Class PrincipalBase
Base class for policy principals.
Inheritance
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public abstract class PrincipalBase : DeputyBase, IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Syntax (vb)
Public MustInherit Class PrincipalBase
Inherits DeputyBase
Implements IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Remarks
ExampleMetadata: infused
Examples
var tagParam = new CfnParameter(this, "TagName");
var stringEquals = new CfnJson(this, "ConditionJson", new CfnJsonProps {
Value = new Dictionary<string, boolean> {
{ $"aws:PrincipalTag/{tagParam.valueAsString}", true }
}
});
var principal = new AccountRootPrincipal().WithConditions(new Dictionary<string, object> {
{ "StringEquals", stringEquals }
});
new Role(this, "MyRole", new RoleProps { AssumedBy = principal });
Synopsis
Constructors
PrincipalBase() | |
PrincipalBase(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
PrincipalBase(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
AssumeRoleAction | When this Principal is used in an AssumeRole policy, the action to use. |
GrantPrincipal | The principal to grant permissions to. |
PolicyFragment | Return the policy fragment that identifies this principal in a Policy. |
PrincipalAccount | The AWS account ID of this principal. |
Methods
AddToAssumeRolePolicy(PolicyDocument) | Add the principal to the AssumeRolePolicyDocument. |
AddToPolicy(PolicyStatement) | Add to the policy of this principal. |
AddToPrincipalPolicy(PolicyStatement) | Add to the policy of this principal. |
DedupeString() | Return whether or not this principal is equal to the given principal. |
ToJSON() | JSON-ify the principal. |
ToString() | Returns a string representation of an object. |
WithConditions(IDictionary<String, Object>) | Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added. |
WithSessionTags() | Returns a new principal using this principal as the base, with session tags enabled. |
Constructors
PrincipalBase()
protected PrincipalBase()
PrincipalBase(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected PrincipalBase(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
PrincipalBase(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected PrincipalBase(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
AssumeRoleAction
When this Principal is used in an AssumeRole policy, the action to use.
public virtual string AssumeRoleAction { get; }
Property Value
System.String
GrantPrincipal
The principal to grant permissions to.
public virtual IPrincipal GrantPrincipal { get; }
Property Value
PolicyFragment
Return the policy fragment that identifies this principal in a Policy.
public abstract PrincipalPolicyFragment PolicyFragment { get; }
Property Value
PrincipalAccount
The AWS account ID of this principal.
public virtual string PrincipalAccount { get; }
Property Value
System.String
Remarks
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
Methods
AddToAssumeRolePolicy(PolicyDocument)
Add the principal to the AssumeRolePolicyDocument.
public virtual void AddToAssumeRolePolicy(PolicyDocument document)
Parameters
- document PolicyDocument
Remarks
Add the statements to the AssumeRolePolicyDocument necessary to give this principal permissions to assume the given role.
AddToPolicy(PolicyStatement)
Add to the policy of this principal.
public virtual bool AddToPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns
System.Boolean
AddToPrincipalPolicy(PolicyStatement)
Add to the policy of this principal.
public virtual IAddToPrincipalPolicyResult AddToPrincipalPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns
DedupeString()
Return whether or not this principal is equal to the given principal.
public abstract string DedupeString()
Returns
System.String
ToJSON()
JSON-ify the principal.
public virtual IDictionary<string, string[]> ToJSON()
Returns
System.Collections.Generic.IDictionary<System.String, System.String[]>
Remarks
Used when JSON.stringify() is called
ToString()
Returns a string representation of an object.
public override string ToString()
Returns
System.String
WithConditions(IDictionary<String, Object>)
Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.
public virtual PrincipalBase WithConditions(IDictionary<string, object> conditions)
Parameters
- conditions System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
a new PrincipalWithConditions object.
Remarks
When there is a value for the same operator and key in both the principal and the conditions parameter, the value from the conditions parameter will be used.
WithSessionTags()
Returns a new principal using this principal as the base, with session tags enabled.
public virtual PrincipalBase WithSessionTags()
Returns
a new SessionTagsPrincipal object.