UnknownPrincipal¶
-
class
aws_cdk.aws_iam.UnknownPrincipal(*, resource)¶ Bases:
objectA principal for use in resources that need to have a role but it’s unknown.
Some resources have roles associated with them which they assume, such as Lambda Functions, CodeBuild projects, StepFunctions machines, etc.
When those resources are imported, their actual roles are not always imported with them. When that happens, we use an instance of this class instead, which will add user warnings when statements are attempted to be added to it.
- Parameters
resource (
IConstruct) – The resource the role proxy is for.
Methods
-
add_to_policy(statement)¶ Add to the policy of this principal.
- Parameters
statement (
PolicyStatement) –- Return type
bool
-
add_to_principal_policy(statement)¶ Add to the policy of this principal.
- Parameters
statement (
PolicyStatement) –- Return type
Attributes
-
assume_role_action¶ When this Principal is used in an AssumeRole policy, the action to use.
- Return type
str
-
grant_principal¶ The principal to grant permissions to.
- Return type
-
policy_fragment¶ Return the policy fragment that identifies this principal in a Policy.
- Return type