Class: AWSCDK::IAM::UserProps
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::IAM::UserProps
- Defined in:
- iam/user_props.rb
Overview
Properties for defining an IAM user.
Instance Attribute Summary collapse
-
#groups ⇒ Array<AWSCDK::IAM::IGroup>?
readonly
Groups to add this user to.
-
#managed_policies ⇒ Array<AWSCDK::IAM::IManagedPolicy>?
readonly
A list of managed policies associated with this role.
-
#password ⇒ AWSCDK::SecretValue?
readonly
The password for the user.
-
#password_reset_required ⇒ Boolean?
readonly
Specifies whether the user is required to set a new password the next time the user logs in to the AWS Management Console.
-
#path ⇒ String?
readonly
The path for the user name.
-
#permissions_boundary ⇒ AWSCDK::IAM::IManagedPolicy?
readonly
AWS supports permissions boundaries for IAM entities (users or roles).
-
#user_name ⇒ String?
readonly
A name for the IAM user.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(groups: nil, managed_policies: nil, password: nil, password_reset_required: nil, path: nil, permissions_boundary: nil, user_name: nil) ⇒ UserProps
constructor
A new instance of UserProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(groups: nil, managed_policies: nil, password: nil, password_reset_required: nil, path: nil, permissions_boundary: nil, user_name: nil) ⇒ UserProps
Returns a new instance of UserProps.
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'iam/user_props.rb', line 14 def initialize(groups: nil, managed_policies: nil, password: nil, password_reset_required: nil, path: nil, permissions_boundary: nil, user_name: nil) @groups = groups Jsii::Type.check_type(@groups, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19pYW0uSUdyb3VwIn0sImtpbmQiOiJhcnJheSJ9fQ==")), "groups") unless @groups.nil? @managed_policies = managed_policies Jsii::Type.check_type(@managed_policies, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19pYW0uSU1hbmFnZWRQb2xpY3kifSwia2luZCI6ImFycmF5In19")), "managedPolicies") unless @managed_policies.nil? @password = password Jsii::Type.check_type(@password, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5TZWNyZXRWYWx1ZSJ9")), "password") unless @password.nil? @password_reset_required = password_reset_required Jsii::Type.check_type(@password_reset_required, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "passwordResetRequired") unless @password_reset_required.nil? @path = path Jsii::Type.check_type(@path, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "path") unless @path.nil? @permissions_boundary = Jsii::Type.check_type(@permissions_boundary, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklNYW5hZ2VkUG9saWN5In0=")), "permissionsBoundary") unless @permissions_boundary.nil? @user_name = user_name Jsii::Type.check_type(@user_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "userName") unless @user_name.nil? end |
Instance Attribute Details
#groups ⇒ Array<AWSCDK::IAM::IGroup>? (readonly)
Default: - No groups.
Groups to add this user to.
You can also use add_to_group to add this
user to a group.
38 39 40 |
# File 'iam/user_props.rb', line 38 def groups @groups end |
#managed_policies ⇒ Array<AWSCDK::IAM::IManagedPolicy>? (readonly)
Default: - No managed policies.
A list of managed policies associated with this role.
You can add managed policies later using
addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName(policyName)).
46 47 48 |
# File 'iam/user_props.rb', line 46 def managed_policies @managed_policies end |
#password ⇒ AWSCDK::SecretValue? (readonly)
Default: - User won't be able to access the management console without a password.
The password for the user. This is required so the user can access the AWS Management Console.
You can use SecretValue.unsafePlainText to specify a password in plain text or
use secretsmanager.Secret.fromSecretAttributes to reference a secret in
Secrets Manager.
55 56 57 |
# File 'iam/user_props.rb', line 55 def password @password end |
#password_reset_required ⇒ Boolean? (readonly)
Default: false
Specifies whether the user is required to set a new password the next time the user logs in to the AWS Management Console.
If this is set to 'true', you must also specify "initialPassword".
62 63 64 |
# File 'iam/user_props.rb', line 62 def password_reset_required @password_reset_required end |
#path ⇒ String? (readonly)
Default: /
The path for the user name.
For more information about paths, see IAM Identifiers in the IAM User Guide.
70 71 72 |
# File 'iam/user_props.rb', line 70 def path @path end |
#permissions_boundary ⇒ AWSCDK::IAM::IManagedPolicy? (readonly)
Default: - No permissions boundary.
AWS supports permissions boundaries for IAM entities (users or roles).
A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity. An entity's permissions boundary allows it to perform only the actions that are allowed by both its identity-based policies and its permissions boundaries.
81 82 83 |
# File 'iam/user_props.rb', line 81 def @permissions_boundary end |
#user_name ⇒ String? (readonly)
Default: - Generated by CloudFormation (recommended)
A name for the IAM user.
For valid values, see the UserName parameter for the CreateUser action in the IAM API Reference. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.
If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
If you specify a name, you must specify the CAPABILITY_NAMED_IAM value to acknowledge your template's capabilities. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.
99 100 101 |
# File 'iam/user_props.rb', line 99 def user_name @user_name end |
Class Method Details
.jsii_properties ⇒ Object
101 102 103 104 105 106 107 108 109 110 111 |
# File 'iam/user_props.rb', line 101 def self.jsii_properties { :groups => "groups", :managed_policies => "managedPolicies", :password => "password", :password_reset_required => "passwordResetRequired", :path => "path", :permissions_boundary => "permissionsBoundary", :user_name => "userName", } end |
Instance Method Details
#to_jsii ⇒ Object
113 114 115 116 117 118 119 120 121 122 123 124 125 |
# File 'iam/user_props.rb', line 113 def to_jsii result = {} result.merge!({ "groups" => @groups, "managedPolicies" => @managed_policies, "password" => @password, "passwordResetRequired" => @password_reset_required, "path" => @path, "permissionsBoundary" => @permissions_boundary, "userName" => @user_name, }) result.compact end |