Resource: awsIamPolicy
Provides an IAM policy.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.iamPolicy.IamPolicy(this, "policy", {
description: "My test policy",
name: "test_policy",
path: "/",
policy:
'${jsonencode({\n Version = "2012-10-17"\n Statement = [\n {\n Action = [\n "ec2:Describe*",\n ]\n Effect = "Allow"\n Resource = "*"\n },\n ]\n })}',
});
Argument Reference
The following arguments are supported:
description- (Optional, Forces new resource) Description of the IAM policy.name- (Optional, Forces new resource) The name of the policy. If omitted, Terraform will assign a random, unique name.namePrefix- (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts withname.path- (Optional, default "/") Path in which to create the policy. See IAM Identifiers for more information.policy- (Required) The policy document. This is a JSON formatted string. For more information about building AWS IAM policy documents with Terraform, see the AWS IAM Policy Document Guidetags- (Optional) Map of resource tags for the IAM Policy. If configured with a providerdefaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id- The ARN assigned by AWS to this policy.arn- The ARN assigned by AWS to this policy.description- The description of the policy.name- The name of the policy.path- The path of the policy in IAM.policy- The policy document.policyId- The policy's ID.tagsAll- A map of tags assigned to the resource, including those inherited from the providerdefaultTagsconfiguration block.
Import
IAM Policies can be imported using the arn, e.g.,