Table of Contents

Class FederatedPrincipal

Namespace
Amazon.CDK.AWS.IAM
Assembly
Amazon.CDK.AWS.IAM.dll

Principal entity that represents a federated identity provider such as Amazon Cognito, that can be used to provide temporary security credentials to users who have been authenticated.

public class FederatedPrincipal : PrincipalBase, IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Inheritance
FederatedPrincipal
Implements
Derived
Inherited Members

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.IAM;

             var conditions;

             var federatedPrincipal = new FederatedPrincipal("federated", new Dictionary<string, object> {
                 { "conditionsKey", conditions }
             }, "assumeRoleAction");

Remarks

Additional condition keys are available when the temporary security credentials are used to make a request. You can use these keys to write policies that limit the access of federated users.

See: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif

ExampleMetadata: fixture=_generated

Constructors

FederatedPrincipal(string, IDictionary<string, object>, string?) 

public FederatedPrincipal(string federated, IDictionary<string, object> conditions, string? assumeRoleAction = null)

Parameters

federated string

federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito).

conditions IDictionary<string, object>

The conditions under which the policy is in effect.

assumeRoleAction string

Properties

AssumeRoleAction

When this Principal is used in an AssumeRole policy, the action to use.

public override string AssumeRoleAction { get; }

Property Value

string

Conditions

The conditions under which the policy is in effect.

public virtual IDictionary<string, object> Conditions { get; }

Property Value

IDictionary<string, object>

Remarks

See the IAM documentation.

Federated

federated identity provider (i.e. 'cognito-identity.amazonaws.com' for users authenticated through Cognito).

public virtual string Federated { get; }

Property Value

string

PolicyFragment

Return the policy fragment that identifies this principal in a Policy.

public override PrincipalPolicyFragment PolicyFragment { get; }

Property Value

PrincipalPolicyFragment

Methods

DedupeString()

Return whether or not this principal is equal to the given principal.

public override string? DedupeString()

Returns

string

ToString()

Returns a string representation of an object.

public override string ToString()

Returns

string