AWS Managed Policies
Attention
This is an early version of the package. The API might change when new features are implemented. Therefore make sure you use an exact version in your package.json
/requirements.txt
before it reaches 1.0.0.
The AwsManagedPolicy
class provides an up-to-date collection of AWS managed policies. This helps adding managed policies to IAM roles and users in a type-safe way.
The class provides the names of the policies. If you instead need the ARN, prefix the string with arn:aws:iam::aws:policy/
.
The package cdk-iam-floyd
additionally provides methods for directly creating aws_iam.IManagedPolicy
objects.
First import AwsManagedPolicy
:
// for use without AWS CDK use the iam-floyd package
import { AwsManagedPolicy } from 'iam-floyd';
// for use with CDK use the cdk-iam-floyd package
import { AwsManagedPolicy } from 'cdk-iam-floyd';
// for use without AWS CDK use the iam-floyd package
const { AwsManagedPolicy } = require('iam-floyd');
// for use with CDK use the cdk-iam-floyd package
const { AwsManagedPolicy } = require('cdk-iam-floyd');
Usage in aws-sdk v3 and aws-cdk:
readOnlyRole.addManagedPolicy(
new AwsManagedPolicy().ReadOnlyAccess(),
);
await iamClient.send(
new AttachRolePolicyCommand({
RoleName: 'ReadOnlyRole',
PolicyArn: `arn:aws:iam::aws:policy/${AwsManagedPolicy.ReadOnlyAccess}`,
}),
);