java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.Resource
software.amazon.awscdk.services.iam.User
All Implemented Interfaces:
IResource, IGrantable, IIdentity, IPrincipal, IUser, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.99.0 (build 8f757e4)", date="2024-06-13T18:49:19.940Z") @Stability(Stable) public class User extends Resource implements IIdentity, IUser
Define a new IAM user.

Example:

 IChainable definition;
 User user = new User(this, "MyUser");
 StateMachine stateMachine = StateMachine.Builder.create(this, "StateMachine")
         .definitionBody(DefinitionBody.fromChainable(definition))
         .build();
 //give user permission to send task success to the state machine
 stateMachine.grant(user, "states:SendTaskSuccess");
 
  • Constructor Details

    • User

      protected User(software.amazon.jsii.JsiiObjectRef objRef)
    • User

      protected User(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • User

      @Stability(Stable) public User(@NotNull software.constructs.Construct scope, @NotNull String id, @Nullable UserProps props)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      props -
    • User

      @Stability(Stable) public User(@NotNull software.constructs.Construct scope, @NotNull String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
  • Method Details

    • fromUserArn

      @Stability(Stable) @NotNull public static IUser fromUserArn(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String userArn)
      Import an existing user given a user ARN.

      If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      userArn - the ARN of an existing user to import. This parameter is required.
    • fromUserAttributes

      @Stability(Stable) @NotNull public static IUser fromUserAttributes(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull UserAttributes attrs)
      Import an existing user given user attributes.

      If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      attrs - the attributes of the user to import. This parameter is required.
    • fromUserName

      @Stability(Stable) @NotNull public static IUser fromUserName(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull String userName)
      Import an existing user given a username.

      Parameters:
      scope - construct scope. This parameter is required.
      id - construct id. This parameter is required.
      userName - the username of the existing user to import. This parameter is required.
    • addManagedPolicy

      @Stability(Stable) public void addManagedPolicy(@NotNull IManagedPolicy policy)
      Attaches a managed policy to the user.

      Specified by:
      addManagedPolicy in interface IIdentity
      Parameters:
      policy - The managed policy to attach. This parameter is required.
    • addToGroup

      @Stability(Stable) public void addToGroup(@NotNull IGroup group)
      Adds this user to a group.

      Specified by:
      addToGroup in interface IUser
      Parameters:
      group - This parameter is required.
    • addToPolicy

      @Stability(Stable) @NotNull public Boolean addToPolicy(@NotNull PolicyStatement statement)
      Add to the policy of this principal.

      Parameters:
      statement - This parameter is required.
    • addToPrincipalPolicy

      @Stability(Stable) @NotNull public AddToPrincipalPolicyResult addToPrincipalPolicy(@NotNull PolicyStatement statement)
      Adds an IAM statement to the default policy.

      Specified by:
      addToPrincipalPolicy in interface IPrincipal
      Parameters:
      statement - This parameter is required.
      Returns:
      true
    • attachInlinePolicy

      @Stability(Stable) public void attachInlinePolicy(@NotNull Policy policy)
      Attaches a policy to this user.

      Specified by:
      attachInlinePolicy in interface IIdentity
      Parameters:
      policy - This parameter is required.
    • getAssumeRoleAction

      @Stability(Stable) @NotNull public String getAssumeRoleAction()
      When this Principal is used in an AssumeRole policy, the action to use.
      Specified by:
      getAssumeRoleAction in interface IPrincipal
    • getGrantPrincipal

      @Stability(Stable) @NotNull public IPrincipal getGrantPrincipal()
      The principal to grant permissions to.
      Specified by:
      getGrantPrincipal in interface IGrantable
    • getPolicyFragment

      @Stability(Stable) @NotNull public PrincipalPolicyFragment getPolicyFragment()
      Return the policy fragment that identifies this principal in a Policy.
      Specified by:
      getPolicyFragment in interface IPrincipal
    • getUserArn

      @Stability(Stable) @NotNull public String getUserArn()
      An attribute that represents the user's ARN.
      Specified by:
      getUserArn in interface IUser
    • getUserName

      @Stability(Stable) @NotNull public String getUserName()
      An attribute that represents the user name.
      Specified by:
      getUserName in interface IUser
    • getPermissionsBoundary

      @Stability(Stable) @Nullable public IManagedPolicy getPermissionsBoundary()
      Returns the permissions boundary attached to this user.
    • getPrincipalAccount

      @Stability(Stable) @Nullable public String getPrincipalAccount()
      The AWS account ID of this principal.

      Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.

      Specified by:
      getPrincipalAccount in interface IPrincipal