Class User
Define a new IAM user.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.AWS.IAM.dll
Syntax (csharp)
public class User : Resource, IUser, IIdentity, IPrincipal, IGrantable, IResource, IConstruct, IDependable
Syntax (vb)
Public Class User
Inherits Resource
Implements IUser, IIdentity, IPrincipal, IGrantable, IResource, IConstruct, IDependable
Remarks
ExampleMetadata: infused
Examples
var user = new User(this, "MyUser"); // or User.fromUserName(stack, 'User', 'johnsmith');
var group = new Group(this, "MyGroup"); // or Group.fromGroupArn(stack, 'Group', 'arn:aws:iam::account-id:group/group-name');
user.AddToGroup(group);
// or
group.AddUser(user);
Synopsis
Constructors
User(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
User(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
User(Construct, String, IUserProps) |
Properties
AssumeRoleAction | When this Principal is used in an AssumeRole policy, the action to use. |
GrantPrincipal | The principal to grant permissions to. |
PermissionsBoundary | Returns the permissions boundary attached to this user. |
PolicyFragment | Return the policy fragment that identifies this principal in a Policy. |
PrincipalAccount | The AWS account ID of this principal. |
UserArn | An attribute that represents the user's ARN. |
UserName | An attribute that represents the user name. |
Methods
AddManagedPolicy(IManagedPolicy) | Attaches a managed policy to the user. |
AddToGroup(IGroup) | Adds this user to a group. |
AddToPolicy(PolicyStatement) | Add to the policy of this principal. |
AddToPrincipalPolicy(PolicyStatement) | Adds an IAM statement to the default policy. |
AttachInlinePolicy(Policy) | Attaches a policy to this user. |
FromUserArn(Construct, String, String) | Import an existing user given a user ARN. |
FromUserAttributes(Construct, String, IUserAttributes) | Import an existing user given user attributes. |
FromUserName(Construct, String, String) | Import an existing user given a username. |
Constructors
User(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected User(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
User(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected User(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
User(Construct, String, IUserProps)
public User(Construct scope, string id, IUserProps props = null)
Parameters
- scope Constructs.Construct
- id System.String
- props IUserProps
Properties
AssumeRoleAction
When this Principal is used in an AssumeRole policy, the action to use.
public virtual string AssumeRoleAction { get; }
Property Value
System.String
GrantPrincipal
The principal to grant permissions to.
public virtual IPrincipal GrantPrincipal { get; }
Property Value
PermissionsBoundary
Returns the permissions boundary attached to this user.
public virtual IManagedPolicy PermissionsBoundary { get; }
Property Value
PolicyFragment
Return the policy fragment that identifies this principal in a Policy.
public virtual PrincipalPolicyFragment PolicyFragment { get; }
Property Value
PrincipalAccount
The AWS account ID of this principal.
public virtual string PrincipalAccount { get; }
Property Value
System.String
Remarks
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
UserArn
An attribute that represents the user's ARN.
public virtual string UserArn { get; }
Property Value
System.String
Remarks
Attribute: true
UserName
An attribute that represents the user name.
public virtual string UserName { get; }
Property Value
System.String
Remarks
Attribute: true
Methods
AddManagedPolicy(IManagedPolicy)
Attaches a managed policy to the user.
public virtual void AddManagedPolicy(IManagedPolicy policy)
Parameters
- policy IManagedPolicy
The managed policy to attach.
AddToGroup(IGroup)
AddToPolicy(PolicyStatement)
Add to the policy of this principal.
public virtual bool AddToPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns
System.Boolean
AddToPrincipalPolicy(PolicyStatement)
Adds an IAM statement to the default policy.
public virtual IAddToPrincipalPolicyResult AddToPrincipalPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns
true
AttachInlinePolicy(Policy)
Attaches a policy to this user.
public virtual void AttachInlinePolicy(Policy policy)
Parameters
- policy Policy
FromUserArn(Construct, String, String)
Import an existing user given a user ARN.
public static IUser FromUserArn(Construct scope, string id, string userArn)
Parameters
- scope Constructs.Construct
construct scope.
- id System.String
construct id.
- userArn System.String
the ARN of an existing user to import.
Returns
Remarks
If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.
FromUserAttributes(Construct, String, IUserAttributes)
Import an existing user given user attributes.
public static IUser FromUserAttributes(Construct scope, string id, IUserAttributes attrs)
Parameters
- scope Constructs.Construct
construct scope.
- id System.String
construct id.
- attrs IUserAttributes
the attributes of the user to import.
Returns
Remarks
If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.
FromUserName(Construct, String, String)
Import an existing user given a username.
public static IUser FromUserName(Construct scope, string id, string userName)
Parameters
- scope Constructs.Construct
construct scope.
- id System.String
construct id.
- userName System.String
the username of the existing user to import.
Returns