UnknownPrincipal

class aws_cdk.aws_iam.UnknownPrincipal(*, resource)

Bases: object

A principal for use in resources that need to have a role but it’s unknown.

Some resources have roles associated with them which they assume, such as Lambda Functions, CodeBuild projects, StepFunctions machines, etc.

When those resources are imported, their actual roles are not always imported with them. When that happens, we use an instance of this class instead, which will add user warnings when statements are attempted to be added to it.

ExampleMetadata

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_iam as iam
import constructs as constructs

# construct: constructs.Construct

unknown_principal = iam.UnknownPrincipal(
    resource=construct
)
Parameters

resource (IConstruct) – The resource the role proxy is for.

Methods

add_to_policy(statement)

Add to the policy of this principal.

Parameters

statement (PolicyStatement) –

Return type

bool

add_to_principal_policy(statement)

Add to the policy of this principal.

Parameters

statement (PolicyStatement) –

Return type

AddToPrincipalPolicyResult

Attributes

assume_role_action

When this Principal is used in an AssumeRole policy, the action to use.

Return type

str

grant_principal

The principal to grant permissions to.

Return type

IPrincipal

policy_fragment

Return the policy fragment that identifies this principal in a Policy.

Return type

PrincipalPolicyFragment