aws_cdk.aws_iam

Package Overview

AccountPrincipal

Specify AWS account ID as the principal entity in a policy to delegate authority to the account.

AccountRootPrincipal

Use the AWS account into which a stack is deployed as the principal entity in a policy.

AddToPrincipalPolicyResult

AddToResourcePolicyResult

AnyPrincipal

A principal representing all identities in all accounts.

Anyone

(deprecated) A principal representing all identities in all accounts.

ArnPrincipal

Specify a principal by the Amazon Resource Name (ARN).

CanonicalUserPrincipal

A policy principal for canonicalUserIds - useful for S3 bucket policies that use Origin Access identities.

CfnAccessKey

A CloudFormation AWS::IAM::AccessKey.

CfnAccessKeyProps

CfnGroup

A CloudFormation AWS::IAM::Group.

CfnGroupProps

CfnInstanceProfile

A CloudFormation AWS::IAM::InstanceProfile.

CfnInstanceProfileProps

CfnManagedPolicy

A CloudFormation AWS::IAM::ManagedPolicy.

CfnManagedPolicyProps

CfnPolicy

A CloudFormation AWS::IAM::Policy.

CfnPolicyProps

CfnRole

A CloudFormation AWS::IAM::Role.

CfnRoleProps

CfnServiceLinkedRole

A CloudFormation AWS::IAM::ServiceLinkedRole.

CfnServiceLinkedRoleProps

CfnUser

A CloudFormation AWS::IAM::User.

CfnUserProps

CfnUserToGroupAddition

A CloudFormation AWS::IAM::UserToGroupAddition.

CfnUserToGroupAdditionProps

CommonGrantOptions

CompositeDependable

Composite dependable.

CompositePrincipal

Represents a principal that has multiple types of principals.

Effect

The Effect element of an IAM policy.

FederatedPrincipal

Principal entity that represents a federated identity provider such as Amazon Cognito, that can be used to provide temporary security credentials to users who have been authenticated.

FromRoleArnOptions

Grant

Result of a grant() operation.

GrantOnPrincipalAndResourceOptions

GrantOnPrincipalOptions

GrantWithResourceOptions

Group

An IAM Group (collection of IAM users) lets you specify permissions for multiple users, which can make it easier to manage permissions for those users.

GroupProps

IGrantable

Any object that has an associated principal that a permission can be granted to.

IGroup

Represents an IAM Group.

IIdentity

A construct that represents an IAM principal, such as a user, group or role.

IManagedPolicy

A managed policy.

IOpenIdConnectProvider

(experimental) Represents an IAM OpenID Connect provider.

IPolicy

Represents an IAM Policy.

IPrincipal

Represents a logical IAM principal.

IResourceWithPolicy

A resource with a resource policy that can be added to.

IRole

A Role object.

IUser

Represents an IAM user.

LazyRole

An IAM role that only gets attached to the construct tree once it gets used, not before.

LazyRoleProps

ManagedPolicy

Managed policy.

ManagedPolicyProps

OpenIdConnectPrincipal

A principal that represents a federated identity provider as from a OpenID Connect provider.

OpenIdConnectProvider

(experimental) IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the OpenID Connect (OIDC) standard, such as Google or Salesforce.

OpenIdConnectProviderProps

OrganizationPrincipal

A principal that represents an AWS Organization.

Policy

The AWS::IAM::Policy resource associates an IAM policy with IAM users, roles, or groups.

PolicyDocument

A PolicyDocument is a collection of statements.

PolicyDocumentProps

PolicyProps

PolicyStatement

Represents a statement in an IAM policy document.

PolicyStatementProps

PrincipalBase

Base class for policy principals.

PrincipalPolicyFragment

A collection of the fields in a PolicyStatement that can be used to identify a principal.

PrincipalWithConditions

An IAM principal with additional conditions specifying when the policy is in effect.

Role

IAM Role.

RoleProps

ServicePrincipal

An IAM principal that represents an AWS service (i.e. sqs.amazonaws.com).

ServicePrincipalOpts

UnknownPrincipal

A principal for use in resources that need to have a role but it’s unknown.

UnknownPrincipalProps

User

Define a new IAM user.

UserProps

WebIdentityPrincipal

A principal that represents a federated identity provider as Web Identity such as Cognito, Amazon, Facebook, Google, etc.