UnknownPrincipal
- class aws_cdk.aws_iam.UnknownPrincipal(*, resource)
Bases:
object
A principal for use in resources that need to have a role but it’s unknown.
Some resources have roles associated with them which they assume, such as Lambda Functions, CodeBuild projects, StepFunctions machines, etc.
When those resources are imported, their actual roles are not always imported with them. When that happens, we use an instance of this class instead, which will add user warnings when statements are attempted to be added to it.
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. import aws_cdk.aws_iam as iam import constructs as constructs # construct: constructs.Construct unknown_principal = iam.UnknownPrincipal( resource=construct )
- Parameters:
resource (
IConstruct
) – The resource the role proxy is for.
Methods
- add_to_policy(statement)
Add to the policy of this principal.
- Parameters:
statement (
PolicyStatement
)- Return type:
bool
- add_to_principal_policy(statement)
Add to the policy of this principal.
- Parameters:
statement (
PolicyStatement
)- Return type:
Attributes
- assume_role_action
When this Principal is used in an AssumeRole policy, the action to use.
- grant_principal
The principal to grant permissions to.
- policy_fragment
Return the policy fragment that identifies this principal in a Policy.