@Generated(value="jsii-pacmak/1.73.0 (build 6faeda3)", date="2023-01-31T18:36:46.901Z") public abstract class PrincipalBase extends software.amazon.jsii.JsiiObject implements IAssumeRolePrincipal, IComparablePrincipal
Example:
CfnParameter tagParam = new CfnParameter(this, "TagName"); CfnJson stringEquals = CfnJson.Builder.create(this, "ConditionJson") .value(Map.of( String.format("aws:PrincipalTag/%s", tagParam.getValueAsString()), true)) .build(); PrincipalBase principal = new AccountRootPrincipal().withConditions(Map.of( "StringEquals", stringEquals)); Role.Builder.create(this, "MyRole").assumedBy(principal).build();
IAssumeRolePrincipal.Jsii$Default
IComparablePrincipal.Jsii$Default
Modifier | Constructor and Description |
---|---|
protected |
PrincipalBase() |
protected |
PrincipalBase(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
PrincipalBase(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
void |
addToAssumeRolePolicy(PolicyDocument document)
Add the princpial to the AssumeRolePolicyDocument.
|
java.lang.Boolean |
addToPolicy(PolicyStatement statement)
Add to the policy of this principal.
|
AddToPrincipalPolicyResult |
addToPrincipalPolicy(PolicyStatement _statement)
Add to the policy of this principal.
|
abstract java.lang.String |
dedupeString()
Return whether or not this principal is equal to the given principal.
|
java.lang.String |
getAssumeRoleAction()
When this Principal is used in an AssumeRole policy, the action to use.
|
IPrincipal |
getGrantPrincipal()
The principal to grant permissions to.
|
abstract PrincipalPolicyFragment |
getPolicyFragment()
Return the policy fragment that identifies this principal in a Policy.
|
java.lang.String |
getPrincipalAccount()
The AWS account ID of this principal.
|
java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
toJSON()
JSON-ify the principal.
|
java.lang.String |
toString()
Returns a string representation of an object.
|
PrincipalBase |
withConditions(java.util.Map<java.lang.String,java.lang.Object> conditions)
Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.
|
PrincipalBase |
withSessionTags()
Returns a new principal using this principal as the base, with session tags enabled.
|
protected PrincipalBase(software.amazon.jsii.JsiiObjectRef objRef)
protected PrincipalBase(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected PrincipalBase()
public void addToAssumeRolePolicy(PolicyDocument document)
Add the statements to the AssumeRolePolicyDocument necessary to give this principal permissions to assume the given role.
addToAssumeRolePolicy
in interface IAssumeRolePrincipal
document
- This parameter is required.public java.lang.Boolean addToPolicy(PolicyStatement statement)
addToPolicy
in interface IPrincipal
statement
- This parameter is required.public AddToPrincipalPolicyResult addToPrincipalPolicy(PolicyStatement _statement)
addToPrincipalPolicy
in interface IPrincipal
_statement
- This parameter is required.public abstract java.lang.String dedupeString()
dedupeString
in interface IComparablePrincipal
public java.util.Map<java.lang.String,java.util.List<java.lang.String>> toJSON()
Used when JSON.stringify() is called
public java.lang.String toString()
public PrincipalBase withConditions(java.util.Map<java.lang.String,java.lang.Object> conditions)
When there is a value for the same operator and key in both the principal and the conditions parameter, the value from the conditions parameter will be used.
conditions
- This parameter is required.public PrincipalBase withSessionTags()
public java.lang.String getAssumeRoleAction()
getAssumeRoleAction
in interface IPrincipal
public IPrincipal getGrantPrincipal()
getGrantPrincipal
in interface IGrantable
public abstract PrincipalPolicyFragment getPolicyFragment()
getPolicyFragment
in interface IPrincipal
public java.lang.String getPrincipalAccount()
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
getPrincipalAccount
in interface IPrincipal