PrincipalPolicyFragment
- class aws_cdk.aws_iam.PrincipalPolicyFragment(principal_json, conditions=None)
Bases:
object
A collection of the fields in a PolicyStatement that can be used to identify a principal.
This consists of the JSON used in the “Principal” field, and optionally a set of “Condition”s that need to be applied to the policy.
Generally, a principal looks like:
{ '<TYPE>': ['ID', 'ID', ...] }
And this is also the type of the field
principalJson
. However, there is a special type of principal that is just the string ‘*’, which is treated differently by some services. To represent that principal,principalJson
should contain{ 'LiteralString': ['*'] }
.- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_iam as iam # conditions: Any principal_policy_fragment = iam.PrincipalPolicyFragment({ "principal_json_key": ["principalJson"] }, { "conditions_key": conditions })
- Parameters:
principal_json (
Mapping
[str
,Sequence
[str
]]) – JSON of the “Principal” section in a policy statement.conditions (
Optional
[Mapping
[str
,Any
]]) – The conditions under which the policy is in effect. See the IAM documentation. conditions that need to be applied to this policy
Attributes
- conditions
The conditions under which the policy is in effect.
See the IAM documentation. conditions that need to be applied to this policy
- principal_json
JSON of the “Principal” section in a policy statement.