software.amazon.awscdk.services.iam

Class ArnPrincipal

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.iam.PrincipalBase

software.amazon.awscdk.services.iam.ArnPrincipal

All Implemented Interfaces:

IAssumeRolePrincipal, IComparablePrincipal, IGrantable, IPrincipal

Direct Known Subclasses:

AccountPrincipal, AnyPrincipal

@Generated(value="jsii-pacmak/1.58.0 (build f8ba112)",
           date="2022-05-27T16:27:55.333Z")
public class ArnPrincipal
extends PrincipalBase

Specify a principal by the Amazon Resource Name (ARN).

You can specify AWS accounts, IAM users, Federated SAML users, IAM roles, and specific assumed-role sessions. You cannot specify IAM groups or instance profiles as principals

Example:

 NetworkLoadBalancer networkLoadBalancer1;
 NetworkLoadBalancer networkLoadBalancer2;
 VpcEndpointService.Builder.create(this, "EndpointService")
         .vpcEndpointServiceLoadBalancers(List.of(networkLoadBalancer1, networkLoadBalancer2))
         .acceptanceRequired(true)
         .allowedPrincipals(List.of(new ArnPrincipal("arn:aws:iam::123456789012:root")))
         .build();
 

See Also:

https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html

Nested Class Summary

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IAssumeRolePrincipal

IAssumeRolePrincipal.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IComparablePrincipal

IComparablePrincipal.Jsii$Default

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	ArnPrincipal(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	ArnPrincipal(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
java.lang.String	dedupeString() Return whether or not this principal is equal to the given principal.
java.lang.String	getArn() Amazon Resource Name (ARN) of the principal entity (i.e.
PrincipalPolicyFragment	getPolicyFragment() Return the policy fragment that identifies this principal in a Policy.
PrincipalBase	inOrganization(java.lang.String organizationId) A convenience method for adding a condition that the principal is part of the specified AWS Organization.
java.lang.String	toString() Returns a string representation of an object.

Methods inherited from class software.amazon.awscdk.services.iam.PrincipalBase

addToAssumeRolePolicy, addToPolicy, addToPrincipalPolicy, getAssumeRoleAction, getGrantPrincipal, getPrincipalAccount, toJSON, withConditions, withSessionTags

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

ArnPrincipal

protected ArnPrincipal(software.amazon.jsii.JsiiObjectRef objRef)

ArnPrincipal

protected ArnPrincipal(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

Method Detail

dedupeString

public java.lang.String dedupeString()

Return whether or not this principal is equal to the given principal.

Specified by:

dedupeString in interface IComparablePrincipal

Specified by:

dedupeString in class PrincipalBase

inOrganization

public PrincipalBase inOrganization(java.lang.String organizationId)

A convenience method for adding a condition that the principal is part of the specified AWS Organization.

Parameters:

organizationId - This parameter is required.

toString

public java.lang.String toString()

Returns a string representation of an object.

Overrides:

toString in class PrincipalBase

getArn

public java.lang.String getArn()

Amazon Resource Name (ARN) of the principal entity (i.e. arn:aws:iam::123456789012:user/user-name).

getPolicyFragment

public PrincipalPolicyFragment getPolicyFragment()

Return the policy fragment that identifies this principal in a Policy.

Specified by:

getPolicyFragment in interface IPrincipal

Specified by:

getPolicyFragment in class PrincipalBase