software.amazon.awscdk.services.iam

Class PrincipalBase

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.iam.PrincipalBase

All Implemented Interfaces:

IAssumeRolePrincipal, IGrantable, IPrincipal, software.amazon.jsii.JsiiSerializable

Direct Known Subclasses:

ArnPrincipal, CanonicalUserPrincipal, CompositePrincipal, FederatedPrincipal, OrganizationPrincipal, PrincipalWithConditions, ServicePrincipal, SessionTagsPrincipal, StarPrincipal, ViaServicePrincipal

@Generated(value="jsii-pacmak/1.50.0 (build d1830a4)",
           date="2022-01-04T15:39:10.042Z")
 @Stability(value=Experimental)
public abstract class PrincipalBase
extends software.amazon.jsii.JsiiObject
implements IAssumeRolePrincipal

(experimental) Base class for policy principals.

Example:

 PrincipalBase principal = new AccountPrincipal("123456789000").withConditions(Map.of("StringEquals", Map.of("foo", "baz")));
 

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iam.IAssumeRolePrincipal

IAssumeRolePrincipal.Jsii$Default

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	PrincipalBase()
protected	PrincipalBase(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	PrincipalBase(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
void	addToAssumeRolePolicy(PolicyDocument document) (experimental) Add the princpial to the AssumeRolePolicyDocument.
Boolean	addToPolicy(PolicyStatement statement) (experimental) Add to the policy of this principal.
AddToPrincipalPolicyResult	addToPrincipalPolicy(PolicyStatement _statement) (experimental) Add to the policy of this principal.
String	getAssumeRoleAction() (experimental) When this Principal is used in an AssumeRole policy, the action to use.
IPrincipal	getGrantPrincipal() (experimental) The principal to grant permissions to.
abstract PrincipalPolicyFragment	getPolicyFragment() (experimental) Return the policy fragment that identifies this principal in a Policy.
String	getPrincipalAccount() (experimental) The AWS account ID of this principal.
Map<String,List<String>>	toJSON() (experimental) JSON-ify the principal.
String	toString() (experimental) Returns a string representation of an object.
PrincipalBase	withConditions(Map<String,Object> conditions) (experimental) Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.
PrincipalBase	withSessionTags() (experimental) Returns a new principal using this principal as the base, with session tags enabled.

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Constructor Detail

PrincipalBase

protected PrincipalBase(software.amazon.jsii.JsiiObjectRef objRef)

PrincipalBase

protected PrincipalBase(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

PrincipalBase

@Stability(value=Experimental)
protected PrincipalBase()

Method Detail

addToAssumeRolePolicy

@Stability(value=Experimental)
public void addToAssumeRolePolicy(@NotNull
                                                                 PolicyDocument document)

(experimental) Add the princpial to the AssumeRolePolicyDocument.

Add the statements to the AssumeRolePolicyDocument necessary to give this principal permissions to assume the given role.

Specified by:

addToAssumeRolePolicy in interface IAssumeRolePrincipal

Parameters:

document - This parameter is required.

addToPolicy

@Stability(value=Experimental)
 @NotNull
public Boolean addToPolicy(@NotNull
                                                                    PolicyStatement statement)

(experimental) Add to the policy of this principal.

Specified by:

addToPolicy in interface IPrincipal

Parameters:

statement - This parameter is required.

Returns:

true if the statement was added, false if the principal in question does not have a policy document to add the statement to.

addToPrincipalPolicy

@Stability(value=Experimental)
 @NotNull
public AddToPrincipalPolicyResult addToPrincipalPolicy(@NotNull
                                                                                                PolicyStatement _statement)

(experimental) Add to the policy of this principal.

Specified by:

addToPrincipalPolicy in interface IPrincipal

Parameters:

_statement - This parameter is required.

toJSON

@Stability(value=Experimental)
 @NotNull
public Map<String,List<String>> toJSON()

(experimental) JSON-ify the principal.

Used when JSON.stringify() is called

toString

@Stability(value=Experimental)
 @NotNull
public String toString()

(experimental) Returns a string representation of an object.

Overrides:

toString in class Object

withConditions

@Stability(value=Experimental)
 @NotNull
public PrincipalBase withConditions(@NotNull
                                                                             Map<String,Object> conditions)

(experimental) Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.

When there is a value for the same operator and key in both the principal and the conditions parameter, the value from the conditions parameter will be used.

Parameters:

conditions - This parameter is required.

Returns:

a new PrincipalWithConditions object.

withSessionTags

@Stability(value=Experimental)
 @NotNull
public PrincipalBase withSessionTags()

(experimental) Returns a new principal using this principal as the base, with session tags enabled.

Returns:

a new SessionTagsPrincipal object.

getAssumeRoleAction

@Stability(value=Experimental)
 @NotNull
public String getAssumeRoleAction()

(experimental) When this Principal is used in an AssumeRole policy, the action to use.

Specified by:

getAssumeRoleAction in interface IPrincipal

getGrantPrincipal

@Stability(value=Experimental)
 @NotNull
public IPrincipal getGrantPrincipal()

(experimental) The principal to grant permissions to.

Specified by:

getGrantPrincipal in interface IGrantable

getPolicyFragment

@Stability(value=Experimental)
 @NotNull
public abstract PrincipalPolicyFragment getPolicyFragment()

(experimental) Return the policy fragment that identifies this principal in a Policy.

Specified by:

getPolicyFragment in interface IPrincipal

getPrincipalAccount

@Stability(value=Experimental)
 @Nullable
public String getPrincipalAccount()

(experimental) The AWS account ID of this principal.

Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.

Specified by:

getPrincipalAccount in interface IPrincipal