Class PrincipalWithConditions
An IAM principal with additional conditions specifying when the policy is in effect.
Inherited Members
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class PrincipalWithConditions : PrincipalBase, IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Syntax (vb)
Public Class PrincipalWithConditions
Inherits PrincipalBase
Implements IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Remarks
For more information about conditions, see: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.IAM;
var conditions;
IPrincipal principal;
var principalWithConditions = new PrincipalWithConditions(principal, new Dictionary<string, object> {
{ "conditionsKey", conditions }
});
Synopsis
Constructors
PrincipalWithConditions(IPrincipal, IDictionary<String, Object>) | |
PrincipalWithConditions(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
PrincipalWithConditions(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
AssumeRoleAction | When this Principal is used in an AssumeRole policy, the action to use. |
Conditions | The conditions under which the policy is in effect. |
PolicyFragment | Return the policy fragment that identifies this principal in a Policy. |
PrincipalAccount | The AWS account ID of this principal. |
Methods
AddCondition(String, Object) | Add a condition to the principal. |
AddConditions(IDictionary<String, Object>) | Adds multiple conditions to the principal. |
AddToAssumeRolePolicy(PolicyDocument) | Add the principal to the AssumeRolePolicyDocument. |
AddToPolicy(PolicyStatement) | Add to the policy of this principal. |
AddToPrincipalPolicy(PolicyStatement) | Add to the policy of this principal. |
AppendDedupe(String) | Append the given string to the wrapped principal's dedupe string (if available). |
DedupeString() | Return whether or not this principal is equal to the given principal. |
ToJSON() | JSON-ify the principal. |
ToString() | Returns a string representation of an object. |
Constructors
PrincipalWithConditions(IPrincipal, IDictionary<String, Object>)
public PrincipalWithConditions(IPrincipal principal, IDictionary<string, object> conditions)
Parameters
- principal IPrincipal
- conditions System.Collections.Generic.IDictionary<System.String, System.Object>
PrincipalWithConditions(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected PrincipalWithConditions(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
PrincipalWithConditions(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected PrincipalWithConditions(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
AssumeRoleAction
When this Principal is used in an AssumeRole policy, the action to use.
public override string AssumeRoleAction { get; }
Property Value
System.String
Overrides
Conditions
The conditions under which the policy is in effect.
public virtual IDictionary<string, object> Conditions { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Remarks
PolicyFragment
Return the policy fragment that identifies this principal in a Policy.
public override PrincipalPolicyFragment PolicyFragment { get; }
Property Value
Overrides
PrincipalAccount
The AWS account ID of this principal.
public override string PrincipalAccount { get; }
Property Value
System.String
Overrides
Remarks
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
Methods
AddCondition(String, Object)
Add a condition to the principal.
public virtual void AddCondition(string key, object value)
Parameters
- key System.String
- value System.Object
AddConditions(IDictionary<String, Object>)
Adds multiple conditions to the principal.
public virtual void AddConditions(IDictionary<string, object> conditions)
Parameters
- conditions System.Collections.Generic.IDictionary<System.String, System.Object>
Remarks
Values from the conditions parameter will overwrite existing values with the same operator and key.
AddToAssumeRolePolicy(PolicyDocument)
Add the principal to the AssumeRolePolicyDocument.
public override void AddToAssumeRolePolicy(PolicyDocument doc)
Parameters
- doc PolicyDocument
Overrides
Remarks
Add the statements to the AssumeRolePolicyDocument necessary to give this principal permissions to assume the given role.
AddToPolicy(PolicyStatement)
Add to the policy of this principal.
public override bool AddToPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns
System.Boolean
Overrides
AddToPrincipalPolicy(PolicyStatement)
Add to the policy of this principal.
public override IAddToPrincipalPolicyResult AddToPrincipalPolicy(PolicyStatement statement)
Parameters
- statement PolicyStatement
Returns
Overrides
AppendDedupe(String)
Append the given string to the wrapped principal's dedupe string (if available).
protected virtual string AppendDedupe(string append)
Parameters
- append System.String
Returns
System.String
DedupeString()
Return whether or not this principal is equal to the given principal.
public override string DedupeString()
Returns
System.String
Overrides
ToJSON()
JSON-ify the principal.
public override IDictionary<string, string[]> ToJSON()
Returns
System.Collections.Generic.IDictionary<System.String, System.String[]>
Overrides
Remarks
Used when JSON.stringify() is called
ToString()
Returns a string representation of an object.
public override string ToString()
Returns
System.String