Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Construct Hub

Contribute

@aws-cdk/aws-iam

CDK routines for easily assigning correct and minimal IAM permissions

AWS CDK v1

ServerlessDeploymentSecurityDynamoDBCodePipelineCodeBuildIAM policyIAM PrincipalsOpenID Connect ProviderOIDCiam
AWS icon

AWS

96,743 Weekly downloads

Author Amazon Web Services

Published

Repository github.com

License Apache-2.0

Registry www.npmjs.com 

npm install @aws-cdk/aws-iam@1.53.0

ServicePrincipal

An IAM principal that represents an AWS service (i.e. sqs.amazonaws.com).

Initializers 

import { ServicePrincipal } from '@aws-cdk/aws-iam'


new ServicePrincipal(service: string, opts?: ServicePrincipalOpts)
NameTypeDescription
servicestringAWS service (i.e. sqs.amazonaws.com).
optsServicePrincipalOptsNo description.
serviceRequired
  • Type: string

AWS service (i.e. sqs.amazonaws.com).

optsOptional

Methods

NameDescription
addToPolicyAdd to the policy of this principal.
addToPrincipalPolicyAdd to the policy of this principal.
toJSONJSON-ify the principal.
toStringReturns a string representation of an object.
withConditionsReturns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.
addToPolicy 
public addToPolicy(statement: PolicyStatement): boolean

Add to the policy of this principal.

statementRequired
addToPrincipalPolicy 
public addToPrincipalPolicy(_statement: PolicyStatement): AddToPrincipalPolicyResult

Add to the policy of this principal.

_statementRequired
toJSON 
public toJSON(): {[ key: string ]: string[]}

JSON-ify the principal.

Used when JSON.stringify() is called

toString 
public toString(): string

Returns a string representation of an object.

withConditions 
public withConditions(conditions: {[ key: string ]: any}): IPrincipal

Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.

When there is a value for the same operator and key in both the principal and the conditions parameter, the value from the conditions parameter will be used.

conditionsRequired
  • Type: {[ key: string ]: any}

Properties

NameTypeDescription
assumeRoleActionstringWhen this Principal is used in an AssumeRole policy, the action to use.
grantPrincipalIPrincipalThe principal to grant permissions to.
policyFragmentPrincipalPolicyFragmentReturn the policy fragment that identifies this principal in a Policy.
servicestringAWS service (i.e. sqs.amazonaws.com).
assumeRoleActionRequired 
public readonly assumeRoleAction: string;
  • Type: string

When this Principal is used in an AssumeRole policy, the action to use.

grantPrincipalRequired 
public readonly grantPrincipal: IPrincipal;

The principal to grant permissions to.

policyFragmentRequired 
public readonly policyFragment: PrincipalPolicyFragment;

Return the policy fragment that identifies this principal in a Policy.

serviceRequired 
public readonly service: string;
  • Type: string

AWS service (i.e. sqs.amazonaws.com).

Provide feedback to publisher
Provide feedback to Construct Hub
Report abuse