Safe Haskell | None |
---|---|
Language | Haskell2010 |
AWS::IAM::ManagedPolicy creates an AWS Identity and Access Management (IAM) managed policy for your AWS account that you can use to apply permissions to IAM users, groups, and roles. For more information about managed policies, see Managed Policies and Inline Policies in the IAM User Guide guide.
- data ManagedPolicy = ManagedPolicy {}
- managedPolicy :: Object -> ManagedPolicy
- mpDescription :: Lens' ManagedPolicy (Maybe (Val Text))
- mpGroups :: Lens' ManagedPolicy (Maybe [Val Text])
- mpPath :: Lens' ManagedPolicy (Maybe (Val Text))
- mpPolicyDocument :: Lens' ManagedPolicy Object
- mpRoles :: Lens' ManagedPolicy (Maybe [Val Text])
- mpUsers :: Lens' ManagedPolicy (Maybe [Val Text])
Documentation
data ManagedPolicy Source
Full data type definition for ManagedPolicy. See managedPolicy
for a
more convenient constructor.
Constructor for ManagedPolicy
containing required fields as arguments.
mpDescription :: Lens' ManagedPolicy (Maybe (Val Text)) Source
A description of the policy. For example, you can describe the permissions that are defined in the policy.
mpGroups :: Lens' ManagedPolicy (Maybe [Val Text]) Source
The names of groups to attach to this policy.
mpPath :: Lens' ManagedPolicy (Maybe (Val Text)) Source
The path for the policy. By default, the path is /. For more information, see IAM Identifiers in the IAM User Guide guide.
mpPolicyDocument :: Lens' ManagedPolicy Object Source
Policies that define the permissions for this managed policy. For more information about policy syntax, see IAM Policy Elements Reference in IAM User Guide.
mpRoles :: Lens' ManagedPolicy (Maybe [Val Text]) Source
The names of roles to attach to this policy. Note If a policy has a Ref to a role and if a resource (such as AWS::ECS::Service) also has a Ref to the same role, add a DependsOn attribute to the resource so that the resource depends on the policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an AWS::ECS::Service resource, the DependsOn attribute ensures that the AWS::ECS::Service resource can complete its deletion before its role's policy is deleted.