Class PrincipalBase
java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.iam.PrincipalBase
- All Implemented Interfaces:
IAssumeRolePrincipal
,IComparablePrincipal
,IGrantable
,IPrincipal
,software.amazon.jsii.JsiiSerializable
- Direct Known Subclasses:
ArnPrincipal
,CanonicalUserPrincipal
,CompositePrincipal
,FederatedPrincipal
,OrganizationPrincipal
,PrincipalWithConditions
,ServicePrincipal
,SessionTagsPrincipal
,StarPrincipal
,ViaServicePrincipal
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:29:57.363Z")
@Stability(Stable)
public abstract class PrincipalBase
extends software.amazon.jsii.JsiiObject
implements IAssumeRolePrincipal, IComparablePrincipal
Base class for policy principals.
Example:
CfnParameter tagParam = new CfnParameter(this, "TagName"); CfnJson stringEquals = CfnJson.Builder.create(this, "ConditionJson") .value(Map.of( String.format("aws:PrincipalTag/%s", tagParam.getValueAsString()), true)) .build(); PrincipalBase principal = new AccountRootPrincipal().withConditions(Map.of( "StringEquals", stringEquals)); Role.Builder.create(this, "MyRole").assumedBy(principal).build();
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IAssumeRolePrincipal
IAssumeRolePrincipal.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IComparablePrincipal
IComparablePrincipal.Jsii$Default
-
Constructor Summary
ModifierConstructorDescriptionprotected
protected
PrincipalBase
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
PrincipalBase
(software.amazon.jsii.JsiiObjectRef objRef) -
Method Summary
Modifier and TypeMethodDescriptionvoid
addToAssumeRolePolicy
(PolicyDocument document) Add the princpial to the AssumeRolePolicyDocument.addToPolicy
(PolicyStatement statement) Add to the policy of this principal.addToPrincipalPolicy
(PolicyStatement _statement) Add to the policy of this principal.abstract String
Return whether or not this principal is equal to the given principal.When this Principal is used in an AssumeRole policy, the action to use.The principal to grant permissions to.abstract PrincipalPolicyFragment
Return the policy fragment that identifies this principal in a Policy.The AWS account ID of this principal.toJSON()
JSON-ify the principal.toString()
Returns a string representation of an object.withConditions
(Map<String, Object> conditions) Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.Returns a new principal using this principal as the base, with session tags enabled.Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Constructor Details
-
PrincipalBase
protected PrincipalBase(software.amazon.jsii.JsiiObjectRef objRef) -
PrincipalBase
protected PrincipalBase(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
PrincipalBase
@Stability(Stable) protected PrincipalBase()
-
-
Method Details
-
addToAssumeRolePolicy
Add the princpial to the AssumeRolePolicyDocument.Add the statements to the AssumeRolePolicyDocument necessary to give this principal permissions to assume the given role.
- Specified by:
addToAssumeRolePolicy
in interfaceIAssumeRolePrincipal
- Parameters:
document
- This parameter is required.
-
addToPolicy
Add to the policy of this principal.- Specified by:
addToPolicy
in interfaceIPrincipal
- Parameters:
statement
- This parameter is required.- Returns:
- true if the statement was added, false if the principal in question does not have a policy document to add the statement to.
-
addToPrincipalPolicy
@Stability(Stable) @NotNull public AddToPrincipalPolicyResult addToPrincipalPolicy(@NotNull PolicyStatement _statement) Add to the policy of this principal.- Specified by:
addToPrincipalPolicy
in interfaceIPrincipal
- Parameters:
_statement
- This parameter is required.
-
dedupeString
Return whether or not this principal is equal to the given principal.- Specified by:
dedupeString
in interfaceIComparablePrincipal
-
toJSON
JSON-ify the principal.Used when JSON.stringify() is called
-
toString
Returns a string representation of an object. -
withConditions
@Stability(Stable) @NotNull public PrincipalBase withConditions(@NotNull Map<String, Object> conditions) Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.When there is a value for the same operator and key in both the principal and the conditions parameter, the value from the conditions parameter will be used.
- Parameters:
conditions
- This parameter is required.- Returns:
- a new PrincipalWithConditions object.
-
withSessionTags
Returns a new principal using this principal as the base, with session tags enabled.- Returns:
- a new SessionTagsPrincipal object.
-
getAssumeRoleAction
When this Principal is used in an AssumeRole policy, the action to use.- Specified by:
getAssumeRoleAction
in interfaceIPrincipal
-
getGrantPrincipal
The principal to grant permissions to.- Specified by:
getGrantPrincipal
in interfaceIGrantable
-
getPolicyFragment
Return the policy fragment that identifies this principal in a Policy.- Specified by:
getPolicyFragment
in interfaceIPrincipal
-
getPrincipalAccount
The AWS account ID of this principal.Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
- Specified by:
getPrincipalAccount
in interfaceIPrincipal
-