Import an Existing IAM Group in AWS CDK

avatar

Borislav Hadzhiev

Last updated: Apr 14, 2022

banner

Check out my new book

Importing an existing IAM Group in AWS CDK #

In order to import an external IAM Group in an AWS CDK stack, we have to use the fromGroupArn static method on the Group class.

import * as cdk from 'aws-cdk-lib'; import * as iam from 'aws-cdk-lib/aws-iam'; export class CdkStarterStack extends cdk.Stack { constructor(scope: cdk.App, id: string, props?: cdk.StackProps) { super(scope, id, props); // 👇 import existing Group const importedGroup = iam.Group.fromGroupArn( this, 'existing-group-id', `arn:aws:iam::${cdk.Stack.of(this).account}:group/YOUR_GROUP_NAME`, ); console.log('imported group name 👉', importedGroup.groupName); console.log('imported group arn 👉', importedGroup.groupArn); } }

We used the fromGroupArn static method on the Group class to import an external group. The method takes 3 parameters:

  1. scope - the scope of the construct
  2. id - an identifier for the construct (must be unique within the scope)
  3. groupArn - the ARN of the group we want to import

Further Reading #

Use the search field on my Home Page to filter through my more than 3,000 articles.