Class User
Define a new IAM user.
public class User : Resource, IUser, IIdentity, IPrincipal, IGrantable, IResource, IConstruct, IConstruct, IDependable- Inheritance
-
User
- Implements
-
IResourceIConstructIConstructIDependable
Examples
var user = new User(this, "MyUser"); // or User.fromUserName(stack, 'User', 'johnsmith');
var group = new Group(this, "MyGroup"); // or Group.fromGroupArn(stack, 'Group', 'arn:aws:iam::account-id:group/group-name');
user.AddToGroup(group);
// or
group.AddUser(user);Remarks
ExampleMetadata: infused
Constructors
User(Construct, string, IUserProps?)
public User(Construct scope, string id, IUserProps? props = null)Parameters
scopeConstructidstringpropsIUserProps
Properties
AssumeRoleAction
When this Principal is used in an AssumeRole policy, the action to use.
public virtual string AssumeRoleAction { get; }Property Value
GrantPrincipal
The principal to grant permissions to.
public virtual IPrincipal GrantPrincipal { get; }Property Value
PermissionsBoundary
Returns the permissions boundary attached to this user.
public virtual IManagedPolicy? PermissionsBoundary { get; }Property Value
PolicyFragment
Return the policy fragment that identifies this principal in a Policy.
public virtual PrincipalPolicyFragment PolicyFragment { get; }Property Value
PrincipalAccount
The AWS account ID of this principal.
public virtual string? PrincipalAccount { get; }Property Value
Remarks
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
UserArn
An attribute that represents the user's ARN.
public virtual string UserArn { get; }Property Value
Remarks
Attribute: true
UserName
An attribute that represents the user name.
public virtual string UserName { get; }Property Value
Remarks
Attribute: true
Methods
AddManagedPolicy(IManagedPolicy)
Attaches a managed policy to the user.
public virtual void AddManagedPolicy(IManagedPolicy policy)Parameters
policyIManagedPolicyThe managed policy to attach.
AddToGroup(IGroup)
Adds this user to a group.
public virtual void AddToGroup(IGroup group)Parameters
groupIGroup
AddToPolicy(PolicyStatement)
Add to the policy of this principal.
public virtual bool AddToPolicy(PolicyStatement statement)Parameters
statementPolicyStatement
Returns
AddToPrincipalPolicy(PolicyStatement)
Adds an IAM statement to the default policy.
public virtual IAddToPrincipalPolicyResult AddToPrincipalPolicy(PolicyStatement statement)Parameters
statementPolicyStatement
Returns
AttachInlinePolicy(Policy)
Attaches a policy to this user.
public virtual void AttachInlinePolicy(Policy policy)Parameters
policyPolicy
FromUserArn(Construct, string, string)
Import an existing user given a user ARN.
public static IUser FromUserArn(Construct scope, string id, string userArn)Parameters
scopeConstructconstruct scope.
idstringconstruct id.
userArnstringthe ARN of an existing user to import.
Returns
Remarks
If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.
FromUserAttributes(Construct, string, IUserAttributes)
Import an existing user given user attributes.
public static IUser FromUserAttributes(Construct scope, string id, IUserAttributes attrs)Parameters
scopeConstructconstruct scope.
idstringconstruct id.
attrsIUserAttributesthe attributes of the user to import.
Returns
Remarks
If the ARN comes from a Token, the User cannot have a path; if so, any attempt to reference its username will fail.
FromUserName(Construct, string, string)
Import an existing user given a username.
public static IUser FromUserName(Construct scope, string id, string userName)Parameters
scopeConstructconstruct scope.
idstringconstruct id.
userNamestringthe username of the existing user to import.