aws_cdk.aws_iam

Package Overview

AccessKey

Define a new IAM Access Key.

AccessKeyProps

AccessKeyStatus

Valid statuses for an IAM Access Key.

AccountPrincipal

Specify AWS account ID as the principal entity in a policy to delegate authority to the account.

AccountRootPrincipal

Use the AWS account into which a stack is deployed as the principal entity in a policy.

AddToPrincipalPolicyResult

AddToResourcePolicyResult

AnyPrincipal

A principal representing all AWS identities in all accounts.

ArnPrincipal

Specify a principal by the Amazon Resource Name (ARN).

CanonicalUserPrincipal

A policy principal for canonicalUserIds - useful for S3 bucket policies that use Origin Access identities.

CfnAccessKey

Creates a new AWS secret access key and corresponding AWS access key ID for the specified user.

CfnAccessKeyProps

CfnGroup

Creates a new group.

CfnGroupPolicy

Adds or updates an inline policy document that is embedded in the specified IAM group.

CfnGroupPolicyProps

CfnGroupProps

CfnInstanceProfile

Creates a new instance profile. For information about instance profiles, see Using instance profiles .

CfnInstanceProfileProps

CfnManagedPolicy

Creates a new managed policy for your AWS account .

CfnManagedPolicyProps

CfnOIDCProvider

Creates or updates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC) .

CfnOIDCProviderProps

CfnPolicy

Adds or updates an inline policy document that is embedded in the specified IAM group, user or role.

CfnPolicyProps

CfnRole

Creates a new role for your AWS account .

CfnRolePolicy

Adds or updates an inline policy document that is embedded in the specified IAM role.

CfnRolePolicyProps

CfnRoleProps

CfnSAMLProvider

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.

CfnSAMLProviderProps

CfnServerCertificate

Uploads a server certificate entity for the AWS account .

CfnServerCertificateProps

CfnServiceLinkedRole

Creates an IAM role that is linked to a specific AWS service.

CfnServiceLinkedRoleProps

CfnUser

Creates a new IAM user for your AWS account .

CfnUserPolicy

Adds or updates an inline policy document that is embedded in the specified IAM user.

CfnUserPolicyProps

CfnUserProps

CfnUserToGroupAddition

Adds the specified user to the specified group.

CfnUserToGroupAdditionProps

CfnVirtualMFADevice

Creates a new virtual MFA device for the AWS account .

CfnVirtualMFADeviceProps

CommonGrantOptions

ComparablePrincipal

Helper class for working with ``IComparablePrincipal``s.

CompositeDependable

Composite dependable.

CompositePrincipal

Represents a principal that has multiple types of principals.

CustomizeRolesOptions

Effect

The Effect element of an IAM policy.

FederatedPrincipal

Principal entity that represents a federated identity provider such as Amazon Cognito, that can be used to provide temporary security credentials to users who have been authenticated.

FromRoleArnOptions

FromRoleNameOptions

Grant

Result of a grant() operation.

GrantOnPrincipalAndResourceOptions

GrantOnPrincipalOptions

GrantWithResourceOptions

Group

An IAM Group (collection of IAM users) lets you specify permissions for multiple users, which can make it easier to manage permissions for those users.

GroupProps

IAccessKey

Represents an IAM Access Key.

IAssumeRolePrincipal

A type of principal that has more control over its own representation in AssumeRolePolicyDocuments.

IComparablePrincipal

Interface for principals that can be compared.

IGrantable

Any object that has an associated principal that a permission can be granted to.

IGroup

Represents an IAM Group.

IIdentity

A construct that represents an IAM principal, such as a user, group or role.

IInstanceProfile

Represents an IAM Instance Profile.

IManagedPolicy

A managed policy.

IOpenIdConnectProvider

Represents an IAM OpenID Connect provider.

IPolicy

Represents an IAM Policy.

IPrincipal

Represents a logical IAM principal.

IResourceWithPolicy

A resource with a resource policy that can be added to.

IRole

A Role object.

ISamlProvider

A SAML provider.

IUser

Represents an IAM user.

InstanceProfile

IAM Instance Profile.

InstanceProfileAttributes

InstanceProfileProps

LazyRole

An IAM role that only gets attached to the construct tree once it gets used, not before.

LazyRoleProps

ManagedPolicy

Managed policy.

ManagedPolicyProps

OpenIdConnectPrincipal

A principal that represents a federated identity provider as from a OpenID Connect provider.

OpenIdConnectProvider

IAM OIDC identity providers are entities in IAM that describe an external identity provider (IdP) service that supports the OpenID Connect (OIDC) standard, such as Google or Salesforce.

OpenIdConnectProviderProps

OrganizationPrincipal

A principal that represents an AWS Organization.

PermissionsBoundary

Modify the Permissions Boundaries of Users and Roles in a construct tree.

Policy

The AWS::IAM::Policy resource associates an IAM policy with IAM users, roles, or groups.

PolicyDocument

A PolicyDocument is a collection of statements.

PolicyDocumentProps

PolicyProps

PolicyStatement

Represents a statement in an IAM policy document.

PolicyStatementProps

PrincipalBase

Base class for policy principals.

PrincipalPolicyFragment

A collection of the fields in a PolicyStatement that can be used to identify a principal.

PrincipalWithConditions

An IAM principal with additional conditions specifying when the policy is in effect.

Role

IAM Role.

RoleProps

SamlConsolePrincipal

Principal entity that represents a SAML federated identity provider for programmatic and AWS Management Console access.

SamlMetadataDocument

A SAML metadata document.

SamlPrincipal

Principal entity that represents a SAML federated identity provider.

SamlProvider

A SAML provider.

SamlProviderProps

ServicePrincipal

An IAM principal that represents an AWS service (i.e. sqs.amazonaws.com).

ServicePrincipalOpts

SessionTagsPrincipal

Enables session tags on role assumptions from a principal.

StarPrincipal

A principal that uses a literal β€˜*’ in the IAM JSON language.

UnknownPrincipal

A principal for use in resources that need to have a role but it’s unknown.

UnknownPrincipalProps

User

Define a new IAM user.

UserAttributes

UserProps

WebIdentityPrincipal

A principal that represents a federated identity provider as Web Identity such as Cognito, Amazon, Facebook, Google, etc.

WithoutPolicyUpdatesOptions