PrincipalWithConditions¶
-
class
aws_cdk.aws_iam.PrincipalWithConditions(principal, conditions)¶ Bases:
objectAn IAM principal with additional conditions specifying when the policy is in effect.
For more information about conditions, see: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
- Parameters
principal (
IPrincipal) –conditions (
Mapping[str,Any]) –
Methods
-
add_condition(key, value)¶ Add a condition to the principal.
- Parameters
key (
str) –value (
Any) –
- Return type
None
-
add_conditions(conditions)¶ Adds multiple conditions to the principal.
Values from the conditions parameter will overwrite existing values with the same operator and key.
- Parameters
conditions (
Mapping[str,Any]) –- Return type
None
-
add_to_policy(statement)¶ Add to the policy of this principal.
- Parameters
statement (
PolicyStatement) –- Return type
bool
-
add_to_principal_policy(statement)¶ Add to the policy of this principal.
- Parameters
statement (
PolicyStatement) –- Return type
-
to_json()¶ JSON-ify the principal.
Used when JSON.stringify() is called
- Return type
Mapping[str,List[str]]
-
to_string()¶ Returns a string representation of an object.
- Return type
str
Attributes
-
assume_role_action¶ When this Principal is used in an AssumeRole policy, the action to use.
- Return type
str
-
conditions¶ The conditions under which the policy is in effect.
- Return type
Mapping[str,Any]
-
grant_principal¶ The principal to grant permissions to.
- Return type
-
policy_fragment¶ Return the policy fragment that identifies this principal in a Policy.
- Return type
-
principal_account¶ The AWS account ID of this principal.
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it’s assumed to be AWS::AccountId.
- Return type
Optional[str]