Description |
String
|
Required: No. A description of the policy. For example, you can describe the permissions that
are defined in the policy.Update requires: Replacement |
Groups |
String
|
Required: No. The names of groups to attach to this policy.Update requires: No interruption |
Path |
String
|
Required: No. The path for the policy. By default, the path is /. For more
information, see IAM
Identifiers in the IAM User Guide
guide.Update requires: Replacement |
PolicyDocument |
Object
|
Required: Yes. Policies that define the permissions for this managed policy. For more
information about policy syntax, see IAM Policy Elements Reference in
IAM User Guide.Update requires: No interruption |
Roles |
String
|
Required: No. The names of roles to attach to this policy.NoteIf a policy has a Ref to a role and if a resource (such as
AWS::ECS::Service) also has a Ref to the same
role, add a DependsOn attribute to the resource so that the
resource depends on the policy. This dependency ensures that the role's policy
is available throughout the resource's lifecycle. For example, when you delete
a stack with an AWS::ECS::Service resource, the
DependsOn attribute ensures that the
AWS::ECS::Service resource can complete its deletion before its
role's policy is deleted.Update requires: No interruption |
Users |
String
|
Required: No. The names of users to attach to this policy.Update requires: No interruption |