software.amazon.awscdk.services.iam

Class FederatedPrincipal

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.iam.PrincipalBase

software.amazon.awscdk.services.iam.FederatedPrincipal

All Implemented Interfaces:

IAssumeRolePrincipal, IComparablePrincipal, IGrantable, IPrincipal

Direct Known Subclasses:

SamlPrincipal, WebIdentityPrincipal

@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)",
           date="2023-03-22T19:35:36.613Z")
public class FederatedPrincipal
extends PrincipalBase

Principal entity that represents a federated identity provider such as Amazon Cognito, that can be used to provide temporary security credentials to users who have been authenticated.

Additional condition keys are available when the temporary security credentials are used to make a request. You can use these keys to write policies that limit the access of federated users.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.iam.*;
 Object conditions;
 FederatedPrincipal federatedPrincipal = new FederatedPrincipal("federated", Map.of(
         "conditionsKey", conditions), "assumeRoleAction");
 

See Also:

https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif

Nested Class Summary

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IAssumeRolePrincipal

IAssumeRolePrincipal.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IComparablePrincipal

IComparablePrincipal.Jsii$Default

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	FederatedPrincipal(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	FederatedPrincipal(software.amazon.jsii.JsiiObjectRef objRef)
	FederatedPrincipal(java.lang.String federated, java.util.Map<java.lang.String,java.lang.Object> conditions)
	FederatedPrincipal(java.lang.String federated, java.util.Map<java.lang.String,java.lang.Object> conditions, java.lang.String assumeRoleAction)

Method Summary

Modifier and Type	Method and Description
java.lang.String	dedupeString() Return whether or not this principal is equal to the given principal.
java.lang.String	getAssumeRoleAction() When this Principal is used in an AssumeRole policy, the action to use.
java.util.Map<java.lang.String,java.lang.Object>	getConditions() The conditions under which the policy is in effect.
java.lang.String	getFederated() federated identity provider (i.e.
PrincipalPolicyFragment	getPolicyFragment() Return the policy fragment that identifies this principal in a Policy.
java.lang.String	toString() Returns a string representation of an object.

Methods inherited from class software.amazon.awscdk.services.iam.PrincipalBase

addToAssumeRolePolicy, addToPolicy, addToPrincipalPolicy, getGrantPrincipal, getPrincipalAccount, toJSON, withConditions, withSessionTags

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

FederatedPrincipal

protected FederatedPrincipal(software.amazon.jsii.JsiiObjectRef objRef)

FederatedPrincipal

protected FederatedPrincipal(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

FederatedPrincipal

public FederatedPrincipal(java.lang.String federated,
                          java.util.Map<java.lang.String,java.lang.Object> conditions,
                          java.lang.String assumeRoleAction)

Parameters:

federated - federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito). This parameter is required.

conditions - The conditions under which the policy is in effect. This parameter is required.

assumeRoleAction -

FederatedPrincipal

public FederatedPrincipal(java.lang.String federated,
                          java.util.Map<java.lang.String,java.lang.Object> conditions)

Parameters:

federated - federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito). This parameter is required.

conditions - The conditions under which the policy is in effect. This parameter is required.

Method Detail

dedupeString

public java.lang.String dedupeString()

Return whether or not this principal is equal to the given principal.

Specified by:

dedupeString in interface IComparablePrincipal

Specified by:

dedupeString in class PrincipalBase

toString

public java.lang.String toString()

Returns a string representation of an object.

Overrides:

toString in class PrincipalBase

getAssumeRoleAction

public java.lang.String getAssumeRoleAction()

When this Principal is used in an AssumeRole policy, the action to use.

Specified by:

getAssumeRoleAction in interface IPrincipal

Overrides:

getAssumeRoleAction in class PrincipalBase

getConditions

public java.util.Map<java.lang.String,java.lang.Object> getConditions()

The conditions under which the policy is in effect.

See the IAM documentation.

getFederated

public java.lang.String getFederated()

federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito).

getPolicyFragment

public PrincipalPolicyFragment getPolicyFragment()

Return the policy fragment that identifies this principal in a Policy.

Specified by:

getPolicyFragment in interface IPrincipal

Specified by:

getPolicyFragment in class PrincipalBase