java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
All Implemented Interfaces:
IConstruct, IDependable, IResource, IGrantable, IIdentity, IPrincipal, IUser, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:29:57.380Z") @Stability(Stable) public class User extends Resource implements IIdentity, IUser
Define a new IAM user.

Example:

 User user = new User(this, "MyUser"); // or User.fromUserName(stack, 'User', 'johnsmith');
 Group group = new Group(this, "MyGroup"); // or Group.fromGroupArn(stack, 'Group', 'arn:aws:iam::account-id:group/group-name');
 user.addToGroup(group);
 // or
 group.addUser(user);
 
  • Constructor Details

    • User

      protected User(software.amazon.jsii.JsiiObjectRef objRef)
    • User

      protected User(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • User

      @Stability(Stable) public User(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable UserProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props -
    • User

      @Stability(Stable) public User(@NotNull software.constructs.Construct scope, @NotNull String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
  • Method Details

    • fromUserArn

      @Stability(Stable) @NotNull public static IUser fromUserArn(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String userArn)
      Import an existing user given a user ARN.

      If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      userArn - the ARN of an existing user to import. This parameter is required.
    • fromUserAttributes

      @Stability(Stable) @NotNull public static IUser fromUserAttributes(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull UserAttributes attrs)
      Import an existing user given user attributes.

      If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      attrs - the attributes of the user to import. This parameter is required.
    • fromUserName

      @Stability(Stable) @NotNull public static IUser fromUserName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String userName)
      Import an existing user given a username.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      userName - the username of the existing user to import. This parameter is required.
    • addManagedPolicy

      @Stability(Stable) public void addManagedPolicy(@NotNull IManagedPolicy policy)
      Attaches a managed policy to the user.

      Specified by:
      addManagedPolicy in interface IIdentity
      Parameters:
      policy - The managed policy to attach. This parameter is required.
    • addToGroup

      @Stability(Stable) public void addToGroup(@NotNull IGroup group)
      Adds this user to a group.

      Specified by:
      addToGroup in interface IUser
      Parameters:
      group - This parameter is required.
    • addToPolicy

      @Stability(Stable) @NotNull public Boolean addToPolicy(@NotNull PolicyStatement statement)
      Add to the policy of this principal.

      Specified by:
      addToPolicy in interface IPrincipal
      Parameters:
      statement - This parameter is required.
      Returns:
      true if the statement was added, false if the principal in question does not have a policy document to add the statement to.
    • addToPrincipalPolicy

      @Stability(Stable) @NotNull public AddToPrincipalPolicyResult addToPrincipalPolicy(@NotNull PolicyStatement statement)
      Adds an IAM statement to the default policy.

      Specified by:
      addToPrincipalPolicy in interface IPrincipal
      Parameters:
      statement - This parameter is required.
      Returns:
      true
    • attachInlinePolicy

      @Stability(Stable) public void attachInlinePolicy(@NotNull Policy policy)
      Attaches a policy to this user.

      Specified by:
      attachInlinePolicy in interface IIdentity
      Parameters:
      policy - This parameter is required.
    • getAssumeRoleAction

      @Stability(Stable) @NotNull public String getAssumeRoleAction()
      When this Principal is used in an AssumeRole policy, the action to use.
      Specified by:
      getAssumeRoleAction in interface IPrincipal
    • getGrantPrincipal

      @Stability(Stable) @NotNull public IPrincipal getGrantPrincipal()
      The principal to grant permissions to.
      Specified by:
      getGrantPrincipal in interface IGrantable
    • getPolicyFragment

      @Stability(Stable) @NotNull public PrincipalPolicyFragment getPolicyFragment()
      Return the policy fragment that identifies this principal in a Policy.
      Specified by:
      getPolicyFragment in interface IPrincipal
    • getUserArn

      @Stability(Stable) @NotNull public String getUserArn()
      An attribute that represents the user's ARN.
      Specified by:
      getUserArn in interface IUser
    • getUserName

      @Stability(Stable) @NotNull public String getUserName()
      An attribute that represents the user name.
      Specified by:
      getUserName in interface IUser
    • getPermissionsBoundary

      @Stability(Stable) @Nullable public IManagedPolicy getPermissionsBoundary()
      Returns the permissions boundary attached to this user.
    • getPrincipalAccount

      @Stability(Stable) @Nullable public String getPrincipalAccount()
      The AWS account ID of this principal.

      Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.

      Specified by:
      getPrincipalAccount in interface IPrincipal