AWS Managed Policies
Attention
This is an early version of the package. The API might change when new features are implemented. Therefore make sure you use an exact version in your package.json
/requirements.txt
before it reaches 1.0.0.
The AwsManagedPolicies
enum contains an up-to-date collection of AWS managed policy names. This helps adding managed policies to IAM roles and users in a type-safe way.
Note
The enum provides the names since version 0.605.0. If you instead need the ARN, prefix the string with arn:aws:iam::aws:policy/
.
First import AwsManagedPolicies
:
// for use without AWS CDK use the iam-floyd package
import { AwsManagedPolicies } from 'iam-floyd';
// for use with CDK use the cdk-iam-floyd package
import { AwsManagedPolicies } from 'cdk-iam-floyd';
// for use without AWS CDK use the iam-floyd package
const { AwsManagedPolicies } = require('iam-floyd');
// for use with CDK use the cdk-iam-floyd package
const { AwsManagedPolicies } = require('cdk-iam-floyd');
Usage in aws-sdk v3 and aws-cdk:
readOnlyRole.addManagedPolicy(
aws_iam.ManagedPolicy.fromAwsManagedPolicyName(
this,
'ReadOnlyAccess',
AwsManagedPolicies.ReadOnlyAccess,
),
);
await iamClient.send(
new AttachRolePolicyCommand({
RoleName: 'ReadOnlyRole',
PolicyArn: `arn:aws:iam::aws:policy/${AwsManagedPolicies.ReadOnlyAccess}`,
}),
);