AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
A principal is an AWS account which is being allowed or denied access to a resource through an access control policy. The principal is a property of the Statement object, not directly the Amazon.Auth.AccessControlPolicy.Policy object.
The principal is A in the statement "A has permission to do B to C where D applies."
In an access control policy statement, you can set the principal to all authenticated AWS users through the Amazon.Auth.AccessControlPolicy.Principal.AllUsers member. This is useful when you don't want to restrict access based on the identity of the requester, but instead on other identifying characteristics such as the requester's IP address.
Namespace: Amazon.Auth.AccessControlPolicy
Assembly: AWSSDK.Core.dll
Version: 3.x.y.z
public class Principal
The Principal type exposes the following members
Name | Description | |
---|---|---|
Principal(string) |
Constructs a new principal with the specified AWS account ID. |
|
Principal(string, string) |
Constructs a new principal with the specified provider and id |
|
Principal(string, string, bool) |
Constructs a new principal with the specified provider and id and optionally strips hyphens from the id |
Name | Type | Description | |
---|---|---|---|
Id | System.String |
Gets the unique ID for this principal. |
|
Provider | System.String |
Gets and sets the provider for this principal, which indicates in what group of users this principal resides. |
Name | Type | Description | |
---|---|---|---|
AllUsers | Amazon.Auth.AccessControlPolicy.Principal |
Principal instance that includes all authenticated AWS users. This is useful when you don't want to restrict access based on the identity of the requester, but instead on other identifying characteristics such as the requester's IP address. |
|
Anonymous | Amazon.Auth.AccessControlPolicy.Principal |
The anonymous Principal. |
|
ANONYMOUS_PROVIDER | System.String |
Dummy principal provider for anonynous. |
|
AWS_PROVIDER | System.String |
The default Principal provider for AWS accounts. |
|
CANONICAL_USER_PROVIDER | System.String |
Principal provider for Canonical User IDs. |
|
FEDERATED_PROVIDER | System.String |
Principal provider for federated users (using a SAML identity provider) |
|
SERVICE_PROVIDER | System.String |
Principal provider for assume role policies that will be assumed by an AWS service (e.g. "ec2.amazonaws.com"). |
.NET:
Supported in: 8.0 and newer, Core 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5 and newer, 3.5