Package software.amazon.awscdk.services.iam

Class FederatedPrincipal

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.iam.PrincipalBase

software.amazon.awscdk.services.iam.FederatedPrincipal

All Implemented Interfaces:

IAssumeRolePrincipal, IComparablePrincipal, IGrantable, IPrincipal, software.amazon.jsii.JsiiSerializable

Direct Known Subclasses:

SamlPrincipal, WebIdentityPrincipal

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
           date="2023-06-19T16:29:57.305Z")
@Stability(Stable)
public class FederatedPrincipal
extends PrincipalBase

Principal entity that represents a federated identity provider such as Amazon Cognito, that can be used to provide temporary security credentials to users who have been authenticated.

Additional condition keys are available when the temporary security credentials are used to make a request. You can use these keys to write policies that limit the access of federated users.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.iam.*;
 Object conditions;
 FederatedPrincipal federatedPrincipal = new FederatedPrincipal("federated", Map.of(
         "conditionsKey", conditions), "assumeRoleAction");
 

See Also:

• https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IAssumeRolePrincipal

IAssumeRolePrincipal.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IComparablePrincipal

IComparablePrincipal.Jsii$Default

Constructor Summary

Constructors

Modifier	Constructor	Description
	FederatedPrincipal(String federated, Map<String,Object> conditions)
	FederatedPrincipal(String federated, Map<String,Object> conditions, String assumeRoleAction)
protected	FederatedPrincipal(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	FederatedPrincipal(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method	Description
String	dedupeString()	Return whether or not this principal is equal to the given principal.
String	getAssumeRoleAction()	When this Principal is used in an AssumeRole policy, the action to use.
Map<String,Object>	getConditions()	The conditions under which the policy is in effect.
String	getFederated()	federated identity provider (i.e.
PrincipalPolicyFragment	getPolicyFragment()	Return the policy fragment that identifies this principal in a Policy.
String	toString()	Returns a string representation of an object.

Methods inherited from class software.amazon.awscdk.services.iam.PrincipalBase

addToAssumeRolePolicy, addToPolicy, addToPrincipalPolicy, getGrantPrincipal, getPrincipalAccount, toJSON, withConditions, withSessionTags

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Constructor Details

FederatedPrincipal

protected FederatedPrincipal(software.amazon.jsii.JsiiObjectRef objRef)

FederatedPrincipal

protected FederatedPrincipal(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

FederatedPrincipal

@Stability(Stable)
public FederatedPrincipal(@NotNull
 String federated,
 @NotNull
 Map<String,Object> conditions,
 @Nullable
 String assumeRoleAction)

Parameters:

federated - federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito). This parameter is required.

conditions - The conditions under which the policy is in effect. This parameter is required.

assumeRoleAction -

FederatedPrincipal

@Stability(Stable)
public FederatedPrincipal(@NotNull
 String federated,
 @NotNull
 Map<String,Object> conditions)

Parameters:

federated - federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito). This parameter is required.

conditions - The conditions under which the policy is in effect. This parameter is required.

Method Details

dedupeString

@Stability(Stable)
@Nullable
public String dedupeString()

Return whether or not this principal is equal to the given principal.

Specified by:

dedupeString in interface IComparablePrincipal

Specified by:

dedupeString in class PrincipalBase

toString

@Stability(Stable)
@NotNull
public String toString()

Returns a string representation of an object.

Overrides:

toString in class PrincipalBase

getAssumeRoleAction

@Stability(Stable)
@NotNull
public String getAssumeRoleAction()

When this Principal is used in an AssumeRole policy, the action to use.

Specified by:

getAssumeRoleAction in interface IPrincipal

Overrides:

getAssumeRoleAction in class PrincipalBase

getConditions

@Stability(Stable)
@NotNull
public Map<String,Object> getConditions()

The conditions under which the policy is in effect.

See the IAM documentation.

getFederated

@Stability(Stable)
@NotNull
public String getFederated()

federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito).

getPolicyFragment

@Stability(Stable)
@NotNull
public PrincipalPolicyFragment getPolicyFragment()

Return the policy fragment that identifies this principal in a Policy.

Specified by:

getPolicyFragment in interface IPrincipal

Specified by:

getPolicyFragment in class PrincipalBase