aws-cdk-lib.aws_iam.UnknownPrincipal

class UnknownPrincipal

LanguageType name
.NETAmazon.CDK.AWS.IAM.UnknownPrincipal
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsiam#UnknownPrincipal
Javasoftware.amazon.awscdk.services.iam.UnknownPrincipal
Pythonaws_cdk.aws_iam.UnknownPrincipal
TypeScript (source)aws-cdk-lib » aws_iam » UnknownPrincipal

Implements IPrincipal, IGrantable

A principal for use in resources that need to have a role but it's unknown.

Some resources have roles associated with them which they assume, such as Lambda Functions, CodeBuild projects, StepFunctions machines, etc.

When those resources are imported, their actual roles are not always imported with them. When that happens, we use an instance of this class instead, which will add user warnings when statements are attempted to be added to it.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_iam as iam } from 'aws-cdk-lib';
import * as constructs from 'constructs';

declare const construct: constructs.Construct;
const unknownPrincipal = new iam.UnknownPrincipal({
  resource: construct,
});

Initializer

new UnknownPrincipal(props: UnknownPrincipalProps)

Parameters

  • props UnknownPrincipalProps

Properties

NameTypeDescription
assumeRoleActionstringWhen this Principal is used in an AssumeRole policy, the action to use.
grantPrincipalIPrincipalThe principal to grant permissions to.
policyFragmentPrincipalPolicyFragmentReturn the policy fragment that identifies this principal in a Policy.

assumeRoleAction

Type: string

When this Principal is used in an AssumeRole policy, the action to use.


grantPrincipal

Type: IPrincipal

The principal to grant permissions to.


policyFragment

Type: PrincipalPolicyFragment

Return the policy fragment that identifies this principal in a Policy.

Methods

NameDescription
addToPolicy(statement)Add to the policy of this principal.
addToPrincipalPolicy(statement)Add to the policy of this principal.

addToPolicy(statement)

public addToPolicy(statement: PolicyStatement): boolean

Parameters

  • statement PolicyStatement

Returns

  • boolean

Add to the policy of this principal.


addToPrincipalPolicy(statement)

public addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult

Parameters

  • statement PolicyStatement

Returns

  • AddToPrincipalPolicyResult

Add to the policy of this principal.