Package software.amazon.awscdk.services.iam

Class ServicePrincipal

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.iam.PrincipalBase
software.amazon.awscdk.services.iam.ServicePrincipal
All Implemented Interfaces:
IAssumeRolePrincipal, IComparablePrincipal, IGrantable, IPrincipal, software.amazon.jsii.JsiiSerializable
@Generated(value="jsii-pacmak/1.96.0 (build 921e240)", date="2024-04-10T22:22:28.970Z") @Stability(Stable) public class ServicePrincipal extends PrincipalBase
An IAM principal that represents an AWS service (i.e. sqs.amazonaws.com).

Example: 

 Role lambdaRole = Role.Builder.create(this, "Role")
         .assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
         .description("Example role...")
         .build();
 Stream stream = Stream.Builder.create(this, "MyEncryptedStream")
         .encryption(StreamEncryption.KMS)
         .build();
 // give lambda permissions to read stream
 stream.grantRead(lambdaRole);

  • Constructor Details

    • ServicePrincipal

      protected ServicePrincipal(software.amazon.jsii.JsiiObjectRef objRef)

    • ServicePrincipal

      protected ServicePrincipal(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • ServicePrincipal

      @Stability(Stable) public ServicePrincipal(@NotNull String service, @Nullable ServicePrincipalOpts opts)
      Reference an AWS service, optionally in a given region.

      Parameters:
      service - AWS service (i.e. sqs.amazonaws.com). This parameter is required.
      opts -

    • ServicePrincipal

      @Stability(Stable) public ServicePrincipal(@NotNull String service)
      Reference an AWS service, optionally in a given region.

      Parameters:
      service - AWS service (i.e. sqs.amazonaws.com). This parameter is required.

  • Method Details

    • servicePrincipalName

      @Stability(Stable) @NotNull public static String servicePrincipalName(@NotNull String service)
      Return the service principal name based on the region it's used in.

      Some service principal names used to be different for different partitions, and some were not. This method would return the appropriate region-specific service principal name, getting that information from the region-info module.

      These days all service principal names are standardized, and they are all of the form <servicename>.amazonaws.com.

      If the feature flag @aws-cdk/aws-iam:standardizedServicePrincipals is set, this method will always return its input. If this feature flag is not set, this method will perform the legacy behavior, which appends the region-specific domain suffix for some select services (for example, it would append .cn to some service principal names).

      Example: 

       String principalName = ServicePrincipal.servicePrincipalName("ec2.amazonaws.com");

      Parameters:
      service - This parameter is required.

    • dedupeString

      @Stability(Stable) @Nullable public String dedupeString()
      Return whether or not this principal is equal to the given principal.
      Specified by:
      dedupeString in interface IComparablePrincipal
      Specified by:
      dedupeString in class PrincipalBase

    • toString

      @Stability(Stable) @NotNull public String toString()
      Returns a string representation of an object.
      Overrides:
      toString in class PrincipalBase

    • getPolicyFragment

      @Stability(Stable) @NotNull public PrincipalPolicyFragment getPolicyFragment()
      Return the policy fragment that identifies this principal in a Policy.
      Specified by:
      getPolicyFragment in interface IPrincipal
      Specified by:
      getPolicyFragment in class PrincipalBase

    • getService

      @Stability(Stable) @NotNull public String getService()
      AWS service (i.e. sqs.amazonaws.com).