "@aws-cdk/aws-iam.cloudformation.UserToGroupAdditionResourceProps": { "assembly": "@aws-cdk/aws-iam", "datatype": true, "docs": { "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-addusertogroup.html" }, "fqn": "@aws-cdk/aws-iam.cloudformation.UserToGroupAdditionResourceProps", "kind": "interface", "name": "UserToGroupAdditionResourceProps", "namespace": "@aws-cdk/aws-iam.cloudformation", "properties": [ { "docs": { "comment": "``AWS::IAM::UserToGroupAddition.GroupName``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-addusertogroup.html#cfn-iam-addusertogroup-groupname" }, "name": "groupName", "type": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } } }, { "docs": { "comment": "``AWS::IAM::UserToGroupAddition.Users``", "link": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-addusertogroup.html#cfn-iam-addusertogroup-users" }, "name": "users", "type": { "union": { "types": [ { "fqn": "@aws-cdk/cdk.Token" }, { "collection": { "elementtype": { "union": { "types": [ { "primitive": "string" }, { "fqn": "@aws-cdk/cdk.Token" } ] } }, "kind": "array" } } ] } } } ] } }, "version": "0.8.2" }