UnknownPrincipal

class aws_cdk.aws_iam.UnknownPrincipal(*, resource)

Bases: object

A principal for use in resources that need to have a role but it’s unknown.

Some resources have roles associated with them which they assume, such as Lambda Functions, CodeBuild projects, StepFunctions machines, etc.

When those resources are imported, their actual roles are not always imported with them. When that happens, we use an instance of this class instead, which will add user warnings when statements are attempted to be added to it.

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_iam as iam
import constructs as constructs

# construct: constructs.Construct

unknown_principal = iam.UnknownPrincipal(
    resource=construct
)
Parameters:

resource (IConstruct) – The resource the role proxy is for.

Methods

add_to_policy(statement)

Add to the policy of this principal.

Parameters:

statement (PolicyStatement)

Return type:

bool

add_to_principal_policy(statement)

Add to the policy of this principal.

Parameters:

statement (PolicyStatement)

Return type:

AddToPrincipalPolicyResult

Attributes

assume_role_action

When this Principal is used in an AssumeRole policy, the action to use.

grant_principal

The principal to grant permissions to.

policy_fragment

Return the policy fragment that identifies this principal in a Policy.