Class User
Define a new IAM user.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.IAM
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class User : Resource, IUser, IIdentity, IPrincipal, IGrantable, IResource, IUserRef, IConstruct, IDependable, IEnvironmentAwareSyntax (vb)
Public Class User Inherits Resource Implements IUser, IIdentity, IPrincipal, IGrantable, IResource, IUserRef, IConstruct, IDependable, IEnvironmentAwareRemarks
ExampleMetadata: infused
Examples
IChainable definition;
var user = new User(this, "MyUser");
var stateMachine = new StateMachine(this, "StateMachine", new StateMachineProps {
DefinitionBody = DefinitionBody.FromChainable(definition)
});
//give user permission to send task success to the state machine
stateMachine.Grant(user, "states:SendTaskSuccess");Synopsis
Constructors
| User(Construct, string, IUserProps?) | Define a new IAM user. |
Properties
| AssumeRoleAction | When this Principal is used in an AssumeRole policy, the action to use. |
| GrantPrincipal | The principal to grant permissions to. |
| PROPERTY_INJECTION_ID | Uniquely identifies this class. |
| PermissionsBoundary | Returns the permissions boundary attached to this user. |
| PolicyFragment | Return the policy fragment that identifies this principal in a Policy. |
| PrincipalAccount | The AWS account ID of this principal. |
| UserArn | An attribute that represents the user's ARN. |
| UserName | An attribute that represents the user name. |
| UserRef | A reference to a User resource. |
Methods
| AddManagedPolicy(IManagedPolicy) | Attaches a managed policy to the user. |
| AddToGroup(IGroup) | Adds this user to a group. |
| AddToPolicy(PolicyStatement) | Add to the policy of this principal. |
| AddToPrincipalPolicy(PolicyStatement) | Adds an IAM statement to the default policy. |
| AttachInlinePolicy(Policy) | Attaches a policy to this user. |
| FromUserArn(Construct, string, string) | Import an existing user given a user ARN. |
| FromUserAttributes(Construct, string, IUserAttributes) | Import an existing user given user attributes. |
| FromUserName(Construct, string, string) | Import an existing user given a username. |
Constructors
User(Construct, string, IUserProps?)
Define a new IAM user.
public User(Construct scope, string id, IUserProps? props = null)Parameters
- scope Construct
- id string
- props IUserProps
Remarks
ExampleMetadata: infused
Examples
IChainable definition;
var user = new User(this, "MyUser");
var stateMachine = new StateMachine(this, "StateMachine", new StateMachineProps {
DefinitionBody = DefinitionBody.FromChainable(definition)
});
//give user permission to send task success to the state machine
stateMachine.Grant(user, "states:SendTaskSuccess");Properties
AssumeRoleAction
When this Principal is used in an AssumeRole policy, the action to use.
public virtual string AssumeRoleAction { get; }Property Value
Remarks
ExampleMetadata: infused
GrantPrincipal
The principal to grant permissions to.
public virtual IPrincipal GrantPrincipal { get; }Property Value
Remarks
ExampleMetadata: infused
PROPERTY_INJECTION_ID
Uniquely identifies this class.
public static string PROPERTY_INJECTION_ID { get; }Property Value
Remarks
ExampleMetadata: infused
PermissionsBoundary
Returns the permissions boundary attached to this user.
public virtual IManagedPolicy? PermissionsBoundary { get; }Property Value
Remarks
ExampleMetadata: infused
PolicyFragment
Return the policy fragment that identifies this principal in a Policy.
public virtual PrincipalPolicyFragment PolicyFragment { get; }Property Value
Remarks
ExampleMetadata: infused
PrincipalAccount
The AWS account ID of this principal.
public virtual string? PrincipalAccount { get; }Property Value
Remarks
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
UserArn
An attribute that represents the user's ARN.
public virtual string UserArn { get; }Property Value
Remarks
Attribute: true
UserName
An attribute that represents the user name.
public virtual string UserName { get; }Property Value
Remarks
Attribute: true
UserRef
A reference to a User resource.
public virtual IUserReference UserRef { get; }Property Value
Remarks
ExampleMetadata: infused
Methods
AddManagedPolicy(IManagedPolicy)
Attaches a managed policy to the user.
public virtual void AddManagedPolicy(IManagedPolicy policy)Parameters
- policy IManagedPolicy
The managed policy to attach.
Remarks
ExampleMetadata: infused
AddToGroup(IGroup)
Adds this user to a group.
public virtual void AddToGroup(IGroup group)Parameters
- group IGroup
Remarks
ExampleMetadata: infused
AddToPolicy(PolicyStatement)
Add to the policy of this principal.
public virtual bool AddToPolicy(PolicyStatement statement)Parameters
- statement PolicyStatement
Returns
Remarks
ExampleMetadata: infused
AddToPrincipalPolicy(PolicyStatement)
Adds an IAM statement to the default policy.
public virtual IAddToPrincipalPolicyResult AddToPrincipalPolicy(PolicyStatement statement)Parameters
- statement PolicyStatement
Returns
true
Remarks
ExampleMetadata: infused
AttachInlinePolicy(Policy)
Attaches a policy to this user.
public virtual void AttachInlinePolicy(Policy policy)Parameters
- policy Policy
Remarks
ExampleMetadata: infused
FromUserArn(Construct, string, string)
Import an existing user given a user ARN.
public static IUser FromUserArn(Construct scope, string id, string userArn)Parameters
- scope Construct
construct scope.
- id string
construct id.
- userArn string
the ARN of an existing user to import.
Returns
Remarks
If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.
FromUserAttributes(Construct, string, IUserAttributes)
Import an existing user given user attributes.
public static IUser FromUserAttributes(Construct scope, string id, IUserAttributes attrs)Parameters
- scope Construct
construct scope.
- id string
construct id.
- attrs IUserAttributes
the attributes of the user to import.
Returns
Remarks
If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.
FromUserName(Construct, string, string)
Import an existing user given a username.
public static IUser FromUserName(Construct scope, string id, string userName)Parameters
- scope Construct
construct scope.
- id string
construct id.
- userName string
the username of the existing user to import.
Returns
Remarks
ExampleMetadata: infused