software.amazon.awscdk.services.iam

Class User

java.lang.Object

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.Resource

software.amazon.awscdk.services.iam.User

All Implemented Interfaces:

IConstruct, IDependable, IResource, IGrantable, IIdentity, IPrincipal, IUser

@Generated(value="jsii-pacmak/1.71.0 (build f1f58ae)",
           date="2022-11-29T04:32:15.385Z")
public class User
extends Resource
implements IIdentity, IUser

Define a new IAM user.

Example:

 User user = new User(this, "MyUser"); // or User.fromUserName(stack, 'User', 'johnsmith');
 Group group = new Group(this, "MyGroup"); // or Group.fromGroupArn(stack, 'Group', 'arn:aws:iam::account-id:group/group-name');
 user.addToGroup(group);
 // or
 group.addUser(user);
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	User.Builder A fluent builder for User.

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IUser

IUser.Jsii$Default, IUser.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	User(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	User(software.amazon.jsii.JsiiObjectRef objRef)
	User(software.constructs.Construct scope, java.lang.String id)
	User(software.constructs.Construct scope, java.lang.String id, UserProps props)

Method Summary

Modifier and Type	Method and Description
void	addManagedPolicy(IManagedPolicy policy) Attaches a managed policy to the user.
void	addToGroup(IGroup group) Adds this user to a group.
java.lang.Boolean	addToPolicy(PolicyStatement statement) Add to the policy of this principal.
AddToPrincipalPolicyResult	addToPrincipalPolicy(PolicyStatement statement) Adds an IAM statement to the default policy.
void	attachInlinePolicy(Policy policy) Attaches a policy to this user.
static IUser	fromUserArn(software.constructs.Construct scope, java.lang.String id, java.lang.String userArn) Import an existing user given a user ARN.
static IUser	fromUserAttributes(software.constructs.Construct scope, java.lang.String id, UserAttributes attrs) Import an existing user given user attributes.
static IUser	fromUserName(software.constructs.Construct scope, java.lang.String id, java.lang.String userName) Import an existing user given a username.
java.lang.String	getAssumeRoleAction() When this Principal is used in an AssumeRole policy, the action to use.
IPrincipal	getGrantPrincipal() The principal to grant permissions to.
IManagedPolicy	getPermissionsBoundary() Returns the permissions boundary attached to this user.
PrincipalPolicyFragment	getPolicyFragment() Return the policy fragment that identifies this principal in a Policy.
java.lang.String	getPrincipalAccount() The AWS account ID of this principal.
java.lang.String	getUserArn() An attribute that represents the user's ARN.
java.lang.String	getUserName() An attribute that represents the user name.

Methods inherited from class software.amazon.awscdk.core.Resource

applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.core.IResource

applyRemovalPolicy, getEnv, getStack

Methods inherited from interface software.amazon.awscdk.core.IConstruct

getNode

Constructor Detail

User

protected User(software.amazon.jsii.JsiiObjectRef objRef)

User

protected User(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

User

public User(software.constructs.Construct scope,
            java.lang.String id,
            UserProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props -

User

public User(software.constructs.Construct scope,
            java.lang.String id)

Parameters:

scope - This parameter is required.

id - This parameter is required.

Method Detail

fromUserArn

public static IUser fromUserArn(software.constructs.Construct scope,
                                java.lang.String id,
                                java.lang.String userArn)

Import an existing user given a user ARN.

If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.

Parameters:

scope - construct scope. This parameter is required.

id - construct id. This parameter is required.

userArn - the ARN of an existing user to import. This parameter is required.

fromUserAttributes

public static IUser fromUserAttributes(software.constructs.Construct scope,
                                       java.lang.String id,
                                       UserAttributes attrs)

Import an existing user given user attributes.

If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.

Parameters:

scope - construct scope. This parameter is required.

id - construct id. This parameter is required.

attrs - the attributes of the user to import. This parameter is required.

fromUserName

public static IUser fromUserName(software.constructs.Construct scope,
                                 java.lang.String id,
                                 java.lang.String userName)

Import an existing user given a username.

Parameters:

scope - construct scope. This parameter is required.

id - construct id. This parameter is required.

userName - the username of the existing user to import. This parameter is required.

addManagedPolicy

public void addManagedPolicy(IManagedPolicy policy)

Attaches a managed policy to the user.

Specified by:

addManagedPolicy in interface IIdentity

Parameters:

policy - The managed policy to attach. This parameter is required.

addToGroup

public void addToGroup(IGroup group)

Adds this user to a group.

Specified by:

addToGroup in interface IUser

Parameters:

group - This parameter is required.

addToPolicy

public java.lang.Boolean addToPolicy(PolicyStatement statement)

Add to the policy of this principal.

Specified by:

addToPolicy in interface IPrincipal

Parameters:

statement - This parameter is required.

Returns:

true if the statement was added, false if the principal in question does not have a policy document to add the statement to.

addToPrincipalPolicy

public AddToPrincipalPolicyResult addToPrincipalPolicy(PolicyStatement statement)

Adds an IAM statement to the default policy.

Specified by:

addToPrincipalPolicy in interface IPrincipal

Parameters:

statement - This parameter is required.

Returns:

true

attachInlinePolicy

public void attachInlinePolicy(Policy policy)

Attaches a policy to this user.

Specified by:

attachInlinePolicy in interface IIdentity

Parameters:

policy - This parameter is required.

getAssumeRoleAction

public java.lang.String getAssumeRoleAction()

When this Principal is used in an AssumeRole policy, the action to use.

Specified by:

getAssumeRoleAction in interface IPrincipal

getGrantPrincipal

public IPrincipal getGrantPrincipal()

The principal to grant permissions to.

Specified by:

getGrantPrincipal in interface IGrantable

getPolicyFragment

public PrincipalPolicyFragment getPolicyFragment()

Return the policy fragment that identifies this principal in a Policy.

Specified by:

getPolicyFragment in interface IPrincipal

getUserArn

public java.lang.String getUserArn()

An attribute that represents the user's ARN.

Specified by:

getUserArn in interface IUser

getUserName

public java.lang.String getUserName()

An attribute that represents the user name.

Specified by:

getUserName in interface IUser

getPermissionsBoundary

public IManagedPolicy getPermissionsBoundary()

Returns the permissions boundary attached to this user.

getPrincipalAccount

public java.lang.String getPrincipalAccount()

The AWS account ID of this principal.

Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.

Specified by:

getPrincipalAccount in interface IPrincipal