Table of Contents

Class PrincipalWithConditions

Namespace
Amazon.CDK.AWS.IAM
Assembly
Amazon.CDK.AWS.IAM.dll

An IAM principal with additional conditions specifying when the policy is in effect.

public class PrincipalWithConditions : PrincipalBase, IAssumeRolePrincipal, IComparablePrincipal, IPrincipal, IGrantable
Inheritance
PrincipalWithConditions
Implements
Inherited Members

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.IAM;

             var conditions;
             IPrincipal principal;

             var principalWithConditions = new PrincipalWithConditions(principal, new Dictionary<string, object> {
                 { "conditionsKey", conditions }
             });

Remarks

For more information about conditions, see: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html

ExampleMetadata: fixture=_generated

Constructors

PrincipalWithConditions(IPrincipal, IDictionary<string, object>) 

public PrincipalWithConditions(IPrincipal principal, IDictionary<string, object> conditions)

Parameters

principal IPrincipal
conditions IDictionary<string, object>

Properties

AssumeRoleAction

When this Principal is used in an AssumeRole policy, the action to use.

public override string AssumeRoleAction { get; }

Property Value

string

Conditions

The conditions under which the policy is in effect.

public virtual IDictionary<string, object> Conditions { get; }

Property Value

IDictionary<string, object>

Remarks

See the IAM documentation.

PolicyFragment

Return the policy fragment that identifies this principal in a Policy.

public override PrincipalPolicyFragment PolicyFragment { get; }

Property Value

PrincipalPolicyFragment

PrincipalAccount

The AWS account ID of this principal.

public override string? PrincipalAccount { get; }

Property Value

string

Remarks

Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.

Methods

AddCondition(string, object)

Add a condition to the principal.

public virtual void AddCondition(string key, object value)

Parameters

key string
value object

AddConditions(IDictionary<string, object>)

Adds multiple conditions to the principal.

public virtual void AddConditions(IDictionary<string, object> conditions)

Parameters

conditions IDictionary<string, object>

Remarks

Values from the conditions parameter will overwrite existing values with the same operator and key.

AddToPolicy(PolicyStatement)

Add to the policy of this principal.

public override bool AddToPolicy(PolicyStatement statement)

Parameters

statement PolicyStatement

Returns

bool

AddToPrincipalPolicy(PolicyStatement)

Add to the policy of this principal.

public override IAddToPrincipalPolicyResult AddToPrincipalPolicy(PolicyStatement statement)

Parameters

statement PolicyStatement

Returns

IAddToPrincipalPolicyResult

AppendDedupe(string)

Append the given string to the wrapped principal's dedupe string (if available).

protected virtual string? AppendDedupe(string append)

Parameters

append string

Returns

string

DedupeString()

Return whether or not this principal is equal to the given principal.

public override string? DedupeString()

Returns

string

ToJSON()

JSON-ify the principal.

public override IDictionary<string, string[]> ToJSON()

Returns

IDictionary<string, string[]>

Remarks

Used when JSON.stringify() is called

ToString()

Returns a string representation of an object.

public override string ToString()

Returns

string