Class: AWSCDK::IAM::AccountRootPrincipal
- Inherits:
-
AccountPrincipal
- Object
- AccountPrincipal
- AWSCDK::IAM::AccountRootPrincipal
- Defined in:
- iam/account_root_principal.rb
Overview
Use the AWS account into which a stack is deployed as the principal entity in a policy.
Class Method Summary collapse
Instance Method Summary collapse
-
#account_id ⇒ Object
AWS account ID (i.e. '123456789012').
-
#add_to_assume_role_policy(document) ⇒ void
Add the principal to the AssumeRolePolicyDocument.
-
#add_to_policy(statement) ⇒ Boolean
Add to the policy of this principal.
-
#add_to_principal_policy(_statement) ⇒ AWSCDK::IAM::AddToPrincipalPolicyResult
Add to the policy of this principal.
-
#arn ⇒ String
Amazon Resource Name (ARN) of the principal entity (i.e. arn:aws:iam::123456789012:user/user-name).
-
#assume_role_action ⇒ String
When this Principal is used in an AssumeRole policy, the action to use.
-
#dedupe_string ⇒ String?
Return whether or not this principal is equal to the given principal.
-
#grant_principal ⇒ AWSCDK::IAM::IPrincipal
The principal to grant permissions to.
-
#in_organization(organization_id) ⇒ AWSCDK::IAM::PrincipalBase
A convenience method for adding a condition that the principal is part of the specified AWS Organization.
-
#initialize ⇒ AccountRootPrincipal
constructor
A new instance of AccountRootPrincipal.
-
#policy_fragment ⇒ AWSCDK::IAM::PrincipalPolicyFragment
Return the policy fragment that identifies this principal in a Policy.
-
#principal_account ⇒ String?
The AWS account ID of this principal.
-
#to_json ⇒ Hash{String => Array<String>}
JSON-ify the principal.
-
#to_string ⇒ String
Returns a string representation of an object.
-
#with_conditions(conditions) ⇒ AWSCDK::IAM::PrincipalBase
Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.
-
#with_session_tags ⇒ AWSCDK::IAM::PrincipalBase
Returns a new principal using this principal as the base, with session tags enabled.
Constructor Details
#initialize ⇒ AccountRootPrincipal
Returns a new instance of AccountRootPrincipal.
8 9 10 |
# File 'iam/account_root_principal.rb', line 8 def initialize Jsii::Object.instance_method(:initialize).bind(self).call end |
Class Method Details
.jsii_overridable_methods ⇒ Object
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'iam/account_root_principal.rb', line 12 def self.jsii_overridable_methods { :assume_role_action => { kind: :property, name: "assumeRoleAction", is_optional: false }, :grant_principal => { kind: :property, name: "grantPrincipal", is_optional: false }, :policy_fragment => { kind: :property, name: "policyFragment", is_optional: false }, :principal_account => { kind: :property, name: "principalAccount", is_optional: true }, :arn => { kind: :property, name: "arn", is_optional: false }, :account_id => { kind: :property, name: "accountId", is_optional: false }, :add_to_assume_role_policy => { kind: :method, name: "addToAssumeRolePolicy", is_optional: false }, :add_to_policy => { kind: :method, name: "addToPolicy", is_optional: false }, :add_to_principal_policy => { kind: :method, name: "addToPrincipalPolicy", is_optional: false }, :dedupe_string => { kind: :method, name: "dedupeString", is_optional: false }, :to_json => { kind: :method, name: "toJSON", is_optional: false }, :to_string => { kind: :method, name: "toString", is_optional: false }, :with_conditions => { kind: :method, name: "withConditions", is_optional: false }, :with_session_tags => { kind: :method, name: "withSessionTags", is_optional: false }, :in_organization => { kind: :method, name: "inOrganization", is_optional: false }, } end |
Instance Method Details
#account_id ⇒ Object
AWS account ID (i.e. '123456789012').
75 76 77 |
# File 'iam/account_root_principal.rb', line 75 def account_id() jsii_get_property("accountId") end |
#add_to_assume_role_policy(document) ⇒ void
This method returns an undefined value.
Add the principal to the AssumeRolePolicyDocument.
Add the statements to the AssumeRolePolicyDocument necessary to give this principal permissions to assume the given role.
86 87 88 89 |
# File 'iam/account_root_principal.rb', line 86 def add_to_assume_role_policy(document) Jsii::Type.check_type(document, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLlBvbGljeURvY3VtZW50In0=")), "document") jsii_call_method("addToAssumeRolePolicy", [document]) end |
#add_to_policy(statement) ⇒ Boolean
Add to the policy of this principal.
95 96 97 98 |
# File 'iam/account_root_principal.rb', line 95 def add_to_policy(statement) Jsii::Type.check_type(statement, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLlBvbGljeVN0YXRlbWVudCJ9")), "statement") jsii_call_method("addToPolicy", [statement]) end |
#add_to_principal_policy(_statement) ⇒ AWSCDK::IAM::AddToPrincipalPolicyResult
Add to the policy of this principal.
104 105 106 107 |
# File 'iam/account_root_principal.rb', line 104 def add_to_principal_policy(_statement) Jsii::Type.check_type(_statement, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLlBvbGljeVN0YXRlbWVudCJ9")), "_statement") jsii_call_method("addToPrincipalPolicy", [_statement]) end |
#arn ⇒ String
Amazon Resource Name (ARN) of the principal entity (i.e. arn:aws:iam::123456789012:user/user-name).
68 69 70 |
# File 'iam/account_root_principal.rb', line 68 def arn() jsii_get_property("arn") end |
#assume_role_action ⇒ String
When this Principal is used in an AssumeRole policy, the action to use.
35 36 37 |
# File 'iam/account_root_principal.rb', line 35 def assume_role_action() jsii_get_property("assumeRoleAction") end |
#dedupe_string ⇒ String?
Return whether or not this principal is equal to the given principal.
112 113 114 |
# File 'iam/account_root_principal.rb', line 112 def dedupe_string() jsii_call_method("dedupeString", []) end |
#grant_principal ⇒ AWSCDK::IAM::IPrincipal
The principal to grant permissions to.
42 43 44 |
# File 'iam/account_root_principal.rb', line 42 def grant_principal() jsii_get_property("grantPrincipal") end |
#in_organization(organization_id) ⇒ AWSCDK::IAM::PrincipalBase
A convenience method for adding a condition that the principal is part of the specified AWS Organization.
155 156 157 158 |
# File 'iam/account_root_principal.rb', line 155 def in_organization(organization_id) Jsii::Type.check_type(organization_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "organizationId") jsii_call_method("inOrganization", [organization_id]) end |
#policy_fragment ⇒ AWSCDK::IAM::PrincipalPolicyFragment
Return the policy fragment that identifies this principal in a Policy.
49 50 51 |
# File 'iam/account_root_principal.rb', line 49 def policy_fragment() jsii_get_property("policyFragment") end |
#principal_account ⇒ String?
The AWS account ID of this principal.
Can be undefined when the account is not known (for example, for service principals). Can be a Token - in that case, it's assumed to be AWS::AccountId.
61 62 63 |
# File 'iam/account_root_principal.rb', line 61 def principal_account() jsii_get_property("principalAccount") end |
#to_json ⇒ Hash{String => Array<String>}
JSON-ify the principal.
Used when JSON.stringify() is called
121 122 123 |
# File 'iam/account_root_principal.rb', line 121 def to_json() jsii_call_method("toJSON", []) end |
#to_string ⇒ String
Returns a string representation of an object.
128 129 130 |
# File 'iam/account_root_principal.rb', line 128 def to_string() jsii_call_method("toString", []) end |
#with_conditions(conditions) ⇒ AWSCDK::IAM::PrincipalBase
Returns a new PrincipalWithConditions using this principal as the base, with the passed conditions added.
When there is a value for the same operator and key in both the principal and the conditions parameter, the value from the conditions parameter will be used.
139 140 141 142 |
# File 'iam/account_root_principal.rb', line 139 def with_conditions(conditions) Jsii::Type.check_type(conditions, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6ImFueSJ9LCJraW5kIjoibWFwIn19")), "conditions") jsii_call_method("withConditions", [conditions]) end |
#with_session_tags ⇒ AWSCDK::IAM::PrincipalBase
Returns a new principal using this principal as the base, with session tags enabled.
147 148 149 |
# File 'iam/account_root_principal.rb', line 147 def () jsii_call_method("withSessionTags", []) end |