UnknownPrincipal

class aws_cdk.aws_iam.UnknownPrincipal(*, resource)

Bases: object

A principal for use in resources that need to have a role but it’s unknown.

Some resources have roles associated with them which they assume, such as Lambda Functions, CodeBuild projects, StepFunctions machines, etc.

When those resources are imported, their actual roles are not always imported with them. When that happens, we use an instance of this class instead, which will add user warnings when statements are attempted to be added to it.

__init__(*, resource)
Parameters

resource (IConstruct) – The resource the role proxy is for.

Return type

None

Methods

add_to_policy(statement)

Add to the policy of this principal.

Parameters

statement (PolicyStatement) –

Return type

bool

Attributes

assume_role_action

When this Principal is used in an AssumeRole policy, the action to use.

Return type

str

grant_principal

The principal to grant permissions to.

Return type

IPrincipal

policy_fragment

Return the policy fragment that identifies this principal in a Policy.

Return type

PrincipalPolicyFragment